org.pentaho.platform.engine.security
Class PentahoSubstringRoleVoter
java.lang.Object
org.pentaho.platform.engine.security.PentahoSubstringRoleVoter
- All Implemented Interfaces:
- org.springframework.security.vote.AccessDecisionVoter
public class PentahoSubstringRoleVoter
- extends Object
- implements org.springframework.security.vote.AccessDecisionVoter
Similar to RoleVoter
except that it does not use a role prefix; instead it
uses a config attribute prefix which serves a similar, but not the same, purpose. In
RoleVoter
, the role prefix serves as an indicator to the RoleVoter
to participate in the voting.
RoleVoter
assumes that the config attributes are role names. In this voter implementation, the
processConfigAttributePrefix
is stripped from the config attribute before comparison to the roles granted to
the user.
For example, assume that a user has the role Authenticated
. Also assume that the config attribute for a
method invocation is VOTE_ROLE_FILE_Authenticated
. Finally assume that this voter instance is configured with
a processConfigAttributePrefix
of VOTE_ROLE_FILE_
. This voter implementation will strip the
processConfigAttributePrefix
from the config attribute and compare to the roles granted to the user. In this
example, access will be granted.
- Author:
- mlowery
Fields inherited from interface org.springframework.security.vote.AccessDecisionVoter |
ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED |
Method Summary |
boolean |
supports(Class clazz)
This implementation supports any type of class, because it does not query
the presented secure object. |
boolean |
supports(org.springframework.security.ConfigAttribute attribute)
|
int |
vote(org.springframework.security.Authentication authentication,
Object object,
org.springframework.security.ConfigAttributeDefinition config)
|
PentahoSubstringRoleVoter
public PentahoSubstringRoleVoter(String processConfigAttributePrefix)
supports
public boolean supports(org.springframework.security.ConfigAttribute attribute)
- Specified by:
supports
in interface org.springframework.security.vote.AccessDecisionVoter
supports
public boolean supports(Class clazz)
- This implementation supports any type of class, because it does not query
the presented secure object.
- Specified by:
supports
in interface org.springframework.security.vote.AccessDecisionVoter
- Parameters:
clazz
- the secure object
- Returns:
- always
true
vote
public int vote(org.springframework.security.Authentication authentication,
Object object,
org.springframework.security.ConfigAttributeDefinition config)
- Specified by:
vote
in interface org.springframework.security.vote.AccessDecisionVoter