public interface ISecurityHelper
Modifier and Type | Method and Description |
---|---|
void |
becomeUser(String principalName)
Hi-jacks the system for the named user.
|
void |
becomeUser(String principalName,
IParameterProvider paramProvider)
Hi-jacks the system for the named user.
|
boolean |
canHaveACLS(ISolutionFile aFile) |
org.springframework.security.Authentication |
createAuthentication(String principalName)
Utility method for hydrating a Spring Authentication object (Principal) given just a user name.
|
org.springframework.security.Authentication |
getAuthentication() |
org.springframework.security.Authentication |
getAuthentication(IPentahoSession ignoredSession,
boolean ignoredAllowAnonymous)
Remove this method when data-access is JCR-branched
|
boolean |
hasAccess(IAclHolder aHolder,
int actionOperation,
IPentahoSession session) |
boolean |
isGranted(IPentahoSession session,
org.springframework.security.GrantedAuthority role)
Utility method that communicates with the installed ACLVoter to determine whether a particular role is granted
to the specified user.
|
boolean |
isPentahoAdministrator(IPentahoSession session)
Utility method that communicates with the installed ACLVoter to determine administrator status
|
<T> T |
runAsAnonymous(Callable<T> callable)
Utility method that allows you to run a block of code as the given user.
|
<T> T |
runAsSystem(Callable<T> callable)
Runs code as system with full privileges.
|
<T> T |
runAsUser(String principalName,
Callable<T> callable)
Utility method that allows you to run a block of code as the given user.
|
<T> T |
runAsUser(String principalName,
IParameterProvider paramProvider,
Callable<T> callable) |
void becomeUser(String principalName)
This will essentially create a session for this user, make that session the current session, and add the
Authentication objects to the session and Spring context holder. WARNING: this method is irreversible!!! If
you want execute a block of code as a surrogate user and have the orignal user resume after it is complete,
you want runAsUser(String, java.util.concurrent.Callable)
.
This is for unit tests only.
principalName
- the user to become in the systemvoid becomeUser(String principalName, IParameterProvider paramProvider)
This is for unit tests only.
<T> T runAsUser(String principalName, Callable<T> callable) throws Exception
Callable
, then the system
environment will return to the user present prior to you calling this method.T
- the return type of your operation, specify this type as T
principalName
- the user under whom you wish to run a section of codecallable
- Callable.call()
contains the code you wish to run as the given userCallable.call()
Exception
java.util.concurrent.Callable}
<T> T runAsUser(String principalName, IParameterProvider paramProvider, Callable<T> callable) throws Exception
Exception
<T> T runAsAnonymous(Callable<T> callable) throws Exception
Callable
, then the system
environment will return to the user present prior to you calling this method.T
- the return type of your operation, specify this type as T
principalName
- the user under whom you wish to run a section of codecallable
- Callable.call()
contains the code you wish to run as the given userCallable.call()
Exception
java.util.concurrent.Callable}
boolean isPentahoAdministrator(IPentahoSession session)
session
- The users IPentahoSession objectboolean isGranted(IPentahoSession session, org.springframework.security.GrantedAuthority role)
session
- The users' IPentahoSessionrole
- The role to look forboolean canHaveACLS(ISolutionFile aFile)
aFile
- boolean hasAccess(IAclHolder aHolder, int actionOperation, IPentahoSession session)
org.springframework.security.Authentication createAuthentication(String principalName)
IUserRoleListService
will be consulted for the roles associated with
this user.principalName
- the subject of this Authentication objectorg.springframework.security.Authentication getAuthentication()
org.springframework.security.Authentication getAuthentication(IPentahoSession ignoredSession, boolean ignoredAllowAnonymous)
ignoredSession
- ignoredAllowAnonymous
-