org.entityfs.util.security
Class IdentityAccessGranter

java.lang.Object
  extended by org.entityfs.util.security.IdentityAccessGranter
All Implemented Interfaces:
AccessGranter

public class IdentityAccessGranter
extends Object
implements AccessGranter

A simple AccessGranter that uses the identity of entities to determine access rights. It is not aware of different Subject:s, so all threads have the same access rights. This should probably only be used for testing.

The grant and revoke methods are used for controlling access rights.

Use the NotAccessGranter to reverse the decisions from this access granter.

Objects of this class are not immutable or thread safe. Users will have to synchronize access to them as required.

Since:
1.0
Author:
Karl Gustafsson

Constructor Summary
IdentityAccessGranter()
          Create an IdentityAccessGranter that initially denies all forms of access to all entities.
IdentityAccessGranter(Collection<? extends Entity> readAccess, Collection<? extends Entity> writeAccess, Collection<? extends Entity> executeAccess)
          Create an IdentityAccessGranter.
 
Method Summary
 void grantAll(Collection<? extends EntityView> c)
          Grant all forms of access to a collection of entities.
 void grantAll(EntityView entity)
          Grant all forms of access to an entity.
 void grantExecuteAccess(Collection<? extends EntityView> c)
          Grant execute access to a collection of entities.
 void grantExecuteAccess(EntityView ev)
          Grant execute access to an entity.
 void grantReadAccess(Collection<? extends EntityView> c)
          Grant read access to a collection of entities.
 void grantReadAccess(EntityView ev)
          Grant read access to an entity.
 void grantWriteAccess(Collection<? extends EntityView> c)
          Grant write access to a collection of entities.
 void grantWriteAccess(EntityView ev)
          Grant write access to an entity.
 boolean hasAccess(Subject s, Permission p)
          Is the subject authorized for the permission?
 void revokeAll(Collection<? extends EntityView> c)
          Revoke all forms of access to a collection of entities.
 void revokeAll(EntityView entity)
          Revoke all forms of access to an entity.
 void revokeExecuteAccess(Collection<? extends EntityView> c)
          Revoke execute access to a collection of entities.
 void revokeExecuteAccess(EntityView ev)
          Revoke execute access to an entity.
 void revokeReadAccess(Collection<? extends EntityView> c)
          Revoke read access to a collection of entities.
 void revokeReadAccess(EntityView ev)
          Revoke read access to an entity.
 void revokeWriteAccess(Collection<? extends EntityView> c)
          Revoke write access to a collection of entities.
 void revokeWriteAccess(EntityView ev)
          Revoke write access to an entity.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

IdentityAccessGranter

public IdentityAccessGranter(Collection<? extends Entity> readAccess,
                             Collection<? extends Entity> writeAccess,
                             Collection<? extends Entity> executeAccess)
Create an IdentityAccessGranter.

Parameters:
readAccess - The entities all threads should have read access to. May be null.
writeAccess - The entities all threads should have write access to. May be null.
executeAccess - The entities all threads should have execute access to. May be null.

IdentityAccessGranter

public IdentityAccessGranter()
Create an IdentityAccessGranter that initially denies all forms of access to all entities.

Method Detail

grantReadAccess

public void grantReadAccess(EntityView ev)
Grant read access to an entity.

Parameters:
ev - The entity.

grantReadAccess

public void grantReadAccess(Collection<? extends EntityView> c)
Grant read access to a collection of entities.

Parameters:
c - The entities.

grantWriteAccess

public void grantWriteAccess(EntityView ev)
Grant write access to an entity.

Parameters:
ev - The entity.

grantWriteAccess

public void grantWriteAccess(Collection<? extends EntityView> c)
Grant write access to a collection of entities.

Parameters:
c - The entities.

grantExecuteAccess

public void grantExecuteAccess(EntityView ev)
Grant execute access to an entity.

Parameters:
ev - The entity.

grantExecuteAccess

public void grantExecuteAccess(Collection<? extends EntityView> c)
Grant execute access to a collection of entities.

Parameters:
c - The entities.

revokeReadAccess

public void revokeReadAccess(EntityView ev)
Revoke read access to an entity.

Parameters:
ev - The entity.

revokeReadAccess

public void revokeReadAccess(Collection<? extends EntityView> c)
Revoke read access to a collection of entities.

Parameters:
c - The entities.

revokeWriteAccess

public void revokeWriteAccess(EntityView ev)
Revoke write access to an entity.

Parameters:
ev - The entity.

revokeWriteAccess

public void revokeWriteAccess(Collection<? extends EntityView> c)
Revoke write access to a collection of entities.

Parameters:
c - The entities.

revokeExecuteAccess

public void revokeExecuteAccess(EntityView ev)
Revoke execute access to an entity.

Parameters:
ev - The entity.

revokeExecuteAccess

public void revokeExecuteAccess(Collection<? extends EntityView> c)
Revoke execute access to a collection of entities.

Parameters:
c - The entities.

grantAll

public void grantAll(EntityView entity)
Grant all forms of access to an entity.

Parameters:
entity - The entity.

grantAll

public void grantAll(Collection<? extends EntityView> c)
Grant all forms of access to a collection of entities.

Parameters:
c - The entities.

revokeAll

public void revokeAll(EntityView entity)
Revoke all forms of access to an entity.

Parameters:
entity - The entity.

revokeAll

public void revokeAll(Collection<? extends EntityView> c)
Revoke all forms of access to a collection of entities.

Parameters:
c - The entities.

hasAccess

public boolean hasAccess(Subject s,
                         Permission p)
Description copied from interface: AccessGranter
Is the subject authorized for the permission?

Specified by:
hasAccess in interface AccessGranter
Parameters:
s - The subject. Might be null.
p - The permission.
Returns:
true if the subject is authorized for the permission, false if not.