Package ca.corefacility.bioinformatics.irida.security.permissions

Class RepositoryBackedPermission<DomainObjectType,IdentifierType extends java.io.Serializable>

java.lang.Object

ca.corefacility.bioinformatics.irida.security.permissions.RepositoryBackedPermission<DomainObjectType,IdentifierType>

Type Parameters:

DomainObjectType - the type of domain object that this permission is evaluating.

IdentifierType - The identifier for the domain object in the database

All Implemented Interfaces:

BasePermission<DomainObjectType>

Direct Known Subclasses:

ModifyProjectPermission, ReadAnalysisPermission, ReadAnalysisSubmissionPermission, ReadExportSubmissionPermission, ReadMetadataEntryPermission, ReadMetadataTemplatePermission, ReadProjectPermission, ReadReferenceFilePermission, ReadSamplePermission, ReadSequencingObjectPermission, ReadSequencingRunPermission, UpdateAnalysisSubmissionPermission, UpdateMetadataTemplatePermission, UpdateReferenceFilePermission, UpdateSamplePermission, UpdateSamplesFromAnalysisSubmissionPermission, UpdateSequencingRunPermission, UpdateUserGroupPermission, UpdateUserPermission

public abstract class RepositoryBackedPermission<DomainObjectType,IdentifierType extends java.io.Serializable>
extends java.lang.Object
implements BasePermission<DomainObjectType>

Superclass for permissions on objects which can be read from a CrudRepository. This permission will either evaluate the permission based on a passed object of DomainObjectType, or will read an object from the given repository by the given IdentifierType.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	RepositoryBackedPermission(java.lang.Class<DomainObjectType> domainObjectType, java.lang.Class<IdentifierType> identifierType, org.springframework.data.repository.CrudRepository<DomainObjectType,IdentifierType> repository)	Constructor with handles on the type of repository and type of domain object.

Method Summary

Modifier and Type	Method	Description
protected boolean	adminAccessAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)	Check whether admins should be quick-approved for this permission.
protected abstract boolean	customPermissionAllowed(org.springframework.security.core.Authentication authentication, DomainObjectType targetDomainObject)	This method is called by RepositoryBackedPermission to evaluate the custom permissions provided by implementing classes.
boolean	isAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)	Is the authenticated user allowed to perform some action on the target domain object?

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface ca.corefacility.bioinformatics.irida.security.permissions.BasePermission

getPermissionProvided

Constructor Detail

RepositoryBackedPermission

protected RepositoryBackedPermission(java.lang.Class<DomainObjectType> domainObjectType,
                                     java.lang.Class<IdentifierType> identifierType,
                                     org.springframework.data.repository.CrudRepository<DomainObjectType,IdentifierType> repository)

Constructor with handles on the type of repository and type of domain object.

Parameters:

domainObjectType - the domain object type managed by this permission.

identifierType - the type of identifier used by this object.

repository - the repository to load objects of the type for this permission.

Method Detail

customPermissionAllowed

protected abstract boolean customPermissionAllowed(org.springframework.security.core.Authentication authentication,
                                                   DomainObjectType targetDomainObject)

This method is called by RepositoryBackedPermission to evaluate the custom permissions provided by implementing classes.

Parameters:

authentication - the authenticated user.

targetDomainObject - the object that the user is attempting to access.

Returns:

true if permitted, false otherwise.

isAllowed

public boolean isAllowed(org.springframework.security.core.Authentication authentication,
                         java.lang.Object targetDomainObject)

Is the authenticated user allowed to perform some action on the target domain object?

Specified by:

isAllowed in interface BasePermission<DomainObjectType>

Parameters:

authentication - the authenticated user.

targetDomainObject - the object the user is requesting to perform an action on.

Returns:

true if the action is allowed, false otherwise.

adminAccessAllowed

protected boolean adminAccessAllowed(org.springframework.security.core.Authentication authentication,
                                     java.lang.Object targetDomainObject)

Check whether admins should be quick-approved for this permission. This may be overridden for special cases

Parameters:

authentication - The authentication of the logged in user

targetDomainObject - the object that is being acted on

Returns:

true of the admin should be approved