Class RepositoryBackedPermission<DomainObjectType,IdentifierType extends java.io.Serializable>
- java.lang.Object
-
- ca.corefacility.bioinformatics.irida.security.permissions.RepositoryBackedPermission<DomainObjectType,IdentifierType>
-
- Type Parameters:
DomainObjectType
- the type of domain object that this permission is evaluating.IdentifierType
- The identifier for the domain object in the database
- All Implemented Interfaces:
BasePermission<DomainObjectType>
- Direct Known Subclasses:
ModifyProjectPermission
,ReadAnalysisPermission
,ReadAnalysisSubmissionPermission
,ReadExportSubmissionPermission
,ReadMetadataEntryPermission
,ReadMetadataTemplatePermission
,ReadProjectPermission
,ReadReferenceFilePermission
,ReadSamplePermission
,ReadSequencingObjectPermission
,ReadSequencingRunPermission
,UpdateAnalysisSubmissionPermission
,UpdateMetadataTemplatePermission
,UpdateReferenceFilePermission
,UpdateSamplePermission
,UpdateSamplesFromAnalysisSubmissionPermission
,UpdateSequencingRunPermission
,UpdateUserGroupPermission
,UpdateUserPermission
public abstract class RepositoryBackedPermission<DomainObjectType,IdentifierType extends java.io.Serializable> extends java.lang.Object implements BasePermission<DomainObjectType>
Superclass for permissions on objects which can be read from aCrudRepository
. This permission will either evaluate the permission based on a passed object of DomainObjectType, or will read an object from the given repository by the given IdentifierType.
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
RepositoryBackedPermission(java.lang.Class<DomainObjectType> domainObjectType, java.lang.Class<IdentifierType> identifierType, org.springframework.data.repository.CrudRepository<DomainObjectType,IdentifierType> repository)
Constructor with handles on the type of repository and type of domain object.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected boolean
adminAccessAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)
Check whether admins should be quick-approved for this permission.protected abstract boolean
customPermissionAllowed(org.springframework.security.core.Authentication authentication, DomainObjectType targetDomainObject)
This method is called byRepositoryBackedPermission
to evaluate the custom permissions provided by implementing classes.boolean
isAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)
Is the authenticated user allowed to perform some action on the target domain object?-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface ca.corefacility.bioinformatics.irida.security.permissions.BasePermission
getPermissionProvided
-
-
-
-
Constructor Detail
-
RepositoryBackedPermission
protected RepositoryBackedPermission(java.lang.Class<DomainObjectType> domainObjectType, java.lang.Class<IdentifierType> identifierType, org.springframework.data.repository.CrudRepository<DomainObjectType,IdentifierType> repository)
Constructor with handles on the type of repository and type of domain object.- Parameters:
domainObjectType
- the domain object type managed by this permission.identifierType
- the type of identifier used by this object.repository
- the repository to load objects of the type for this permission.
-
-
Method Detail
-
customPermissionAllowed
protected abstract boolean customPermissionAllowed(org.springframework.security.core.Authentication authentication, DomainObjectType targetDomainObject)
This method is called byRepositoryBackedPermission
to evaluate the custom permissions provided by implementing classes.- Parameters:
authentication
- the authenticated user.targetDomainObject
- the object that the user is attempting to access.- Returns:
- true if permitted, false otherwise.
-
isAllowed
public boolean isAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)
Is the authenticated user allowed to perform some action on the target domain object?- Specified by:
isAllowed
in interfaceBasePermission<DomainObjectType>
- Parameters:
authentication
- the authenticated user.targetDomainObject
- the object the user is requesting to perform an action on.- Returns:
- true if the action is allowed, false otherwise.
-
adminAccessAllowed
protected boolean adminAccessAllowed(org.springframework.security.core.Authentication authentication, java.lang.Object targetDomainObject)
Check whether admins should be quick-approved for this permission. This may be overridden for special cases- Parameters:
authentication
- The authentication of the logged in usertargetDomainObject
- the object that is being acted on- Returns:
- true of the admin should be approved
-
-