Package de.uplanet.lucy.server.auxiliaries.security

Class IxAccessController

  • @VelocityCallable("singleton")
public final class IxAccessController
extends Object
    This class can be used to check arbitrary permissions.

    For Intrexx permissions see the classes that are derived from IIntrexxPermission.

    • Constructor Detail

      • IxAccessController

        public IxAccessController()

    • Method Detail

      • hasAllPermission

        public boolean hasAllPermission()
        Check if the current user has the java.security.AllPermission.
        Returns:
        true if the current user has the AllPermission, or false otherwise.

      • hasPermission

        public boolean hasPermission​(String p_strPermissionClass,
                             String p_strName,
                             String p_strActions)
        Check if we have a certain permission. This method directly calls the policy that's currently in effect, without involving any business logic layer objects.
        Parameters:
        p_strPermissionClass - An arbitrary permission class name, e.g see the permissions derived from IIntrexxPermission.
        p_strName - The permission name.
        p_strActions - The required actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasMenuPermission

        public boolean hasMenuPermission​(String p_strId,
                                 String p_strActions)
        Check if we have the specified menu permission.
        Parameters:
        p_strId - The menu identifier.
        p_strActions - The requested actions, e.g. access, or administration.
        Returns:
        true if the permission is granted, or false if the permission is denied.
        See Also:
        ApplicationPermission

      • hasApplicationPermission

        public boolean hasApplicationPermission​(String p_strAppGuid,
                                        String p_strActions)
        Check if we have the specified application permission.
        Parameters:
        p_strAppGuid - The application's unique identifier.
        p_strActions - The requested page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied.
        See Also:
        ApplicationPermission

      • hasStartPagePermission

        public boolean hasStartPagePermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                      String p_strAppGuid,
                                      String p_strActions)
        • Check if we have access permission for the given application.
        • Check if we have the requested permission at the application's start page.
        Parameters:
        p_ctx - The processing context.
        p_strAppGuid - The unique application identifier.
        p_strActions - The required actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasPagePermission

        public boolean hasPagePermission​(String p_strAppGuid,
                                 String p_strPageGuid,
                                 String p_strActions)
        • Check if we have access permission for the given application.
        • Check if we have the requested page permission.
        Parameters:
        p_strAppGuid - The unique application identifier.
        p_strPageGuid - The unique page identifier.
        p_strActions - The requested page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied.

      • hasDatagroupPermission

        public boolean hasDatagroupPermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                      String p_strAppGuid,
                                      String p_strDgGuid,
                                      String p_strActions)
        This method actually calls IRtApp.hasDgPermission(String, String) for the given application and datagroup.
        Parameters:
        p_ctx - The processing context.
        p_strAppGuid - The unique application identifier.
        p_strDgGuid - The unique datagroup identifier.
        p_strActions - The requested datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.
        See Also:
        DatagroupPermission

      • hasDatagroupPermission

        public boolean hasDatagroupPermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                      String p_strAppGuid,
                                      String p_strDgGuid,
                                      String p_strRecId,
                                      String p_strActions)
        This method actually calls IRtApp.hasDgPermission(String, String) for the given application and datagroup.
        Parameters:
        p_ctx - The processing context.
        p_strAppGuid - The unique application identifier.
        p_strDgGuid - The unique datagroup identifier.
        p_strRecId - The ID of the data record, or null. Currently this parameter is being ignored.
        p_strActions - The requested datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.
        See Also:
        DatagroupPermission

      • hasDatagroupPermissionFromPage

        public boolean hasDatagroupPermissionFromPage​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                              String p_strAppGuid,
                                              String p_strPageGuid,
                                              String p_strActions)
        This method actually calls IRtApp.hasDgPermissionFromPage(String, String) for the given application, page and datagroup actions.
        Parameters:
        p_ctx - The processing context.
        p_strAppGuid - The unique application identifier.
        p_strPageGuid - The unique page identifier.
        p_strActions - The requested datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasOwnDatagroupPermissionFromPage

        public boolean hasOwnDatagroupPermissionFromPage​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                 IUser p_user,
                                                 int p_iRecordUserId,
                                                 String p_strAppGuid,
                                                 String p_strPageGuid,
                                                 String p_strActions)
        This method actually calls _hasDatagroupPermissionFromPage(IRtApp, IUser, int, String, String, String).
        Parameters:
        p_ctx - The processing context.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strAppGuid - The unique application identifier.
        p_strPageGuid - The unique page identifier.
        p_strActions - The requested datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasOwnDatagroupPermissionFromPage

        public boolean hasOwnDatagroupPermissionFromPage​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                 String p_strRecId,
                                                 IUser p_user,
                                                 int p_iRecordUserId,
                                                 String p_strAppGuid,
                                                 String p_strPageGuid,
                                                 String p_strActions)
        This method actually calls _hasDatagroupPermissionFromPage(IRtApp, IUser, int, String, String, String).
        Parameters:
        p_ctx - The processing context.
        p_strRecId - The current record id to check, can be null.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strAppGuid - The unique application identifier.
        p_strPageGuid - The unique page identifier.
        p_strActions - The requested datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcDatagroupPermissionAndTgtPageAccess

        public boolean hasSrcDatagroupPermissionAndTgtPageAccess​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                         String p_strSrcAppGuid,
                                                         String p_strSrcPageGuid,
                                                         String p_strSrcActions,
                                                         String p_strTgtAppGuid,
                                                         String p_strTgtPageGuid,
                                                         String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcDatagroupPermissionAndTgtPageAccess

        public boolean hasSrcDatagroupPermissionAndTgtPageAccess​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                         String p_strSrcRecId,
                                                         String p_strSrcAppGuid,
                                                         String p_strSrcPageGuid,
                                                         String p_strSrcActions,
                                                         String p_strTgtAppGuid,
                                                         String p_strTgtPageGuid,
                                                         String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_strSrcRecId - The current source record id to check, can be null.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcOwnDatagroupPermissionAndTgtPageAccess

        public boolean hasSrcOwnDatagroupPermissionAndTgtPageAccess​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                            IUser p_user,
                                                            int p_iRecordUserId,
                                                            String p_strSrcAppGuid,
                                                            String p_strSrcPageGuid,
                                                            String p_strSrcActions,
                                                            String p_strTgtAppGuid,
                                                            String p_strTgtPageGuid,
                                                            String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcOwnDatagroupPermissionAndTgtPageAccess

        public boolean hasSrcOwnDatagroupPermissionAndTgtPageAccess​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                            String p_strSrcRecId,
                                                            IUser p_user,
                                                            int p_iRecordUserId,
                                                            String p_strSrcAppGuid,
                                                            String p_strSrcPageGuid,
                                                            String p_strSrcActions,
                                                            String p_strTgtAppGuid,
                                                            String p_strTgtPageGuid,
                                                            String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_strSrcRecId - The current source record id to check, can be null.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target page actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcOwnDatagroupPermissionAndTgtDatagroupPermission

        public boolean hasSrcOwnDatagroupPermissionAndTgtDatagroupPermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                                     IUser p_user,
                                                                     int p_iRecordUserId,
                                                                     String p_strSrcAppGuid,
                                                                     String p_strSrcPageGuid,
                                                                     String p_strSrcActions,
                                                                     String p_strTgtAppGuid,
                                                                     String p_strTgtPageGuid,
                                                                     String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcOwnDatagroupPermissionAndTgtDatagroupPermission

        public boolean hasSrcOwnDatagroupPermissionAndTgtDatagroupPermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                                     String p_strSrcRecId,
                                                                     IUser p_user,
                                                                     int p_iRecordUserId,
                                                                     String p_strSrcAppGuid,
                                                                     String p_strSrcPageGuid,
                                                                     String p_strSrcActions,
                                                                     String p_strTgtAppGuid,
                                                                     String p_strTgtPageGuid,
                                                                     String p_strTgtActions)
        Parameters:
        p_ctx - The processing context.
        p_strSrcRecId - The current source record id to check, can be null.
        p_user - The user to be matched against p_iRecordUserId.
        p_iRecordUserId - The integer identifier of the user that owns the record.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasSrcDatagroupPermissionAndTgtDatagroupPermission

        public boolean hasSrcDatagroupPermissionAndTgtDatagroupPermission​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                                  String p_strSrcAppGuid,
                                                                  String p_strSrcPageGuid,
                                                                  String p_strSrcActions,
                                                                  String p_strTgtAppGuid,
                                                                  String p_strTgtPageGuid,
                                                                  String p_strTgtActions)
        • For the source parameters see IRtApp.hasDgPermissionFromPage(String, String).
        • For the target parameters see IRtApp.hasDgPermissionFromPage(String, String).
        Parameters:
        p_ctx - The processing context.
        p_strSrcAppGuid - The source application's unique identifier.
        p_strSrcPageGuid - The source page's unique identifier.
        p_strSrcActions - The requested source datagroup actions.
        p_strTgtAppGuid - The target application's unique identifier.
        p_strTgtPageGuid - The target page's unique identifier.
        p_strTgtActions - The requested target datagroup actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasDatagroupReadOwnPermissionFromDatapickerControlName

        public boolean hasDatagroupReadOwnPermissionFromDatapickerControlName​(de.uplanet.lucy.server.IProcessingContext p_ctx,
                                                                      String p_strAppGuid,
                                                                      String p_strPageGuid,
                                                                      String p_strDatapickerGuid)
        Check if we have read-own permissions on the datagroup that's associated with the given datapicker.
        Parameters:
        p_ctx - The processing context.
        p_strAppGuid - The application's unique identifier.
        p_strPageGuid - The page's unique identifier.
        p_strDatapickerGuid - The datapicker control's name.
        Returns:
        true if the permission is granted, or false if the permission is denied.

      • hasFileWalkerControlPermission

        public boolean hasFileWalkerControlPermission​(String p_strControlGuid,
                                              String p_strActions)
        Parameters:
        p_strControlGuid - The FileWalker control's unique identifier.
        p_strActions - The requested actions.
        Returns:
        true if the permission is granted, or false otherwise.

      • hasMainPortalAdministrationPermission

        public boolean hasMainPortalAdministrationPermission()

      • hasDsUserPermission

        public boolean hasDsUserPermission​(String p_strName,
                                   String p_strActions)
        Checks if we have the permission for user administration.
        Parameters:
        p_strName - The user's unique identifier, or <all users>.
        p_strActions - The requested actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasDsSetPermission

        public boolean hasDsSetPermission​(String p_strName,
                                  String p_strActions)
        Checks if we have the permission for set administration.
        Parameters:
        p_strName - The set's unique identifier, or <all sets>.
        p_strActions - The requested actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasDsContainerPermission

        public boolean hasDsContainerPermission​(String p_strName,
                                        String p_strActions)
        Checks if we have the permission for the administration of containers.
        Parameters:
        p_strName - The container's unique identifier, or <all containers>.
        p_strActions - The requested actions.
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasPositionAdministrationPermission

        public boolean hasPositionAdministrationPermission​(String p_strName)
        Checks if we have the permission for the administration of organizational positions.
        Parameters:
        p_strName - The organizational position's unique identifier, or .
        Returns:
        true if the permission is granted, or false if the permission is denied or an error occurred.

      • hasToolsPermission

        @Deprecated
public boolean hasToolsPermission​(String p_strActions)
        Deprecated.
        This permission does not exist anymore and cannot be patched.
        Parameters:
        p_strActions -
        Returns:
        nothing

      • hasIntegrationCenterPermission

        @Deprecated
public boolean hasIntegrationCenterPermission​(String p_strActions)
        Deprecated.
        This permission does not exist anymore and cannot be patched.
        Parameters:
        p_strActions -
        Returns:
        nothing

      • hasDataTransferPermission

        public boolean hasDataTransferPermission​(String p_strActions)
        Checks for the data transfer permission
        Parameters:
        p_strActions -
        Returns:
        nothing