AuthFilterTaskHeap

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.sandev.TaskHeap.UserLookup
Class AuthFilterTaskHeap

java.lang.Object
  org.sandev.TaskHeap.UserLookup.AuthFilterTaskHeap

All Implemented Interfaces:: org.sandev.basics.util.AuthFilter

public class AuthFilterTaskHeap
extends java.lang.Object
implements org.sandev.basics.util.AuthFilter

An implementation of the AuthFilter interface as used for the TaskHeap application. Readers have read-only access to all information except for internal plans. Readers are also restricted from seeing the allocationPercentages of Resources.

Field Summary

Fields inherited from interface org.sandev.basics.util.AuthFilter

AUTH_NOACCESS, AUTH_READONLY, AUTH_UNRESTRICTED, AUTH_VALHIDDEN

Constructor Summary
`AuthFilterTaskHeap()`

Method Summary
`protected void`	`debug(java.lang.String text)` Dump the debug output text.
`boolean`	`isActive(org.sandev.basics.util.AuthUser user)` Return true if the given user is active, false otherwise.
`protected boolean`	`isLoginMessageClass(java.lang.String className)` Return true if the given message class name is required for login processing and therefore must be allowed for all users.
`org.sandev.basics.structs.SandAttrVal[]`	`matchRestrictions(org.sandev.basics.util.AuthUser user, java.lang.String className, org.sandev.basics.structs.SandAttrVal[] savs)` Hidden plans are only available to Resources.
`int`	`messageClassAccess(org.sandev.basics.util.AuthUser user, java.lang.String className)` Only Resources may issue updates, everything else is fine.
`int`	`messageFieldAccess(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)` To demonstrate field filtering, we want to prevent Readers from seeing the allocationPercentage of a Resource.
`int`	`messageFieldValueAccess(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)` We don't restrict any message values.
`int`	`messageInstanceAccess(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandMessage msg)` Since we add visibility=published to the query parameters, we don't need to worry about checking read access to specific PlanComponent message instances here.
`java.lang.String`	`shortenClassName(java.lang.String classname)` Strip any preceding qualifications to return the short class name.
`int`	`tokenAccess(org.sandev.basics.util.AuthUser user, java.lang.String token)` Readers do not have access to the Admin screen, otherwise this is unrestricted.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthFilterTaskHeap

public AuthFilterTaskHeap()

Method Detail

messageClassAccess

public int messageClassAccess(org.sandev.basics.util.AuthUser user,
                              java.lang.String className)
                       throws org.sandev.basics.structs.SandException

Only Resources may issue updates, everything else is fine.

Specified by:: messageClassAccess in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

messageInstanceAccess

public int messageInstanceAccess(org.sandev.basics.util.AuthUser user,
                                 org.sandev.basics.structs.SandMessage msg)
                          throws org.sandev.basics.structs.SandException

Since we add visibility=published to the query parameters, we don't need to worry about checking read access to specific PlanComponent message instances here.

Specified by:: messageInstanceAccess in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

messageFieldAccess

public int messageFieldAccess(org.sandev.basics.util.AuthUser user,
                              org.sandev.basics.structs.SandMessage msg,
                              java.lang.String fieldName)
                       throws org.sandev.basics.structs.SandException

To demonstrate field filtering, we want to prevent Readers from seeing the allocationPercentage of a Resource. If we are logging in, then we should be filtering the messages with the user we found.

Specified by:: messageFieldAccess in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

messageFieldValueAccess

public int messageFieldValueAccess(org.sandev.basics.util.AuthUser user,
                                   org.sandev.basics.structs.SandMessage msg,
                                   java.lang.String fieldName)
                            throws org.sandev.basics.structs.SandException

We don't restrict any message values. If you can see the field, then you can see the value for it.

Specified by:: messageFieldValueAccess in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

matchRestrictions

public org.sandev.basics.structs.SandAttrVal[] matchRestrictions(org.sandev.basics.util.AuthUser user,
                                                                 java.lang.String className,
                                                                 org.sandev.basics.structs.SandAttrVal[] savs)
                                                          throws org.sandev.basics.structs.SandException

Hidden plans are only available to Resources.

Specified by:: matchRestrictions in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

tokenAccess

public int tokenAccess(org.sandev.basics.util.AuthUser user,
                       java.lang.String token)
                throws org.sandev.basics.structs.SandException

Readers do not have access to the Admin screen, otherwise this is unrestricted.

Specified by:: tokenAccess in interface org.sandev.basics.util.AuthFilter

Throws:: org.sandev.basics.structs.SandException

isLoginMessageClass

protected boolean isLoginMessageClass(java.lang.String className)

Return true if the given message class name is required for login processing and therefore must be allowed for all users.

debug

protected void debug(java.lang.String text)

Dump the debug output text. Generally the AuthFilter should be totally quiet, since it generates a lot of noise, but there are times when you want to see what is going on. Ultimately we should have singleton access to a Logger, for now this is just println.

shortenClassName

public java.lang.String shortenClassName(java.lang.String classname)

Strip any preceding qualifications to return the short class name. This is for times when we want to check how the classname starts, and we aren't worried about name collisions.

isActive

public boolean isActive(org.sandev.basics.util.AuthUser user)

Return true if the given user is active, false otherwise.

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.sandev.TaskHeap.UserLookup Class AuthFilterTaskHeap

AuthFilterTaskHeap

messageClassAccess

messageInstanceAccess

messageFieldAccess

messageFieldValueAccess

matchRestrictions

tokenAccess

isLoginMessageClass

debug

shortenClassName

isActive

org.sandev.TaskHeap.UserLookup
Class AuthFilterTaskHeap