Package net.solarnetwork.central.security

Class AuthorizationSupport

java.lang.Object
net.solarnetwork.central.security.AuthorizationSupport
Direct Known Subclasses:
UserMetadataSecurityAspect
public class AuthorizationSupport extends Object
Helper class for authorization needs, e.g. aspect implementations.

  • Field Details

    • log

      protected final org.slf4j.Logger log

  • Constructor Details

  • Method Details

    • getNodeOwnershipDao

      public SolarNodeOwnershipDao getNodeOwnershipDao()
      Get the SolarNodeOwnershipDao.
      Returns:
      The SolarNodeOwnershipDao.

    • requireNodeWriteAccess

      protected void requireNodeWriteAccess(Long nodeId)
      Require the active user have "write" access to a given node ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      nodeId - the node ID to check
      Throws:
      AuthorizationException - if the authorization check fails

    • requireNodeWriteAccess

      public void requireNodeWriteAccess(Long nodeId, org.slf4j.Logger log)
      Require the active user have "write" access to a given node ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      nodeId - the node ID to check
      log - the logger to use
      Throws:
      AuthorizationException - if the authorization check fails
      Since:
      1.1

    • requireNodeReadAccess

      protected void requireNodeReadAccess(Long nodeId)
      Require the active user have "read" access to a given node ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      nodeId - the node ID to check
      Throws:
      AuthorizationException - if the authorization check fails

    • requireNodeReadAccess

      public void requireNodeReadAccess(Long nodeId, org.slf4j.Logger log)
      Require the active user have "read" access to a given node ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      nodeId - the node ID to check
      log - the logger to use
      Throws:
      AuthorizationException - if the authorization check fails
      Since:
      1.1

    • requireUserWriteAccess

      protected void requireUserWriteAccess(Long userId)
      Require the active user have "write" access to a given user ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      userId - the user ID to check
      Throws:
      AuthorizationException - if the authorization check fails

    • requireUserWriteAccess

      public void requireUserWriteAccess(Long userId, org.slf4j.Logger log)
      Require the active user have "write" access to a given user ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      userId - the user ID to check
      log - the logger to use
      Throws:
      AuthorizationException - if the authorization check fails
      Since:
      1.1

    • getActiveSecurityPolicy

      public SecurityPolicy getActiveSecurityPolicy()
      Get a SecurityPolicy for the active user, if available.
      Returns:
      The active user's policy, or null.

    • requireUserReadAccess

      protected void requireUserReadAccess(Long userId)
      Require the active user have "read" access to a given user ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      userId - the user ID to check
      Throws:
      AuthorizationException - if the authorization check fails

    • requireUserReadAccess

      public void requireUserReadAccess(Long userId, org.slf4j.Logger log)
      Require the active user have "read" access to a given user ID. If the active user is not authorized, a AuthorizationException will be thrown.
      Parameters:
      userId - the user ID to check
      log - the logger to use
      Throws:
      AuthorizationException - if the authorization check fails
      Since:
      1.1

    • policyEnforcerCheck

      public <T> T policyEnforcerCheck(T domainObject)
      Enforce a security policy on a domain object and SecurityPolicyMetadataType#Node metadata type.
      Type Parameters:
      T - the domain object type
      Parameters:
      domainObject - The domain object to enforce the active policy on.
      Returns:
      The domain object to use.
      Throws:
      AuthorizationException - If the policy check fails.

    • policyEnforcerCheck

      public <T> T policyEnforcerCheck(T domainObject, SecurityPolicyMetadataType metadataType)
      Enforce a security policy on a domain object or collection of domain objects. The FilterResults API is supported, as is List.
      Type Parameters:
      T - the domain object type
      Parameters:
      domainObject - The domain object to enforce the active policy on.
      metadataType - The metadata type to enforce the active policy on.
      Returns:
      The domain object to use.
      Throws:
      AuthorizationException - If the policy check fails.

    • getPathMatcher

      public org.springframework.util.PathMatcher getPathMatcher()
      Get the path matcher to use.
      Returns:
      the path matcher

    • setPathMatcher

      public void setPathMatcher(org.springframework.util.PathMatcher pathMatcher)
      Set the path matcher to use.
      Parameters:
      pathMatcher - the matcher to use