fathom.authz

Class Authorizations

java.lang.Object

fathom.authz.Authorizations

All Implemented Interfaces:

Serializable, Cloneable

public final class Authorizations
extends Object
implements Serializable, Cloneable

Authorizations represents an Account's Roles & Permissions.

This class was adapted from Apache Shiro.

See Also:

Role, Permission, Account, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected Collection<Permission>	aggregatePermissions
protected Set<Permission>	permissions
protected Set<Role>	roles

Constructor Summary

Constructors

Constructor and Description
Authorizations()
Authorizations(Set<Role> roles, Set<Permission> permissions) Creates a new instance with the specified Roles and Permissions.
Authorizations(Set<String> roles) Creates a new instance with the specified roles and no permissions.

Method Summary

Modifier and Type	Method and Description
Authorizations	addPermission(String permission) Adds (assigns) a permission to those directly associated with the Account.
Authorizations	addPermissions(Collection<Permission> permissions) Adds (assigns) a permission to those directly associated with the Account.
Authorizations	addPermissions(String... permissions) Adds (assigns) a permission to those directly associated with the Account.
Authorizations	addRole(Role role) Adds (assigns) multiple roles to those associated with the Account.
Authorizations	addRole(String role) Adds (assigns) multiple roles to those associated with the Account.
Authorizations	addRoles(Collection<Role> roles) Adds (assigns) multiple roles to those associated with the Account.
Authorizations	addRoles(String... roles) Adds roles to the Account Authorizations.
Authorizations	clone()
Collection<Permission>	getAggregatePermissions() Gets the collection of permissions including the role permissions and discrete permissions.
Set<Permission>	getPermissions() Returns all type-safe Permissions assigned to the corresponding Account.
Set<Role>	getRoles() Returns the Roles assigned to the corresponding Account.
boolean	hasRole(String roleIdentifier) Returns true if this Account has the specified role, false otherwise.
boolean	hasRoles(Collection<String> roleIdentifiers) Returns true if this Account has the specified roles, false otherwise.
boolean	hasRoles(String... roleIdentifiers) Returns true if this Account has the specified roles, false otherwise.
protected boolean	isPermitted(Permission permission)
boolean[]	isPermitted(String... permissions) Checks if this Account implies the given permission strings and returns a boolean array indicating which permissions are implied.
boolean	isPermitted(String permission) Returns true if this Account is permitted to perform an action or access a resource summarized by the specified permission string.
boolean	isPermittedAll(Collection<String> permissions) Returns true if this Account implies all of the specified permission strings, false otherwise.
boolean	isPermittedAll(String... permissions) Returns true if this Account implies all of the specified permission strings, false otherwise.
void	setPermissions(Collection<Permission> permissions) Sets the string-based permissions assigned directly to the Account.
Authorizations	setRoles(Set<Role> roles) Sets the roles assigned to the Account.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

roles

protected final Set<Role> roles

permissions

protected final Set<Permission> permissions

aggregatePermissions

protected transient Collection<Permission> aggregatePermissions

Constructor Detail

Authorizations

public Authorizations()

Authorizations

public Authorizations(Set<String> roles)

Creates a new instance with the specified roles and no permissions.

Parameters:

roles - the roles assigned to the Account.

Authorizations

public Authorizations(Set<Role> roles,
                      Set<Permission> permissions)

Creates a new instance with the specified Roles and Permissions.

Parameters:

roles - the roles assigned to the Account.

permissions - the permissions assigned to the Account.

Method Detail

getRoles

public Set<Role> getRoles()

Returns the Roles assigned to the corresponding Account.

Returns:

the Roles assigned to the corresponding Account.

setRoles

public Authorizations setRoles(Set<Role> roles)

Sets the roles assigned to the Account.

Parameters:

roles - the roles assigned to the Account.

addRoles

public Authorizations addRoles(String... roles)

Adds roles to the Account Authorizations.

Parameters:

roles - the roles to add.

addRoles

public Authorizations addRoles(Collection<Role> roles)

Adds (assigns) multiple roles to those associated with the Account.

Parameters:

roles - the roles to add to those associated with the Account.

addRole

public Authorizations addRole(String role)

Adds (assigns) multiple roles to those associated with the Account.

Parameters:

role - the role to add to those associated with the Account.

addRole

public Authorizations addRole(Role role)

Adds (assigns) multiple roles to those associated with the Account.

Parameters:

role - the role to add to those associated with the Account.

addPermissions

public Authorizations addPermissions(String... permissions)

Adds (assigns) a permission to those directly associated with the Account. If the Account doesn't yet have any direct permissions, a new permission collection (a Set<String>) will be created automatically.

Parameters:

permissions - the permissions to add to those directly assigned to the Account.

addPermission

public Authorizations addPermission(String permission)

Adds (assigns) a permission to those directly associated with the Account. If the Account doesn't yet have any direct permissions, a new permission collection (a Set<String>) will be created automatically.

Parameters:

permission - the permission to add to those directly assigned to the Account.

addPermissions

public Authorizations addPermissions(Collection<Permission> permissions)

Adds (assigns) a permission to those directly associated with the Account. If the Account doesn't yet have any direct permissions, a new permission collection (a Set<String>) will be created automatically.

Parameters:

permissions - the permissions to add to those directly assigned to the Account.

getPermissions

public Set<Permission> getPermissions()

Returns all type-safe Permissions assigned to the corresponding Account. The permissions returned from this method plus any returned from getPermissions() represent the total set of permissions. The aggregate set is used to perform a permission authorization check.

Returns:

all type-safe Permissions assigned to the corresponding Account.

setPermissions

public void setPermissions(Collection<Permission> permissions)

Sets the string-based permissions assigned directly to the Account. The permissions set here, in addition to any object permissions constitute the total permissions assigned directly to the Account.

Parameters:

permissions - the string-based permissions assigned directly to the Account.

isPermitted

public boolean isPermitted(String permission)

Returns true if this Account is permitted to perform an action or access a resource summarized by the specified permission string.

This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.

Parameters:

permission - the String representation of a Permission that is being checked.

Returns:

true if this Account is permitted, false otherwise.

isPermitted

public boolean[] isPermitted(String... permissions)

Checks if this Account implies the given permission strings and returns a boolean array indicating which permissions are implied.

This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.

Parameters:

permissions - the String representations of the Permissions that are being checked.

Returns:

a boolean array where indices correspond to the index of the permissions in the given list. A true value at an index indicates this Account is permitted for for the associated Permission string in the list. A false value at an index indicates otherwise.

isPermittedAll

public boolean isPermittedAll(String... permissions)

Returns true if this Account implies all of the specified permission strings, false otherwise.

This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.

Parameters:

permissions - the String representations of the Permissions that are being checked.

Returns:

true if this Account has all of the specified permissions, false otherwise.

isPermittedAll

public boolean isPermittedAll(Collection<String> permissions)

Returns true if this Account implies all of the specified permission strings, false otherwise.

This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.

Parameters:

permissions - the String representations of the Permissions that are being checked.

Returns:

true if this Account has all of the specified permissions, false otherwise.

isPermitted

protected boolean isPermitted(Permission permission)

hasRole

public boolean hasRole(String roleIdentifier)

Returns true if this Account has the specified role, false otherwise.

Parameters:

roleIdentifier - the application-specific role identifier (usually a role id or role name).

Returns:

true if this Account has the specified role, false otherwise.

hasRoles

public boolean hasRoles(String... roleIdentifiers)

Returns true if this Account has the specified roles, false otherwise.

Parameters:

roleIdentifiers - the application-specific role identifiers to check (usually role ids or role names).

Returns:

true if this Account has all the specified roles, false otherwise.

hasRoles

public boolean hasRoles(Collection<String> roleIdentifiers)

Returns true if this Account has the specified roles, false otherwise.

Parameters:

roleIdentifiers - the application-specific role identifiers to check (usually role ids or role names).

Returns:

true if this Account has all the specified roles, false otherwise.

getAggregatePermissions

public Collection<Permission> getAggregatePermissions()

Gets the collection of permissions including the role permissions and discrete permissions.

Returns:

a collection of aggregate permissions

clone

public Authorizations clone()

Overrides:

clone in class Object