Package org.bedework.calfacade.util

Interface AccessUtilI

All Superinterfaces:
org.bedework.access.PrivilegeDefs, Serializable
public interface AccessUtilI extends org.bedework.access.PrivilegeDefs, Serializable
An access helper interface. This interface makes some assumptions about the classes it deals with but there is no explicit hibernate, or other persistence engine, dependencies.

It assumes that it has access to the parent object when needed, continuing on up to the root. For systems which do not allow for a retrieval of the parent on calls to the getCalendar method, the getParent method for this class will need to be overridden. This would presumably take place within the core implementation.

Author:
Mike Douglass douglm bedework.edu

  • Field Summary

    Fields inherited from interface org.bedework.access.PrivilegeDefs

    allowed, allowedInherited, denied, deniedInherited, inheritedFlag, oldAllowed, oldDenied, privAll, privAny, privBind, privEncoding, privMaxType, privNone, privRead, privReadAcl, privReadCurrentUserPrivilegeSet, privReadFreeBusy, privSchedule, privScheduleDeliver, privScheduleDeliverInvite, privScheduleDeliverReply, privScheduleFreeBusy, privScheduleQueryFreebusy, privScheduleReply, privScheduleRequest, privScheduleSend, privScheduleSendFreebusy, privScheduleSendInvite, privScheduleSendReply, privUnbind, privUnlock, privWrite, privWriteAcl, privWriteContent, privWriteProperties, unspecified

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    changeAccess(ShareableEntity ent, Collection<org.bedework.access.Ace> aces, boolean replaceAll)
    Change the access to the given calendar entity using the supplied aces.
    Collection<? extends ShareableEntity>
    checkAccess(Collection<? extends ShareableEntity> ents, int desiredAccess, boolean alwaysReturn)
    Return a Collection of the objects after checking access
    org.bedework.access.CurrentAccess
    checkAccess(ShareableEntity ent, int desiredAccess, boolean alwaysReturnResult)
    Check access for the given entity.
    void
    close()
    Called at request end
    void
    defaultAccess(ShareableEntity ent, org.bedework.access.AceWho who)
    Remove any explicit access for the given who to the given calendar entity.
    BwCalendar
    getParent(BwShareableContainedDbentity<?> val)
    Called to get the parent object for a shared entity.
    void
    init(PrincipalInfo cb)
     
    void
    open()
    Called at request start

  • Method Details

    • init

      void init(PrincipalInfo cb)
      Parameters:
      cb - PrincipalInfo object

    • open

      void open()
      Called at request start

    • close

      void close()
      Called at request end

    • getParent

      BwCalendar getParent(BwShareableContainedDbentity<?> val) throws CalFacadeException
      Called to get the parent object for a shared entity. This method should be overriden if explicit calls to the back end calendar are required.
      Parameters:
      val - shareable contained entity - so parent can be located
      Returns:
      parent calendar or null.
      Throws:
      CalFacadeException - for no access or other failure

    • changeAccess

      void changeAccess(ShareableEntity ent, Collection<org.bedework.access.Ace> aces, boolean replaceAll) throws CalFacadeException
      Change the access to the given calendar entity using the supplied aces. We are changing access so we remove all access for each who in the list and then add the new aces.
      Parameters:
      ent - Shareable entity
      aces - Collection of ace objects
      replaceAll - true to replace the entire access list.
      Throws:
      CalFacadeException - for no access or other failure

    • defaultAccess

      void defaultAccess(ShareableEntity ent, org.bedework.access.AceWho who) throws CalFacadeException
      Remove any explicit access for the given who to the given calendar entity.
      Parameters:
      ent - Shareable entity
      who - AceWho
      Throws:
      CalFacadeException - for no access or other failure

    • checkAccess

      Collection<? extends ShareableEntity> checkAccess(Collection<? extends ShareableEntity> ents, int desiredAccess, boolean alwaysReturn) throws CalFacadeException
      Return a Collection of the objects after checking access
      Parameters:
      ents - Collection of BwShareableDbentity
      desiredAccess - access we want
      alwaysReturn - boolean flag behaviour on no access
      Returns:
      Collection of checked objects
      Throws:
      CalFacadeException - for no access or other failure

    • checkAccess

      org.bedework.access.CurrentAccess checkAccess(ShareableEntity ent, int desiredAccess, boolean alwaysReturnResult) throws CalFacadeException
      Check access for the given entity. Returns the current access

      We special case the access to the user root e.g /user and the home directory, e.g. /user/douglm We deny access to /user to anybody without superuser access. This prevents user browsing. This could be made a system property if the organization wants user browsing. Default access to the home directory is read, write-content to the owner only and unlimited to superuser. Specific access should be no more than read, write-content to the home directory.

      Parameters:
      ent - shareable entity
      desiredAccess - access we want
      alwaysReturnResult - boolean flag behaviour on no access
      Returns:
      CurrentAccess
      Throws:
      CalFacadeException - for no access or other failure