Class ResourceReadPermissionForNonAnonymous
java.lang.Object
ch.tocco.nice2.dms.spi.security.policyprocessor.AbstractDmsPolicyProcessor
ch.tocco.nice2.dms.impl.security.policyprocessor.ResourceReadPermissionForNonAnonymous
- All Implemented Interfaces:
PolicyProcessor
PolicyProcessor that efficiently implements the equivalent of the following acl rules:
entity(Resource):
grant access(read) except &anonymous if
entity_model == null
and exists (relNode_right where relNode_permission.unique_id == "read" and relRole.relLogin_role.relPrincipal.username == principal.name)
and not exists(relFolder where mail_box);
entity(Resource):
grant access(read) except &anonymous if
entity_model == null
and read_permissions_set == false
and not exists(relFolder where mail_box);
-
Field Summary
Fields inherited from class AbstractDmsPolicyProcessor
context, evaluationService, typeManager -
Constructor Summary
ConstructorsConstructorDescriptionResourceReadPermissionForNonAnonymous(Context context, TypeManager typeManager, PermissionMatrixEvaluationService evaluationService) -
Method Summary
Modifier and TypeMethodDescriptionprotected NodegetAdditionalCondition(EntityModel entityModel) protected Stringprotected booleanisSupported(Principal principal) Methods inherited from class AbstractDmsPolicyProcessor
getEntityModel, prependRule, processPolicy
-
Constructor Details
-
ResourceReadPermissionForNonAnonymous
public ResourceReadPermissionForNonAnonymous(Context context, TypeManager typeManager, PermissionMatrixEvaluationService evaluationService)
-
-
Method Details
-
isSupported
- Specified by:
isSupportedin classAbstractDmsPolicyProcessor
-
getNodePermissionName
- Specified by:
getNodePermissionNamein classAbstractDmsPolicyProcessor
-
getAdditionalCondition
- Specified by:
getAdditionalConditionin classAbstractDmsPolicyProcessor
-