|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.arsdigita.acs.Scope
Scoping mechanism for generating dynamic queries, authorization for user/group/public scoping. A Scoping object contains (maybe) a user id, group id, and a scope type.
Constructor Summary | |
Scope(HttpServletRequest req,
HttpServletResponse resp)
|
|
Scope(PageContext pc)
Pull out scoping variables, info about logged in user, etc., from the servlet request. |
Method Summary | |
String |
getAuthorizationStatus(String public_permissions,
String group_permissions,
String user_permissions,
Integer id)
Returns either "authorized", "reg_required", or "not_authorized" depending on whether the currently-logged-in user has sufficient credentials to view the object displayed in the current page, given the required public/user/group permissions for the object. |
Integer |
getGroupId()
|
String |
getScope()
|
String |
getScopeSql(String table_name)
Returns the SQL partial WHERE clause appropriate for this scope, according to the request attributes passed in. |
boolean |
isScopeAdmin(Integer userId)
return true if the given user is an administrator for this scope |
Integer |
scopeAuthorize(String public_permissions,
String group_permissions,
String user_permissions)
Checks to see if the currently-logged-in user may view the current page, given the required public/group/user permissions and the scope of the object. |
Methods inherited from class java.lang.Object |
|
Constructor Detail |
public Scope(PageContext pc)
public Scope(HttpServletRequest req, HttpServletResponse resp)
Method Detail |
public String getScope()
public Integer getGroupId()
public final String getScopeSql(String table_name)
if scope is not set, then public scope is assumed.
if scope=group, group_id must be set in the topmost environment.
if scope=user it userId must be set in the topmost environment.
and if scope=table it assumes on_which_table and on_what_id are
set in topmost environment. ad_scope_sql returns portion of sql
query resolving scope. e.g. if scope=group this proc will
return scope=group and group_id=
public final String getAuthorizationStatus(String public_permissions, String group_permissions, String user_permissions, Integer id) throws SQLException, IOException, ACSException
public final Integer scopeAuthorize(String public_permissions, String group_permissions, String user_permissions) throws IOException, SQLException, ACSException, ForbiddenException
public final boolean isScopeAdmin(Integer userId) throws IOException, SQLException, ACSException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |