public abstract class TurbineSecurity extends Object
Certain Roles that the Users may have in the system may are not related
to any specific resource nor entity. They are assigned within a special group
named 'global' that can be referenced in the code as
TurbineModelManager.GLOBAL_GROUP_NAME
.
Constructor and Description |
---|
TurbineSecurity() |
Modifier and Type | Method and Description |
---|---|
static boolean |
accountExists(String userName)
Check whether a specified user's account exists.
|
static boolean |
accountExists(User user)
Check whether a specified user's account exists.
|
static void |
addGroup(org.apache.fulcrum.security.entity.Group group)
Creates a new group with specified attributes.
|
static void |
addPermission(org.apache.fulcrum.security.entity.Permission permission)
Creates a new permission with specified attributes.
|
static void |
addRole(org.apache.fulcrum.security.entity.Role role)
Creates a new role with specified attributes.
|
static void |
addUser(User user,
String password)
Creates new user account with specified attributes.
|
static void |
changePassword(User user,
String oldPassword,
String newPassword)
Change the password for an User.
|
static org.apache.fulcrum.security.entity.Group |
createGroup(String name)
Creates a new Group in the system.
|
static org.apache.fulcrum.security.entity.Permission |
createPermission(String name)
Creates a new Permission in the system.
|
static org.apache.fulcrum.security.entity.Role |
createRole(String name)
Creates a new Role in the system.
|
static void |
forcePassword(User user,
String password)
Forcibly sets new password for an User.
|
static org.apache.fulcrum.security.acl.AccessControlList |
getACL(User user)
Constructs an AccessControlList for a specific user.
|
static org.apache.fulcrum.security.util.GroupSet |
getAllGroups()
Retrieves all groups defined in the system.
|
static org.apache.fulcrum.security.util.PermissionSet |
getAllPermissions()
Retrieves all permissions defined in the system.
|
static org.apache.fulcrum.security.util.RoleSet |
getAllRoles()
Retrieves all roles defined in the system.
|
static User |
getAnonymousUser()
Constructs an User object to represent an anonymous user of the
application.
|
static User |
getAuthenticatedUser(String username,
String password)
Authenticates an user, and constructs an User object to represent
him/her.
|
static org.apache.fulcrum.security.entity.Group |
getGlobalGroup()
Provides a reference to the Group object that represents the
global group.
|
static org.apache.fulcrum.security.entity.Group |
getGroupById(int groupId)
Retrieve a Group object with specified Id.
|
static org.apache.fulcrum.security.entity.Group |
getGroupByName(String groupName)
Retrieve a Group object with specified name.
|
static org.apache.fulcrum.security.entity.Group |
getGroupInstance(String groupName)
Construct a blank Group object.
|
static org.apache.fulcrum.security.entity.Permission |
getPermissionById(int permissionId)
Retrieve a Permission object with specified Id.
|
static org.apache.fulcrum.security.entity.Permission |
getPermissionByName(String permissionName)
Retrieve a Permission object with specified name.
|
static org.apache.fulcrum.security.entity.Permission |
getPermissionInstance(String permName)
Construct a blank Permission object.
|
static org.apache.fulcrum.security.util.PermissionSet |
getPermissions(org.apache.fulcrum.security.entity.Role role)
Retrieves all permissions associated with a role.
|
static org.apache.fulcrum.security.entity.Role |
getRoleById(int roleId)
Retrieve a Role object with specified Id.
|
static org.apache.fulcrum.security.entity.Role |
getRoleByName(String roleName)
Retrieve a Role object with specified name.
|
static org.apache.fulcrum.security.entity.Role |
getRoleInstance(String roleName)
Construct a blank Role object.
|
static SecurityService |
getService()
Retrieves an implementation of SecurityService, base on the settings in
TurbineResources.
|
static User |
getUser(String username)
Constructs an User object to represent a registered user of the
application.
|
static User |
getUserInstance()
Construct a blank User object.
|
static UserManager |
getUserManager()
Returns the configured UserManager.
|
static void |
grant(org.apache.fulcrum.security.entity.Role role,
org.apache.fulcrum.security.entity.Permission permission)
Grants a Role a Permission
|
static void |
grant(User user,
org.apache.fulcrum.security.entity.Group group,
org.apache.fulcrum.security.entity.Role role)
Grant an User a Role in a Group.
|
static boolean |
isAnonymousUser(User user)
Checks whether a passed user object matches the anonymous user pattern
according to the configured service
|
static void |
removeGroup(org.apache.fulcrum.security.entity.Group group)
Removes a Group from the system.
|
static void |
removePermission(org.apache.fulcrum.security.entity.Permission permission)
Removes a Permission from the system.
|
static void |
removeRole(org.apache.fulcrum.security.entity.Role role)
Removes a Role from the system.
|
static void |
removeUser(User user)
Removes an user account from the system.
|
static void |
renameGroup(org.apache.fulcrum.security.entity.Group group,
String name)
Renames an existing Group.
|
static void |
renamePermission(org.apache.fulcrum.security.entity.Permission permission,
String name)
Renames an existing Permission.
|
static void |
renameRole(org.apache.fulcrum.security.entity.Role role,
String name)
Renames an existing Role.
|
static void |
revoke(org.apache.fulcrum.security.entity.Role role,
org.apache.fulcrum.security.entity.Permission permission)
Revokes a Permission from a Role.
|
static void |
revoke(User user,
org.apache.fulcrum.security.entity.Group group,
org.apache.fulcrum.security.entity.Role role)
Revoke a Role in a Group from an User.
|
static void |
revokeAll(org.apache.fulcrum.security.entity.Role role)
Revokes all permissions from a Role.
|
static void |
revokeAll(User user)
Revokes all roles from an User.
|
static void |
saveOnSessionUnbind(User user)
Saves User data when the session is unbound.
|
static void |
saveUser(User user)
Saves User's data in the permanent storage.
|
public TurbineSecurity()
public static SecurityService getService()
public static User getUserInstance() throws org.apache.fulcrum.security.util.UnknownEntityException
org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public static UserManager getUserManager()
public static boolean accountExists(User user) throws org.apache.fulcrum.security.util.DataBackendException
user
- The user to be checked.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public static boolean accountExists(String userName) throws org.apache.fulcrum.security.util.DataBackendException
userName
- The name of the user to be checked.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public static User getAuthenticatedUser(String username, String password) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.PasswordMismatchException
username
- The user name.password
- The user password.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account is not present.org.apache.fulcrum.security.util.PasswordMismatchException
- if the supplied password was incorrect.public static User getUser(String username) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
username
- The user name.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account is not present.public static User getAnonymousUser() throws org.apache.fulcrum.security.util.UnknownEntityException
org.apache.fulcrum.security.util.UnknownEntityException
- if the anonymous User object couldn't be
constructed.public static boolean isAnonymousUser(User user)
user
- A user objectpublic static void saveUser(User user) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
user
- The User object to save.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static void saveOnSessionUnbind(User user) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
user
- the user in the sessionorg.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static void changePassword(User user, String oldPassword, String newPassword) throws org.apache.fulcrum.security.util.PasswordMismatchException, org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
user
- an User to change password for.oldPassword
- the current password supplied by the user.newPassword
- the current password requested by the user.org.apache.fulcrum.security.util.PasswordMismatchException
- if the supplied password was
incorrect.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's record does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static void forcePassword(User user, String password) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
user
- an User to change password for.password
- the new password.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's record does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static org.apache.fulcrum.security.acl.AccessControlList getACL(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
user
- the user for whom the AccessControlList are to be retrievedorg.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account is not present.public static void grant(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
user
- the user.group
- the group.role
- the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account, group or role is not
present.public static void revoke(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
user
- the user.group
- the group.role
- the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account, group or role is not
present.public static void revokeAll(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
user
- the User.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the account is not present.public static void grant(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- the Role.permission
- the Permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if role or permission is not present.public static void revoke(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- the Role.permission
- the Permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if role or permission is not present.public static void revokeAll(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- the Roleorg.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the Role is not present.public static void addUser(User user, String password) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
user
- the object describing account to be created.password
- password for the new userorg.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the user account already exists.public static void removeUser(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
user
- the object describing the account to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the user account is not present.public static org.apache.fulcrum.security.entity.Group getGlobalGroup()
public static org.apache.fulcrum.security.entity.Group createGroup(String name) throws org.apache.fulcrum.security.util.FulcrumSecurityException
name
- The name of the new Group.org.apache.fulcrum.security.util.FulcrumSecurityException
- if the Group could not be created.public static org.apache.fulcrum.security.entity.Permission createPermission(String name) throws org.apache.fulcrum.security.util.FulcrumSecurityException
name
- The name of the new Permission.org.apache.fulcrum.security.util.FulcrumSecurityException
- if the Permission could not be created.public static org.apache.fulcrum.security.entity.Role createRole(String name) throws org.apache.fulcrum.security.util.FulcrumSecurityException
name
- The name of the Role.org.apache.fulcrum.security.util.FulcrumSecurityException
- if the Role could not be created.public static org.apache.fulcrum.security.entity.Group getGroupByName(String groupName) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
groupName
- The name of the Group to be retrieved.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the Group is not present.public static org.apache.fulcrum.security.entity.Group getGroupById(int groupId) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
groupId
- the id of the Group.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static org.apache.fulcrum.security.entity.Group getGroupInstance(String groupName) throws org.apache.fulcrum.security.util.UnknownEntityException
groupName
- The name of the Grouporg.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public static org.apache.fulcrum.security.entity.Role getRoleInstance(String roleName) throws org.apache.fulcrum.security.util.UnknownEntityException
roleName
- The name of the role.org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public static org.apache.fulcrum.security.entity.Permission getPermissionInstance(String permName) throws org.apache.fulcrum.security.util.UnknownEntityException
permName
- The name of the permission.org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public static org.apache.fulcrum.security.entity.Role getRoleByName(String roleName) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
roleName
- The name of the Role to be retrieved.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the Role is not present.public static org.apache.fulcrum.security.entity.Role getRoleById(int roleId) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
roleId
- the id of the Role.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static org.apache.fulcrum.security.entity.Permission getPermissionByName(String permissionName) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
permissionName
- The name of the Permission to be retrieved.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the Permission is not present.public static org.apache.fulcrum.security.entity.Permission getPermissionById(int permissionId) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
permissionId
- the id of the Permission.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public static org.apache.fulcrum.security.util.GroupSet getAllGroups() throws org.apache.fulcrum.security.util.DataBackendException
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public static org.apache.fulcrum.security.util.RoleSet getAllRoles() throws org.apache.fulcrum.security.util.DataBackendException
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public static org.apache.fulcrum.security.util.PermissionSet getAllPermissions() throws org.apache.fulcrum.security.util.DataBackendException
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public static org.apache.fulcrum.security.util.PermissionSet getPermissions(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- the role name, for which the permissions are to be retrieved.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role is not present.public static void addGroup(org.apache.fulcrum.security.entity.Group group) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
group
- the object describing the group to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the group already exists.public static void addRole(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
role
- the objects describing the role to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the role already exists.public static void addPermission(org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
permission
- the objects describing the permission to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the permission already exists.public static void removeGroup(org.apache.fulcrum.security.entity.Group group) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
group
- the object describing group to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the group does not exist.public static void removeRole(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- The object describing the role to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role does not exist.public static void removePermission(org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
permission
- The object describing the permission to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not exist.public static void renameGroup(org.apache.fulcrum.security.entity.Group group, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
group
- The object describing the group to be renamed.name
- the new name for the group.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the group does not exist.public static void renameRole(org.apache.fulcrum.security.entity.Role role, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
role
- The object describing the role to be renamed.name
- the new name for the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role does not exist.public static void renamePermission(org.apache.fulcrum.security.entity.Permission permission, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
permission
- The object describing the permission to be renamed.name
- the new name for the permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not exist.Copyright © 2000-2015 The Apache Software Foundation. All Rights Reserved.