Package com.skava.auth.helper

Class AccessControlHelper

java.lang.Object
com.skava.auth.helper.AccessControlHelper
public final class AccessControlHelper extends Object
This class hold the set of methods for role and privilege based access control using the authorization component of skava framework.
Author:
Infosys Equinox

  • Field Details

  • Method Details

    • setInstanceRoles

      public static void setInstanceRoles(String superAdminRoleName)

    • isInstanceRole

      public static boolean isInstanceRole(String roleName)

    • isOpenRole

      public static boolean isOpenRole(String roleName)

    • hasBusinessAccessForProtectedRole

      public static boolean hasBusinessAccessForProtectedRole(Iterator<UserRoleVO> userRoles, String privilege, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method return the accessibility result of user's protected role.
      Parameters:
      userRoles - a Iterator of UserRoleVO objects.
      privilege - a String object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasBusinessAccessForProtectedClientRole

      public static boolean hasBusinessAccessForProtectedClientRole(Iterator<ClientRoleVO> clientRoles, String privilege, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method return the accessibility result of client's protected role.
      Parameters:
      clientRoles - a Iterator of ClientRoleVO objects.
      privilege - a String object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasBusinessAccessForProtectedRoles

      public static boolean hasBusinessAccessForProtectedRoles(Collection<UserRolesVO> userRoles, String privilege, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method return the accessibility result of user's protected role.
      Parameters:
      userRoles - a Collection of UserRolesVO objects.
      privilege - a String object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasBusinessAccessForProtectedClientRoles

      public static boolean hasBusinessAccessForProtectedClientRoles(Collection<ClientRolesVO> clientRoles, String privilege, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method return the accessibility result of client's protected role.
      Parameters:
      clientRoles - a Collection of ClientRolesVO objects.
      privilege - a String object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasSelfAccess

      public static boolean hasSelfAccess(Long userIdFromToken, Long userId)
      This method return the accessibility result of self access.
      Parameters:
      userIdFromToken - a Long object.
      userId - a Long object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasSelfClientAccess

      public static boolean hasSelfClientAccess(String clientIdFromToken, String clientId)
      This method return the accessibility result of self access.
      Parameters:
      clientIdFromToken - a String object.
      clientId - a String object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasBusinessAccessByBusinessIds

      public static boolean hasBusinessAccessByBusinessIds(String[] businessIds, String privilege, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method return the accessibility result of business by list of business identifiers.
      Parameters:
      businessIds - a Array of String objects.
      privilege - a String object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • preAuthorizeInstanceRole

      public static void preAuthorizeInstanceRole(com.skava.core.auth.AuthTokenHandler authTokenHandler, org.springframework.context.MessageSource messageSource)

    • hasAccessForOpenRole

      public static boolean hasAccessForOpenRole(Long userId, com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method will validate Request userId with Auth token userId
      Parameters:
      userId - a Long object.
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasTokenOpenRole

      public static boolean hasTokenOpenRole(com.skava.core.auth.AuthTokenHandler authTokenHandler)
      This method will validate the auth token roles has open role
      Parameters:
      authTokenHandler - a AuthTokenHandler object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • hasPersmissionToUpdateRoles

      public static boolean hasPersmissionToUpdateRoles(Set<UserRole> existingUserRoles, Set<UserRoleVO> requestUserRoles, com.skava.core.auth.AuthTokenHandler authTokenHandler, Long userId)
      This method will validate the auth token user has access to update roles
      Parameters:
      existingUserRoles - a Set of UserRole objects which holds the existing roles of the user.
      requestUserRoles - a Set of UserRoleVO objects.
      authTokenHandler - a AuthTokenHandler object.
      userId - a Long object.
      Returns:
      a Boolean object. Hold the result of access validation.

    • preAuthorize

      public static void preAuthorize(Long userId, Long collectionId, Set<UserRole> existingUserRoles, Set<UserRoleVO> requestUserRoles, com.skava.core.auth.AuthTokenHandler authTokenHandler, org.springframework.context.MessageSource messageSource, boolean skipSelfAcccess)
      Parameters:
      userId - a Long object.
      collectionId - a Long object.
      existingUserRoles - a Set of UserRole objects. which holds the existing roles of the user.
      requestUserRoles - a Set of UserRoleVO objects.
      authTokenHandler - a AuthTokenHandler object.
      messageSource - a MessageSource object.
      skipSelfAcccess - a boolean object

    • preAuthorizeClient

      public static void preAuthorizeClient(String clientId, Long collectionId, Set<ClientRole> existingClientRoles, Set<ClientRoleVO> requestClientRoles, com.skava.core.auth.AuthTokenHandler authTokenHandler, org.springframework.context.MessageSource messageSource)
      Parameters:
      clientId - a String object.
      collectionId - a Long object.
      existingClientRoles - a Set of ClientRole objects. which holds the existing roles of the client.
      requestClientRoles - a Set of ClientRoleVO objects.
      authTokenHandler - a AuthTokenHandler object.
      messageSource - a MessageSource object.

    • preAuthorize

      public static void preAuthorize(Long userId, Long collectionId, Set<UserRole> existingUserRoles, Set<UserRoleVO> requestUserRoles, com.skava.core.auth.AuthTokenHandler authTokenHandler, org.springframework.context.MessageSource messageSource)
      Parameters:
      userId - a Long object.
      collectionId - a Long object.
      existingUserRoles - a Set of UserRole objects. which holds the existing roles of the user.
      requestUserRoles - a Set of UserRoleVO objects.
      authTokenHandler - a AuthTokenHandler object.
      messageSource - a MessageSource object.