org.wso2.carbon.registry.core.secure
Class AuthorizeRoleListener

java.lang.Object
  extended by org.wso2.carbon.user.core.common.AbstractAuthorizationManagerListener
      extended by org.wso2.carbon.registry.core.secure.AuthorizeRoleListener
All Implemented Interfaces:
org.wso2.carbon.user.core.listener.AuthorizationManagerListener

public class AuthorizeRoleListener
extends org.wso2.carbon.user.core.common.AbstractAuthorizationManagerListener
implements org.wso2.carbon.user.core.listener.AuthorizationManagerListener

This is a registry-based implementation of a listener that can be attached to the authorization manager of a Carbon server. An authorize role listener is capable of mapping Carbon UI permissions to registry resource permissions and thereby manage accessibility to various resource paths based on the amount of permissions available to a given role.


Field Summary
 
Fields inherited from interface org.wso2.carbon.user.core.listener.AuthorizationManagerListener
MULTITENANCY_USER_RESTRICTION_HANDLER, PERMISSION_AUTHORIZATION_LISTENER, REGISTRY_AUTH_ROLE_LISTENER
 
Constructor Summary
AuthorizeRoleListener(int executionId, String path, String permission, String executeAction, String[] actions)
          Creates an instance of an authorize role listener.
 
Method Summary
 boolean authorizeRole(String roleName, String resourceId, String action, org.wso2.carbon.user.core.AuthorizationManager authorizationManager)
          Grants authorization to a role to perform an action on a resource.
 boolean clearRoleActionOnAllResources(String roleName, String action, org.wso2.carbon.user.core.AuthorizationManager authorizationManager)
          Deletes the role's right to perform the action on all resources.
 int getExecutionOrderId()
          Method to get the execution order identifier.
 
Methods inherited from class org.wso2.carbon.user.core.common.AbstractAuthorizationManagerListener
authorizeUser, clearResourceAuthorizations, clearRoleAuthorization, clearRoleAuthorization, clearUserAuthorization, clearUserAuthorization, denyRole, denyUser, isRoleAuthorized, isUserAuthorized, resetPermissionOnUpdateRole
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.wso2.carbon.user.core.listener.AuthorizationManagerListener
authorizeUser, clearResourceAuthorizations, clearRoleAuthorization, clearRoleAuthorization, clearUserAuthorization, clearUserAuthorization, denyRole, denyUser, isRoleAuthorized, isUserAuthorized, resetPermissionOnUpdateRole
 

Constructor Detail

AuthorizeRoleListener

public AuthorizeRoleListener(int executionId,
                             String path,
                             String permission,
                             String executeAction,
                             String[] actions)
Creates an instance of an authorize role listener.

Parameters:
executionId - the execution order identifier
path - the resource (or collection) path
permission - the permission. This should not be prefixed with the registry root.
executeAction - the execute action required.
actions - the actions to which the role would be authorized.
Method Detail

getExecutionOrderId

public int getExecutionOrderId()
Method to get the execution order identifier.

Specified by:
getExecutionOrderId in interface org.wso2.carbon.user.core.listener.AuthorizationManagerListener
Returns:
the execution order identifier.

clearRoleActionOnAllResources

public boolean clearRoleActionOnAllResources(String roleName,
                                             String action,
                                             org.wso2.carbon.user.core.AuthorizationManager authorizationManager)
                                      throws org.wso2.carbon.user.core.UserStoreException
Deletes the role's right to perform the action on all resources.

Specified by:
clearRoleActionOnAllResources in interface org.wso2.carbon.user.core.listener.AuthorizationManagerListener
Overrides:
clearRoleActionOnAllResources in class org.wso2.carbon.user.core.common.AbstractAuthorizationManagerListener
Parameters:
roleName - the name of the role.
action - the action of the granted permission.
authorizationManager - the authorization manager to use.
Throws:
org.wso2.carbon.user.core.UserStoreException - if an error occurs.

authorizeRole

public boolean authorizeRole(String roleName,
                             String resourceId,
                             String action,
                             org.wso2.carbon.user.core.AuthorizationManager authorizationManager)
                      throws org.wso2.carbon.user.core.UserStoreException
Grants authorization to a role to perform an action on a resource.

Specified by:
authorizeRole in interface org.wso2.carbon.user.core.listener.AuthorizationManagerListener
Overrides:
authorizeRole in class org.wso2.carbon.user.core.common.AbstractAuthorizationManagerListener
Parameters:
roleName - the name of the role
resourceId - resource identification string
action - the action of the granted permission.
authorizationManager - the authorization manager to use.
Throws:
org.wso2.carbon.user.core.UserStoreException - if an error occurs.


Copyright © 2013 WSO2 Inc. All Rights Reserved.