Package io.bdeploy.common.security

Class ScopedPermission

java.lang.Object

io.bdeploy.common.security.ScopedPermission

public final class ScopedPermission
extends Object

Describes access rights to a given resource. Access rights can either be global or restricted (=scoped) to a given resource. Global permissions take precedence over scoped permissions. Thus a user having global read permissions is allowed to access any scoped resource with READ permissions. In contrast to that a user that has scoped READ permissions is not able to access a resource requiring global read permissions.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	ScopedPermission.Permission	Available permissions.

Field Summary

Fields

Modifier and Type	Field	Description
final ScopedPermission.Permission	permission
final String	scope

Constructor Summary

Constructors

Constructor	Description
ScopedPermission(ScopedPermission.Permission permission)	Creates a new global permission.
ScopedPermission(String scope, ScopedPermission.Permission permission)	Creates a new scoped permission allowing access to a particular resource.

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object obj)
int	hashCode()
boolean	isGlobal()	Returns whether or not this is a global scoped permission
boolean	satisfies(ScopedPermission other)	Checks whether or not this permission satisfies the given one.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Details

scope

public final String scope

permission

public final ScopedPermission.Permission permission

Constructor Details

ScopedPermission

public ScopedPermission(ScopedPermission.Permission permission)

Creates a new global permission.

Parameters:

permission - the permission

ScopedPermission

public ScopedPermission(String scope,
 ScopedPermission.Permission permission)

Creates a new scoped permission allowing access to a particular resource.

Parameters:

scope - the scope of the resource

permission - the permission

Method Details

toString

public String toString()

Overrides:

toString in class Object

hashCode

@Generated("Eclipse")
public int hashCode()

Overrides:

hashCode in class Object

equals

@Generated("Eclipse")
public boolean equals(Object obj)

Overrides:

equals in class Object

isGlobal

public boolean isGlobal()

Returns whether or not this is a global scoped permission

satisfies

public boolean satisfies(ScopedPermission other)

Checks whether or not this permission satisfies the given one. Permissions are inclusive and ADMIN is the highest one. The ADMIN permission implicitly grants WRITE and READ and the WRITE permission implicitly grants READ permission.

• If this token is a global one then the scoped of the other one is ignored. Just the permission without the scoped is checked.
• If this token is a scoped one and the other one is a global then always false will be returned.
• If both are scoped permissions then the scope must match. If so the permission will be compared.

Parameters:

other - the permission to check

Returns:

true if this permission satisfies the other one and false otherwise