Package org.bedework.webdav.servlet.access

Class AccessHelper

java.lang.Object

org.bedework.webdav.servlet.access.AccessHelper

All Implemented Interfaces:

Serializable, org.bedework.access.PrivilegeDefs, org.bedework.util.logging.Logged, AccessHelperI

public class AccessHelper
extends Object
implements org.bedework.util.logging.Logged, AccessHelperI

An access helper class. This class makes some assumptions about the classes it deals with but there are no explicit hibernate, or other persistence engine, dependencies.

It assumes access to the parent object when needed, continuing on up to the root. For systems which do not allow for a retrieval of the parent on calls to the getCalendar method, the getParent method for this class will need to be overridden. This would presumably take place within the core implementation.

Author:

Mike Douglass

See Also:

• Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.bedework.webdav.servlet.access.AccessHelperI

AccessHelperI.CallBack

Field Summary

Fields inherited from interface org.bedework.access.PrivilegeDefs

allowed, allowedInherited, denied, deniedInherited, inheritedFlag, oldAllowed, oldDenied, privAll, privAny, privBind, privEncoding, privMaxType, privNone, privRead, privReadAcl, privReadCurrentUserPrivilegeSet, privReadFreeBusy, privSchedule, privScheduleDeliver, privScheduleDeliverInvite, privScheduleDeliverReply, privScheduleFreeBusy, privScheduleQueryFreebusy, privScheduleReply, privScheduleRequest, privScheduleSend, privScheduleSendFreebusy, privScheduleSendInvite, privScheduleSendReply, privUnbind, privUnlock, privWrite, privWriteAcl, privWriteContent, privWriteProperties, unspecified

Constructor Summary

Constructors

Constructor	Description
AccessHelper()

Method Summary

Modifier and Type	Method	Description
void	changeAccess(SharedEntity ent, Collection<org.bedework.access.Ace> aces, boolean replaceAll)	Change the access to the given calendar entity using the supplied aces.
Collection<? extends SharedEntity>	checkAccess(Collection<? extends SharedEntity> ents, int desiredAccess, boolean alwaysReturn)	Return a Collection of the objects after checking access
org.bedework.access.CurrentAccess	checkAccess(SharedEntity ent, int desiredAccess, boolean alwaysReturnResult)	Check access for the given entity.
void	close()	Called at request end
void	defaultAccess(SharedEntity ent, org.bedework.access.AceWho who)	Remove any explicit access for the given who to the given calendar entity.
String	getDefaultPersonalAccess()
String	getDefaultPublicAccess()	Get the default public access
org.bedework.util.logging.BwLogger	getLogger()
SharedEntity	getParent(SharedEntity val)	Called to get the parent object for a shared entity.
boolean	getSuperUser()
void	init(AccessHelperI.CallBack cb)
void	open()	Called at request start
void	setAuthPrincipal(org.bedework.access.AccessPrincipal val)	Set the current authenticated user.
void	setMaximumAllowedPrivs(org.bedework.access.PrivilegeSet val)
void	setSuperUser(boolean val)	Indicate if we are in superuser mode.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.bedework.util.logging.Logged

audit, debug, debug, debug, enableAuditLogger, enableErrorLogger, enableMetricsLogger, error, error, error, getLogLevel, info, isAuditLoggerEnabled, isErrorLoggerEnabled, isMetricsDebugEnabled, isMetricsLoggerEnabled, metrics, setLoggerClass, setLoggerClass, trace, trace, trace, warn

Constructor Details

AccessHelper

public AccessHelper()

Method Details

init

public void init(AccessHelperI.CallBack cb)

Specified by:

init in interface AccessHelperI

Parameters:

cb - callback

setSuperUser

public void setSuperUser(boolean val)

Description copied from interface: AccessHelperI

Indicate if we are in superuser mode.

Specified by:

setSuperUser in interface AccessHelperI

Parameters:

val - true for superuser

getSuperUser

public boolean getSuperUser()

Specified by:

getSuperUser in interface AccessHelperI

Returns:

boolean

setMaximumAllowedPrivs

public void setMaximumAllowedPrivs(org.bedework.access.PrivilegeSet val)

Parameters:

val - priv set

setAuthPrincipal

public void setAuthPrincipal(org.bedework.access.AccessPrincipal val)

Description copied from interface: AccessHelperI

Set the current authenticated user.

Specified by:

setAuthPrincipal in interface AccessHelperI

Parameters:

val - principal

open

public void open()

Description copied from interface: AccessHelperI

Called at request start

Specified by:

open in interface AccessHelperI

close

public void close()

Description copied from interface: AccessHelperI

Called at request end

Specified by:

close in interface AccessHelperI

getParent

public SharedEntity getParent(SharedEntity val)

Description copied from interface: AccessHelperI

Called to get the parent object for a shared entity.

Specified by:

getParent in interface AccessHelperI

Parameters:

val - entity

Returns:

parent calendar or null.

getDefaultPublicAccess

public String getDefaultPublicAccess()

Description copied from interface: AccessHelperI

Get the default public access

Specified by:

getDefaultPublicAccess in interface AccessHelperI

Returns:

String value for default access

getDefaultPersonalAccess

public String getDefaultPersonalAccess()

Specified by:

getDefaultPersonalAccess in interface AccessHelperI

Returns:

String default user access

changeAccess

public void changeAccess(SharedEntity ent,
 Collection<org.bedework.access.Ace> aces,
 boolean replaceAll)

Description copied from interface: AccessHelperI

Change the access to the given calendar entity using the supplied aces. We are changing access so we remove all access for each who in the list and then add the new aces.

Specified by:

changeAccess in interface AccessHelperI

Parameters:

ent - DbEntity

aces - Collection of ace objects

replaceAll - true to replace the entire access list.

defaultAccess

public void defaultAccess(SharedEntity ent,
 org.bedework.access.AceWho who)

Description copied from interface: AccessHelperI

Remove any explicit access for the given who to the given calendar entity.

Specified by:

defaultAccess in interface AccessHelperI

Parameters:

ent - DbEntity

who - AceWho

checkAccess

public Collection<? extends SharedEntity> checkAccess(Collection<? extends SharedEntity> ents,
 int desiredAccess,
 boolean alwaysReturn)

Description copied from interface: AccessHelperI

Return a Collection of the objects after checking access

Specified by:

checkAccess in interface AccessHelperI

Parameters:

ents - Collection of DbEntity

desiredAccess - access we want

alwaysReturn - boolean flag behaviour on no access

Returns:

Collection of checked objects

checkAccess

public org.bedework.access.CurrentAccess checkAccess(SharedEntity ent,
 int desiredAccess,
 boolean alwaysReturnResult)

Description copied from interface: AccessHelperI

Check access for the given entity. Returns the current access

We special case the access to the user root e.g /user and the home directory, e.g. /user/douglm We deny access to /user to anybody without superuser access. This prevents user browsing. This could be made a system property if the organization wants user browsing. Default access to the home directory is read, write-content to the owner only and unlimited to superuser. Specific access should be no more than read, write-content to the home directory.

Specified by:

checkAccess in interface AccessHelperI

Parameters:

ent - shred entity

desiredAccess - access

alwaysReturnResult - true to return always

Returns:

CurrentAccess

getLogger

public org.bedework.util.logging.BwLogger getLogger()

Specified by:

getLogger in interface org.bedework.util.logging.Logged