de.xima.fc.gui.common.utils

Class PermissionUtils

java.lang.Object

de.xima.fc.gui.common.utils.PermissionUtils

public class PermissionUtils
extends Object

Author:

XIMA MEDIA GmbH

Constructor Summary

Constructors

Constructor and Description
PermissionUtils()

Method Summary

Modifier and Type	Method and Description
static boolean	canSadminAccessClient(Mandant client) TODO Currently sadmin access is restricted only for the cloud version.
static boolean	canUserAccessInbox(Benutzer user, Integer inboxId)
static boolean	canUserAccessInbox(Benutzer user, Postfach inbox)
static boolean	canUserAccessProcess(Benutzer user, long processId)
static boolean	canUserAccessProcess(Benutzer user, String puid)
static boolean	canUserAccessProcess(Benutzer user, Vorgang process)
static boolean	canUserAccessProjectPage(UserContext uc, Benutzer user, Projekt project, EAccessProperty... props) See canUserAccessProjectPage(UserContext, Benutzer, Rolle, Projekt, boolean, EAccessProperty...)
static boolean	canUserAccessProjectPage(UserContext uc, Benutzer user, Rolle role, Mandant client, boolean isEditingAllowed, EAccessProperty... props)
static boolean	canUserAccessProjectPage(UserContext uc, Benutzer user, Rolle role, Projekt project, boolean isEditingAllowed, EAccessProperty... props) Whether the user is allowed access to the given project page (or action).
static boolean	hasUserInboxAccess(Benutzer user, Mandant client) Checks whether the user has access to inboxes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PermissionUtils

public PermissionUtils()

Method Detail

canUserAccessProcess

public static final boolean canUserAccessProcess(Benutzer user,
                                                 Vorgang process)

canUserAccessProcess

public static final boolean canUserAccessProcess(Benutzer user,
                                                 String puid)

canUserAccessProcess

public static final boolean canUserAccessProcess(Benutzer user,
                                                 long processId)

hasUserInboxAccess

public static final boolean hasUserInboxAccess(Benutzer user,
                                               Mandant client)

Checks whether the user has access to inboxes

Parameters:

user - Benutzer

client - Mandant if user is sadmin

Returns:

true if user has inboxes or user is sadmin and inbox access is granted by client

canUserAccessInbox

public static final boolean canUserAccessInbox(Benutzer user,
                                               Postfach inbox)

canSadminAccessClient

public static boolean canSadminAccessClient(Mandant client)

TODO Currently sadmin access is restricted only for the cloud version.

Parameters:

client - Client to check.

Returns:

Whether the super administrator is allowed access to the given client. If null was passed for the client, returns true.

canUserAccessInbox

public static final boolean canUserAccessInbox(Benutzer user,
                                               Integer inboxId)

canUserAccessProjectPage

public static final boolean canUserAccessProjectPage(UserContext uc,
                                                     Benutzer user,
                                                     Rolle role,
                                                     Projekt project,
                                                     boolean isEditingAllowed,
                                                     EAccessProperty... props)

Whether the user is allowed access to the given project page (or action). They need to have the correct role property, and if the project page allows editing, they also need to be in the correct user group. This checks whether

• the user is a member of one of the Projekt.getEditorBenutzerGruppen() (if the project page requires it)
• the user is granted to the correct RolleProperties.getFCProperty(EAccessProperty)

Parameters:

uc - Current user context.

user - User to check.

role - The role of the given user.

project - Project to check.

isEditingAllowed - Whether the given user belongs to any of the Projekt.getEditorBenutzerGruppen() user groups.

props - Some of the EViews corresponding to the following views

• EViews.PROJECT_UPDATE
• EViews.PROJEKT_ACCESS
• EViews.PROJEKT_COPY
• EViews.PROJEKT_DATATABLE
• EViews.PROJEKT_DESIGNER
• EViews.PROJEKT_INBOX
• EViews.PROJEKT_PUBLISH
• EViews.PROJEKT_DOI
• EViews.PROJEKT_PREVIEW
• EViews.PROJEKT_RESOURCES
• EViews.PROJEKT_VERSIONS
• EViews.PROJEKT_WORKFLOW
• EViews.PROJEKT_XF_DESIGNER
• EViews.PROJEKT_XF_DESIGNER_FRAME

and/or some of the following EAccessPropertys:

• EAccessProperty.FORM_DELETE
• EAccessProperty.FORM_PUBLISH
• EAccessProperty.FORM_DETAILS
• EAccessProperty.FORM_DETAILS
• EAccessProperty.FORM_CREATE_TEMPLATE
• EAccessProperty.FORM_CREATE
• EAccessProperty.PROJECT_INVITE
• EAccessProperty.PROJECT_EXPORT_PRINT
• EAccessProperty.PROJECT_EXPORT_PORTRAIT

Returns:

Whether the user is allowed to access the given project page for the given project.

canUserAccessProjectPage

public static final boolean canUserAccessProjectPage(UserContext uc,
                                                     Benutzer user,
                                                     Rolle role,
                                                     Mandant client,
                                                     boolean isEditingAllowed,
                                                     EAccessProperty... props)

canUserAccessProjectPage

public static final boolean canUserAccessProjectPage(UserContext uc,
                                                     Benutzer user,
                                                     Projekt project,
                                                     EAccessProperty... props)

See canUserAccessProjectPage(UserContext, Benutzer, Rolle, Projekt, boolean, EAccessProperty...)

Parameters:

uc - Current user context.

user - User to check.

project - Project to check.

props - Project page(s) to check.

Returns:

Whether the user is allowed access to all the given properties.