Class PromaAccessChecker


  • public final class PromaAccessChecker
    extends Object
    Static functions for checking access permissions related to PROMA operations.
    Since:
    8.0.0
    Author:
    XIMA MEDIA GmbH
    • Method Detail

      • isPluginPromaRequestAllowedForScope

        public static boolean isPluginPromaRequestAllowedForScope​(IPublicPromaInvocationContext pc,
                                                                  WorkspaceScope scope)
        Checks whether requests to PROMA concerning plugins (such as the plugin update check) are allowed for the given context and scope (a client scope or system scope) are allowed. This checks whether the user from the given context is allowed to access the plugin menu. When requests are sent via the client's browser, users must not be able to see which plugins are installed in scope to which the user does not have access.
        Parameters:
        pc - PROMA invocation context with the user to check.
        scope - The scope to check.
        Returns:
        true if requests with plugin data are allowed, false otherwise.
      • isPluginPromaRequestAllowedForScope

        public static boolean isPluginPromaRequestAllowedForScope​(IUser user,
                                                                  WorkspaceScope scope)
        Checks whether requests to PROMA concerning plugins (such as the plugin update check) are allowed for the given context and scope (a client scope or system scope) are allowed. This checks whether the user is allowed to access the plugin menu. When requests are sent via the client's browser, users must not be able to see which plugins are installed in scope to which the user does not have access.

        The only exception is the super user, who is allowed to update plugins from all clients. The super user can usually also access the database, which allows them to e.g. download the plugins from the database directly, or to download licenses.

        Parameters:
        user - User who requested the plugin operation.
        scope - The scope to check.
        Returns:
        true if requests with plugin data are allowed, false otherwise.