Package systems.dmx.core.service.accesscontrol

Interface PrivilegedAccess

  • public interface PrivilegedAccess

    • Method Detail

      • hasPermission

        boolean hasPermission​(String username,
                      Operation operation,
                      long objectId)
        Checks if a user is permitted to perform an operation on an object (topic or association).
        Parameters:
        username - the logged in user, or null if no user is logged in.
        objectId - a topic ID, or an association ID.
        Returns:
        true if permission is granted, false otherwise.

      • hasReadPermission

        boolean hasReadPermission​(String username,
                          long workspaceId)

      • hasWritePermission

        boolean hasWritePermission​(String username,
                           long workspaceId)

      • checkCredentials

        Topic checkCredentials​(Credentials cred)
        Checks if the given credentials are valid.
        Returns:
        the corresponding Username topic if the credentials are valid, or null otherwise.

      • changePassword

        void changePassword​(Credentials cred)
        Changes the password of an existing user account.

        This is a privileged method: it works also if the respective user is not logged in. The latter is a requirement for a reset-password feature, as realized by the "DMX Sign-up" 3rd-party plugin. (If a user forgot her password she is not logged in but still must be allowed to reset her password.)

        Security: this method is neither called by the DMX platform itself, nor is it callable from outside as it has no REST interface. So the DMX platform is still secure. On the other hand, a 3rd-party plugin which provides a RESTful interface to this method is required to apply an additional authorization measure, e.g. a short-living access token sent via email.

        Parameters:
        cred - the username and new password. An user account with the given username must exist. (The username can't be changed.)

      • storePasswordHash

        void storePasswordHash​(Credentials cred,
                       TopicModel passwordTopic)
        Creates a salt for the given credential's password, and 1) stores the salt as a property of the given Password topic 2) stores the salted password hash as the value of the given Password topic.
        Parameters:
        password - plain text

      • getUsernameTopic

        Topic getUsernameTopic​(String username)
        Returns the Username topic that corresponds to a username (case-insensitive).
        Returns:
        the Username topic, or null if no such Username topic exists.

      • getPrivateWorkspace

        Topic getPrivateWorkspace​(String username)
        Returns the private workspace of the given user.

        Note: a user can have more than one private workspace. This method returns only the first one.

        Access control is bypassed.

        Returns:
        The user's private workspace (a topic of type "Workspace").
        Throws:
        RuntimeException - if the user has no private workspace.

      • createMembership

        void createMembership​(String username,
                      long workspaceId)
        Makes the given user a member of the given workspace.

        This is a privileged method: the current user is not required to have WRITE permission for the given workspace.

      • isMember

        boolean isMember​(String username,
                 long workspaceId)
        Checks if a user is a member of a given workspace.
        Parameters:
        username - the logged in user, or null if no user is logged in.

      • getCreator

        String getCreator​(long objectId)
        Returns the creator of a topic or an association.
        Returns:
        The username of the creator, or null if no creator is set.

      • getUsername

        String getUsername​(javax.servlet.http.HttpServletRequest request)
        Returns the username that is associated with a request.
        Returns:
        the username, or null if no user is associated with the request.

      • getUsernameTopic

        Topic getUsernameTopic​(javax.servlet.http.HttpServletRequest request)
        Convenience method that returns the Username topic that corresponds to a request. Basically it calls getUsernameTopic(getUsername(request)).
        Returns:
        the Username topic, or null if no user is associated with the request.

      • username

        String username​(javax.servlet.http.HttpSession session)
        Returns the username that is associated with a session.
        Returns:
        the username, or null if no user is associated with the session.

      • inRequestScope

        boolean inRequestScope​(javax.servlet.http.HttpServletRequest request)
        Returns true if the running code was triggered from "outside", that is by a HTTP request, or from "inside", that is while platform startup, in particular when an migration is running.
        Parameters:
        request - a request obtained via JAX-RS context injection, actually a proxy object which manages thread-local request values. Must not be null.

      • getWorkspace

        Topic getWorkspace​(String uri)
        Fetches a Workspace topic by URI.

        This is a privileged method: it works even if the current user has no READ permission for the workspace.

        Returns:
        The Workspace topic.
        Throws:
        RuntimeException - if no workspace exists for the given URI.

      • getDMXWorkspaceId

        long getDMXWorkspaceId()
        Returns the ID of the "DMX" workspace.

      • getAdminWorkspaceId

        long getAdminWorkspaceId()
        Returns the ID of the "Administration" workspace.

      • getSystemWorkspaceId

        long getSystemWorkspaceId()
        Returns the ID of the "System" workspace.

      • getAssignedWorkspaceId

        long getAssignedWorkspaceId​(long objectId)
        Returns the ID of the workspace a topic or association is assigned to.

        Access control is bypassed. READ permission is neither required for the given topic/association, nor for the returned workspace.

        Parameters:
        objectId - a topic ID, or an association ID
        Returns:
        The workspace ID, or -1 if no workspace is assigned.
        Throws:
        RuntimeException - if no object with the given ID exists.

      • assignToWorkspace

        void assignToWorkspace​(DMXObject object,
                       long workspaceId)
        Performs the initial workspace assignment for an object.

        If the object is already assigned to the given workspace nothing is performed.

        Note: this method can't be used to reassign an object to another workspace; use the WorkspacesService instead. Typically this method is used for objects created in a migration or objects created inside a runInWorkspaceContext -1 context, or when the WorkspacesService is not available for some reason.

        Throws:
        RuntimeException - if the object is already assigned to another workspace than the given workspace.

      • runInWorkspaceContext

        <V> V runInWorkspaceContext​(long workspaceId,
                            Callable<V> callable)
                     throws Exception
        Executes a code block and assigns all topics/associations created while that execution to the given workspace.

        Use this method to override the standard workspace assignment (which is based on dmx_workspace_id cookie or Workspace facet).

        runInWorkspaceContext() calls can be nested.

        Parameters:
        workspaceId - the ID of the workspace the created topics/associations will be assigned to.

        Pass -1 to do no workspace assignments. In this case the topics/ associations are created without any workspace assignment. Consider using privileged assignToWorkspace(systems.dmx.core.DMXObject, long) to do the initial workspace assignments later on.

        callable - the code block to execute.
        Returns:
        The value returned by your callable.
        Throws:
        AccessControlException - if the current user has no WRITE permission for the given workspace.
        IllegalArgumentException - if workspaceId does not refer to a Workspace.
        Exception

      • deleteWorkspaceTopic

        void deleteWorkspaceTopic​(long workspaceId)
        Deletes a Workspace topic and all its Memberships. The current user needs WRITE permission to the workspace -- she must not necessarily be the workspace owner.

        IMPORTANT: the actual workspace content is expected to be deleted already.

        This is a privileged method for technical reasons: deleting a workspace topic involves deleting all its Membership associations. As soon as the current user's membership is deleted she would, in case she is not the workspace owner, have no permission anymore for deleting the Workspace topic eventually.

      • deleteAssocMapcontext

        void deleteAssocMapcontext​(Assoc assoc)

      • getConfigTopic

        RelatedTopic getConfigTopic​(String configTypeUri,
                            long topicId)
        Returns the configuration topic of the given type for the given topic.

        Access control is bypassed.

        Throws:
        RuntimeException - if no such configuration topic exists.

      • getUsername

        String getUsername​(String emailAddress)
        Returns the username for the given email address.

        The username is determined by traversing from the Email Address topic along a dmx.base.user_mailbox association.

        Access control is bypassed.

        Throws:
        RuntimeException - if no such Email Address topic exists in the DB, or if more than one such Email Address topics exist in the DB, or if the Email Address topic is not associated to a Username topic.

      • getEmailAddress

        String getEmailAddress​(String username)
        Returns the email address for the given username.

        The email address is determined by traversing from the Username topic along a dmx.base.user_mailbox association.

        Access control is bypassed.

        Throws:
        RuntimeException - if no such Username topic exists in the DB, or if the Username topic is not associated to an Email Address topic.

      • emailAddressExists

        boolean emailAddressExists​(String emailAddress)
        Returns true if an "Email Address" (dmx.contacts.email_address) topic with the given value exists, false otherwise.

        The Email Address search is case-insensitive.

        Access control is bypassed.