public class Authorization<T extends DataModel> extends Object
| Constructor and Description |
|---|
Authorization(IRepository<T> repository) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
canRead(String userId,
T object) |
boolean |
canWrite(String userId,
T object)
Should either be an administrator or the owner of the object to be able to write
|
void |
expectAdmin(String userId) |
void |
expectRead(String userId,
T object) |
void |
expectWrite(String userId,
T object) |
IDataTransferModel |
get(String userId,
long id) |
protected Account |
getAccount(String userId) |
protected T |
getObjectById(long id) |
protected String |
getOwner(T object) |
boolean |
isAdmin(String userId) |
protected boolean |
isOwner(String userId,
T object) |
public Authorization(IRepository<T> repository)
public IDataTransferModel get(String userId, long id) throws AuthorizationException
AuthorizationExceptionprotected T getObjectById(long id)
public boolean isAdmin(String userId)
public void expectRead(String userId, T object) throws PermissionException
PermissionExceptionpublic boolean canWrite(String userId, T object)
userId - unique user identifierobject - object write ownership is being checked againstpublic void expectWrite(String userId, T object) throws PermissionException
PermissionExceptionpublic void expectAdmin(String userId) throws PermissionException
PermissionExceptionCopyright © 2017. All rights reserved.