public interface FedoraAuthorizationDelegate
An implementation has the opportunity to inspect nodes and the session, which may have additional information assigned as session attributes, such as the associated servlet request. This interface defines the Fedora-specific attributes which may be added.
|Modifier and Type||Field and Description|
The name of the session attribute containing a set of instances of Principal, representing the current user's credentials, including the value of the FEDORA_USER_PRINCIPAL session attribute.
The name of the session attribute containing the servlet request (an instance of javax.servlet.http.HttpServletRequest).
The name of the session attribute containing an instance of Principal representing the current authenticated user.
static final String FEDORA_SERVLET_REQUEST
static final String FEDORA_USER_PRINCIPAL
boolean hasPermission(javax.jcr.Session session, org.modeshape.jcr.value.Path absPath, String actions)
The authentication provider may have added session attributes, which can be accessed in implementations by calling session#getAttribute. If an attribute is not available in session attributes and would be required to establish that the session has permission for any action given, an implementation should usually return false.
Note that accessing nodes using the provided session will result in additional calls to this method and thus an infinite loop. Instead, obtain a new session instance if your implementation requires access to nodes. See AbstractRolesAuthorizationDelegate for an example.
session- the session
absPath- the abspath
actions- the actions
Copyright © 2013–2015 DuraSpace, Inc.. All rights reserved.