public abstract class BaseAuthzGroupService extends Object implements AuthzGroupService
BaseAuthzGroupService is a Sakai azGroup service implementation.
To support the public view feature, an AuthzGroup named TEMPLATE_PUBVIEW must exist, with a role named ROLE_PUBVIEW - all the abilities in this role become the public view abilities for any resource.
Modifier and Type | Class and Description |
---|---|
protected static interface |
BaseAuthzGroupService.Storage
Storage
|
Modifier and Type | Field and Description |
---|---|
protected List<AuthzGroupAdvisor> |
authzGroupAdvisors |
protected GroupProvider |
m_provider
A provider of additional Abilities for a userId.
|
protected String |
m_relativeAccessPoint
The initial portion of a relative access point URL.
|
protected RoleProvider |
m_roleProvider
A provider of additional roles for a userId.
|
protected BaseAuthzGroupService.Storage |
m_storage
Storage manager for this service.
|
protected SiteService |
siteService |
ANON_ROLE, APPLICATION_ID, AUTH_ROLE, REFERENCE_ROOT, SECURE_ADD_AUTHZ_GROUP, SECURE_JOIN_AUTHZ_GROUP, SECURE_REMOVE_AUTHZ_GROUP, SECURE_UNJOIN_AUTHZ_GROUP, SECURE_UPDATE_AUTHZ_GROUP, SECURE_UPDATE_OWN_AUTHZ_GROUP, SECURE_VIEW_ALL_AUTHZ_GROUPS
Constructor and Description |
---|
BaseAuthzGroupService() |
Modifier and Type | Method and Description |
---|---|
AuthzGroup |
addAuthzGroup(String id)
Add a new AuthzGroup
|
AuthzGroup |
addAuthzGroup(String id,
AuthzGroup other,
String userId)
Add a new AuthzGroup, as a copy of another AuthzGroup (except for id), and give a user "maintain" access based on the other's definition of "maintain".
|
void |
addAuthzGroupAdvisor(AuthzGroupAdvisor advisor)
Registers a AuthzGroupAdvisor with the AuthzGroupService.
|
protected void |
addLiveProperties(BaseAuthzGroup azGroup)
Create the live properties for the azGroup.
|
protected void |
addLiveUpdateProperties(BaseAuthzGroup azGroup)
Update the live properties for an AuthzGroup for when modified.
|
protected void |
addMemberToGroup(AuthzGroup azGroup,
String userId,
String roleId,
int maxSize)
Add member to a group, once id and security checks have been cleared.
|
boolean |
allowAdd(String id)
Check permissions for adding an AuthzGroup.
|
boolean |
allowJoinGroup(String authzGroupId)
Check permissions for the current user joining a group.
|
boolean |
allowRemove(String id)
Check permissions for removing an AuthzGroup.
|
boolean |
allowUnjoinGroup(String authzGroupId)
Check permissions for the current user unjoining a group.
|
boolean |
allowUpdate(String id)
Check permissions for updating an AuthzGroup.
|
String |
archive(String siteId,
Document doc,
Stack stack,
String archivePath,
List attachments)
Archive the resources for the given site.
|
protected String |
authzGroupId(String ref)
Access the azGroup id extracted from an AuthzGroup reference.
|
String |
authzGroupReference(String id)
Access the internal reference which can be used to access the AuthzGroup from within the system.
|
protected void |
completeSave(AuthzGroup azGroup)
Complete the saving of the group, once id and security checks have been cleared.
|
int |
countAuthzGroups(String criteria)
Count the AuthzGroups that meet specified criteria.
|
String |
decodeRoleFromDummyUser(String dummyUserId)
Decodes the dummy user id to provide the original roleId as encoded by encodeDummyUserForRole(String)
|
void |
destroy()
Returns to uninitialized state.
|
String |
encodeDummyUserForRole(String roleId)
Encode the role id to form the dummy user id that will be used to perform role checks.
|
protected abstract EntityManager |
entityManager() |
protected abstract EventTrackingService |
eventTrackingService() |
protected String |
extractEntityId(String reference)
Get the realm ID from a reference string.
|
protected abstract FunctionManager |
functionManager() |
protected String |
getAccessPoint(boolean relative)
Access the partial URL that forms the root of resource URLs.
|
Set<String> |
getAdditionalRoles()
Gets a set of additional roles that can be added to an authz group.
|
Set |
getAllowedFunctions(String role,
Collection azGroups)
Get the set of functions that users with this role in these AuthzGroups are allowed to perform.
|
AuthzGroup |
getAuthzGroup(String id)
Access an AuthzGroup.
|
List<AuthzGroupAdvisor> |
getAuthzGroupAdvisors()
List of the current AuthzGroupAdvisors registered with the AuthzGroupService
|
Set |
getAuthzGroupIds(String providerId)
Gets the IDs of the AuthzGroups with the given provider ID.
|
List |
getAuthzGroups(String criteria,
PagingPosition page)
Access a list of AuthzGroups that meet specified criteria, naturally sorted.
|
Set |
getAuthzGroupsIsAllowed(String userId,
String function,
Collection azGroups)
Get the set of AuthzGroup ids in which this user is allowed to perform this function.
|
List |
getAuthzUserGroupIds(ArrayList authzGroupIds,
String userid)
Access a list of AuthzGroups which contain a specified userid
NOTE: This call is backed by a cache.
|
Collection<String> |
getAuthzUsersInGroups(Set<String> groupIds)
Get list of users who are in a set of groups
|
Entity |
getEntity(Reference ref)
Access the referenced Entity - the entity will belong to the service.
|
Collection |
getEntityAuthzGroups(Reference ref,
String userId)
Access a collection of authorization group ids for security on the for the referenced entity - the entity will belong to the service.
|
String |
getEntityDescription(Reference ref)
Create an entity description for the entity referenced - the entity will belong to the service.
|
ResourceProperties |
getEntityResourceProperties(Reference ref)
Access the resource properties for the referenced entity - the entity will belong to the service.
|
String |
getEntityUrl(Reference ref)
Access a URL for the referenced entity - the entity will belong to the service.
|
HttpAccess |
getHttpAccess()
Get the HttpAccess object that supports entity access via the access servlet for my entities.
|
String |
getLabel() |
Set |
getMaintainRoles()
Set of all maintain roles
|
Set |
getProviderIds(String authzGroupId)
Gets the provider IDs associated with an AuthzGroup.
|
Map<String,List<String>> |
getProviderIDsForRealms(List<String> realmIDs)
Get all provider IDs for the realms given.
|
String |
getRoleGroupName(String roleGroupId)
Get a nice display name for role group.
|
String |
getRoleName(String roleId)
Get a nice display name for role.
|
Map<String,Integer> |
getUserCountIsAllowed(String function,
Collection<String> azGroups)
Get the number of users per group who are allowed to perform the function in the given AuthzGroups.
|
String |
getUserRole(String userId,
String azGroupId)
Get the role name for this user in this AuthzGroup, if the user has membership (the membership gives the user a single role).
|
Map<String,String> |
getUserRoles(String userId,
Collection<String> azGroupIds)
Get all role names for a given user in a set of AuthzGroups.
|
Set<String> |
getUsersIsAllowed(String function,
Collection<String> azGroups)
Get the set of user ids of users who are allowed to perform the function in the named AuthzGroups.
|
Set<String[]> |
getUsersIsAllowedByGroup(String function,
Collection<String> azGroups)
Get the set of user ids per group of users who are allowed to perform the function in the named AuthzGroups.
|
Map |
getUsersRole(Collection userIds,
String azGroupId)
Get the role name for each user in the userIds Collection in this AuthzGroup, for each of these users who have membership (membership gives the user a single role).
|
void |
init()
Final initialization, once all dependencies are set.
|
boolean |
isAllowed(String user,
String function,
Collection azGroups)
Test if this user is allowed to perform the function in the named AuthzGroups.
|
boolean |
isAllowed(String user,
String function,
String azGroupId)
Test if this user is allowed to perform the function in the named AuthzGroup.
|
protected boolean |
isAllowedAnon()
Is the current user allowed to grant .anon access to the site?
|
protected boolean |
isAllowedAuth()
Is the current user allowed to grant .auth access to the site?
|
boolean |
isRoleAssignable(String roleId)
Check if the supplied role can be assigned to a user.
|
void |
joinGroup(String authzGroupId,
String roleId)
Cause the current user to join the given AuthzGroup with this role, using SECURE_UPDATE_OWN_AUTHZ_GROUP security.
|
void |
joinGroup(String authzGroupId,
String roleId,
int maxSize)
Cause the current user to join the given AuthzGroup with this role, using SECURE_UPDATE_OWN_AUTHZ_GROUP security,
provided that adding this user would not cause the group to exceed the specified size.
|
String |
merge(String siteId,
Element root,
String archivePath,
String fromSiteId,
Map attachmentNames,
Map userIdTrans,
Set userListAllowImport)
Merge the resources from the archive into the given site.
|
AuthzGroup |
newAuthzGroup(String id,
AuthzGroup other,
String userId)
Create a new AuthzGroup, as a copy of another AuthzGroup (except for id), and give a user "maintain" access based on the other's definition of "maintain", but do not store - it can be saved with a save() call
|
protected abstract BaseAuthzGroupService.Storage |
newStorage()
Construct storage for this service.
|
boolean |
parseEntityReference(String reference,
Reference ref)
If the service recognizes the reference as its own, parse it and fill in the Reference
|
void |
refreshUser(String userId)
Refresh this user's AuthzGroup external definitions.
|
void |
removeAuthzGroup(AuthzGroup azGroup)
Remove this AuthzGroup.
|
void |
removeAuthzGroup(String azGroupId)
Remove the AuthzGroup with this id, if it exists (fails quietly if not).
|
boolean |
removeAuthzGroupAdvisor(AuthzGroupAdvisor advisor)
Removes an AuthzGroupAdvisor
|
protected void |
removeMemberFromGroup(AuthzGroup azGroup,
String userId)
Remove member from a group, once id and security checks have been cleared.
|
protected void |
removeSiteSecurity(AuthzGroup azGroup)
Update the site security when an AuthzGroup is deleted, if it is a site AuthzGroup.
|
void |
save(AuthzGroup azGroup)
Save the changes made to the AuthzGroup.
|
protected abstract SecurityService |
securityService() |
protected abstract ServerConfigurationService |
serverConfigurationService() |
protected abstract SessionManager |
sessionManager() |
void |
setProvider(GroupProvider provider)
Configuration: set the azGroup provider helper service.
|
void |
setRoleProvider(RoleProvider provider)
Configuration: set the az role provider helper service.
|
void |
setSiteService(SiteService siteService) |
protected abstract TimeService |
timeService() |
void |
unjoinGroup(String authzGroupId)
Cause the current user to unjoin the given AuthzGroup, using SECURE_UPDATE_OWN_AUTHZ_GROUP security.
|
protected void |
unlock(String lock,
String resource)
Check security permission.
|
protected boolean |
unlockCheck(String lock,
String resource)
Check security permission.
|
protected void |
updateSiteSecurity(AuthzGroup azGroup)
Update the site security based on the values in the AuthzGroup, if it is a site AuthzGroup.
|
protected abstract UserDirectoryService |
userDirectoryService() |
boolean |
willArchiveMerge() |
protected BaseAuthzGroupService.Storage m_storage
protected String m_relativeAccessPoint
protected GroupProvider m_provider
protected RoleProvider m_roleProvider
protected List<AuthzGroupAdvisor> authzGroupAdvisors
protected SiteService siteService
protected abstract BaseAuthzGroupService.Storage newStorage()
protected String getAccessPoint(boolean relative)
relative
- if true, form within the access path only (i.e. starting with /content)protected String authzGroupId(String ref)
ref
- The azGroup reference string.protected boolean unlockCheck(String lock, String resource)
lock
- The lock id string.resource
- The resource reference string, or null if no resource is involved.protected void unlock(String lock, String resource) throws AuthzPermissionException
lock
- The lock id string.resource
- The resource reference string, or null if no resource is involved.PermissionException
- Thrown if the azGroup does not have accessAuthzPermissionException
protected void addLiveProperties(BaseAuthzGroup azGroup)
protected void addLiveUpdateProperties(BaseAuthzGroup azGroup)
public void setProvider(GroupProvider provider)
provider
- the azGroup provider helper service.public void setRoleProvider(RoleProvider provider)
provider
- the az role provider helper service.protected abstract ServerConfigurationService serverConfigurationService()
protected abstract EntityManager entityManager()
protected abstract FunctionManager functionManager()
protected abstract SecurityService securityService()
protected abstract TimeService timeService()
protected abstract SessionManager sessionManager()
protected abstract EventTrackingService eventTrackingService()
protected abstract UserDirectoryService userDirectoryService()
public void setSiteService(SiteService siteService)
public void init()
public void destroy()
public Map<String,List<String>> getProviderIDsForRealms(List<String> realmIDs)
getProviderIDsForRealms
in interface AuthzGroupService
realmIDs
- a List of the realms you want the provider IDs for.public List getAuthzGroups(String criteria, PagingPosition page)
AuthzGroupService.getAuthzGroup(String)
getAuthzGroups
in interface AuthzGroupService
criteria
- Selection criteria: AuthzGroups returned will match this string somewhere in their id, or provider group id.page
- The PagePosition subset of items to return.public List getAuthzUserGroupIds(ArrayList authzGroupIds, String userid)
getAuthzUserGroupIds
in interface AuthzGroupService
authzGroupIds
- AuthzGroup selection criteria (list of AuthzGroup ids)userid
- Return only groups with userid as a memberpublic Collection<String> getAuthzUsersInGroups(Set<String> groupIds)
getAuthzUsersInGroups
in interface AuthzGroupService
groupIds
- IDs of authZ groups (AuthzGroup selection criteria)public int countAuthzGroups(String criteria)
countAuthzGroups
in interface AuthzGroupService
criteria
- Selection criteria: AuthzGroups returned will match this string somewhere in their id, or provider group id.public Set getAuthzGroupIds(String providerId)
getAuthzGroupIds
in interface AuthzGroupService
public Set getProviderIds(String authzGroupId)
getProviderIds
in interface AuthzGroupService
public AuthzGroup getAuthzGroup(String id) throws GroupNotDefinedException
getAuthzGroup
in interface AuthzGroupService
id
- The id string.GroupNotDefinedException
- if not found.public void joinGroup(String authzGroupId, String roleId) throws GroupNotDefinedException, AuthzPermissionException
joinGroup
in interface AuthzGroupService
authzGroupId
- the id of the AuthzGroup.roleId
- the name of the Role.GroupNotDefinedException
- if the authzGroupId or role are not defined.AuthzPermissionException
- if the current user does not have permission to join this AuthzGroup.public void joinGroup(String authzGroupId, String roleId, int maxSize) throws GroupNotDefinedException, AuthzPermissionException, GroupFullException
joinGroup
in interface AuthzGroupService
authzGroupId
- the id of the AuthzGroup.roleId
- the name of the Role.maxSize
- the maximum permitted size of the AuthzGroup.GroupNotDefinedException
- if the authzGroupId or role are not defined.AuthzPermissionException
- if the current user does not have permission to join this AuthzGroup.GroupFullException
- if adding the current user would cause the AuthzGroup to become larger than maxSize.public void unjoinGroup(String authzGroupId) throws GroupNotDefinedException, AuthzPermissionException
unjoinGroup
in interface AuthzGroupService
authzGroupId
- the id of the AuthzGroup.GroupNotDefinedException
- if the authzGroupId or role are not defined.AuthzPermissionException
- if the current user does not have permission to unjoin this site.public boolean allowJoinGroup(String authzGroupId)
allowJoinGroup
in interface AuthzGroupService
authzGroupId
- The AuthzGroup id.public boolean allowUnjoinGroup(String authzGroupId)
allowUnjoinGroup
in interface AuthzGroupService
authzGroupId
- The AuthzGroup id.public boolean allowUpdate(String id)
allowUpdate
in interface AuthzGroupService
id
- The id.public void save(AuthzGroup azGroup) throws GroupNotDefinedException, AuthzPermissionException
save
in interface AuthzGroupService
azGroup
- The AuthzGroup to save.GroupNotDefinedException
- if the AuthzGroup id is not defined.AuthzPermissionException
- if the current user does not have permission to update the AuthzGroup.protected void completeSave(AuthzGroup azGroup)
azGroup
- protected void addMemberToGroup(AuthzGroup azGroup, String userId, String roleId, int maxSize) throws GroupFullException
azGroup
- GroupFullException
protected void removeMemberFromGroup(AuthzGroup azGroup, String userId)
azGroup
- public boolean allowAdd(String id)
allowAdd
in interface AuthzGroupService
id
- The authzGroup id.public AuthzGroup addAuthzGroup(String id) throws GroupIdInvalidException, GroupAlreadyDefinedException, AuthzPermissionException
addAuthzGroup
in interface AuthzGroupService
id
- The AuthzGroup id.GroupIdInvalidException
- if the id is invalid.GroupAlreadyDefinedException
- if the id is already used.AuthzPermissionException
- if the current user does not have permission to add the AuthzGroup.public AuthzGroup addAuthzGroup(String id, AuthzGroup other, String userId) throws GroupIdInvalidException, GroupAlreadyDefinedException, AuthzPermissionException
addAuthzGroup
in interface AuthzGroupService
id
- The id.other
- The AuthzGroup to copy into this new AuthzGroup.userId
- Optional user id to get "maintain" access, or null if none.GroupIdInvalidException
- if the id is invalid.GroupAlreadyDefinedException
- if the id is already used.AuthzPermissionException
- if the current user does not have permission to add the AuthzGroup.public AuthzGroup newAuthzGroup(String id, AuthzGroup other, String userId) throws GroupAlreadyDefinedException
newAuthzGroup
in interface AuthzGroupService
id
- The id.other
- The AuthzGroup to copy into this new AuthzGroup (or null if none).userId
- Optional user id to get "maintain" access, or null if none.GroupAlreadyDefinedException
- if the id is already used.public boolean allowRemove(String id)
allowRemove
in interface AuthzGroupService
id
- The AuthzGroup id.public void removeAuthzGroup(AuthzGroup azGroup) throws AuthzPermissionException
removeAuthzGroup
in interface AuthzGroupService
azGroup
- The AuthzGroup to remove.AuthzPermissionException
- if the current user does not have permission to remove this AuthzGroup.public void removeAuthzGroup(String azGroupId) throws AuthzPermissionException
removeAuthzGroup
in interface AuthzGroupService
azGroupId
- The AuthzGroup id.AuthzPermissionException
- if the current user does not have permission to remove this AthzGroup.public String authzGroupReference(String id)
authzGroupReference
in interface AuthzGroupService
id
- The AuthzGroup id.public boolean isAllowed(String user, String function, String azGroupId)
isAllowed
in interface AuthzGroupService
user
- The user id.function
- The function to open.azGroupId
- The AuthzGroup id to consult, if it exists.public boolean isAllowed(String user, String function, Collection azGroups)
isAllowed
in interface AuthzGroupService
user
- The user id.function
- The function to open.azGroups
- A collection of AuthzGroup ids to consult.public Set<String> getUsersIsAllowed(String function, Collection<String> azGroups)
getUsersIsAllowed
in interface AuthzGroupService
function
- The function to check.azGroups
- A collection of the ids of AuthzGroups to consult.For details on deleted users.
public Set<String[]> getUsersIsAllowedByGroup(String function, Collection<String> azGroups)
getUsersIsAllowedByGroup
in interface AuthzGroupService
function
- The function to check.azGroups
- A collection of the ids of AuthzGroups to consult; if null, search them all (use with care).For details on deleted users.
public Map<String,Integer> getUserCountIsAllowed(String function, Collection<String> azGroups)
getUserCountIsAllowed
in interface AuthzGroupService
function
- The function to check.azGroups
- A collection of the ids of AuthzGroups to search; if null, search them all (use with care).For details on deleted users.
public Set getAllowedFunctions(String role, Collection azGroups)
getAllowedFunctions
in interface AuthzGroupService
role
- The role name.azGroups
- A collection of AuthzGroup ids to consult.public Set getAuthzGroupsIsAllowed(String userId, String function, Collection azGroups)
getAuthzGroupsIsAllowed
in interface AuthzGroupService
userId
- The user id.function
- The function to check.azGroups
- The Collection of AuthzGroup ids to search; if null, search them all.public String getUserRole(String userId, String azGroupId)
getUserRole
in interface AuthzGroupService
userId
- The user id.azGroupId
- The AuthzGroup id to consult, if it exists.public Map<String,String> getUserRoles(String userId, Collection<String> azGroupIds)
getUserRoles
in interface AuthzGroupService
userId
- The user ID of the person to search for.azGroupIds
- A collection of AuthzGroup IDs to narrow the search (may be empty or null to search all).public Map getUsersRole(Collection userIds, String azGroupId)
getUsersRole
in interface AuthzGroupService
userIds
- The user ids as a Collection of String.azGroupId
- The AuthzGroup id to consult, if it exists.public String encodeDummyUserForRole(String roleId) throws IllegalArgumentException
encodeDummyUserForRole
in interface AuthzGroupService
roleId
- the string id of the role to encodeIllegalArgumentException
- if no roleId is providedpublic String decodeRoleFromDummyUser(String dummyUserId) throws IllegalArgumentException
decodeRoleFromDummyUser
in interface AuthzGroupService
dummyUserId
- the string id of the dummy user to decodenull
if it could not be decoded.IllegalArgumentException
- if no dummy user id is provided.AuthzGroupService.encodeDummyUserForRole(String)
public void refreshUser(String userId)
refreshUser
in interface AuthzGroupService
userId
- The user id.protected void updateSiteSecurity(AuthzGroup azGroup)
azGroup
- The AuthzGroup.protected void removeSiteSecurity(AuthzGroup azGroup)
azGroup
- The AuthzGroup.public String getLabel()
getLabel
in interface EntityProducer
public boolean willArchiveMerge()
willArchiveMerge
in interface EntityProducer
public HttpAccess getHttpAccess()
getHttpAccess
in interface EntityProducer
public boolean parseEntityReference(String reference, Reference ref)
parseEntityReference
in interface EntityProducer
reference
- The reference string to examine.ref
- The Reference object to set with the results of the parse from a recognized reference.protected String extractEntityId(String reference)
reference
- The reference to a realm. eg/realm//site/mercury
null
if it's not a realm reference.public String getEntityDescription(Reference ref)
getEntityDescription
in interface EntityProducer
ref
- The entity reference.public ResourceProperties getEntityResourceProperties(Reference ref)
getEntityResourceProperties
in interface EntityProducer
ref
- The entity reference.public Entity getEntity(Reference ref)
getEntity
in interface EntityProducer
ref
- The entity reference.public Collection getEntityAuthzGroups(Reference ref, String userId)
getEntityAuthzGroups
in interface EntityProducer
ref
- The entity reference.userId
- The userId for a user-specific set of groups, or null for the generic set.public String getEntityUrl(Reference ref)
getEntityUrl
in interface EntityProducer
ref
- The entity reference.public String archive(String siteId, Document doc, Stack stack, String archivePath, List attachments)
archive
in interface EntityProducer
siteId
- the id of the site.doc
- The document to contain the xml.stack
- The stack of elements, the top of which will be the containing element of the "service.name" element.archivePath
- The path to the folder where we are writing auxilary files.attachments
- This should be an empty List into which the implementation will put any attachments that are needed to support the
archived content. Implementation will may use List.contains(Object)
so choice of implementation should reflect this.public String merge(String siteId, Element root, String archivePath, String fromSiteId, Map attachmentNames, Map userIdTrans, Set userListAllowImport)
merge
in interface EntityProducer
siteId
- The id of the site getting imported into.root
- The XML DOM tree of content to merge.archivePath
- The path to the folder where we are reading auxilary files.fromSiteId
- The site id from which these items were archived.attachmentNames
- An empty map should be supplied and during the merge and any attachments that are renamed will be put into this map the key is the old
attachment name (as found in the DOM) and the value is the new attachment name.userIdTrans
- A map supplied by the called containing keys of old user IDs and values of new user IDs that the content should be attributed to.userListAllowImport
- A list of user IDs for which the content should be imported. An importer should ignore content if the user ID of the creator isn't in this
set.public void addAuthzGroupAdvisor(AuthzGroupAdvisor advisor)
AuthzGroupService
addAuthzGroupAdvisor
in interface AuthzGroupService
advisor
- The AuthzGroupAdvisor to addpublic boolean removeAuthzGroupAdvisor(AuthzGroupAdvisor advisor)
AuthzGroupService
removeAuthzGroupAdvisor
in interface AuthzGroupService
advisor
- The AuthzGroupAdvisor to removepublic List<AuthzGroupAdvisor> getAuthzGroupAdvisors()
AuthzGroupService
getAuthzGroupAdvisors
in interface AuthzGroupService
public Set getMaintainRoles()
AuthzGroupService
getMaintainRoles
in interface AuthzGroupService
public Set<String> getAdditionalRoles()
getAdditionalRoles
in interface AuthzGroupService
public boolean isRoleAssignable(String roleId)
isRoleAssignable
in interface AuthzGroupService
roleId
- The role ID to check.true
if the role can be assigned to a user.public String getRoleName(String roleId)
getRoleName
in interface AuthzGroupService
roleId
- The role ID to check (eg .auth)public String getRoleGroupName(String roleGroupId)
getRoleGroupName
in interface AuthzGroupService
roleGroupId
- The role group ID to check. Empty for generic name.protected boolean isAllowedAnon()
true
if .anon can be granted.protected boolean isAllowedAuth()
true
if .auth can be granted.Copyright © 2003–2019 The Sakai Foundation. All rights reserved.