Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.endeca.portal.data.security
Class DefaultMDEXSecurityManager

java.lang.Object
  extended by com.endeca.portal.data.security.DefaultMDEXSecurityManager
All Implemented Interfaces:
MDEXSecurityManager, java.io.Serializable
public class DefaultMDEXSecurityManager
extends java.lang.Object
implements MDEXSecurityManager, java.io.Serializable

This is a simple implementation of MDEXSecurityManager, providing role-based security filters via data source configuration. For a given data source, the following properties can be configured:

In short, this object is stored in session and maintains a map of filter sets that should be applied to each data source for the user. The map is initialized on the first call to the applySecurity(PortletRequest, MDEXState, Query) method.

Author:
Endeca Technologies, Inc.
See Also:
Serialized Form

Field Summary
static java.lang.String CONFIG_PROPERTY_INHERIT_SECURITY
          JSON key for toggling security filter inheritance from parents on/off
static java.lang.String CONFIG_PROPERTY_ROLE_PERMISSIONS
          JSON key for defining available security roles for filters
static java.lang.String CONFIG_PROPERTY_SECURITY_ENABLED
          JSON key for toggling security on/off
static java.lang.String CONFIG_PROPERTY_SECURITY_FILTERS
          JSON key for security filters
protected  boolean dirty
           
protected  java.util.Map<java.lang.String,java.util.Set<QueryFunction>> mdexSecurityFilterMap
           
protected  java.util.Set<com.liferay.portal.model.Role> userRoles
           
 
Constructor Summary
DefaultMDEXSecurityManager()
          Default constructor
 
Method Summary
 void applySecurity(javax.portlet.PortletRequest request, MDEXState mdexState, Query query)
          See MDEXSecurityManager.applySecurity(PortletRequest, MDEXState, Query)
protected  java.util.Set<QueryFunction> createFilterSetFromJSON(org.json.JSONArray filterRefArray, org.json.JSONObject securityFilters)
          Searches a set of JSON object representations of filters identified by name in the provided JSONArray.
protected  void init(javax.portlet.PortletRequest request)
          Initializes an internal map of security filters associated with the user making the request, under any of the following conditions: This is the first time a request is made for the session.
protected  void initMDEXPermissions(MDEXState mdexState, UserSession userSession)
          Initializes a set of security filters for the provided MDEXState, which is then stored in this security manager's internal map of data source-to-filter mappings for the user.
protected  void initRoleBasedSecurityFilters(MDEXState mdexState, UserSession userSession)
          Gets a list of role-based security filters for a specified MDEXState.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

dirty

protected transient boolean dirty

CONFIG_PROPERTY_SECURITY_ENABLED

public static final java.lang.String CONFIG_PROPERTY_SECURITY_ENABLED
JSON key for toggling security on/off

See Also:
Constant Field Values

CONFIG_PROPERTY_ROLE_PERMISSIONS

public static final java.lang.String CONFIG_PROPERTY_ROLE_PERMISSIONS
JSON key for defining available security roles for filters

See Also:
Constant Field Values

CONFIG_PROPERTY_SECURITY_FILTERS

public static final java.lang.String CONFIG_PROPERTY_SECURITY_FILTERS
JSON key for security filters

See Also:
Constant Field Values

CONFIG_PROPERTY_INHERIT_SECURITY

public static final java.lang.String CONFIG_PROPERTY_INHERIT_SECURITY
JSON key for toggling security filter inheritance from parents on/off

See Also:
Constant Field Values

mdexSecurityFilterMap

protected java.util.Map<java.lang.String,java.util.Set<QueryFunction>> mdexSecurityFilterMap

userRoles

protected transient java.util.Set<com.liferay.portal.model.Role> userRoles
Constructor Detail

DefaultMDEXSecurityManager

public DefaultMDEXSecurityManager()
Default constructor

Method Detail

applySecurity

public void applySecurity(javax.portlet.PortletRequest request,
                          MDEXState mdexState,
                          Query query)
                   throws MDEXSecurityException
See MDEXSecurityManager.applySecurity(PortletRequest, MDEXState, Query)

Specified by:
applySecurity in interface MDEXSecurityManager
Parameters:
request - the PortletRequest
mdexState - the MDEXState object representing the target MDEX and its current state
query - the Query to which security filters should be applied
Throws:
MDEXSecurityException - on error parsing, processing, or applying security
See Also:
Query

init

protected void init(javax.portlet.PortletRequest request)
             throws MDEXSecurityException
Initializes an internal map of security filters associated with the user making the request, under any of the following conditions: For each MDEXState (data source) defined in the user's session, the #initMDEXPermissions(MDEXState) method is called.

Parameters:
request - the PortletRequest
Throws:
MDEXSecurityException

initMDEXPermissions

protected void initMDEXPermissions(MDEXState mdexState,
                                   UserSession userSession)
                            throws MDEXSecurityException
Initializes a set of security filters for the provided MDEXState, which is then stored in this security manager's internal map of data source-to-filter mappings for the user.

Parameters:
mdexState - the MDEXState
userSession - the UserSession instance for this session
Throws:
MDEXSecurityException

initRoleBasedSecurityFilters

protected void initRoleBasedSecurityFilters(MDEXState mdexState,
                                            UserSession userSession)
                                     throws MDEXSecurityException
Gets a list of role-based security filters for a specified MDEXState. If security is disabled or no security filters are found for the MDEXState, an empty list will be returned. If the "inheritSecurity" property has been specified, this method will be applied recursively to return a combined set of all security filters for the MDEXState and all of its ancestors that have security enabled and security filters defined.

Parameters:
mdexState - the MDEXState
userSession - the UserSession instance for this session
Throws:
MDEXSecurityException

createFilterSetFromJSON

protected java.util.Set<QueryFunction> createFilterSetFromJSON(org.json.JSONArray filterRefArray,
                                                               org.json.JSONObject securityFilters)
                                                        throws org.json.JSONException,
                                                               MDEXSecurityException
Searches a set of JSON object representations of filters identified by name in the provided JSONArray. For each of those that match, filter is constructed (anything that implements QueryFunction) and added to the set that will be returned.

JSONArray of names: 

 
 ["filter1","filter2"]

List of security filters: 

 
 {
        "filter1": {
                "class":"com.endeca.portal.data.functions.RecordFilter",
                "recordFilter":"OR(Region:Bordeaux,Region:Burgundy)"
        },
        "filter2": {
                "class":"com.endeca.portal.data.functions.RecordFilter",
                "recordFilter":"AND(Region:Sonoma)"
        }
 }

Parameters:
filterRefArray - a JSON Array of filter names to look for
securityFilters - a JSON Object storing a list of filters
Returns:
a set of filters
Throws:
org.json.JSONException
MDEXSecurityException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD