public interface ControllerSecurityManager
Modifier and Type | Method and Description |
---|---|
void |
enforceTransport(TaskFlowId taskFlowId)
Checks whether the request is using the correct transport (http/https),
as defined within the taskflow definition.
|
java.util.Map<java.lang.String,ActivitySecurity> |
getActivity()
Returns a map of activity security based on permissions.
|
oracle.adf.share.security.binding.BindingPermission |
getBindingPermission(TaskFlowId taskFlowId)
Returns the BindingPermission object for this TaskFlowId.
|
java.util.Map<java.lang.String,ActivitySecurity> |
getOutcome()
Returns a map of taskflow security based on outcomes.
|
java.util.Map<java.lang.String,ActivitySecurity> |
getPermission()
Returns a map of taskflow security based on permissions.
|
oracle.adf.controller.security.TaskFlowPermission |
getPermission(TaskFlowId taskFlowId,
java.lang.String action)
Gets the TaskFlowPermission that should be checked for a given
taskflow and operation.
|
java.util.Map<java.lang.String,ActivitySecurity> |
getTaskflow()
Returns a map of taskflow security based on taskflow id.
|
boolean |
isValidTransport(TaskFlowId taskFlowId)
Determines whether the current transport (http/https) is acceptable
for the specified taskflow.
|
boolean |
isViewAuthorized(TaskFlowId taskFlowId)
Determines whether the subject has authorization to VIEW the
specified taskflow.
|
java.util.Map<java.lang.String,ActivitySecurity> getTaskflow()
TaskFlowId
as a string.
ActivitySecurity
.
#{controllerContext.security.taskflow['/WEB-INF/mytask.xml'].viewAuthorized}
java.util.Map<java.lang.String,ActivitySecurity> getOutcome()
ActivitySecurity
.
#{controllerContext.security.outcome.enter.viewAuthorized}
java.util.Map<java.lang.String,ActivitySecurity> getPermission()
ActivitySecurity
.
#{controllerContext.security.permission['/WEB-INF/mytask.xml#mytask'].viewAuthorized}
The primary advantage of this method is that it does not require the taskflow
to be read to determine the permission - we have enough information in
the EL. The primary disadvantage is that it is brittle.java.util.Map<java.lang.String,ActivitySecurity> getActivity()
The activity must be within the current taskflow.
The object returned is an instance of ActivitySecurity
.
For example, to see whether the view activity 'create-order' is authorized
for the current user, you would use EL of the form
#{controllerContext.security.activity['create-order'].viewAuthorized}
If the activity is a taskflow-call activity, then the value returned reflects the security on the taskflow this activity will invoke.
boolean isViewAuthorized(TaskFlowId taskFlowId)
taskFlowId
- the taskflow to checktrue
if the appropriate permission is granted;
false
otherwise.boolean isValidTransport(TaskFlowId taskFlowId)
taskFlowId
- the taskflow to checktrue
if the current transport is acceptable
false
otherwise.void enforceTransport(TaskFlowId taskFlowId)
taskFlowId
- The taskflow to checkInvalidTransportException
- when the transport is incorrect.oracle.adf.controller.security.TaskFlowPermission getPermission(TaskFlowId taskFlowId, java.lang.String action)
taskFlowId
- the taskflow identifieraction
- the action to be checked.oracle.adf.share.security.binding.BindingPermission getBindingPermission(TaskFlowId taskFlowId)
taskFlowId
- the taskflow id