CmsRoleManager

Overview

Package

Class

Tree

Deprecated

Index

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.opencms.security
Class CmsRoleManager

java.lang.Object
  org.opencms.security.CmsRoleManager

public class CmsRoleManager
extends Object
extends Object

This manager provide access to the role related operations.

Since:: 6.5.6

Constructor Summary
`CmsRoleManager(CmsSecurityManager securityManager)` Default constructor.

Method Summary
`void`	`addUserToRole(CmsObject cms, CmsRole role, String username)` Adds a user to the given role.
`void`	`checkRole(CmsObject cms, CmsRole role)` Checks if the user of this OpenCms context is a member of the given role for the given organizational unit.
`void`	`checkRoleForResource(CmsObject cms, CmsRole role, String resourceName)` Checks if the user of this OpenCms context is a member of the given role for the given resource.
`List<CmsGroup>`	`getManageableGroups(CmsObject cms, String ouFqn, boolean includeSubOus)` Returns all groups of organizational units for which the current user has the `CmsRole.ACCOUNT_MANAGER` role.
`List<CmsOrganizationalUnit>`	`getManageableOrgUnits(CmsObject cms, String ouFqn, boolean includeSubOus, boolean includeWebusers)` Returns a list of those organizational units whose members can be managed by the current user.
`List<CmsResource>`	`getManageableResources(CmsObject cms, CmsRole role)` Returns all resources of organizational units for which the current user has the given role role.
`List<CmsUser>`	`getManageableUsers(CmsObject cms, String ouFqn, boolean includeSubOus)` Returns all users of organizational units for which the current user has the `CmsRole.ACCOUNT_MANAGER` role.
`List<CmsUser>`	`getManageableUsers(CmsObject cms, String ouFqn, boolean includeSubOus, boolean includeWebusers)` Returns all users of organizational units for which the current user has the `CmsRole.ACCOUNT_MANAGER` role.
`List<CmsOrganizationalUnit>`	`getOrgUnitsForRole(CmsObject cms, CmsRole role, boolean includeSubOus)` Returns all the organizational units for which the current user has the given role.
`Set<CmsGroup>`	`getRoleGroups(CmsObject cms, CmsRole role, boolean directUsersOnly)` Returns the groups which constitute a given role, i.e.
`List<CmsRole>`	`getRoles(CmsObject cms, String ouFqn, boolean includeSubOus)` Returns all roles, in the given organizational unit.
`List<CmsRole>`	`getRolesForResource(CmsObject cms, String userFqn, String resourceName)` Returns all roles the given user has over the given resource.
`List<CmsRole>`	`getRolesOfUser(CmsObject cms, String username, String ouFqn, boolean includeChildOus, boolean directRolesOnly, boolean recursive)` Returns all roles the given user belongs to, in the given organizational unit.
`List<CmsUser>`	`getUsersOfRole(CmsObject cms, CmsRole role, boolean includeOtherOuUsers, boolean directUsersOnly)` Returns all direct users of a given role, in the given organizational unit.
`boolean`	`hasRole(CmsObject cms, CmsRole role)` Checks if the given context user has the given role in the given organizational unit.
`boolean`	`hasRole(CmsObject cms, String userName, CmsRole role)` Checks if the given user has the given role in the given organizational unit.
`boolean`	`hasRoleForResource(CmsObject cms, CmsRole role, String resourceName)` Checks if the given context user has the given role for the given resource.
`boolean`	`hasRoleForResource(CmsObject cms, String userName, CmsRole role, String resourceName)` Checks if the given context user has the given role for the given resource.
`void`	`removeUserFromRole(CmsObject cms, CmsRole role, String username)` Removes a user from a role, in the given organizational unit.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

CmsRoleManager

public CmsRoleManager(CmsSecurityManager securityManager)

Default constructor.

Parameters:: securityManager - the security manager

Method Detail

getRoleGroups

public Set<CmsGroup> getRoleGroups(CmsObject cms,
                                   CmsRole role,
                                   boolean directUsersOnly)
                            throws CmsException

Returns the groups which constitute a given role, i.e. the set of groups such that a member of any of them has the given role.

Parameters:: cms - the CMS context; role - the role; directUsersOnly - if true, only the role's direct group will be returned
Returns:: the groups constituting the given role
Throws:: CmsException - if something goes wrong

addUserToRole

public void addUserToRole(CmsObject cms,
                          CmsRole role,
                          String username)
                   throws CmsException

Adds a user to the given role.

Parameters:: cms - the opencms context; role - the role; username - the name of the user that is to be added to the role
Throws:: CmsException - if something goes wrong

checkRole

public void checkRole(CmsObject cms,
                      CmsRole role)
               throws CmsRoleViolationException

Checks if the user of this OpenCms context is a member of the given role for the given organizational unit.

The user must have the given role in at least one parent organizational unit.

Parameters:: cms - the opencms context; role - the role to check
Throws:: CmsRoleViolationException - if the user does not have the required role permissions

checkRoleForResource

public void checkRoleForResource(CmsObject cms,
                                 CmsRole role,
                                 String resourceName)
                          throws CmsException,
                                 CmsRoleViolationException

Checks if the user of this OpenCms context is a member of the given role for the given resource.

The user must have the given role in at least one organizational unit to which this resource belongs.

Parameters:: cms - the opencms context; role - the role to check; resourceName - the name of the resource to check the role for
Throws:: CmsRoleViolationException - if the user does not have the required role permissions; CmsException - if something goes wrong, while reading the resource

getManageableGroups

public List<CmsGroup> getManageableGroups(CmsObject cms,
                                          String ouFqn,
                                          boolean includeSubOus)
                                   throws CmsException

Returns all groups of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:: cms - the current cms context; ouFqn - the fully qualified name of the organizational unit; includeSubOus - if sub organizational units should be included in the search
Returns:: a list of CmsGroup objects
Throws:: CmsException - if something goes wrong

getManageableResources

public List<CmsResource> getManageableResources(CmsObject cms,
                                                CmsRole role)
                                         throws CmsException

Returns all resources of organizational units for which the current user has the given role role.

Parameters:: cms - the current cms context; role - the role to check
Returns:: a list of CmsResource objects
Throws:: CmsException - if something goes wrong

getManageableUsers

public List<CmsUser> getManageableUsers(CmsObject cms,
                                        String ouFqn,
                                        boolean includeSubOus)
                                 throws CmsException

Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:: cms - the current cms context; ouFqn - the fully qualified name of the organizational unit; includeSubOus - if sub organizational units should be included in the search
Returns:: a list of CmsUser objects
Throws:: CmsException - if something goes wrong

getManageableUsers

public List<CmsUser> getManageableUsers(CmsObject cms,
                                        String ouFqn,
                                        boolean includeSubOus,
                                        boolean includeWebusers)
                                 throws CmsException

Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:: cms - the current cms context; ouFqn - the fully qualified name of the organizational unit; includeSubOus - if sub organizational units should be included in the search; includeWebusers - if webuser organizational units should be included in the search
Returns:: a list of CmsUser objects
Throws:: CmsException - if something goes wrong

getManageableOrgUnits

public List<CmsOrganizationalUnit> getManageableOrgUnits(CmsObject cms,
                                                         String ouFqn,
                                                         boolean includeSubOus,
                                                         boolean includeWebusers)
                                                  throws CmsException

Returns a list of those organizational units whose members can be managed by the current user.

Parameters:: cms - the current CMS context; ouFqn - the fully qualified name of the organizational unit; includeSubOus - if sub organizational units should be included in the search; includeWebusers - if webuser organizational units should be included in the search
Returns:: a list of organizational units
Throws:: CmsException - if something goes wrong

getOrgUnitsForRole

public List<CmsOrganizationalUnit> getOrgUnitsForRole(CmsObject cms,
                                                      CmsRole role,
                                                      boolean includeSubOus)
                                               throws CmsException

Returns all the organizational units for which the current user has the given role.

Parameters:: cms - the current cms context; role - the role to check; includeSubOus - if sub organizational units should be included in the search
Returns:: a list of CmsOrganizationalUnit objects
Throws:: CmsException - if something goes wrong

getRoles

public List<CmsRole> getRoles(CmsObject cms,
                              String ouFqn,
                              boolean includeSubOus)
                       throws CmsException

Returns all roles, in the given organizational unit.

Parameters:: cms - the opencms context; ouFqn - the fully qualified name of the organizational unit of the role; includeSubOus - include roles of child organizational units
Returns:: a list of all CmsRole objects
Throws:: CmsException - if operation was not successful

getRolesForResource

public List<CmsRole> getRolesForResource(CmsObject cms,
                                         String userFqn,
                                         String resourceName)
                                  throws CmsException

Returns all roles the given user has over the given resource.

Parameters:: cms - the current cms context; userFqn - the user name to check; resourceName - the resource name
Returns:: a list of CmsRole objects
Throws:: CmsException - if something goes wrong

getRolesOfUser

public List<CmsRole> getRolesOfUser(CmsObject cms,
                                    String username,
                                    String ouFqn,
                                    boolean includeChildOus,
                                    boolean directRolesOnly,
                                    boolean recursive)
                             throws CmsException

Returns all roles the given user belongs to, in the given organizational unit.

Parameters:: cms - the opencms context; username - the name of the user to get all roles for; ouFqn - the fully qualified name of the organizational unit to restrict the search to; includeChildOus - include roles of child organizational units; directRolesOnly - if set only the direct assigned roles will be returned, if not also indirect roles; recursive - if this is set, also roles of higher organizational unit are considered
Returns:: a list of CmsRole objects
Throws:: CmsException - if operation was not successful

getUsersOfRole

public List<CmsUser> getUsersOfRole(CmsObject cms,
                                    CmsRole role,
                                    boolean includeOtherOuUsers,
                                    boolean directUsersOnly)
                             throws CmsException

Returns all direct users of a given role, in the given organizational unit.

Users that are "indirectly" in the role are not returned in the result.

Parameters:: cms - the opencms context; role - the role to get all users for; includeOtherOuUsers - include users of other organizational units; directUsersOnly - if set only the direct assigned users will be returned, if not also indirect users, ie. members of child groups
Returns:: all CmsUser objects in the group
Throws:: CmsException - if operation was not successful

hasRole

public boolean hasRole(CmsObject cms,
                       CmsRole role)

Checks if the given context user has the given role in the given organizational unit.

Parameters:: cms - the opencms context; role - the role to check
Returns:: true if the given context user has the given role in the given organizational unit

hasRole

public boolean hasRole(CmsObject cms,
                       String userName,
                       CmsRole role)

Checks if the given user has the given role in the given organizational unit.

Parameters:: cms - the opencms context; userName - the name of the user to check the role for; role - the role to check
Returns:: true if the given user has the given role in the given organizational unit

hasRoleForResource

public boolean hasRoleForResource(CmsObject cms,
                                  CmsRole role,
                                  String resourceName)

Checks if the given context user has the given role for the given resource.

Parameters:: cms - the opencms context; role - the role to check; resourceName - the name of the resource to check
Returns:: true if the given context user has the given role for the given resource

hasRoleForResource

public boolean hasRoleForResource(CmsObject cms,
                                  String userName,
                                  CmsRole role,
                                  String resourceName)

Checks if the given context user has the given role for the given resource.

Parameters:: cms - the opencms context; userName - the name of the user to check the role for; role - the role to check; resourceName - the name of the resource to check
Returns:: true if the given context user has the given role for the given resource

removeUserFromRole

public void removeUserFromRole(CmsObject cms,
                               CmsRole role,
                               String username)
                        throws CmsException

Removes a user from a role, in the given organizational unit.

Parameters:: cms - the opencms context; role - the role to remove the user from; username - the name of the user that is to be removed from the group
Throws:: CmsException - if operation was not successful

Overview

Package

Class

Tree

Deprecated

Index

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.opencms.security Class CmsRoleManager

CmsRoleManager

getRoleGroups

addUserToRole

checkRole

checkRoleForResource

getManageableGroups

getManageableResources

getManageableUsers

getManageableUsers

getManageableOrgUnits

getOrgUnitsForRole

getRoles

getRolesForResource

getRolesOfUser

getUsersOfRole

hasRole

hasRole

hasRoleForResource

hasRoleForResource

removeUserFromRole

org.opencms.security
Class CmsRoleManager