/** * Check specific user permission */ public boolean isSpecificPermitted(String name) { return isPermitted(PermissionType.SPECIFIC, name); }
/** * Check user permission for the screen */ public boolean isScreenPermitted(String windowAlias) { return isPermitted(PermissionType.SCREEN, windowAlias); }
/** * Check user permission. * <br>Same as {@link #isPermitted(com.haulmont.cuba.security.entity.PermissionType, String, int)} * with value=1 * <br>This method makes sense for permission types with two possible values 0,1 * * @param type permission type * @param target permission target:<ul> * <li>screen * <li>entity operation (view, create, update, delete) * <li>entity attribute name * <li>specific permission name * </ul> * @return true if permitted, false otherwise */ public boolean isPermitted(PermissionType type, String target) { return isPermitted(type, target, 1); }
/** * Check user permission for the entity operation */ public boolean isEntityOpPermitted(MetaClass metaClass, EntityOp entityOp) { return isPermitted(PermissionType.ENTITY_OP, metaClass.getName() + Permission.TARGET_PATH_DELIMETER + entityOp.getId()); }
/** * Check user permission for the entity attribute */ public boolean isEntityAttrPermitted(MetaClass metaClass, String property, EntityAttrAccess access) { return isPermitted(PermissionType.ENTITY_ATTR, metaClass.getName() + Permission.TARGET_PATH_DELIMETER + property, access.getId()); }
public boolean isPermitted(UserSession session) { if (StringUtils.isEmpty(id) || isSeparator()) { return true; } else { boolean screenPermitted = session.isScreenPermitted(id); if (screenPermitted) { Element permissionsElem = descriptor.element("permissions"); if (permissionsElem != null) { for (Element element : Dom4j.elements(permissionsElem, "permission")) { PermissionType type = PermissionType.valueOf(element.attributeValue("type")); String target = element.attributeValue("target"); screenPermitted = session.isPermitted(type, target); if (!screenPermitted) break; } } } return screenPermitted; } }