Class Permission

java.lang.Object
com.randomnoun.common.security.Permission
All Implemented Interfaces:
Serializable

public class Permission extends Object implements Serializable
A class encapsulating permission information. A 'permission' allows a user (or role) to perform an 'activity' on a 'resource'. Roles, activities and resources are all specified as Strings, a user is specified by a User object (identified by username and customerId).

A resource may also have a criteria supplied; e.g. a user may have a view/account permission, but only accounts with a certain monetary value.

Two constructors are provided, one for users and one for roles. Note that there are no 'setter' methods in this class; permissions may only be altered through creating new ones.

Author:
knoxg
See Also:
  • Constructor Details

    • Permission

      public Permission(String role, String activity, String resource, ResourceCriteria resourceCriteria)
      Create a new role-based permission.
      Parameters:
      role - the name of this role this permission applies to
      activity - the name of the activity we are permitting
      resource - the resource we are permitting access to
      resourceCriteria - a criteria which limits the types of resources that this permission applies to
    • Permission

      public Permission(User user, String activity, String resource, ResourceCriteria resourceCriteria)
      Create a new role-based permission.
      Parameters:
      user - the user this permission applies to
      activity - the name of the activity we are permitting
      resource - the resource we are permitting access to
      resourceCriteria - a criteria which limits the types of resources that this permission applies to
    • Permission

      public Permission(String activity, String resource)
      Create a permission that is not assigned to either a user or role
      Parameters:
      activity - the name of the activity we are permitting
      resource - the resource we are permitting acess to
    • Permission

      public Permission(String permission)
      Create a permission that is not assigned to either a user or role
      Parameters:
      permission - a permission in 'activity.resource' format
    • Permission

      public Permission(String permission, ResourceCriteria resourceCriteria)
      Create a permission that is not assigned to either a user or role, with a resource criteria
      Parameters:
      permission - a permission in 'activity.resource' format
  • Method Details

    • getRole

      public String getRole()
      Returns the role this permission applies to, or null if it is a user-based role.
      Returns:
      the role this permission applies to, or null if it is a user-based role
    • getUser

      public User getUser()
      Returns the user this permission applies to, or null if it is a user-based role.
      Returns:
      the user this permission applies to, or null if it is a user-based role
    • getActivity

      public String getActivity()
      Returns the activity this permission applies to.
      Returns:
      the activity this permission applies to
    • getResource

      public String getResource()
      Returns the resource this permission applies to.
      Returns:
      the resource this permission applies to
    • getResourceCriteria

      Returns the resourceCriteria that applies to this permission.
      Returns:
      the resourceCriteria that applies to this permission