Overview  Package   Class  Deprecated 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opencms.security
Class CmsRoleManager

java.lang.Object
  extended by org.opencms.security.CmsRoleManager

public class CmsRoleManager
extends java.lang.Object

This manager provide access to the role related operations.

Since:
6.5.6
Version:
$Revision: 1.9 $
Author:
Michael Moossen

Constructor Summary
CmsRoleManager(CmsSecurityManager securityManager)
          Default constructor.
 
Method Summary
 void addUserToRole(CmsObject cms, CmsRole role, java.lang.String username)
          Adds a user to the given role.
 void checkRole(CmsObject cms, CmsRole role)
          Checks if the user of this OpenCms context is a member of the given role for the given organizational unit.
 void checkRoleForResource(CmsObject cms, CmsRole role, java.lang.String resourceName)
          Checks if the user of this OpenCms context is a member of the given role for the given resource.
 java.util.List getManageableGroups(CmsObject cms, java.lang.String ouFqn, boolean includeSubOus)
          Returns all groups of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.
 java.util.List getManageableResources(CmsObject cms, CmsRole role)
          Returns all resources of organizational units for which the current user has the given role role.
 java.util.List getManageableUsers(CmsObject cms, java.lang.String ouFqn, boolean includeSubOus)
          Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.
 java.util.List getManageableUsers(CmsObject cms, java.lang.String ouFqn, boolean includeSubOus, boolean includeWebusers)
          Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.
 java.util.List getOrgUnitsForRole(CmsObject cms, CmsRole role, boolean includeSubOus)
          Returns all the organizational units for which the current user has the given role.
 java.util.List getRoles(CmsObject cms, java.lang.String ouFqn, boolean includeSubOus)
          Returns all roles, in the given organizational unit.
 java.util.List getRolesForResource(CmsObject cms, java.lang.String userFqn, java.lang.String resourceName)
          Returns all roles the given user has over the given resource.
 java.util.List getRolesOfUser(CmsObject cms, java.lang.String username, java.lang.String ouFqn, boolean includeChildOus, boolean directRolesOnly, boolean recursive)
          Returns all roles the given user belongs to, in the given organizational unit.
 java.util.List getUsersOfRole(CmsObject cms, CmsRole role, boolean includeOtherOuUsers, boolean directUsersOnly)
          Returns all direct users of a given role, in the given organizational unit.
 boolean hasRole(CmsObject cms, CmsRole role)
          Checks if the given context user has the given role in the given organizational unit.
 boolean hasRole(CmsObject cms, java.lang.String userName, CmsRole role)
          Checks if the given user has the given role in the given organizational unit.
 boolean hasRoleForResource(CmsObject cms, CmsRole role, java.lang.String resourceName)
          Checks if the given context user has the given role for the given resource.
 boolean hasRoleForResource(CmsObject cms, java.lang.String userName, CmsRole role, java.lang.String resourceName)
          Checks if the given context user has the given role for the given resource.
 void removeUserFromRole(CmsObject cms, CmsRole role, java.lang.String username)
          Removes a user from a role, in the given organizational unit.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CmsRoleManager

public CmsRoleManager(CmsSecurityManager securityManager)
Default constructor.

Parameters:
securityManager - the security manager
Method Detail

addUserToRole

public void addUserToRole(CmsObject cms,
                          CmsRole role,
                          java.lang.String username)
                   throws CmsException
Adds a user to the given role.

Parameters:
cms - the opencms context
role - the role
username - the name of the user that is to be added to the role
Throws:
CmsException - if something goes wrong

checkRole

public void checkRole(CmsObject cms,
                      CmsRole role)
               throws CmsRoleViolationException
Checks if the user of this OpenCms context is a member of the given role for the given organizational unit.

The user must have the given role in at least one parent organizational unit.

Parameters:
cms - the opencms context
role - the role to check
Throws:
CmsRoleViolationException - if the user does not have the required role permissions

checkRoleForResource

public void checkRoleForResource(CmsObject cms,
                                 CmsRole role,
                                 java.lang.String resourceName)
                          throws CmsException,
                                 CmsRoleViolationException
Checks if the user of this OpenCms context is a member of the given role for the given resource.

The user must have the given role in at least one organizational unit to which this resource belongs.

Parameters:
cms - the opencms context
role - the role to check
resourceName - the name of the resource to check the role for
Throws:
CmsRoleViolationException - if the user does not have the required role permissions
CmsException - if something goes wrong, while reading the resource

getManageableGroups

public java.util.List getManageableGroups(CmsObject cms,
                                          java.lang.String ouFqn,
                                          boolean includeSubOus)
                                   throws CmsException
Returns all groups of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:
cms - the current cms context
ouFqn - the fully qualified name of the organizational unit
includeSubOus - if sub organizational units should be included in the search
Returns:
a list of CmsGroup objects
Throws:
CmsException - if something goes wrong

getManageableResources

public java.util.List getManageableResources(CmsObject cms,
                                             CmsRole role)
                                      throws CmsException
Returns all resources of organizational units for which the current user has the given role role.

Parameters:
cms - the current cms context
role - the role to check
Returns:
a list of CmsResource objects
Throws:
CmsException - if something goes wrong

getManageableUsers

public java.util.List getManageableUsers(CmsObject cms,
                                         java.lang.String ouFqn,
                                         boolean includeSubOus)
                                  throws CmsException
Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:
cms - the current cms context
ouFqn - the fully qualified name of the organizational unit
includeSubOus - if sub organizational units should be included in the search
Returns:
a list of CmsUser objects
Throws:
CmsException - if something goes wrong

getManageableUsers

public java.util.List getManageableUsers(CmsObject cms,
                                         java.lang.String ouFqn,
                                         boolean includeSubOus,
                                         boolean includeWebusers)
                                  throws CmsException
Returns all users of organizational units for which the current user has the CmsRole.ACCOUNT_MANAGER role.

Parameters:
cms - the current cms context
ouFqn - the fully qualified name of the organizational unit
includeSubOus - if sub organizational units should be included in the search
includeWebusers - if webuser organizational units should be included in the search
Returns:
a list of CmsUser objects
Throws:
CmsException - if something goes wrong

getOrgUnitsForRole

public java.util.List getOrgUnitsForRole(CmsObject cms,
                                         CmsRole role,
                                         boolean includeSubOus)
                                  throws CmsException
Returns all the organizational units for which the current user has the given role.

Parameters:
cms - the current cms context
role - the role to check
includeSubOus - if sub organizational units should be included in the search
Returns:
a list of CmsOrganizationalUnit objects
Throws:
CmsException - if something goes wrong

getRoles

public java.util.List getRoles(CmsObject cms,
                               java.lang.String ouFqn,
                               boolean includeSubOus)
                        throws CmsException
Returns all roles, in the given organizational unit.

Parameters:
cms - the opencms context
ouFqn - the fully qualified name of the organizational unit of the role
includeSubOus - include roles of child organizational units
Returns:
a list of all CmsGroup objects
Throws:
CmsException - if operation was not successful

getRolesForResource

public java.util.List getRolesForResource(CmsObject cms,
                                          java.lang.String userFqn,
                                          java.lang.String resourceName)
                                   throws CmsException
Returns all roles the given user has over the given resource.

Parameters:
cms - the current cms context
userFqn - the user name to check
resourceName - the resource name
Returns:
a list of CmsRole objects
Throws:
CmsException - if something goes wrong

getRolesOfUser

public java.util.List getRolesOfUser(CmsObject cms,
                                     java.lang.String username,
                                     java.lang.String ouFqn,
                                     boolean includeChildOus,
                                     boolean directRolesOnly,
                                     boolean recursive)
                              throws CmsException
Returns all roles the given user belongs to, in the given organizational unit.

Parameters:
cms - the opencms context
username - the name of the user to get all roles for
ouFqn - the fully qualified name of the organizational unit to restrict the search to
includeChildOus - include roles of child organizational units
directRolesOnly - if set only the direct assigned roles will be returned, if not also indirect roles
recursive - if this is set, also roles of higher organizational unit are considered
Returns:
a list of CmsRole objects
Throws:
CmsException - if operation was not successful

getUsersOfRole

public java.util.List getUsersOfRole(CmsObject cms,
                                     CmsRole role,
                                     boolean includeOtherOuUsers,
                                     boolean directUsersOnly)
                              throws CmsException
Returns all direct users of a given role, in the given organizational unit.

Users that are "indirectly" in the role are not returned in the result.

Parameters:
cms - the opencms context
role - the role to get all users for
includeOtherOuUsers - include users of other organizational units
directUsersOnly - if set only the direct assigned users will be returned, if not also indirect users, ie. members of child groups
Returns:
all CmsUser objects in the group
Throws:
CmsException - if operation was not successful

hasRole

public boolean hasRole(CmsObject cms,
                       CmsRole role)
Checks if the given context user has the given role in the given organizational unit.

Parameters:
cms - the opencms context
role - the role to check
Returns:
true if the given context user has the given role in the given organizational unit

hasRole

public boolean hasRole(CmsObject cms,
                       java.lang.String userName,
                       CmsRole role)
Checks if the given user has the given role in the given organizational unit.

Parameters:
cms - the opencms context
userName - the name of the user to check the role for
role - the role to check
Returns:
true if the given user has the given role in the given organizational unit

hasRoleForResource

public boolean hasRoleForResource(CmsObject cms,
                                  CmsRole role,
                                  java.lang.String resourceName)
Checks if the given context user has the given role for the given resource.

Parameters:
cms - the opencms context
role - the role to check
resourceName - the name of the resource to check
Returns:
true if the given context user has the given role for the given resource

hasRoleForResource

public boolean hasRoleForResource(CmsObject cms,
                                  java.lang.String userName,
                                  CmsRole role,
                                  java.lang.String resourceName)
Checks if the given context user has the given role for the given resource.

Parameters:
cms - the opencms context
userName - the name of the user to check the role for
role - the role to check
resourceName - the name of the resource to check
Returns:
true if the given context user has the given role for the given resource

removeUserFromRole

public void removeUserFromRole(CmsObject cms,
                               CmsRole role,
                               java.lang.String username)
                        throws CmsException
Removes a user from a role, in the given organizational unit.

Parameters:
cms - the opencms context
role - the role to remove the user from
username - the name of the user that is to be removed from the group
Throws:
CmsException - if operation was not successful
Overview  Package   Class  Deprecated 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD