Constructor and Description |
---|
AuthUtils() |
Modifier and Type | Method and Description |
---|---|
static Set<Subject> |
authorizedClientSubjects(Session session)
Derived from Metacat implementation
Creates a set of subjects represented in the session object, parsing
both the subject of the session and the subjectInfo.
|
static boolean |
comparePermissions(Permission requested,
Collection<Permission> allowed)
a comparison algorithm for hierarchical permissions (WRITE implies READ, and CHANGE
implies WRITE and READ).
|
static void |
findPersonsSubjects(Set<Subject> foundSubjects,
SubjectInfo subjectInfo,
Subject targetSubject)
A recursive method to traverse the equivalent-identity relationships
and to handle the transitive nature of group membership and verified status.
|
static boolean |
isAuthorized(Collection<Subject> subjectSet,
Permission requestedPerm,
SystemMetadata systemMetadata)
Queries the systemMetadata to see if one of the given subjects
is allowed the specified permission against the given systemMetadata
|
public static Set<Subject> authorizedClientSubjects(Session session)
session
- public static void findPersonsSubjects(Set<Subject> foundSubjects, SubjectInfo subjectInfo, Subject targetSubject)
public static boolean isAuthorized(Collection<Subject> subjectSet, Permission requestedPerm, SystemMetadata systemMetadata)
subjectSet
- - the collection of subjects, assumed to represent the subjects
of a sessionrequestedPerm
- - the permission that is requested authorization forsystemMetadata
- - the systemMetadata of the target object to testpublic static boolean comparePermissions(Permission requested, Collection<Permission> allowed)
Copyright © 2018. All Rights Reserved.