]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/src/org/argeo/cms/SystemRole.java
5 import javax
.security
.auth
.Subject
;
6 import javax
.xml
.namespace
.QName
;
8 import org
.argeo
.api
.cms
.CmsConstants
;
9 import org
.argeo
.cms
.internal
.auth
.ImpliedByPrincipal
;
11 /** A programmatic role. */
12 public interface SystemRole
{
15 /** Whether this role is implied for this authenticated user. */
16 default boolean implied(Subject subject
, String context
) {
17 return implied(qName(), subject
, context
);
20 /** Whether this role is implied for this distinguished name. */
21 default boolean implied(String dn
, String context
) {
22 String roleContext
= RoleNameUtils
.getContext(dn
);
23 QName roleName
= RoleNameUtils
.getLastRdnAsName(dn
);
24 return roleContext
.equalsIgnoreCase(context
) && qName().equals(roleName
);
28 * Whether this role is implied for this authenticated subject. If context is
29 * <code>null</code>, it is not considered; this should be used to build user
30 * interfaces, but not to authorise.
32 static boolean implied(QName name
, Subject subject
, String context
) {
33 Set
<ImpliedByPrincipal
> roles
= subject
.getPrincipals(ImpliedByPrincipal
.class);
34 for (ImpliedByPrincipal role
: roles
) {
35 if (role
.isSystemRole()) {
36 if (role
.getRoleName().equals(name
)) {
37 // !! if context is not specified, it is considered irrelevant
40 if (role
.getContext().equalsIgnoreCase(context
)
41 || role
.getContext().equals(CmsConstants
.NODE_BASEDN
))