Can check string-based roles

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
index 68ea5ff28243543112cbd586e5dbdd467b412acb..2fd8730d8aafd8c77fbf2aae0f750025e3f1d5bf 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CurrentUser.java
@@ -13,6 +13,7 @@ import java.util.UUID;
 import javax.security.auth.Subject;
 import javax.security.auth.x500.X500Principal;
 
+import org.argeo.api.acr.NamespaceUtils;
 import org.argeo.api.cms.CmsConstants;
 import org.argeo.api.cms.CmsSession;
 import org.argeo.api.cms.CmsSessionId;
@@ -74,6 +75,11 @@ public final class CurrentUser {
                return role.implied(currentSubject(), context);
        }
 
+       /** Implies this {@link SystemRole} in this context. */
+       public final static boolean implies(String role, String context) {
+               return SystemRole.implied(NamespaceUtils.parsePrefixedName(role), currentSubject(), context);
+       }
+
        /** Executes as the current user */
        public final static <T> T doAs(PrivilegedAction<T> action) {
                return Subject.doAs(currentSubject(), action);

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SystemRole.java b/org.argeo.cms/src/org/argeo/cms/auth/SystemRole.java
index 3a28b7c8878a4fce9e04fd9108d2de76050fba2a..5d62d9803f08a3eb033cd929949c505bab92f679 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/SystemRole.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SystemRole.java
@@ -12,10 +12,14 @@ public interface SystemRole {
        QName getName();
 
        default boolean implied(Subject subject, String context) {
+               return implied(getName(), subject, context);
+       }
+
+       static boolean implied(QName name, Subject subject, String context) {
                Set<ImpliedByPrincipal> roles = subject.getPrincipals(ImpliedByPrincipal.class);
                for (ImpliedByPrincipal role : roles) {
                        if (role.isSystemRole()) {
-                               if (role.getRoleName().equals(getName())) {
+                               if (role.getRoleName().equals(name)) {
                                        // !! if context is not specified, it is considered irrelevant
                                        if (context == null)
                                                return true;
@@ -26,6 +30,6 @@ public interface SystemRole {
                        }
                }
                return false;
-       }
 
+       }
 }