Package xal.rbac

Interface RBACSubject

All Known Implementing Classes:
DummyRbacSubject, EssRbacSubject
public interface RBACSubject
RBACSubject is the main entry point authorization of all actions. It represent a logged in user and is returned by RBACLogin after the user is logged in. It also provides a mechanism for autologout of the user.
Author:
Ivo List, BlazKranjc

  • Method Details

    • logout

      void logout() throws RBACException
      Logs the user out. If there was an error during the logout a RBACException is thrown.
      Throws:
      RBACException - if there was an error while logout.

    • hasPermission

      boolean hasPermission(String resource, String permission) throws RBACException, AccessDeniedException
      Checks if the logged in user is granted the permission provided as parameter. If the access is granted, method returns true, if not it returns false. If there was an error a RBACException is thrown.
      Parameters:
      resource - the name of the resource
      permission - the name of the permission
      Returns:
      true if the user has the specified permission
      Throws:
      RBACException - if there was an error
      AccessDeniedException

    • hasPermissions

      Map<String,Boolean> hasPermissions(String resource, String... permissions) throws AccessDeniedException, RBACException
      Checks if the logged in user is granted the permissions provided as parameters. Method returns a map of permission-grant pairs. For every permission, which was granted, value true is returned; for every permission, which was denied, value false is returned. RBACException is thrown in case of an error.
      Parameters:
      resource - the name of the resource
      permissions - the names of the permission
      Returns:
      map of permission name - permission grant pairs.
      Throws:
      AccessDeniedException - if the user was logged out
      RBACException - if token is missing, or if there was an error while reading or connecting to web services.

    • requestExclusiveAccess

      ExclusiveAccess requestExclusiveAccess(String resource, String permission, int durationInMinutes) throws AccessDeniedException, RBACException
      Requests exclusive access to the specified permission for the currently logged in user, on the specified resource. If the access is granted, method returns ExclusivAccess object. If the access was not granted AccessDeniedException is thrown. If there was an error RBACException is thrown.
      Parameters:
      resource - name of the resource
      permission - name of the permission
      durationInMinutes - the duration of exclusive access in minutes, if less than 1 minute, default value will be used (defined by the service)
      Returns:
      ExclusiveAccess containing information about the requested permission and the expiration date of the exclusive access, if the request was successful.
      Throws:
      AccessDeniedException - if the access was not granted
      RBACException - if there was an error

    • setAutoLogoutTimeout

      void setAutoLogoutTimeout(int timeoutInMinutes, AutoLogoutCallback callback)
      Sets the auto logout timeout in minutes. If there was no user activity for the specified duration the facade will notify the user and request confirmation through AutoLogoutCallback. Based on the response or if there is no response for a specific duration, the user will be logged out.
      Parameters:
      timeoutInMinutes - the timeout in minutes after which the user will be logged out if inactive
      callback - handler called before subject is logged out

    • updateLastAction

      void updateLastAction()
      Update the last action time to now to prevent auto logout.

    • getUserInfo

      RBACUserInfo getUserInfo()
      Get info of logged in RBAC user.
      Returns:
      info of logged in user or null if the user is not logged in.