Package com.devonfw.module.security.common.api.accesscontrol

Class AccessControlPermission

java.lang.Object

com.devonfw.module.security.common.api.accesscontrol.AccessControl

com.devonfw.module.security.common.api.accesscontrol.AccessControlPermission

All Implemented Interfaces:

Serializable

public class AccessControlPermission
extends AccessControl

A AccessControlPermission represents an atomic permission of the application. Each operation (use-case) should have its own permission. These operations are secured referencing the ID of the permission. We do this by annotating the operation method with RolesAllowed (from JSR 250). Please do not get confused by the name RolesAllowed as we are not assigning roles (see also AccessControlGroup) but permissions instead. We want to use Java standards (such as RolesAllowed) where suitable but assigning the allowed roles to a method would end up in unmaintainable system configurations if your application reaches a certain complexity.

If a user is logged in and wants to invoke the operation he needs to own the required permission. Therefore his AccessControlGroups (resp. roles) have to contain the permission directly or indirectly.
In order to avoid naming clashes you should use the name of the application component as prefix of the permission.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor	Description
AccessControlPermission()	The constructor.
AccessControlPermission(String id)	The constructor.

Method Summary

Methods inherited from class com.devonfw.module.security.common.api.accesscontrol.AccessControl

equals, getId, hashCode, setId, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

AccessControlPermission

public AccessControlPermission()

The constructor.

AccessControlPermission

public AccessControlPermission(String id)

The constructor.

Parameters:

id - the ID.