Package com.vaadin.flow.server.auth

Class ViewAccessChecker

java.lang.Object
com.vaadin.flow.server.auth.ViewAccessChecker
All Implemented Interfaces:
BeforeEnterListener, BeforeEnterHandler, Serializable
Direct Known Subclasses:
SpringViewAccessChecker
public class ViewAccessChecker extends Object implements BeforeEnterListener
Checks access to views using an AccessAnnotationChecker.

An instance of this class should be added as a BeforeEnterListener to the UI of interest.

See Also:

  • Field Details

    • SESSION_STORED_REDIRECT

      public static final String SESSION_STORED_REDIRECT

    • SESSION_STORED_REDIRECT_ABSOLUTE

      public static final String SESSION_STORED_REDIRECT_ABSOLUTE

  • Constructor Details

    • ViewAccessChecker

      public ViewAccessChecker()
      Creates an instance.

      Note that the access checker is enabled by default. If this isn't desired, one can use ViewAccessChecker(boolean) with enabled=false and call enable() later on whenever appropriate.

    • ViewAccessChecker

      public ViewAccessChecker(boolean enabled)
      Creates an instance and enables access checker depending on the given flag.
      Parameters:
      enabled - false for disabling the access checker, true for enabling the access checker.

    • ViewAccessChecker

      protected ViewAccessChecker(AccessAnnotationChecker accessAnnotationChecker)
      Creates an instance using the given checker.

      Note that the access checker is disabled by default and can be enabled using enable(). You should also set the login view to use using setLoginView(Class) or setLoginView(String)

      Parameters:
      accessAnnotationChecker - the checker to use

  • Method Details

    • enable

      public void enable()
      Enables the access checker.

      This must be called for the access checker to perform any checks. By default the access checker is disabled.

    • setLoginView

      public void setLoginView(Class<? extends Component> loginView)
      Sets the Flow login view to use.

      The login view can only be set once and cannot be changed afterwards.

      Note that the access checker needs to be separately enabled using enable()

      Parameters:
      loginView - the Flow view to use as login view

    • setLoginView

      public void setLoginView(String loginUrl)
      Sets the frontend login view to use.

      The login view can only be set once and cannot be changed afterwards.

      Note that the access checker needs to be separately enabled using enable()

      Parameters:
      loginUrl - the frontend view to use as login view

    • beforeEnter

      public void beforeEnter(BeforeEnterEvent beforeEnterEvent)
      Description copied from interface: BeforeEnterHandler
      Callback executed before navigation to attaching Component chain is made.
      Specified by:
      beforeEnter in interface BeforeEnterHandler
      Parameters:
      beforeEnterEvent - before navigation event with event details

    • getRolesChecker

      protected Function<String,Boolean> getRolesChecker(VaadinRequest request)
      Gets a function for checking roles for the currently logged in user.
      Parameters:
      request - the current request or null if no request is in progress (e.g. in a background thread)
      Returns:
      a function which takes a role name and returns true if the user is included in that role

    • getPrincipal

      protected Principal getPrincipal(VaadinRequest request)
      Gets the principal for the currently logged in user.
      Parameters:
      request - the current request or null if no request is in progress (e.g. in a background thread)
      Returns:
      a representation of the currently logged in user or null if no user is currently logged in