Package com.vaadin.flow.server.auth

Class ViewAccessChecker

java.lang.Object
com.vaadin.flow.server.auth.ViewAccessChecker
All Implemented Interfaces:
BeforeEnterListener, BeforeEnterHandler, Serializable
Direct Known Subclasses:
SpringViewAccessChecker
@Deprecated(forRemoval=true, since="24.3") public class ViewAccessChecker extends Object implements BeforeEnterListener
Deprecated, for removal: This API element is subject to removal in a future version.
for annotation based view security use NavigationAccessControl with AnnotatedViewAccessChecker.
Checks access to views using an AccessAnnotationChecker.

An instance of this class should be added as a BeforeEnterListener to the UI of interest.

See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    SESSION_STORED_REDIRECT
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    static final String
    SESSION_STORED_REDIRECT_ABSOLUTE
    Deprecated, for removal: This API element is subject to removal in a future version.
     

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
     
    ViewAccessChecker()
    Deprecated, for removal: This API element is subject to removal in a future version.
    Creates an instance.
     
    ViewAccessChecker(boolean enabled)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Creates an instance and enables access checker depending on the given flag.
    protected
    ViewAccessChecker(AccessAnnotationChecker accessAnnotationChecker)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Creates an instance using the given checker.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    beforeEnter(BeforeEnterEvent beforeEnterEvent)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Callback executed before navigation to attaching Component chain is made.
    void
    enable()
    Deprecated, for removal: This API element is subject to removal in a future version.
    Enables the access checker.
    protected Class<? extends RuntimeException>
    getAccessDeniedException(AnnotatedElement securedClass)
    Deprecated, for removal: This API element is subject to removal in a future version.
     
    protected Principal
    getPrincipal(VaadinRequest request)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Gets the principal for the currently logged in user.
    protected Function<String,Boolean>
    getRolesChecker(VaadinRequest request)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Gets a function for checking roles for the currently logged in user.
    void
    setLoginView(Class<? extends Component> loginView)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Sets the Flow login view to use.
    void
    setLoginView(String loginUrl)
    Deprecated, for removal: This API element is subject to removal in a future version.
    Sets the frontend login view to use.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • SESSION_STORED_REDIRECT

      public static final String SESSION_STORED_REDIRECT
      Deprecated, for removal: This API element is subject to removal in a future version.

    • SESSION_STORED_REDIRECT_ABSOLUTE

      public static final String SESSION_STORED_REDIRECT_ABSOLUTE
      Deprecated, for removal: This API element is subject to removal in a future version.

  • Constructor Details

    • ViewAccessChecker

      public ViewAccessChecker()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Creates an instance.

      Note that the access checker is enabled by default. If this isn't desired, one can use ViewAccessChecker(boolean) with enabled=false and call enable() later on whenever appropriate.

    • ViewAccessChecker

      public ViewAccessChecker(boolean enabled)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Creates an instance and enables access checker depending on the given flag.
      Parameters:
      enabled - false for disabling the access checker, true for enabling the access checker.

    • ViewAccessChecker

      protected ViewAccessChecker(AccessAnnotationChecker accessAnnotationChecker)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Creates an instance using the given checker.

      Note that the access checker is disabled by default and can be enabled using enable(). You should also set the login view to use using setLoginView(Class) or setLoginView(String)

      Parameters:
      accessAnnotationChecker - the checker to use

  • Method Details

    • enable

      public void enable()
      Deprecated, for removal: This API element is subject to removal in a future version.
      Enables the access checker.

      This must be called for the access checker to perform any checks. By default the access checker is disabled.

    • setLoginView

      public void setLoginView(Class<? extends Component> loginView)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Sets the Flow login view to use.

      The login view can only be set once and cannot be changed afterwards.

      Note that the access checker needs to be separately enabled using enable()

      Parameters:
      loginView - the Flow view to use as login view

    • setLoginView

      public void setLoginView(String loginUrl)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Sets the frontend login view to use.

      The login view can only be set once and cannot be changed afterwards.

      Note that the access checker needs to be separately enabled using enable()

      Parameters:
      loginUrl - the frontend view to use as login view

    • beforeEnter

      public void beforeEnter(BeforeEnterEvent beforeEnterEvent)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Description copied from interface: BeforeEnterHandler
      Callback executed before navigation to attaching Component chain is made.
      Specified by:
      beforeEnter in interface BeforeEnterHandler
      Parameters:
      beforeEnterEvent - before navigation event with event details

    • getAccessDeniedException

      protected Class<? extends RuntimeException> getAccessDeniedException(AnnotatedElement securedClass)
      Deprecated, for removal: This API element is subject to removal in a future version.

    • getRolesChecker

      protected Function<String,Boolean> getRolesChecker(VaadinRequest request)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Gets a function for checking roles for the currently logged in user.
      Parameters:
      request - the current request or null if no request is in progress (e.g. in a background thread)
      Returns:
      a function which takes a role name and returns true if the user is included in that role

    • getPrincipal

      protected Principal getPrincipal(VaadinRequest request)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Gets the principal for the currently logged in user.
      Parameters:
      request - the current request or null if no request is in progress (e.g. in a background thread)
      Returns:
      a representation of the currently logged in user or null if no user is currently logged in