Package org.craftercms.engine.security
Class CrafterPageAccessManager
java.lang.Object
org.craftercms.engine.security.CrafterPageAccessManager
Manages access to Crafter pages, depending on the roles specified in the page and the current user's roles.
- Author:
- Russ Danner, Alfonso Vásquez
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
checkAccess
(SiteItem page) Checks if the user has sufficient rights to access the specified page: If the page doesn't contain any required role, no authentication is needed. If the page has the role "Anonymous", no authentication is needed. If the page has the role "Authenticated", just authentication is needed. If the page has any other the roles, the user needs to have any of those roles.protected boolean
containsRole
(String role, List<String> roles) protected boolean
hasAnyRole
(org.springframework.security.core.Authentication auth, List<String> roles) void
setAuthorizedRolesXPathQuery
(String authorizedRolesXPathQuery)
-
Field Details
-
authorizedRolesXPathQuery
-
-
Constructor Details
-
CrafterPageAccessManager
public CrafterPageAccessManager()
-
-
Method Details
-
setAuthorizedRolesXPathQuery
-
checkAccess
Checks if the user has sufficient rights to access the specified page:- If the page doesn't contain any required role, no authentication is needed.
- If the page has the role "Anonymous", no authentication is needed.
- If the page has the role "Authenticated", just authentication is needed.
- If the page has any other the roles, the user needs to have any of those roles.
-
getAuthorizedRolesForPage
-
containsRole
-
hasAnyRole
-