com.ibm.commerce.accesscontrol
Class AccManager

java.lang.Object
  |
  +--com.ibm.commerce.accesscontrol.AccManager

public class AccManager
extends java.lang.Object

The AccManager calls the policy manager to invoke command level and resource level access control check.


Field Summary
static java.lang.String COPYRIGHT
           
 
Constructor Summary
AccManager()
          ACCManager constructor comment.
 
Method Summary
 boolean canUserExecuteCommand(AccCommand command)
          Calls the policy manager to perform command level access control check.
 void initialize()
          Intializes the AccManager.
protected  boolean isActionAllowed(CommandContext commandContext, java.lang.String action, AccCommand command)
          Calls the policy manager to perform command level access control check.
 boolean isActionAllowed(CommandContext context, java.lang.String defaultAction, AccessVector accessVector)
          Returns true if the user can perform the actions on the resources defined in the access vector.
 boolean isActionAllowed(CommandContext context, java.lang.String action, java.lang.Object resource)
          Returns true if the user can perform the actions on the resources defined in the access vector.
 boolean isAllowed(CommandContext context, java.lang.String action, Protectable resource)
          Returns true if the user can perform the actions on the resources defined in the access vector.
static AccManager singleton()
          ACCManager constructor comment.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

COPYRIGHT

public static final java.lang.String COPYRIGHT
Constructor Detail

AccManager

public AccManager()
ACCManager constructor comment.
Method Detail

canUserExecuteCommand

public boolean canUserExecuteCommand(AccCommand command)
                              throws ECException
Calls the policy manager to perform command level access control check. If getAccCheck() returns false, no access control check will be performed The method returns true if the user can excute the command. The action will be "execute" for a regular command. The action will be "becomeUser" for a forUser command The resource is the command itself.

Parameters:
command - AccCommand
Returns:
boolean

initialize

public void initialize()
                throws java.lang.Exception
Intializes the AccManager.

Throws:
- - exception when initialization fails.

isActionAllowed

protected boolean isActionAllowed(CommandContext commandContext,
                                  java.lang.String action,
                                  AccCommand command)
                           throws ECException
Calls the policy manager to perform command level access control check. If getAccCheck() returns false, no access control check will be performed The method returns true if the user can excute the command. The action will be "execute" for a regular command. The action will be "becomeUser" for a forUser command The resource is the command itself.

Parameters:
commandContext - CommandContext - command context
action - String - the action to be performed on the command
command - AccCommand - the command to be executed
Returns:
boolean

isActionAllowed

public boolean isActionAllowed(CommandContext context,
                               java.lang.String defaultAction,
                               AccessVector accessVector)
                        throws ECException
Returns true if the user can perform the actions on the resources defined in the access vector.
Parameters:
commandContext - CommandContext - command context
action - String - the default action is the command interface name
accessVector - AccessVector - represents the resources(s) and the action to be performed on them.
Returns:
boolean

isActionAllowed

public boolean isActionAllowed(CommandContext context,
                               java.lang.String action,
                               java.lang.Object resource)
                        throws ECException
Returns true if the user can perform the actions on the resources defined in the access vector.
Parameters:
commandContext - CommandContext - command context
action - String - the action to be performed on the resource
resource - Object - the resource to be acted upon.
Returns:
boolean

isAllowed

public boolean isAllowed(CommandContext context,
                         java.lang.String action,
                         Protectable resource)
                  throws ECException
Returns true if the user can perform the actions on the resources defined in the access vector. Calls the policyManager isAllowed() method to perform access control check.
Parameters:
commandContext - CommandContext - command context
action - String - the action to be performed on the resource
resource - Protectable - the protectable resource to be acted upon.
Returns:
boolean

singleton

public static AccManager singleton()
ACCManager constructor comment.