Package org.jgrapes.webconsole.rbac

Class RoleConletFilter

java.lang.Object

org.jgrapes.core.internal.ComponentVertex

org.jgrapes.core.Component

org.jgrapes.webconsole.rbac.RoleConletFilter

All Implemented Interfaces:

Iterable<ComponentType>, Channel, ComponentType, Eligible, Manager

public class RoleConletFilter
extends Component

Configures the conlets available based on the user currently logged in.

Nested Class Summary

Nested classes/interfaces inherited from interface org.jgrapes.core.Channel

Channel.Default

Field Summary

Fields inherited from class org.jgrapes.core.Component

logger

Fields inherited from interface org.jgrapes.core.Channel

BROADCAST, SELF

Constructor Summary

Constructors

Constructor	Description
RoleConletFilter(Channel componentChannel)	Creates a new component with its channel set to the given channel.
RoleConletFilter(Channel componentChannel, Map<?,?> properties)	Creates a new component with its channel set to the given channel.

Method Summary

Modifier and Type	Method	Description
void	onAddConlet(AddConletRequest event, ConsoleConnection channel)	If the request originates from a client (see AddConletRequest.isFrontendRequest(), verifies that the user is allowed to create a conlet of the given type.
void	onAddConletType(AddConletType event)	Collect known types for wildcard handling
void	onConfigUpdate(ConfigurationUpdate event)	The component can be configured with events that include a path (see @link ConfigurationUpdate.paths()) that matches this components path (see Manager.componentPath()).
void	onConsolePrepared(ConsolePrepared event, ConsoleConnection channel)	Disable all conlets that the user is not allowed to use by firing UpdateConletType events with no render modes.
RoleConletFilter	setConletTypesByRole(Map<String,List<String>> acl)	Sets the permitted conlet types by role.

Methods inherited from class org.jgrapes.core.Component

channel, component, defaultCriterion, isEligibleFor, setName

Methods inherited from class org.jgrapes.core.internal.ComponentVertex

activeEventPipeline, addHandler, attach, children, componentPath, componentVertex, detach, fire, initComponentsHandlers, iterator, name, newEventPipeline, newEventPipeline, parent, registerAsGenerator, root, toString, unregisterAsGenerator

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.lang.Iterable

forEach, spliterator

Methods inherited from interface org.jgrapes.core.Manager

stream

Constructor Details

RoleConletFilter

public RoleConletFilter(Channel componentChannel)

Creates a new component with its channel set to the given channel.

Parameters:

componentChannel - the channel that the component’s handlers listen on by default and that Manager.fire(Event, Channel...) sends the event to

RoleConletFilter

public RoleConletFilter(Channel componentChannel,
 Map<?,?> properties)

Creates a new component with its channel set to the given channel.

Supported properties are:

• conletTypesByRole: see setConletTypesByRole(Map).

Parameters:

componentChannel - the channel that the component’s handlers listen on by default and that Manager.fire(Event, Channel...) sends the event to

properties - the properties used to configure the component

Method Details

setConletTypesByRole

public RoleConletFilter setConletTypesByRole(Map<String,List<String>> acl)

Sets the permitted conlet types by role.

The parameter is a Map<String, List> holding the conlet permissions to be added for the given role. The permissions can be an asterisk (“*”) to allow usage of all conlet types. It can be a conlet type as reported by AddConletType.conletType() to allow the usage of a particular conlet. The type may be prefixed with an exclamation mark to deny the usage (default).

The first match is used, i.e. the asterisk makes only sense as the last element in the list.

Parameters:

acl - the acl

Returns:

the user role conlet filter

onConfigUpdate

@Handler
public void onConfigUpdate(ConfigurationUpdate event)

The component can be configured with events that include a path (see @link ConfigurationUpdate.paths()) that matches this components path (see Manager.componentPath()).

The following properties are recognized:

conletTypesByRole

Invokes setConletTypesByRole(Map) with the given values.

Parameters:

event - the event

onAddConletType

@Handler
public void onAddConletType(AddConletType event)

Collect known types for wildcard handling

Parameters:

event - the event

onConsolePrepared

@Handler(priority=800)
public void onConsolePrepared(ConsolePrepared event,
 ConsoleConnection channel)

Disable all conlets that the user is not allowed to use by firing UpdateConletType events with no render modes.

The current user is obtained from WebConsoleUtils.userFromSession(org.jgrapes.http.Session).

Parameters:

event - the event

channel - the channel

onAddConlet

@Handler(priority=1000)
public void onAddConlet(AddConletRequest event,
 ConsoleConnection channel)

If the request originates from a client (see AddConletRequest.isFrontendRequest(), verifies that the user is allowed to create a conlet of the given type.

As the conlets that he user is not allowed to use are disabled, it should be impossible to create such requests in the first place. However, the frontend code is open to manipulation and therefore this additional check is introduced to increase security.

Parameters:

event - the event

channel - the channel