java.lang.Object

org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote

All Implemented Interfaces:: AdminSecurityService, SecurityVerifier

@Service("blAdminSecurityRemoteService") public class AdminSecurityServiceRemote extends Object implements AdminSecurityService, SecurityVerifier

Service for handeling security with Ajax components. Serves two functions.

Converts the ServerSide AdminUser to a client level admin user with appropriate roles defined.
Provides a method to check if the current logged in user matches the client side user and verifies whether that user has access to the entity operation they are trying to perform.

1.

Author:: jfischer

Field Summary

Fields

Modifier and Type

Field

Description

static final String

ANONYMOUS_USER_NAME

protected ExploitProtectionService

exploitProtectionService

protected RowLevelSecurityService

rowLevelSecurityService

protected AdminSecurityCheckExtensionManager

securityCheckExtensionManager

protected AdminSecurityService

securityService
Constructor Summary

Constructors

Constructor

Description

AdminSecurityServiceRemote()
Method Summary

Modifier and Type

Method

Description

AdminUser

getAdminUser()

AdminUser

getPersistentAdminUser()

protected void

securityCheck(String[] ceilingNames, EntityOperationType operationType)

void

securityCheck(String ceilingEntityFullyQualifiedName, EntityOperationType operationType)

void

securityCheck(PersistencePackage persistencePackage, EntityOperationType operationType)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- ANONYMOUS_USER_NAME
  
  public static final String ANONYMOUS_USER_NAME
  See Also:
  
  Constant Field Values
- securityService
  
  protected AdminSecurityService securityService
- exploitProtectionService
  
  protected ExploitProtectionService exploitProtectionService
- rowLevelSecurityService
  
  protected RowLevelSecurityService rowLevelSecurityService
- securityCheckExtensionManager
  
  protected AdminSecurityCheckExtensionManager securityCheckExtensionManager
Constructor Details
- AdminSecurityServiceRemote
  
  public AdminSecurityServiceRemote()
Method Details
- getAdminUser
  
  public AdminUser getAdminUser() throws ServiceException
  
  Specified by:
  
  getAdminUser in interface AdminSecurityService
  
  Throws:
  
  ServiceException
- getPersistentAdminUser
  
  public AdminUser getPersistentAdminUser()
  
  Specified by:
  
  getPersistentAdminUser in interface SecurityVerifier
- securityCheck
  
  public void securityCheck(PersistencePackage persistencePackage, EntityOperationType operationType) throws ServiceException
  
  Specified by:
  
  securityCheck in interface SecurityVerifier
  
  Throws:
  
  ServiceException
- securityCheck
  
  public void securityCheck(String ceilingEntityFullyQualifiedName, EntityOperationType operationType) throws ServiceException
  
  Specified by:
  
  securityCheck in interface SecurityVerifier
  
  Throws:
  
  ServiceException
- securityCheck
  
  protected void securityCheck(String[] ceilingNames, EntityOperationType operationType) throws ServiceException
  
  Throws:
  
  ServiceException

Class AdminSecurityServiceRemote

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

ANONYMOUS_USER_NAME

securityService

exploitProtectionService

rowLevelSecurityService

securityCheckExtensionManager

Constructor Details

AdminSecurityServiceRemote

Method Details

getAdminUser

getPersistentAdminUser

securityCheck

securityCheck

securityCheck