Package org.tailormap.api.security

Class AuthorisationService

java.lang.Object
org.tailormap.api.security.AuthorisationService
@Service public class AuthorisationService extends Object
Validates access control rules. Any call to userAllowedToViewApplication will verify that the currently logged-in user is not only allowed to read the current object, but any object above and below it in the hierarchy.

  • Field Details

  • Constructor Details

    • AuthorisationService

      public AuthorisationService()

  • Method Details

    • userAllowedToViewApplication

      public boolean userAllowedToViewApplication(Application application)
      Verifies that the (authenticated) user may view/open the application.
      Parameters:
      application - the Application to check
      Returns:
      the result from the access control checks.

    • userAllowedToViewGeoService

      public boolean userAllowedToViewGeoService(GeoService geoService)
      Verifies that the (authenticated) user may view this geoService.
      Parameters:
      geoService - the GeoService to check
      Returns:
      the result from the access control checks.

    • userAllowedToViewGeoServiceLayer

      public boolean userAllowedToViewGeoServiceLayer(GeoService geoService, GeoServiceLayer layer)
      Verifies that the (authenticated) user may view the layer in context of the geoService.
      Parameters:
      geoService - the GeoService to check
      layer - the GeoServiceLayer to check
      Returns:
      the result from the access control checks.

    • mustDenyAccessForSecuredProxy

      public boolean mustDenyAccessForSecuredProxy(GeoService geoService)
      To avoid exposing a secured service by proxying it to everyone, do not proxy a secured GeoService when the user is not logged in.
      Parameters:
      geoService - The geo service to check
      Returns:
      Whether to deny proxying this service