Package com.broadleafcommerce.auth.security.service

Class PrivilegeSummary

java.lang.Object

com.broadleafcommerce.auth.security.service.PrivilegeSummary

public class PrivilegeSummary
extends Object

A data structure used by DefaultOAuth2UserDetailsService and PrivilegeService to hold all the authorities, restrictions, and restricted authorities of a User.

See Also:

PrivilegeService.getUserPrivilegeSummary(User, String)

Constructor Summary

Constructors

Constructor	Description
PrivilegeSummary(Set<String> allAuthorities, Map<String,Set<String>> restrictions, Map<String,Map<String,Set<String>>> restrictedAuthorities)

Method Summary

Modifier and Type	Method	Description
protected boolean	canEqual(Object other)
boolean	equals(Object o)
Set<String>	getAllAuthorities()	All the authorities for the current authentication.
Map<String,Map<String,Set<String>>>	getRestrictedAuthorities()	All of the restricted authorities for the current authentication.
Map<String,Set<String>>	getRestrictions()	All of the User.getRestrictions() for the current authentication.
int	hashCode()
void	setAllAuthorities(Set<String> allAuthorities)	All the authorities for the current authentication.
void	setRestrictedAuthorities(Map<String,Map<String,Set<String>>> restrictedAuthorities)	All of the restricted authorities for the current authentication.
void	setRestrictions(Map<String,Set<String>> restrictions)	All of the User.getRestrictions() for the current authentication.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

PrivilegeSummary

public PrivilegeSummary(Set<String> allAuthorities,
                        Map<String,Set<String>> restrictions,
                        Map<String,Map<String,Set<String>>> restrictedAuthorities)

Method Detail

getAllAuthorities

public Set<String> getAllAuthorities()

All the authorities for the current authentication. This includes authorities from user's flat permissions, flat roles and their ancestors, restricted roles and their ancestors, and restricted permissions. This also includes authorities from server's flat permissions, and flat roles and their ancestors.

Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.

getRestrictions

public Map<String,Set<String>> getRestrictions()

All of the User.getRestrictions() for the current authentication.

This is a map from restriction types to restriction targets.

An empty map indicates the user is unrestricted.

getRestrictedAuthorities

public Map<String,Map<String,Set<String>>> getRestrictedAuthorities()

All of the restricted authorities for the current authentication.

This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.

This includes authorities from restricted permissions and restricted roles and their ancestors.

Additionally, the User.getRestrictions() are combined with "flat permissions" sourced from the following places to also form entries in this map:

• User.getPermissions()
• User.getRoles() and their ancestors
• AuthorizationServer.getDefaultUserPermissions()
• AuthorizationServer.getDefaultUserRoles() and their ancestors

setAllAuthorities

public void setAllAuthorities(Set<String> allAuthorities)

All the authorities for the current authentication. This includes authorities from user's flat permissions, flat roles and their ancestors, restricted roles and their ancestors, and restricted permissions. This also includes authorities from server's flat permissions, and flat roles and their ancestors.

Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.

setRestrictions

public void setRestrictions(Map<String,Set<String>> restrictions)

All of the User.getRestrictions() for the current authentication.

This is a map from restriction types to restriction targets.

An empty map indicates the user is unrestricted.

setRestrictedAuthorities

public void setRestrictedAuthorities(Map<String,Map<String,Set<String>>> restrictedAuthorities)

All of the restricted authorities for the current authentication.

This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.

This includes authorities from restricted permissions and restricted roles and their ancestors.

Additionally, the User.getRestrictions() are combined with "flat permissions" sourced from the following places to also form entries in this map:

• User.getPermissions()
• User.getRoles() and their ancestors
• AuthorizationServer.getDefaultUserPermissions()
• AuthorizationServer.getDefaultUserRoles() and their ancestors

equals

public boolean equals(Object o)

Overrides:

equals in class Object

canEqual

protected boolean canEqual(Object other)

hashCode

public int hashCode()

Overrides:

hashCode in class Object

toString

public String toString()

Overrides:

toString in class Object