Introduction

Business

The module’s integration allows you to grant different access rights to different users.

Development

Core

Entity Definitions

The definitions in this module have id discriminators in the range 210-220.

AclClassEntityDefinition

The AclClassEntityDefinition is the JPA entity to define the class for the ACL personalization. It adds the access-specific properties to the extended AbstractEntityDefinition:

asciidoctor diagram AclEntryEntityDefinition

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

Property	Description
aclClass	stores the class name
aclObjectIdentities	stores a set of acl object identities (instances of `AclObjectIdentityEntityDefinition`) for the given acl class

aclClass

stores the class name

aclObjectIdentities

stores a set of acl object identities (instances of AclObjectIdentityEntityDefinition) for the given acl class

AclEntryEntityDefinition

The AclEntryEntityDefinition is a JPA entity to define the ACL entry. It adds the access-specific properties to the extended AbstractEntityDefinition:

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

Property	Description
order	stores the order of the given ACL entry
mask	stores the mask of the given ACL entry
auditFailure	stores true if the entry must fail on audit check
auditSuccess	stores true if this entry must always succeed on audit check
granting	stores true if this entry is granting
objectIdentity	stores the ACL object identity of this entry
sid	stores the principal for this entry (an instance of `PrincipalEntityDefinition`)

order

stores the order of the given ACL entry

mask

stores the mask of the given ACL entry

auditFailure

stores true if the entry must fail on audit check

auditSuccess

stores true if this entry must always succeed on audit check

granting

stores true if this entry is granting

objectIdentity

stores the ACL object identity of this entry

sid

stores the principal for this entry (an instance of PrincipalEntityDefinition)

AclMaskEntityDefinition

The AclMaskEntityDefinition is the JPA entity to define the ACL mask. It adds the access-specific properties to the extended AbstractEntityDefinition:

The mask property is defined within the entity.

AclObjectIdentityEntityDefinition

The AclObjectIdentityEntityDefinition is the JPA entity to define the ACL object identity. It adds the access-specific properties to the extended AbstractEntityDefinition:

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

Property	Description
objectIdentity	stores the object identity as a `Long` value
parentObject	stores the parent object identity as a `Long` value
inheriting	stores `true` if this object identity is inheriting from a parent
aclEntries	stores a `Set` of ACL entries for this object identity
ownerSid	stores the principal who is the owner of this object identity (an instance of `PrincipalEntityDefinition`)
objectClass	stores the ACL class the ACL object identity is associated with

objectIdentity

stores the object identity as a Long value

parentObject

stores the parent object identity as a Long value

inheriting

stores true if this object identity is inheriting from a parent

aclEntries

stores a Set of ACL entries for this object identity

ownerSid

stores the principal who is the owner of this object identity (an instance of PrincipalEntityDefinition)

objectClass

stores the ACL class the ACL object identity is associated with

Spring Data JPA Repositories

AclClassRepository

The AclClassRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclClassEntityDefinition:

AclEntryRepository

The AclEntryRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclEntryEntityDefinition:

AclMaskRepository

The AclMaskRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclMaskEntityDefinition:

AclObjectIdentityRepository

The AclObjectIdentityRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclObjectIdentityEntityDefinition:

Business Services

SecurityService

Among the helper functionalities, defined within the SecurityService, are:

Description	Method
adds the given permission for the given secured object to the current user	addPermission()
removes the given permission for the given secured object and the given recipient	deletePermission()

Description

Method

adds the given permission for the given secured object to the current user

addPermission()

removes the given permission for the given secured object and the given recipient

deletePermission()

Integration

The integration with the Nemesis platform is pretty straight-forward - just add the module in your classpath:

<dependency>
    <groupId>io.nemesis.platform.module</groupId>
    <artifactId>nemesis-module-personalization</artifactId>
</dependency>