Introduction

Business

The module’s integration allows you to grant different access rights to different users.

Development

Core

Entity Definitions

The definitions in this module have id discriminators in the range 210-220.

AclClassEntityDefinition

The AclClassEntityDefinition is the JPA entity to define the class for the ACL personalization. It adds the access-specific properties to the extended AbstractEntityDefinition:

asciidoctor diagram AclEntryEntityDefinition

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

aclClass

stores the class name

aclObjectIdentities

stores a set of acl object identities (instances of AclObjectIdentityEntityDefinition) for the given acl class

AclEntryEntityDefinition

The AclEntryEntityDefinition is a JPA entity to define the ACL entry. It adds the access-specific properties to the extended AbstractEntityDefinition:

asciidoctor diagram AclEntryEntityDefinition

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

order

stores the order of the given ACL entry

mask

stores the mask of the given ACL entry

auditFailure

stores true if the entry must fail on audit check

auditSuccess

stores true if this entry must always succeed on audit check

granting

stores true if this entry is granting

objectIdentity

stores the ACL object identity of this entry

sid

stores the principal for this entry (an instance of PrincipalEntityDefinition)

AclMaskEntityDefinition

The AclMaskEntityDefinition is the JPA entity to define the ACL mask. It adds the access-specific properties to the extended AbstractEntityDefinition:

asciidoctor diagram AclMaskEntityDefinition

The mask property is defined within the entity.

AclObjectIdentityEntityDefinition

The AclObjectIdentityEntityDefinition is the JPA entity to define the ACL object identity. It adds the access-specific properties to the extended AbstractEntityDefinition:

asciidoctor diagram AclObjectIdentityEntityDefinition

Via the respective getter-setter pairs, the following information can be retrieved/stored in the database:

Property Description

objectIdentity

stores the object identity as a Long value

parentObject

stores the parent object identity as a Long value

inheriting

stores true if this object identity is inheriting from a parent

aclEntries

stores a Set of ACL entries for this object identity

ownerSid

stores the principal who is the owner of this object identity (an instance of PrincipalEntityDefinition)

objectClass

stores the ACL class the ACL object identity is associated with

Spring Data JPA Repositories

AclClassRepository

The AclClassRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclClassEntityDefinition:

asciidoctor diagram AclClassRepository
AclEntryRepository

The AclEntryRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclEntryEntityDefinition:

asciidoctor diagram AclEntryRepository
AclMaskRepository

The AclMaskRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclMaskEntityDefinition:

asciidoctor diagram AclMaskRepository
AclObjectIdentityRepository

The AclObjectIdentityRepository extends the BaseEntityRepository and is the corresponding Spring Data JPA repository for the AclObjectIdentityEntityDefinition:

asciidoctor diagram AclObjectIdentityRepository

Business Services

SecurityService

Among the helper functionalities, defined within the SecurityService, are:

Description Method

adds the given permission for the given secured object to the current user

addPermission()

removes the given permission for the given secured object and the given recipient

deletePermission()

Integration

The integration with the Nemesis platform is pretty straight-forward - just add the module in your classpath:

<dependency>
    <groupId>io.nemesis.platform.module</groupId>
    <artifactId>nemesis-module-personalization</artifactId>
</dependency>