Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

blackboard.platform.security
Class SecurityUtil

java.lang.Object
  |
  +--blackboard.platform.security.SecurityUtil
public class SecurityUtil
extends java.lang.Object

This class provides some utility methods for security logic.

Since:
Blackboard 6.0
Version:
$Revision: 13 $ $Date: 1/22/03 3:43p $

Constructor Summary
SecurityUtil()
           
 
Method Summary
static void checkPermission(java.security.Permission perm)
          Performs a check for the specified permission against the installed SecurityManager.
static boolean userHasAllEntitlements(Id userId, Id courseId, Entitlements entitlements)
          userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page
static boolean userHasAllEntitlements(java.lang.String[] entitlementNames, javax.servlet.http.HttpServletRequest request)
          userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page --No user id param; implicit Context object assumed
static boolean userHasAllEntitlements(User user, Course course, Entitlements entitlements)
          userHasAllEntitlements Logical AND Use for fine-grained authorization -- a user may have be entitled access to a page, but not a given widget on the page Please note that this method should be used for most entitlements checks, since it does not require loading the User from the database.
static boolean userHasAnyEntitlements(Id userId, Id courseId, Entitlements entitlements)
          userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed
static boolean userHasAnyEntitlements(java.lang.String[] entitlementNames, javax.servlet.http.HttpServletRequest request)
          userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --No user id param; implicit Context object assumed
static boolean userHasAnyEntitlements(User user, Course course, CourseMembership courseMembership, Entitlements entitlements)
          userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed
static boolean userHasEntitlement(Id userId, Id courseId, Entitlement entitlement)
          userHasEntitlement Explicit check for a single entitlement Please note that this interface method assumes that the ContextManager has already set the context appropriately, so that this method can load user and course data for the correct virtual installation.
static boolean userHasEntitlement(java.lang.String entitlementName, javax.servlet.http.HttpServletRequest request)
          userHasEntitlement --Explicit check for a single entitlement --No user id param; implicit Context object assumed
static boolean userHasEntitlement(User user, Course course, CourseMembership courseMembership, Entitlement entitlement)
          userHasEntitlement Explicit check for a single entitlement.
static boolean userHasEntitlement(User user, Course course, Entitlement entitlement)
          userHasEntitlement Explicit check for a single entitlement.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityUtil

public SecurityUtil()
Method Detail

checkPermission

public static void checkPermission(java.security.Permission perm)
Performs a check for the specified permission against the installed SecurityManager. If no SecurityManager is installed, this is a no-op.

Parameters:
perm - The permission to check. For convenience, this may be null. The result is a no-op.

userHasEntitlement

public static boolean userHasEntitlement(java.lang.String entitlementName,
                                         javax.servlet.http.HttpServletRequest request)
userHasEntitlement --Explicit check for a single entitlement --No user id param; implicit Context object assumed

userHasEntitlement

public static boolean userHasEntitlement(Id userId,
                                         Id courseId,
                                         Entitlement entitlement)
userHasEntitlement Explicit check for a single entitlement Please note that this interface method assumes that the ContextManager has already set the context appropriately, so that this method can load user and course data for the correct virtual installation.

Parameters:
entitlement -

userHasEntitlement

public static boolean userHasEntitlement(User user,
                                         Course course,
                                         Entitlement entitlement)
userHasEntitlement Explicit check for a single entitlement. Please note that this method should be used for most single-entitlement checks, since it does not require loading the User from the database.

Parameters:
user - the current User, usually stored in the Context for this thread
course - the current Course, usually stored in the Context for this thread
entitlement - the Entitlement in question

userHasEntitlement

public static boolean userHasEntitlement(User user,
                                         Course course,
                                         CourseMembership courseMembership,
                                         Entitlement entitlement)
userHasEntitlement Explicit check for a single entitlement. Please note that this method should be used for most single-entitlement checks, since it does not require loading the User from the database.

Parameters:
user - the current User, usually stored in the Context for this thread
course - the current Course, usually stored in the Context for this thread
entitlement - the Entitlement in question

userHasAllEntitlements

public static boolean userHasAllEntitlements(java.lang.String[] entitlementNames,
                                             javax.servlet.http.HttpServletRequest request)
userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page --No user id param; implicit Context object assumed

userHasAllEntitlements

public static boolean userHasAllEntitlements(Id userId,
                                             Id courseId,
                                             Entitlements entitlements)
userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page

userHasAllEntitlements

public static boolean userHasAllEntitlements(User user,
                                             Course course,
                                             Entitlements entitlements)
userHasAllEntitlements Logical AND Use for fine-grained authorization -- a user may have be entitled access to a page, but not a given widget on the page Please note that this method should be used for most entitlements checks, since it does not require loading the User from the database.

Parameters:
user - the current User, stored in the Context for this thread
course - the current Course, stored in the Context for this thread
entitlements - the set of Entitlements in question

userHasAnyEntitlements

public static boolean userHasAnyEntitlements(java.lang.String[] entitlementNames,
                                             javax.servlet.http.HttpServletRequest request)
userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --No user id param; implicit Context object assumed

userHasAnyEntitlements

public static boolean userHasAnyEntitlements(User user,
                                             Course course,
                                             CourseMembership courseMembership,
                                             Entitlements entitlements)
userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed

userHasAnyEntitlements

public static boolean userHasAnyEntitlements(Id userId,
                                             Id courseId,
                                             Entitlements entitlements)
userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003 Blackboard, Inc. All Rights Reserved.