@Inherited
@Retention(value=RUNTIME)
public @interface SecuredEntity
This system provides a great deal of functionality. If nothing else is specified, the user will be able to Allow or Deny access to the class, method, or intent that this is applied to.
If this annotation provides a configPropDescriptionFactory, that will be used to build a UI based on DescriptiveProperties for options that can be set for the particular Identity. Then, when a call is made from that identity, the user configured settings will be built into a map, and included in the SecurityContext of the call. If a configFactory is specified, that will be used to build a configuration object instead of a simple map. This can be very convenient for the service implementation, because it can do things like call "myCustomObject.verifyAccess(...call specific parameters...)", instead of having to implement the logic itself. This allows better reuse of security code across different method calls.
Modifier and Type | Fields and Description |
---|---|
static DescriptiveProperty<SecuredEntity.AccessLevel> |
ACCESS_LEVEL
All SecuredEntities at least have an access level, if nothing else.
|
static java.lang.String |
KEY_CLASS_CONFIG
The configuration of a security entity is stored in the Security Context under this key.
|
static java.lang.String |
KEY_METHOD_CONFIG |
Modifier and Type | Required Element and Description |
---|---|
java.lang.String |
id
An id that is used to link this annotated object to its configuration.
|
Modifier and Type | Optional Element and Description |
---|---|
java.lang.Class<? extends SecuredEntity.ConfigFactory> |
configFactory
If specified, this factory will be used to create a configuration object out of the defined properties
that will be set on the security context.
|
java.lang.Class<? extends SecuredEntity.ConfigPropDescriptionFactory> |
configPropDescriptionFactory
If this entity has config properties that can be set, this class generates the description of them.
|
SecuredEntity.AccessLevel |
defaultAccessLevel
Defines the default access level for the entity, which can be overridden in the security settings.
|
java.lang.String |
descKey
Bundle key for a description of this restriction.
|
java.lang.String |
nameKey
Bundle key for the name of this restriction.
|
public static final DescriptiveProperty<SecuredEntity.AccessLevel> ACCESS_LEVEL
public static final java.lang.String KEY_CLASS_CONFIG
public abstract java.lang.String id
public abstract java.lang.String nameKey
public abstract java.lang.String descKey
public abstract java.lang.Class<? extends SecuredEntity.ConfigPropDescriptionFactory> configPropDescriptionFactory
public abstract java.lang.Class<? extends SecuredEntity.ConfigFactory> configFactory
public abstract SecuredEntity.AccessLevel defaultAccessLevel