Authorization Manager

The AuthorizationManager is a custom class in the logic-layer of the account component. It is used in the generated code of the useLogicSecurity option and it can be used in your custom code. The purpose of this class is to know if the logged in user is authorized to perfrom a certain task or command or is authorized to use a CRUD-operation.

Caching

The dataAccessRights and taskAccessRights are cached in the userContext. Therefore, The AuthorizationManager will first look into this cache to see if there is already some accessRights present. If not, it will perform the authorizationTask again.

Methods

In the constuctor of the AuthorizationManager you provide the data- or taskElement used for the authorization and the usercontext which contains information of the logged in user. This info is needed for the 3 public methods defined in the AuthorizationManager.

  • public boolean isDataAuthorized(DataAccessFunctionality dataAccessFunctionality): DataAccessFunctionality is an enumeration of the possible CRUD-operations which describes which CRUD action the user is attempting. It returns whether or not the logged in user has permission to perform the given CRUD action on the dataElement provided in the constructor.
  • public boolean isDataAuthorized(String commandName): This method can be used to query if a user is authorized to perform a certain command on the dataElement provided in the constructor.
  • public boolean isTaskAuthorized(): This method can be used to query if a user is authorized to perform the task given in the constuctor.