Authorization Manager
The AuthorizationManager is a custom class in the logic-layer of the account component. It is used in the generated code of the useLogicSecurity option and it can be used in your custom code. The purpose of this class is to know if the logged in user is authorized to perform a certain task or command or is authorized to use a CRUD-operation.
Caching
The dataAccessRights and taskAccessRights are cached in the userContext. Therefore, The AuthorizationManager will first look into this cache to see if there is already some accessRights present. If not, it will perform the authorizationTask again.
Methods
In the constructor of the AuthorizationManager you provide the data- or taskElement used for the authorization and the usercontext which contains information of the logged in user. This info is needed for the 3 public methods defined in the AuthorizationManager.
- public boolean isDataAuthorized(DataAccessFunctionality dataAccessFunctionality):
DataAccessFunctionality
is an enumeration of the possible CRUD-operations which describes which CRUD action the user is attempting. It returns whether or not the logged in user has permission to perform the given CRUD action on the dataElement provided in the constructor. - public boolean isDataAuthorized(String commandName): This method can be used to query if a user is authorized to perform a certain command on the dataElement provided in the constructor.
- public boolean isTaskAuthorized(): This method can be used to query if a user is authorized to perform the task given in the constructor.