com.communote.server.core.security

Class SecurityHelper

java.lang.Object

com.communote.server.core.security.SecurityHelper

public final class SecurityHelper
extends Object

This helper class checks the current user in the acegi system and returns the details UserDetails. This details contain the email, locale and id for further usage.

Author:

Communote GmbH - http://www.communote.com/

Method Summary

Modifier and Type	Method and Description
static User	assertCurrentKenmeiUser() Deprecated. this method should not be used since it returns the user entity which can be an uninitialized hibernate proxy. Use assertCurrentUserId() instead and pass the returned userId together with an appropriate Converter (which is in most cases not the IdentityConverter!) to UserManagement.getUserById.
static UserDetails	assertCurrentUser() Checks if there is a user logged in.
static UserDetails	assertCurrentUser(Long userId) Gets the current logged in user and checks if the given id is matching.
static Long	assertCurrentUserId() Get the current user id.
static UserDetails	assertCurrentUserIsClientManager() Checks if there is a user logged in and the user is client manager.
static boolean	assertCurrentUserOrPublicUser() Checks if there is a user logged in with user role of user or public user.
static void	assertCurrentUserRole(UserRole role) Asserts that the current user has the given role
static UserDetails	getCurrentUser() Get the current user which is set in the acegi security context.
static String	getCurrentUserAlias() Get the alias of the current user, or null if no user is logged in
static Long	getCurrentUserId() Get the current user id, or null if no user is logged in
static boolean	hasRole(UserRole role) Checks that the current user has the given role
static boolean	isClientManager()
static boolean	isCurrentUserId(Long userId) check if the current user id matches the given id
static boolean	isCurrentUserOrPublicUser() Checks if there is a user logged in with user role of user or public user.
static boolean	isInternalSystem()
static boolean	isPublicUser() Checks the security context if the authenticated user is in role of the public user.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

assertCurrentKenmeiUser

@Deprecated
public static User assertCurrentKenmeiUser()

Deprecated. this method should not be used since it returns the user entity which can be an uninitialized hibernate proxy. Use assertCurrentUserId() instead and pass the returned userId together with an appropriate Converter (which is in most cases not the IdentityConverter!) to UserManagement.getUserById.

Assert that there is a current user and load the user of it

Returns:

The user.

assertCurrentUser

public static UserDetails assertCurrentUser()

Checks if there is a user logged in. If not an AccessDeniedException will be thrown.

Returns:

The user details if everything is ok

assertCurrentUser

public static UserDetails assertCurrentUser(Long userId)

Gets the current logged in user and checks if the given id is matching. If not an AccessDeniedException will be thrown.

Parameters:

userId - The user id to assert for the current user

Returns:

The user details if everything is ok

assertCurrentUserId

public static Long assertCurrentUserId()

Get the current user id. Throw an exception if there is no current user.

Returns:

The user id

assertCurrentUserIsClientManager

public static UserDetails assertCurrentUserIsClientManager()

Checks if there is a user logged in and the user is client manager. If not an AccessDeniedException will be thrown.

Note: this method should usually not be used because it throws the wrong exception! Especially in service layer an AuthorizationException should be thrown which has no spring dependency and is checked and thus allows better handling.

Returns:

The user details if everything is ok

assertCurrentUserOrPublicUser

public static boolean assertCurrentUserOrPublicUser()

Checks if there is a user logged in with user role of user or public user. If not an AccessDeniedException will be thrown.

Returns:

true if everything is okay

assertCurrentUserRole

public static void assertCurrentUserRole(UserRole role)
                                  throws AuthorizationException

Asserts that the current user has the given role

Parameters:

role - the role to check

Throws:

AuthorizationException - in case the user does not has the role

getCurrentUser

public static UserDetails getCurrentUser()

Get the current user which is set in the acegi security context.

Returns:

The UserDetails of the current user or null if no user is logged in

getCurrentUserAlias

public static String getCurrentUserAlias()

Get the alias of the current user, or null if no user is logged in

Returns:

The user alias

getCurrentUserId

public static Long getCurrentUserId()

Get the current user id, or null if no user is logged in

Returns:

The user id

hasRole

public static boolean hasRole(UserRole role)

Checks that the current user has the given role

Parameters:

role - the role to check

Returns:

true if th current user has this role

isClientManager

public static boolean isClientManager()

Returns:

true if the current user is client manager

isCurrentUserId

public static boolean isCurrentUserId(Long userId)

check if the current user id matches the given id

Parameters:

userId - the user id to check

Returns:

true if the given id is not null and matches the current log-in user

isCurrentUserOrPublicUser

public static boolean isCurrentUserOrPublicUser()

Checks if there is a user logged in with user role of user or public user.

Returns:

true if everything is okay

isInternalSystem

public static boolean isInternalSystem()

Returns:

true if the current "user" is the internal system

isPublicUser

public static boolean isPublicUser()

Checks the security context if the authenticated user is in role of the public user.

Returns:

true if the current user has user role ROLE_PUBLIC_USER