boolean checkAccess(Session session, Permission perm) throws SecurityException
Perform user RBAC authorization. This function returns a Boolean value meaning whether the subject of a given session is allowed to perform a given operation on a given object.
The function is valid if and only if:
The session‘s subject has the permission to perform the operation on that object if and only if that permission is assigned to (at least) one of the session’s active roles. This implementation will verify the roles or userId correspond to the subject‘s active roles are registered in the object’s access control list.
Parameters:
Returns:
Throws:
import org.apache.directory.fortress.core.AccessMgr; import org.apache.directory.fortress.core.AccessMgrFactory; import org.apache.directory.fortress.core.SecurityException; import org.apache.directory.fortress.core.model.Session; import org.apache.directory.fortress.core.model.Permission; @test public static void testCheckAccess( Session session, String objectName, String operationName ) { String szLocation = ".testCheckAccess"; try { // Instantiate the AccessMgr implementation. AccessMgr accessMgr = AccessMgrFactory.createInstance(); Permission inPerm = new Permission( objectName, operationName ); // Using Session object returned from createSession boolean result = accessMgr.checkAccess( session, inPerm ); assertTrue( szLocation, result ); } catch ( SecurityException ex ) { LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex ); fail( ex.getMessage() ); } }