AuthorizationManager

Authorizes the user in the current session view and use members of an object.

API

AuthorizationManager.java
class AuthorizationManager {
  public static final String LOGICAL_TYPE_NAME;
  AuthorizationManager(CausewayConfiguration config, ActionSemanticsResolver actionSemanticsResolver, List<Authorizor> authorizors, Optional<AuthorizorChooser> authorizorChooserIfAny)
  boolean isUsable(InteractionContext authentication, Identifier identifier)     (1)
  boolean isVisible(InteractionContext authentication, Identifier identifier)     (2)
}
1 isUsable(InteractionContext, Identifier)

Whether the user represented by the specified session is authorized to view the member of the class/object represented by the member identifier.

2 isVisible(InteractionContext, Identifier)

Whether the user represented by the specified session is authorized to change the field represented by the member identifier.

Members

isUsable(InteractionContext, Identifier)

Whether the user represented by the specified session is authorized to view the member of the class/object represented by the member identifier.

Normally the view of the specified field, or the display of the action will be suppress if this returns false.

isVisible(InteractionContext, Identifier)

Whether the user represented by the specified session is authorized to change the field represented by the member identifier.

Normally the specified field will be not appear editable if this returns false.