public class SecurityCheck
extends java.lang.Object
| 构造器和说明 |
|---|
SecurityCheck() |
| 限定符和类型 | 方法和说明 |
|---|---|
static boolean |
hasFormQueryPermission(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long appId,
java.lang.String objectName,
java.lang.String summaryId)
是否具有表单查询的权限
|
static void |
init() |
static boolean |
isDocCanAccess(java.lang.Long archiveId)
文档权限判断
|
static boolean |
isLicit(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long objectId,
CtpAffair affair,
java.lang.Long preArchiveId)
安全防护,校验是否有权限查看主题
|
static boolean |
isLicit(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long objectId,
CtpAffair affair,
java.lang.Long preArchiveId,
boolean responseMsg)
安全防护,校验是否有权限查看主题
|
static boolean |
isLicit(SecurityCheckParam param)
权限校验
|
static boolean |
isSupervisor(java.lang.Long currentUserId,
java.lang.Long objectId)
是否是流程的督办人
|
static java.lang.String |
printInbreakTrace(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.authenticate.domain.User user,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum)
记录非法访问日志
|
void |
setSecurityCheckers(java.util.Map<java.lang.String,SecurityControl> securityCheckers) |
public void setSecurityCheckers(java.util.Map<java.lang.String,SecurityControl> securityCheckers)
@RefreshInterfacesAfterUpdate(inface=SecurityControl.class) public static void init()
public static boolean isLicit(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long objectId,
CtpAffair affair,
java.lang.Long preArchiveId,
boolean responseMsg)
request - response - appEnum - 应用枚举user - CurrentUserobjectId - 主题对象的idaffair - 用于协同和公文,其他应用传nullpreArchiveId - 预归档Id,用于协同,其他应用传nullresponseMsg - 是否向前台推送消息public static boolean isLicit(SecurityCheckParam param)
param - public static boolean isLicit(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long objectId,
CtpAffair affair,
java.lang.Long preArchiveId)
request - response - appEnum - 应用枚举user - CurrentUserobjectId - 主题对象的idaffair - 用于协同和公文,其他应用传nullpreArchiveId - 预归档Id,用于协同,其他应用传nullpublic static java.lang.String printInbreakTrace(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.authenticate.domain.User user,
com.seeyon.ctp.common.constants.ApplicationCategoryEnum appEnum)
request - user - subject - public static boolean isSupervisor(java.lang.Long currentUserId,
java.lang.Long objectId)
currentUserId - objectId - summaryIdpublic static boolean isDocCanAccess(java.lang.Long archiveId)
archiveId - public static boolean hasFormQueryPermission(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
com.seeyon.ctp.common.authenticate.domain.User user,
java.lang.Long appId,
java.lang.String objectName,
java.lang.String summaryId)
request - response - user -