Security delegation plugins
Overview
note
This extension point allows to define if a user has access to a given AIP and its files. By default the security is delegated to the catalog microservice with the CatalogSecurityDelegation plugin
REGARDS provides many implementation of this extension point :
- CatalogSecurityDelegation : Delegate access rights to catalog microservice
- NoCatalogSecurityDelegationPlugin : Allow access to all stored AIPs without any security check to all users.
Interface
Implementation
To learn more about how to create your own plugin see Plugins
Here under is an exemple of how to implements this extension point to create your own business logic.
@Plugin(id = "exemple", version = "1.0.0", description = "exemple plugin",
author = "REGARDS Team", contact = "regards@c-s.fr", licence = "LGPLv3.0", owner = "CSSI",
url = "https://github.com/RegardsOss")
public class Plugin implements ISecurityDelegation {
/**
* Return URNs of which access is granted from given ones
*/
@Override
public Set<UniformResourceName> hasAccess(Collection<UniformResourceName> urns){
}
/**
* Allow to know if the current user has access to a given AIP, through its ipId
* @param ipId identifier of aip that we are wondeering if we have access to.
* @return weither we have access to the aip or not
*/
@Override
public boolean hasAccess(String ipId) {
}
/**
* @return weither the current user has access to features returning collections of AIP
*/
@Override
public boolean hasAccessToListFeature() {
}
}