edu.jhu.tmaj.servlet.request.impl
Class Verifier
java.lang.Object
edu.jhu.tmaj.servlet.request.impl.Verifier
public final class Verifier
- extends java.lang.Object
Utility class that verifies server Requests based on the UserBean obtained from the
username/password submitted. This class offers server-side security to TMAJ. Otherwise someone
could just rewrite the client to avoid client-side security. Generally in this class, the
UserBean of the person making the request is tested to make sure the user has the proper
permissions. Note the userBean is looked up on the server side, so it could not have been
modified by the client. So for example, the userBean may be checked to see that isAdmin()
returns true if the user is trying to do something only an adminstrator should be able to do.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Verifier
public Verifier()
verifyUserMayAccessSpecimen
public static void verifyUserMayAccessSpecimen(UserBean userBean,
int specimenID)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
userMayAccessSpecimen
public static boolean userMayAccessSpecimen(UserBean userBean,
int specimenID)
throws java.sql.SQLException
- Returns true if the user is an admin, has open access, or an entry exists in UsersSpecimens.
Note that if Open Access is this case, this method expects that eventually an entry will be
placed in UsersSpecimens such that the user will be able to see the specimen by doing a
search. This can be accomplished with
UsersSpecimens.ensureUserWillSeeSpecimenInSpecimensApp()
- Throws:
java.sql.SQLException
verifyUserMayAccessArrayImage
public static void verifyUserMayAccessArrayImage(int userID,
int arrayImageID)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUsersArrayBlocks
public static void verifyUsersArrayBlocks(UserBean userBean,
int arrayBlockID)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserMayAccessSessions
public static void verifyUserMayAccessSessions(UserBean userBean,
int[] sessions)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserMayAccessSession
public static void verifyUserMayAccessSession(UserBean userBean,
int sessionID)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserOwnsSession
public static void verifyUserOwnsSession(int userID,
int sessionID)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserMayAccessImportApp
public static void verifyUserMayAccessImportApp(UserBean userBean)
throws InternalSecurityException
- Throws:
InternalSecurityException
verifyUserMayAccessInputApp
public static void verifyUserMayAccessInputApp(UserBean userBean)
throws InternalSecurityException
- Throws:
InternalSecurityException
verifyUserIsAdmin
public static void verifyUserIsAdmin(UserBean userBean)
throws InternalSecurityException
- Throws:
InternalSecurityException
verifyUserMayAccessArrayBuilder
public static void verifyUserMayAccessArrayBuilder(UserBean userBean)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserMayAccessImagesApp
public static void verifyUserMayAccessImagesApp(UserBean userBean)
throws java.sql.SQLException
- Throws:
java.sql.SQLException
verifyUserMayAccessMetaDataApp
public static void verifyUserMayAccessMetaDataApp(UserBean userBean)
throws InternalSecurityException
- Throws:
InternalSecurityException