Hi Mike,
I place this conversation in the GeoServer developer list, that is maybe the best place for this kind of questions.
For next message of this kind,also for this conversation, please use the geoserver-devel list only.
Create one instance of ResourceAccessManager in the Spring context and it to manage access to resources.
In each getAccessLimits method inspect your Authentication object (to get authorities, name…) and the object from the GeoServer Catalog (to get workspace name, layer name…) to create your DataAccessLimits (or WorkspaceAccessLimits) to return.
This object depends on the type :
DataAccessLimits have VectorAccessLimits and CoverageAccessLimits as subclasses.
You can create them in this way:
if (resource instanceof FeatureTypeInfo) {
…
return new VectorAccessLimits(catalogMode, null, ff , null, writeDefault);
}else if (resource instanceof CoverageInfo) {
…
return new CoverageAccessLimits(catalogMode ,rasterFilter , filterGeometry, null);
}
···
all other operations depend on your context.
Lorenzo Natali.
2015-02-13 21:53 GMT+01:00 Mike Grogan <d.michael.grogan@anonymised.com>:
I am doing some custom extension work and have I have a code-level question here on layer security …
If I have an Authentication object (user) representing a user and a CoverageInfo (CatalogInfo, LayerInfo, etc.) object from the GeoServer Catalog, what is the easiest way to ascertain the access level for that user to the coverage represented by CoverageInfo? How do I tell if that user has read access, write access, etc.?
I am digging in the code but am just trying to short-cut that process a tad by asking here. I just don’t quite yet see how to use a ResourceAccessManager to determine the access level for the authenticated user.
Thanks,
Mike Grogan
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
–
Regards,
Lorenzo Natali
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.
==
Dott. Ing. Lorenzo Natali
Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.