API Reference 0.7.0rikulo_security_pluginSimpleAccessControl

SimpleAccessControl class

A simple implementation of the access control. It assumes the user object has a getter called roles which returns a collection of roles (Iterable<String>). Each role is represented as a string. For better performance, it is suggested to be Set<String>.

class SimpleAccessControl implements AccessControl {
 final List<_ACMapping> _mapping = [];

 SimpleAccessControl([Map<String, Iterable<String>> mapping]) {
   mapping.forEach((uri, roles) => add(uri, roles));
 }

 /** Adds a protected resource.
  *
  * * [uri] - a regular expression used to match the request URI.
  */
 void add(String uri, Iterable<String> roles) {
   _mapping.add(new _ACMapping(uri, roles));
 }

 @override
 bool canAccess(HttpConnect connect, user) {
   final uri = connect.request.uri.path;
   for (final mapping in _mapping) {
     if (mapping.pattern.hasMatch(uri)) { //protected
       if (user != null) {
         final roles = user.roles;
         Set<String> col1;
         Iterable<String> col2;
         if (roles is Set && roles.length > mapping.allowed.length) {
           col1 = roles as Set;
           col2 = mapping.allowed;
         } else {
           col1 = mapping.allowed;
           col2 = roles;
         }

         for (final role in col2)
           if (col1.contains(role))
             return true;
       }
       return false; //denied
     }
   }
   return true; //granted
 }
}

Implements

AccessControl

Constructors

new SimpleAccessControl([Map<String, Iterable<String>> mapping]) #

Creates a new Object instance.

Object instances have no meaningful state, and are only useful through their identity. An Object instance is equal to itself only.

docs inherited from Object
SimpleAccessControl([Map<String, Iterable<String>> mapping]) {
 mapping.forEach((uri, roles) => add(uri, roles));
}

Methods

void add(String uri, Iterable<String> roles) #

Adds a protected resource.

  • uri - a regular expression used to match the request URI.
void add(String uri, Iterable<String> roles) {
 _mapping.add(new _ACMapping(uri, roles));
}

bool canAccess(HttpConnect connect, user) #

Test if the given request is accessible by the given user.

  • user - the current user, or null if not logged in.
  • It returns true if the access is granted; returns false if not allowed (either not logged in or not allowed).

If user is not null and this method returns false, an instance of Http404 will be thrown. If you prefer other status code (such as 401), you can throw an exception in this method.

docs inherited from AccessControl
@override
bool canAccess(HttpConnect connect, user) {
 final uri = connect.request.uri.path;
 for (final mapping in _mapping) {
   if (mapping.pattern.hasMatch(uri)) { //protected
     if (user != null) {
       final roles = user.roles;
       Set<String> col1;
       Iterable<String> col2;
       if (roles is Set && roles.length > mapping.allowed.length) {
         col1 = roles as Set;
         col2 = mapping.allowed;
       } else {
         col1 = mapping.allowed;
         col2 = roles;
       }

       for (final role in col2)
         if (col1.contains(role))
           return true;
     }
     return false; //denied
   }
 }
 return true; //granted
}