Class DashboardAuthorizationProcessor
java.lang.Object
org.eblocker.server.http.security.DashboardAuthorizationProcessor
- All Implemented Interfaces:
org.restexpress.pipeline.Preprocessor
public class DashboardAuthorizationProcessor
extends Object
implements org.restexpress.pipeline.Preprocessor
This pre-processor verifies that the current dashboard user has access to routes that are flagged with
VERIFY_DEVICE_ID or VERIFY_USER_ID.
If a route is flagged with VERIFY_DEVICE_ID it must contain a parameter {deviceId}.
If a route is flagged with VERIFY_USER_ID it must contain a parameter {userId}.
A user logged in as admin can access all devices and users. The requesting device's operating user may access their own settings and the settings of their devices. Note: during the boot phase this pre-processor runs uninitialized. There is no DB connection yet, so authorization of flagged routes is refused. But to show the boot screen, other routes must be allowed.
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionDashboardAuthorizationProcessor(com.google.inject.Provider<DeviceService> deviceServiceProvider) -
Method Summary
-
Field Details
-
VERIFY_DEVICE_ID
- See Also:
-
VERIFY_USER_ID
- See Also:
-
DEVICE_ID_KEY
- See Also:
-
USER_ID_KEY
- See Also:
-
-
Constructor Details
-
DashboardAuthorizationProcessor
@Inject public DashboardAuthorizationProcessor(com.google.inject.Provider<DeviceService> deviceServiceProvider)
-
-
Method Details
-
init
public void init() -
process
public void process(org.restexpress.Request request) - Specified by:
processin interfaceorg.restexpress.pipeline.Preprocessor
-