Package com.avoka.fc.core.security

Interface IFormSubmissionAccessController

  • All Known Implementing Classes:
    FormSubmissionAccessController
    public interface IFormSubmissionAccessController
    Provide a submission access controller service.
    Since:
    3.6.0

    • Method Detail

      • getInProgressSubmissionAccessStatus

        IFormSubmissionAccessController.AccessStatus getInProgressSubmissionAccessStatus​(Submission submission,
                                                                                 HttpServletRequest request)
        Return the users access status to the given in-progress (not completed) submission. Please note this includes task submissions.

        Valid submission form status values:

        • Assigned - task submissions
        • Opened - task submissions
        • Saved
        • Submitted
        Parameters:
        submission - the submission to check (required)
        request - the user request (required)
        Returns:
        the user submission access control status
        Since:
        4.0

      • getInProgressSubmissionAccessStatus

        IFormSubmissionAccessController.AccessStatus getInProgressSubmissionAccessStatus​(Submission submission,
                                                                                 HttpServletRequest request,
                                                                                 boolean checkOrgAccess)
        Return the users access status to the given in-progress (not completed) submission. Please note this includes task submissions.

        Valid submission form status values:

        • Assigned - task submissions
        • Opened - task submissions
        • Saved
        • Submitted
        Parameters:
        submission - the submission to check (required)
        request - the user request (required)
        checkOrgAccess - flag to check if the user has org access (required)
        Returns:
        the user submission access control status
        Since:
        19.5.0

      • getInProgressJsAppAccessStatus

        IFormSubmissionAccessController.JsAppAccessStatus getInProgressJsAppAccessStatus​(Submission submission,
                                                                                 HttpServletRequest request,
                                                                                 Portal portal)
        Return the users access status to the given in-progress (not completed) 'JS App' submission. This method is valid only for 'JS App' form types, and is not valid for Maestro or Composer form types. Please note this includes task submissions.

        Valid submission form status values:

        • Assigned - task submissions
        • Opened - task submissions
        • Saved
        • Submitted
        Parameters:
        submission - the submission to check, must be a 'JS App' form type (required)
        request - the user request (required)
        portal - the request portal (required)
        Returns:
        the user submission access control status
        Since:
        18.11.0

      • getCompletedSubmissionAccessStatus

        IFormSubmissionAccessController.AccessStatus getCompletedSubmissionAccessStatus​(Submission submission,
                                                                                HttpServletRequest request,
                                                                                boolean checkOrgAccess)
        Return the users access status to the given completed submission.
        Parameters:
        submission - the submission (required)
        request - the request (required)
        checkOrgAccess - flag to check if the user has org access (required)
        Returns:
        the completed submission access status
        Since:
        19.5.0

      • getCompletedSubmissionAccessStatus

        IFormSubmissionAccessController.AccessStatus getCompletedSubmissionAccessStatus​(Submission submission,
                                                                                HttpServletRequest request)
        Return the users access status to the given completed submission.
        Parameters:
        submission - the submission (required)
        request - the request (required)
        Returns:
        the completed submission access status

      • getReceiptAccessStatus

        IFormSubmissionAccessController.AccessStatus getReceiptAccessStatus​(Submission submission,
                                                                    HttpServletRequest request)
        Return the users access status to the given submission receipt when returning later (i.e. via a receipt challenge).
        Parameters:
        submission - the submission (required)
        request - the request (required)
        Returns:
        the receipt access status

      • hasFormAccessPermissions

        boolean hasFormAccessPermissions​(Form form,
                                 HttpServletRequest request,
                                 Set<IFormSubmissionAccessController.AccessPermission> accessPermissions)
        Checks if is user has the specified access permissions to the form.
        Parameters:
        form - the form (required)
        request - the request (required)
        accessPermissions - the set of form access permissions (required)
        Returns:
        true, if is user associated to form

      • hasAnonymousSubmissionAccess

        boolean hasAnonymousSubmissionAccess​(Submission submission,
                                     HttpServletRequest request)
        Check whether the submission can be accessed by the current user. Generally, this is permitted if the session ID matches, or if the IP address matches and access occurs within a configurable grace period.
        Parameters:
        submission - the submission a valid anonymous submission
        request - the current HTTP request (required)
        Returns:
        true if the user is allowed to access the submission

      • hasJobAccess

        boolean hasJobAccess​(Job job,
                     HttpServletRequest request)
        Return true if the user has access to view the job details based on their group access control.
        Parameters:
        job - the job
        request - the current HTTP request (required)
        Returns:
        true if the user is allowed to view the job record
        Since:
        4.0.0

      • getAuthenticationService

        IAuthenticationService getAuthenticationService()
        Return authentication service instance.
        Returns:
        authentication service instance

      • setAuthenticationService

        void setAuthenticationService​(IAuthenticationService authenticationService)
        Set the authentication service.
        Parameters:
        authenticationService - the authentication service

      • updateSubmissionSession

        void updateSubmissionSession​(Submission submission,
                             HttpServletRequest request)
        Update new session info on the submission record.
        Parameters:
        submission - the submission (required)
        request - the request (required)

      • validateTaskReassignment

        String validateTaskReassignment​(Submission submission,
                                UserAccount newAssignee,
                                HttpServletRequest request)
        Checks if a task can be reassigned to a user by the current user. Returns a string describing the error, or null if the reassignment request is valid. NOTE: This method does not actually reassign the task,
        Parameters:
        submission - the task submission (required)
        newAssignee - the new assignee (required)
        request - the HTTP servlet request (required)
        Returns:
        a string describing the error, or null if the reassignment request is valid
        Since:
        4.1.0

      • validateTaskUnassignment

        String validateTaskUnassignment​(Submission submission,
                                HttpServletRequest request)
        Checks if a task can be unassigned by the current user. Returns a string describing the error, or null if the unassignment request is valid. NOTE: This method does not actually reassign the task,
        Parameters:
        submission - the task submission (required)
        request - the HTTP servlet request (required)
        Returns:
        a string describing the error, or null if the unassignment request is valid
        Since:
        4.1.0

      • isValidNumberSaveChallengeRequests

        boolean isValidNumberSaveChallengeRequests​(Submission submission,
                                           HttpServletRequest request)
        Check whether the current user can make another save challenge attempt.
        Parameters:
        submission - the submission
        request - the HTTP servlet request (required)
        Returns:
        true if the user has not exceeded the number of save challenge attempts
        Since:
        4.1.0

      • onSaveChallengeSuccess

        void onSaveChallengeSuccess​(Submission submission,
                            HttpServletRequest request)
        On successful login will resets the submission failures and last failure.
        Parameters:
        submission - the task submission (required)
        request - the HTTP servlet request (required)
        Since:
        17.10.0

      • setEnableEventLogging

        void setEnableEventLogging​(boolean enableLogging)
        Specify whether to perform access control security event logging. Enabled by default, but can be switched off for performing background access control checks like rendering email templates and populating prefill data.
        Parameters:
        enableLogging - specify whether to enable access control security event logging.
        Since:
        4.3.1

      • setSupportBrowserIE8

        void setSupportBrowserIE8​(boolean support)
        Specify whether to support the browser IE8.
        Parameters:
        support - specify whether to the browser IE8.
        Since:
        4.3.3

      • setSupportBrowserIE9

        void setSupportBrowserIE9​(boolean support)
        Specify whether to support the browser IE9.
        Parameters:
        support - specify whether to the browser IE9.
        Since:
        4.3.3

      • setSupportBrowserIE10

        void setSupportBrowserIE10​(boolean support)
        Specify whether to support the browser IE10.
        Parameters:
        support - specify whether to the browser IE10.
        Since:
        4.3.3

      • getFormCspHeaderValue

        String getFormCspHeaderValue​(Form form)
        Return the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.
        Parameters:
        form - the form (required)
        Returns:
        the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.
        Since:
        4.3.3

      • setFormCspHeaderValue

        void setFormCspHeaderValue​(String value)
        Set the Form 'Content Security Policy' (CSP) HTTP security header value.
        Parameters:
        value - the Form 'Content Security Policy' (CSP) HTTP security header value.
        Since:
        4.3.3

      • getSystemFormCspHeader

        String getSystemFormCspHeader()
        Return the System 'Content Security Policy' (CSP) HTTP Security Header value.
        Returns:
        the System 'Content Security Policy' (CSP) HTTP Security Header value.
        Since:
        5.1.4