Package com.avoka.fc.core.security
Interface IFormSubmissionAccessController
- All Known Implementing Classes:
FormSubmissionAccessController
public interface IFormSubmissionAccessController
Provide a submission access controller service.
- Since:
- 3.6.0
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic enum
The form access permission.static enum
The security access status to the submission.static enum
The JsApp security access status to the submission. -
Method Summary
Modifier and TypeMethodDescriptionReturn authentication service instance.getCompletedSubmissionAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given completed submission.getCompletedSubmissionAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request, boolean checkOrgAccess) Return the users access status to the given completed submission.getFormAccessStatus
(Form form, jakarta.servlet.http.HttpServletRequest request) Gets user's the form access status.getFormCspHeaderValue
(Form form) Return the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.getFormCspHeaderValue
(Submission submission) Return the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.getInProgressJsAppAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request, Portal portal) Return the users access status to the given in-progress (not completed) 'JS App' submission.getInProgressSubmissionAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given in-progress (not completed) submission.getInProgressSubmissionAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request, boolean checkOrgAccess) Return the users access status to the given in-progress (not completed) submission.getReceiptAccessStatus
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given submission receipt when returning later (i.e.Return the System 'Content Security Policy' (CSP) HTTP Security Header value.boolean
hasAnonymousSubmissionAccess
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Check whether the submission can be accessed by the current user.boolean
hasFormAccessPermissions
(Form form, jakarta.servlet.http.HttpServletRequest request, Set<IFormSubmissionAccessController.AccessPermission> accessPermissions) Checks if is user has the specified access permissions to the form.boolean
hasJobAccess
(Job job, jakarta.servlet.http.HttpServletRequest request) Return true if the user has access to view the job details based on their group access control.boolean
isValidNumberSaveChallengeRequests
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Check whether the current user can make another save challenge attempt.void
onSaveChallengeSuccess
(Submission submission, jakarta.servlet.http.HttpServletRequest request) On successful login will resets the submission failures and last failure.void
setAuthenticationService
(IAuthenticationService authenticationService) Set the authentication service.void
setEnableEventLogging
(boolean enableLogging) Specify whether to perform access control security event logging.void
setFormCspHeaderValue
(String value) Set the Form 'Content Security Policy' (CSP) HTTP security header value.void
setSupportBrowserIE10
(boolean support) Specify whether to support the browser IE10.void
setSupportBrowserIE8
(boolean support) Specify whether to support the browser IE8.void
setSupportBrowserIE9
(boolean support) Specify whether to support the browser IE9.void
updateSubmissionSession
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Update new session info on the submission record.validateTaskReassignment
(Submission submission, UserAccount newAssignee, jakarta.servlet.http.HttpServletRequest request) Checks if a task can be reassigned to a user by the current user.validateTaskUnassignment
(Submission submission, jakarta.servlet.http.HttpServletRequest request) Checks if a task can be unassigned by the current user.
-
Method Details
-
getFormAccessStatus
IFormSubmissionAccessController.AccessStatus getFormAccessStatus(Form form, jakarta.servlet.http.HttpServletRequest request) Gets user's the form access status.- Parameters:
form
- the form (required)request
- the request (required)- Returns:
- the form access status
-
getInProgressSubmissionAccessStatus
IFormSubmissionAccessController.AccessStatus getInProgressSubmissionAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given in-progress (not completed) submission. Please note this includes task submissions. Valid submission form status values:- Assigned - task submissions
- Opened - task submissions
- Saved
- Submitted
- Parameters:
submission
- the submission to check (required)request
- the user request (required)- Returns:
- the user submission access control status
- Since:
- 4.0
-
getInProgressSubmissionAccessStatus
IFormSubmissionAccessController.AccessStatus getInProgressSubmissionAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request, boolean checkOrgAccess) Return the users access status to the given in-progress (not completed) submission. Please note this includes task submissions. Valid submission form status values:- Assigned - task submissions
- Opened - task submissions
- Saved
- Submitted
- Parameters:
submission
- the submission to check (required)request
- the user request (required)checkOrgAccess
- flag to check if the user has org access (required)- Returns:
- the user submission access control status
- Since:
- 19.5.0
-
getInProgressJsAppAccessStatus
IFormSubmissionAccessController.JsAppAccessStatus getInProgressJsAppAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request, Portal portal) Return the users access status to the given in-progress (not completed) 'JS App' submission. This method is valid only for 'JS App' form types, and is not valid for Maestro or Composer form types. Please note this includes task submissions. Valid submission form status values:- Assigned - task submissions
- Opened - task submissions
- Saved
- Submitted
- Parameters:
submission
- the submission to check, must be a 'JS App' form type (required)request
- the user request (required)portal
- the request portal (required)- Returns:
- the user submission access control status
- Since:
- 18.11.0
-
getCompletedSubmissionAccessStatus
IFormSubmissionAccessController.AccessStatus getCompletedSubmissionAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request, boolean checkOrgAccess) Return the users access status to the given completed submission.- Parameters:
submission
- the submission (required)request
- the request (required)checkOrgAccess
- flag to check if the user has org access (required)- Returns:
- the completed submission access status
- Since:
- 19.5.0
-
getCompletedSubmissionAccessStatus
IFormSubmissionAccessController.AccessStatus getCompletedSubmissionAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given completed submission.- Parameters:
submission
- the submission (required)request
- the request (required)- Returns:
- the completed submission access status
-
getReceiptAccessStatus
IFormSubmissionAccessController.AccessStatus getReceiptAccessStatus(Submission submission, jakarta.servlet.http.HttpServletRequest request) Return the users access status to the given submission receipt when returning later (i.e. via a receipt challenge).- Parameters:
submission
- the submission (required)request
- the request (required)- Returns:
- the receipt access status
-
hasFormAccessPermissions
boolean hasFormAccessPermissions(Form form, jakarta.servlet.http.HttpServletRequest request, Set<IFormSubmissionAccessController.AccessPermission> accessPermissions) Checks if is user has the specified access permissions to the form.- Parameters:
form
- the form (required)request
- the request (required)accessPermissions
- the set of form access permissions (required)- Returns:
- true, if is user associated to form
-
hasAnonymousSubmissionAccess
boolean hasAnonymousSubmissionAccess(Submission submission, jakarta.servlet.http.HttpServletRequest request) Check whether the submission can be accessed by the current user. Generally, this is permitted if the session ID matches, or if the IP address matches and access occurs within a configurable grace period.- Parameters:
submission
- the submission a valid anonymous submissionrequest
- the current HTTP request (required)- Returns:
- true if the user is allowed to access the submission
-
hasJobAccess
Return true if the user has access to view the job details based on their group access control.- Parameters:
job
- the jobrequest
- the current HTTP request (required)- Returns:
- true if the user is allowed to view the job record
- Since:
- 4.0.0
-
getAuthenticationService
IAuthenticationService getAuthenticationService()Return authentication service instance.- Returns:
- authentication service instance
-
setAuthenticationService
Set the authentication service.- Parameters:
authenticationService
- the authentication service
-
updateSubmissionSession
void updateSubmissionSession(Submission submission, jakarta.servlet.http.HttpServletRequest request) Update new session info on the submission record.- Parameters:
submission
- the submission (required)request
- the request (required)
-
validateTaskReassignment
String validateTaskReassignment(Submission submission, UserAccount newAssignee, jakarta.servlet.http.HttpServletRequest request) Checks if a task can be reassigned to a user by the current user. Returns a string describing the error, or null if the reassignment request is valid. NOTE: This method does not actually reassign the task,- Parameters:
submission
- the task submission (required)newAssignee
- the new assignee (required)request
- the HTTP servlet request (required)- Returns:
- a string describing the error, or null if the reassignment request is valid
- Since:
- 4.1.0
-
validateTaskUnassignment
String validateTaskUnassignment(Submission submission, jakarta.servlet.http.HttpServletRequest request) Checks if a task can be unassigned by the current user. Returns a string describing the error, or null if the unassignment request is valid. NOTE: This method does not actually reassign the task,- Parameters:
submission
- the task submission (required)request
- the HTTP servlet request (required)- Returns:
- a string describing the error, or null if the unassignment request is valid
- Since:
- 4.1.0
-
isValidNumberSaveChallengeRequests
boolean isValidNumberSaveChallengeRequests(Submission submission, jakarta.servlet.http.HttpServletRequest request) Check whether the current user can make another save challenge attempt.- Parameters:
submission
- the submissionrequest
- the HTTP servlet request (required)- Returns:
- true if the user has not exceeded the number of save challenge attempts
- Since:
- 4.1.0
-
onSaveChallengeSuccess
On successful login will resets the submission failures and last failure.- Parameters:
submission
- the task submission (required)request
- the HTTP servlet request (required)- Since:
- 17.10.0
-
setEnableEventLogging
void setEnableEventLogging(boolean enableLogging) Specify whether to perform access control security event logging. Enabled by default, but can be switched off for performing background access control checks like rendering email templates and populating prefill data.- Parameters:
enableLogging
- specify whether to enable access control security event logging.- Since:
- 4.3.1
-
setSupportBrowserIE8
void setSupportBrowserIE8(boolean support) Specify whether to support the browser IE8.- Parameters:
support
- specify whether to the browser IE8.- Since:
- 4.3.3
-
setSupportBrowserIE9
void setSupportBrowserIE9(boolean support) Specify whether to support the browser IE9.- Parameters:
support
- specify whether to the browser IE9.- Since:
- 4.3.3
-
setSupportBrowserIE10
void setSupportBrowserIE10(boolean support) Specify whether to support the browser IE10.- Parameters:
support
- specify whether to the browser IE10.- Since:
- 4.3.3
-
getFormCspHeaderValue
Return the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.- Parameters:
form
- the form (required)- Returns:
- the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.
- Since:
- 4.3.3
-
getFormCspHeaderValue
Return the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.- Parameters:
submission
- the submission (required)- Returns:
- the 'Content Security Policy' (CSP) HTTP Security Header value for the given form.
- Since:
- 23.10.0
-
setFormCspHeaderValue
Set the Form 'Content Security Policy' (CSP) HTTP security header value.- Parameters:
value
- the Form 'Content Security Policy' (CSP) HTTP security header value.- Since:
- 4.3.3
-
getSystemFormCspHeader
String getSystemFormCspHeader()Return the System 'Content Security Policy' (CSP) HTTP Security Header value.- Returns:
- the System 'Content Security Policy' (CSP) HTTP Security Header value.
- Since:
- 5.1.4
-