com.vaadin.fusion.auth.FusionAccessChecker API 22.2.2 | Vaadin

You're viewing an older version of Vaadin JavaDoc. Please see version 24.7.0 for the latest.

com.vaadin.fusion.auth.

java.lang.Object
- com.vaadin.fusion.auth.FusionAccessChecker

```
public class FusionAccessChecker
extends Object
```
Component used for checking role-based ACL in Vaadin Endpoints.
For each request that is trying to access the method in the corresponding Vaadin Endpoint, the permission check is carried on.
It looks for AnonymousAllowed PermitAll, DenyAll and RolesAllowed annotations in endpoint methods and classes containing these methods (no super classes' annotations are taken into account).
Method-level annotation override Class-level ones.
In the next example, since the class is denied to all, method1 is not accessible to anyone, method2 can be executed by any authorized used, method3 is only allowed to the accounts having the ROLE_USER authority and method4 is available for every user, including anonymous ones that don't provide any token in their requests.
```
 @Endpoint
 @DenyAll
 public class DemoEndpoint {

     public void method1() {
     }

     @PermitAll
     public void method2() {
     }

     @RolesAllowed("ROLE_USER")
     public void method3() {
     }

     @AnonymousAllowed
     public void method4() {
     }
 }
 
```

Field Summary

Fields
Modifier and Type Field and Description

static String ACCESS_DENIED_MSG

static String ACCESS_DENIED_MSG_DEV_MODE

Constructor Summary

Constructors
Constructor and Description

FusionAccessChecker(AccessAnnotationChecker accessAnnotationChecker)
Creates a new instance.

Method Summary

All Methods
Modifier and Type	Method and Description
`String`	`check(Method method, javax.servlet.http.HttpServletRequest request)` Check that the endpoint is accessible for the current user.
`AccessAnnotationChecker`	`getAccessAnnotationChecker()` Returns the instance used for checking access based on annotations.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - ACCESS_DENIED_MSG
```
public static final String ACCESS_DENIED_MSG
```
    See Also:
    
    Constant Field Values
  - ACCESS_DENIED_MSG_DEV_MODE
```
public static final String ACCESS_DENIED_MSG_DEV_MODE
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - FusionAccessChecker
```
public FusionAccessChecker(AccessAnnotationChecker accessAnnotationChecker)
```
    Creates a new instance.
    
    Parameters:
    
    accessAnnotationChecker - the access checker to use
- Method Detail
  - check
```
public String check(Method method,
                    javax.servlet.http.HttpServletRequest request)
```
    Check that the endpoint is accessible for the current user.
    
    Parameters:
    
    method - the Vaadin endpoint method to check ACL
    
    request - the request that triggers the method invocation
    
    Returns:
    
    an error String with an issue description, if any validation issues occur, null otherwise
  - getAccessAnnotationChecker
```
public AccessAnnotationChecker getAccessAnnotationChecker()
```
    Returns the instance used for checking access based on annotations.
    
    Returns:
    
    the instance used for checking access based on annotations