Blackboard Building Block Entitlements Reference

Written By Shane Argo

Overview

Entitlements in Blackboard allow fine-grained access control to resources. They are associated with users via System Roles and Course Roles.

Institution (portal) roles are used for controlling access to tabs and modules, and can't have entitlements associated with them.

Database location

a complete list of entitlements can be found in the ENTITLEMENT table, or you can edit a Course or System role via the System Admin panel to see a list.

Creating New Entitlements

New entitlements can be declared in the bb-manifest.xml file of your building block. See the bb-manifest.xml reference for details.

Applying Entitlements in JSPs

If your web application uses JSP's that are accessed directly by the client, you can control access by declaring the entitlements in the entitlements or entitlement attribute on any of the bbNG page tags bbNG:genericPage, bbNG:learningSystemPage, etc.

Applying Entitlements in Java Code

If you are using a framework (struts, stripes, spring, etc) to mediate access to your JSP's or alternative view, you will need to apply the entitlments checks programmatically. The simplest way to do this, is to use the static userHasXXX methods on the SecurityUtil class.

As an Example, to check for a Course entitlement you might do something like the following.

if (!SecurityUtil.userHasEntitlement(new Entitlement("course.control_panel.VIEW"))) {
    // Redirect to the login page...
}

Note: You should be aware that any class that calls these static methods becomes hard to test. Most static utility methods in the Bb API, rely on a running instance of Blackboard in order to function.

Applying Entitlements in Stripes Actions

If you use the Stripes Framework, you can make use of the Blackboard Stripes Utilities classes, written by All the Ducks.

First you need to configure the Bb Security Interceptor in web.xml

Then to apply an entitlement in your ActionBean class, you simply use the @RequiresEntitlement annotation

Applying Entitlements in Spring

Examples can be found in the spring-b2-example project on github

You need to use the blackboard.platform.spring.beans.annotations.UserAuthorization annotation

@UserAuthorization( "system.plugin.MODIFY" )
Shane Argo
Previous

Blackboard Navigation Item Reference
Next

bb-manifest.xml Reference