|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectedu.internet2.middleware.grouper.privs.AttributeDefResolverDecorator
edu.internet2.middleware.grouper.privs.ValidatingAttrDefResolver
public class ValidatingAttrDefResolver
Decorator that provides parameter validation for AttributeDefResolver.
| Constructor Summary | |
|---|---|
ValidatingAttrDefResolver(AttributeDefResolver resolver)
|
|
| Method Summary | |
|---|---|
void |
flushCache()
flush cache if caching resolver |
java.util.Set<AttributeDef> |
getAttributeDefsWhereSubjectDoesntHavePrivilege(java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
find the attributeDefs which do not have a certain privilege |
java.util.Set<AttributeDef> |
getAttributeDefsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Get all attributedefs where subject has privilege. |
java.util.Set<AttributeDefPrivilege> |
getPrivileges(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject)
Get all privileges subject has on attributeDef. |
java.util.Set<edu.internet2.middleware.subject.Subject> |
getSubjectsWithPrivilege(AttributeDef attributeDef,
Privilege privilege)
Get all subjects with privilege on attributeDef. |
void |
grantPrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
java.lang.String uuid)
Grant privilege to subject on attributeDef. |
boolean |
hasPrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Check whether subject has privilege on attributeDef. |
boolean |
hqlFilterAttrDefsWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hqlTables,
java.lang.StringBuilder hqlWhereClause,
java.lang.String attrDefColumn,
java.util.Set<Privilege> privInSet)
for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttDefs instead if you like) |
boolean |
hqlFilterAttributeDefsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String attributeDefColumn,
Privilege privilege,
boolean considerAllSubject)
for an attribute def query, check to make sure the subject cant see the records |
java.util.Set<AttributeDef> |
postHqlFilterAttrDefs(java.util.Set<AttributeDef> attributeDefs,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
after HQL is run, filter attributeDefs. |
java.util.Set<AttributeAssign> |
postHqlFilterAttributeAssigns(edu.internet2.middleware.subject.Subject subject,
java.util.Set<AttributeAssign> attributeDefs)
filter attributeDefs for things the subject can see |
java.util.Set<PermissionEntry> |
postHqlFilterPermissions(edu.internet2.middleware.subject.Subject subject,
java.util.Set<PermissionEntry> permissionsEntries)
filter permissions for things the subject can see |
java.util.Set<PITAttributeAssign> |
postHqlFilterPITAttributeAssigns(edu.internet2.middleware.subject.Subject subject,
java.util.Set<PITAttributeAssign> pitAttributeDefs)
filter pit attribute assignments for things the subject can see |
void |
privilegeCopy(AttributeDef attributeDef1,
AttributeDef attributeDef2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on g1 to g2. |
void |
privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
java.util.Set<PrivilegeSubjectContainer> |
retrievePrivileges(AttributeDef attributeDef,
java.util.Set<Privilege> privileges,
MembershipType membershipType,
QueryPaging queryPaging,
java.util.Set<Member> additionalMembers)
get a list of privilege subjects, there are no results with the same subject |
void |
revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
Revoke all attrDef privileges that this subject has. |
void |
revokePrivilege(AttributeDef attributeDef,
Privilege privilege)
Revoke privilege from all subjects on attributeDef. |
void |
revokePrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Revoke privilege from subject on attributeDef. |
| Methods inherited from class edu.internet2.middleware.grouper.privs.AttributeDefResolverDecorator |
|---|
getDecoratedResolver, getGrouperSession, stop |
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public ValidatingAttrDefResolver(AttributeDefResolver resolver)
resolver - | Method Detail |
|---|
public void flushCache()
AttributeDefResolver
flushCache in interface AttributeDefResolverflushCache in class AttributeDefResolverDecoratorAttributeDefResolver.flushCache()
public java.util.Set<AttributeDef> getAttributeDefsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException
AttributeDefResolver
getAttributeDefsWhereSubjectHasPrivilege in interface AttributeDefResolvergetAttributeDefsWhereSubjectHasPrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.AttributeDefResolverDecorator.getAttributeDefsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public java.util.Set<AttributeDefPrivilege> getPrivileges(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject)
throws java.lang.IllegalArgumentException
AttributeDefResolver
getPrivileges in interface AttributeDefResolvergetPrivileges in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.AttributeDefResolverDecorator.getPrivileges(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject)
public java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPrivilege(AttributeDef attributeDef,
Privilege privilege)
throws java.lang.IllegalArgumentException
AttributeDefResolver
getSubjectsWithPrivilege in interface AttributeDefResolvergetSubjectsWithPrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.AttributeDefResolverDecorator.getSubjectsWithPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public void grantPrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
java.lang.String uuid)
throws java.lang.IllegalArgumentException,
UnableToPerformException
AttributeDefResolver
grantPrivilege in interface AttributeDefResolvergrantPrivilege in class AttributeDefResolverDecoratoruuid - is uuid or null for assigned
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be granted.AttributeDefResolverDecorator.grantPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege, String)
public boolean hasPrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException
AttributeDefResolver
hasPrivilege in interface AttributeDefResolverhasPrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.AttributeDefResolverDecorator.hasPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void revokePrivilege(AttributeDef attributeDef,
Privilege privilege)
throws java.lang.IllegalArgumentException,
UnableToPerformException
AttributeDefResolver
revokePrivilege in interface AttributeDefResolverrevokePrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.AttributeDefResolverDecorator.revokePrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public java.util.Set<AttributeDef> postHqlFilterAttrDefs(java.util.Set<AttributeDef> attributeDefs,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
AttributeDefResolver
postHqlFilterAttrDefs in interface AttributeDefResolverpostHqlFilterAttrDefs in class AttributeDefResolverDecoratorsubject - which needs view access to the attribute defsprivInSet - find a privilege which is in this set
(e.g. for view, send all attrDef privs). There are pre-canned sets in AttributeDefAdapter
AttributeDefResolverDecorator.postHqlFilterAttrDefs(Set, Subject, Set)
public void revokePrivilege(AttributeDef attributeDef,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException,
UnableToPerformException
AttributeDefResolver
revokePrivilege in interface AttributeDefResolverrevokePrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.AttributeDefResolverDecorator.revokePrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(AttributeDef attributeDef1,
AttributeDef attributeDef2,
Privilege priv)
throws java.lang.IllegalArgumentException,
UnableToPerformException
AttributeDefResolver
privilegeCopy in interface AttributeDefResolverprivilegeCopy in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException
UnableToPerformExceptionAttributeDefResolverDecorator.privilegeCopy(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
throws java.lang.IllegalArgumentException,
UnableToPerformException
AttributeDefResolver
privilegeCopy in interface AttributeDefResolverprivilegeCopy in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentException
UnableToPerformExceptionAttributeDefResolverDecorator.privilegeCopy(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public boolean hqlFilterAttrDefsWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hqlTables,
java.lang.StringBuilder hqlWhereClause,
java.lang.String attrDefColumn,
java.util.Set<Privilege> privInSet)
AttributeDefResolver
hqlFilterAttrDefsWhereClause in interface AttributeDefResolverhqlFilterAttrDefsWhereClause in class AttributeDefResolverDecoratorsubject - which needs view access to the attrDefshqlTables - the select and current from parthqlWhereClause - is there where clause part of the queryattrDefColumn - is the name of the attributeDef column to join toprivInSet - find a privilege which is in this set (e.g. for view, send all attrDef privs)
AttributeDefResolverDecorator.hqlFilterAttrDefsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.StringBuilder, java.lang.String, java.util.Set)
public java.util.Set<AttributeAssign> postHqlFilterAttributeAssigns(edu.internet2.middleware.subject.Subject subject,
java.util.Set<AttributeAssign> attributeDefs)
AttributeDefResolver
postHqlFilterAttributeAssigns in interface AttributeDefResolverpostHqlFilterAttributeAssigns in class AttributeDefResolverDecoratorAttributeDefResolverDecorator.postHqlFilterAttributeAssigns(edu.internet2.middleware.subject.Subject, java.util.Set)
public java.util.Set<PITAttributeAssign> postHqlFilterPITAttributeAssigns(edu.internet2.middleware.subject.Subject subject,
java.util.Set<PITAttributeAssign> pitAttributeDefs)
AttributeDefResolver
postHqlFilterPITAttributeAssigns in interface AttributeDefResolverpostHqlFilterPITAttributeAssigns in class AttributeDefResolverDecoratorAttributeDefResolverDecorator.postHqlFilterPITAttributeAssigns(edu.internet2.middleware.subject.Subject, java.util.Set)public void revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
AttributeDefResolver
revokeAllPrivilegesForSubject in interface AttributeDefResolverrevokeAllPrivilegesForSubject in class AttributeDefResolverDecoratorAttributeDefResolverDecorator.revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject)
public java.util.Set<PermissionEntry> postHqlFilterPermissions(edu.internet2.middleware.subject.Subject subject,
java.util.Set<PermissionEntry> permissionsEntries)
AttributeDefResolver
postHqlFilterPermissions in interface AttributeDefResolverpostHqlFilterPermissions in class AttributeDefResolverDecoratorAttributeDefResolver.postHqlFilterPermissions(edu.internet2.middleware.subject.Subject, java.util.Set)
public java.util.Set<AttributeDef> getAttributeDefsWhereSubjectDoesntHavePrivilege(java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
throws java.lang.IllegalArgumentException
AttributeDefResolver
getAttributeDefsWhereSubjectDoesntHavePrivilege in interface AttributeDefResolvergetAttributeDefsWhereSubjectDoesntHavePrivilege in class AttributeDefResolverDecoratorjava.lang.IllegalArgumentExceptionAttributeDefResolver#getAttributeDefsWhereSubjectDoesntHavePrivilege(String, Scope, Subject, Privilege, boolean, String)
public boolean hqlFilterAttributeDefsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String attributeDefColumn,
Privilege privilege,
boolean considerAllSubject)
AttributeDefResolver
hqlFilterAttributeDefsNotWithPrivWhereClause in interface AttributeDefResolverhqlFilterAttributeDefsNotWithPrivWhereClause in class AttributeDefResolverDecoratorsubject - which needs view access to the groupshql - the select and current from partattributeDefColumn - is the name of the attributeDef column to join toprivilege - find a privilege which is in this set (e.g. for view, attr view)considerAllSubject - if true, then consider GrouperAll when seeign if subject has priv, else do not
AttributeDefResolver.hqlFilterAttributeDefsNotWithPrivWhereClause(Subject, HqlQuery, StringBuilder, String, Privilege, boolean)
public java.util.Set<PrivilegeSubjectContainer> retrievePrivileges(AttributeDef attributeDef,
java.util.Set<Privilege> privileges,
MembershipType membershipType,
QueryPaging queryPaging,
java.util.Set<Member> additionalMembers)
AttributeDefResolver
retrievePrivileges in interface AttributeDefResolverretrievePrivileges in class AttributeDefResolverDecoratorattributeDef - to search onprivileges - if blank, get allmembershipType - if immediate, effective, or blank for allqueryPaging - if a certain page should be returned, based on subjectadditionalMembers - additional members to query that the user is finding or adding
AttributeDefResolverDecorator.retrievePrivileges(edu.internet2.middleware.grouper.attr.AttributeDef, java.util.Set, edu.internet2.middleware.grouper.membership.MembershipType, edu.internet2.middleware.grouper.internal.dao.QueryPaging, java.util.Set)
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||