|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface NamingResolver
Facade for the NamingAdapter interface.
| Method Summary | |
|---|---|
void |
flushCache()
flush cache if caching resolver |
GrouperSession |
getGrouperSession()
get a reference to the session |
java.util.Set<NamingPrivilege> |
getPrivileges(Stem stem,
edu.internet2.middleware.subject.Subject subject)
Get all privileges subject has on group. |
java.util.Set<Stem> |
getStemsWhereSubjectDoesntHavePrivilege(java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
find the stems which do not have a certain privilege |
java.util.Set<Stem> |
getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Get all groups where subject has privilege. |
java.util.Set<edu.internet2.middleware.subject.Subject> |
getSubjectsWithPrivilege(Stem stem,
Privilege privilege)
Get all subjects with privilege on group. |
void |
grantPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
java.lang.String uuid)
Grant privilege to subject on group. |
boolean |
hasPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Check whether subject has privilege on group. |
boolean |
hqlFilterStemsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
Privilege privilege,
boolean considerAllSubject)
for a stem query, check to make sure the subject cant see the records |
boolean |
hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
java.util.Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
java.util.Set<Stem> |
postHqlFilterStems(java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
after HQL is run, filter stems. |
void |
privilegeCopy(Stem stem1,
Stem stem2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on stem1 to stem2. |
void |
privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
void |
revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
Revoke all naming privileges that this subject has. |
void |
revokePrivilege(Stem stem,
Privilege privilege)
Revoke privilege from all subjects on group. |
void |
revokePrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Revoke privilege from subject on group. |
void |
stop()
clean up resources, session is stopped |
| Method Detail |
|---|
java.util.Set<Stem> getStemsWhereSubjectDoesntHavePrivilege(java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
stemId - scope - subject - privilege - considerAllSubject - sqlLikeString -
void flushCache()
void stop()
java.util.Set<Stem> getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException
subject - privilege -
java.lang.IllegalArgumentException - if any parameter is null.NamingAdapter.getStemsWhereSubjectHasPriv(GrouperSession, Subject, Privilege)
java.util.Set<NamingPrivilege> getPrivileges(Stem stem,
edu.internet2.middleware.subject.Subject subject)
throws java.lang.IllegalArgumentException
stem - subject -
java.lang.IllegalArgumentException - if any parameter is null.NamingAdapter.getPrivs(GrouperSession, Stem, Subject)
java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPrivilege(Stem stem,
Privilege privilege)
throws java.lang.IllegalArgumentException
stem - privilege -
java.lang.IllegalArgumentException - if any parameter is null.NamingAdapter.getSubjectsWithPriv(GrouperSession, Stem, Privilege)
void grantPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
java.lang.String uuid)
throws java.lang.IllegalArgumentException,
UnableToPerformException
stem - subject - privilege - uuid - if known or null
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be granted.edu.internet2.middleware.grouper.privs.NamingAdapter#grantPriv(GrouperSession, Stem, Subject, Privilege)
boolean hasPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException
stem - subject - privilege -
java.lang.IllegalArgumentException - if any parameter is null.NamingAdapter.hasPriv(GrouperSession, Stem, Subject, Privilege)
void revokePrivilege(Stem stem,
Privilege privilege)
throws java.lang.IllegalArgumentException,
UnableToPerformException
stem - privilege -
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.NamingAdapter.revokePriv(GrouperSession, Stem, Privilege)
void revokePrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
throws java.lang.IllegalArgumentException,
UnableToPerformException
stem - subject - privilege -
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.NamingAdapter.revokePriv(GrouperSession, Stem, Subject, Privilege)
void privilegeCopy(Stem stem1,
Stem stem2,
Privilege priv)
throws java.lang.IllegalArgumentException,
UnableToPerformException
stem1 - stem2 - priv -
java.lang.IllegalArgumentException
UnableToPerformException
void privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
throws java.lang.IllegalArgumentException,
UnableToPerformException
subj1 - subj2 - priv -
java.lang.IllegalArgumentException
UnableToPerformExceptionGrouperSession getGrouperSession()
boolean hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
java.util.Set<Privilege> privInSet)
subject - which needs view access to the groupshql - is the select and part part (hql prefix)hqlQuery - stemColumn - is the name of the stem column to join toprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
java.util.Set<Stem> postHqlFilterStems(java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
stems - subject - which needs view access to the groupsprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege
void revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
subject -
boolean hqlFilterStemsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
Privilege privilege,
boolean considerAllSubject)
subject - which needs view access to the groupshqlQuery - hql - the select and current from partstemColumn - is the name of the group column to join toprivilege - find a privilege which is in this set (e.g. stem or create)considerAllSubject - if true, then consider GrouperAll when seeign if subject has priv, else do not
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||