|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface AccessAdapter
Grouper Access Privilege interface.
Unless you are implementing a new implementation of this interface,
you should not need to directly use these methods as they are all
wrapped by methods in the Group class.
| Method Summary | |
|---|---|
java.util.Set<Group> |
getGroupsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession,
java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
find the groups which do not have a certain privilege |
java.util.Set<Group> |
getGroupsWhereSubjectHasPriv(GrouperSession s,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Get all groups where this subject has this privilege. |
java.util.Set<AccessPrivilege> |
getPrivs(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj)
Get all privileges held by this subject on this group. |
java.util.Set<Stem> |
getStemsWhereGroupThatSubjectHasPrivilege(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
get stems where a group exists where the subject has privilege |
java.util.Set<edu.internet2.middleware.subject.Subject> |
getSubjectsWithPriv(GrouperSession s,
Group g,
Privilege priv)
Get all subjects with this privilege on this group. |
void |
grantPriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv,
java.lang.String uuid)
Grant the privilege to the subject on this group. |
boolean |
hasPriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Check whether the subject has this privilege on this group. |
boolean |
hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String groupColumn,
Privilege privilege,
boolean considerAllSubject)
for a group query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
boolean |
hqlFilterGroupsWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String groupColumn,
java.util.Set<Privilege> privInSet)
for a group query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
java.util.Set<Group> |
postHqlFilterGroups(GrouperSession grouperSession,
java.util.Set<Group> groups,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
after HQL is run, filter groups. |
java.util.Set<Membership> |
postHqlFilterMemberships(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Membership> memberships)
filter memberships for things the subject can see |
java.util.Set<Stem> |
postHqlFilterStemsWithGroups(GrouperSession grouperSession,
java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> inPrivSet)
after HQL is run, filter stems with groups. |
void |
privilegeCopy(GrouperSession s,
Group g1,
Group g2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on g1 to g2. |
void |
privilegeCopy(GrouperSession s,
edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
java.util.Set<PrivilegeSubjectContainer> |
retrievePrivileges(GrouperSession grouperSession,
Group group,
java.util.Set<Privilege> privileges,
MembershipType membershipType,
QueryPaging queryPaging,
java.util.Set<Member> additionalMembers)
get a list of privilege subjects, there are no results with the same subject/privilege combination |
void |
revokeAllPrivilegesForSubject(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject)
Revoke all access privileges that this subject has. |
void |
revokePriv(GrouperSession s,
Group g,
Privilege priv)
Revoke this privilege from everyone on this group. |
void |
revokePriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Revoke the privilege from the subject on this group. |
| Method Detail |
|---|
java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPriv(GrouperSession s,
Group g,
Privilege priv)
throws SchemaException
Set admins = ap.getSubjectsWithPriv(s, g, AccessPrivilege.ADMIN);
s - Get privileges within this session context.g - Get privileges on this group.priv - Get this privilege.
Subject objects.
SchemaException
java.util.Set<Group> getGroupsWhereSubjectHasPriv(GrouperSession s,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws SchemaException
try {
Set isAdmin = ap.getGroupsWhereSubjectHasPriv(
s, subj, AccessPrivilege.ADMIN
);
}
catch (SchemaException eS) {
// Invalid priv
}
s - Get privileges within this session context.subj - Get privileges for this subject.priv - Get this privilege.
Group objects.
SchemaException
java.util.Set<Group> getGroupsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession,
java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
grouperSession - stemId - scope - subject - privilege - considerAllSubject - sqlLikeString -
java.util.Set<Stem> getStemsWhereGroupThatSubjectHasPrivilege(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
grouperSession - subject - privilege -
java.util.Set<AccessPrivilege> getPrivs(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj)
Set privs = ap.getPrivs(s, g, subj);
s - Get privileges within this session context.g - Get privileges on this group.subj - Get privileges for this member.
void grantPriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv,
java.lang.String uuid)
throws GrantPrivilegeException,
InsufficientPrivilegeException,
SchemaException
try {
ap.grantPriv(s, g, subj, AccessPrivilege.ADMIN);
}
catch (GrantPrivilegeException e0) {
// Unable to grant the privilege
}
catch (InsufficientPrivilegeException e1) {
// Not privileged to grant the privilege
}
catch (SchemaException e2) {
// Invalid privilege
}
s - Grant privilege in this session context.g - Grant privilege on this group.subj - Grant privilege to this subject.priv - Grant this privilege.uuid - is uuid or null if generated
GrantPrivilegeException
InsufficientPrivilegeException
SchemaException
boolean hasPriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws SchemaException
try {
ap.hasPriv(s, g, subject, AccessPrivilege.ADMIN);
}
catch (SchemaException e) {
// Invalid privilege
}
s - Check privilege in this session context.g - Check privilege on this group.subj - Check privilege for this subject.priv - Check this privilege.
SchemaException
void revokePriv(GrouperSession s,
Group g,
Privilege priv)
throws InsufficientPrivilegeException,
RevokePrivilegeException,
SchemaException
try {
ap.revokePriv(s, g, AccessPrivilege.ADMIN);
}
catch (InsufficientPrivilegeException eIP) {
// Not privileged to revoke the privilege
}
catch (RevokePrivilegeException eRP) {
// Unable to revoke the privilege
}
s - Revoke privilege in this session context.g - Revoke privilege on this group.priv - Revoke this privilege.
InsufficientPrivilegeException
RevokePrivilegeException
SchemaException
void revokePriv(GrouperSession s,
Group g,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws InsufficientPrivilegeException,
RevokePrivilegeException,
SchemaException
try {
ap.revokePriv(s, g, subj, AccessPrivilege.ADMIN);
}
catch (InsufficientPrivilegeException eIP) {
// Not privileged to revoke the privilege
}
catch (RevokePrivilegeException eRP) {
// Unable to revoke the privilege
}
s - Revoke privilege in this session context.g - Revoke privilege on this group.subj - Revoke privilege from this subject.priv - Revoke this privilege.
InsufficientPrivilegeException
RevokePrivilegeException
SchemaException
void privilegeCopy(GrouperSession s,
Group g1,
Group g2,
Privilege priv)
throws InsufficientPrivilegeException,
GrantPrivilegeException,
SchemaException
s - g1 - g2 - priv -
InsufficientPrivilegeException
GrantPrivilegeException
SchemaException
void privilegeCopy(GrouperSession s,
edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
throws InsufficientPrivilegeException,
GrantPrivilegeException,
SchemaException
s - subj1 - subj2 - priv -
InsufficientPrivilegeException
GrantPrivilegeException
SchemaException
java.util.Set<Group> postHqlFilterGroups(GrouperSession grouperSession,
java.util.Set<Group> groups,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
grouperSession - groups - subject - which needs view access to the groupsprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
java.util.Set<Stem> postHqlFilterStemsWithGroups(GrouperSession grouperSession,
java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> inPrivSet)
grouperSession - stems - subject - inPrivSet -
boolean hqlFilterGroupsWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String groupColumn,
java.util.Set<Privilege> privInSet)
grouperSession - subject - which needs view access to the groupshql - is the select and part part (hql prefix)hqlQuery - groupColumn - is the name of the group column to join toprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege
boolean hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String groupColumn,
Privilege privilege,
boolean considerAllSubject)
grouperSession - subject - which needs view access to the groupshql - is the select and part part (hql prefix)hqlQuery - groupColumn - is the name of the group column to join toprivilege - find a privilege which is in this set
(e.g. for view, send view).considerAllSubject - if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider
java.util.Set<Membership> postHqlFilterMemberships(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Membership> memberships)
grouperSession - memberships - subject -
void revokeAllPrivilegesForSubject(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject)
grouperSession - subject -
java.util.Set<PrivilegeSubjectContainer> retrievePrivileges(GrouperSession grouperSession,
Group group,
java.util.Set<Privilege> privileges,
MembershipType membershipType,
QueryPaging queryPaging,
java.util.Set<Member> additionalMembers)
grouperSession - grouper sessiongroup - to search onprivileges - if blank, get allmembershipType - if immediate, effective, or blank for allqueryPaging - if a certain page should be returned based on subjectadditionalMembers - additional members to query that the user is finding or adding
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||