|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface NamingAdapter
Grouper Naming Privilege interface.
Unless you are implementing a new implementation of this interface,
you should not need to directly use these methods as they are all
wrapped by methods in the Stem class.
| Method Summary | |
|---|---|
java.util.Set<NamingPrivilege> |
getPrivs(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj)
Get all privileges held by this subject on this stem. |
java.util.Set<Stem> |
getStemsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession,
java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
find the stems which do not have a certain privilege |
java.util.Set |
getStemsWhereSubjectHasPriv(GrouperSession s,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Get all stems where this subject has this privilege. |
java.util.Set |
getSubjectsWithPriv(GrouperSession s,
Stem ns,
Privilege priv)
Get all subjects with this privilege on this stem. |
void |
grantPriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv,
java.lang.String uuid)
Grant the privilege to the subject on this stem. |
boolean |
hasPriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Check whether the subject has this privilege on this stem. |
boolean |
hqlFilterStemsNotWithPrivWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
Privilege privilege,
boolean considerAllSubject)
for a stem query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterStems instead if you like). |
boolean |
hqlFilterStemsWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
java.util.Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
java.util.Set<Stem> |
postHqlFilterStems(GrouperSession grouperSession,
java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
after HQL is run, filter stems. |
void |
privilegeCopy(GrouperSession s,
Stem stem1,
Stem stem2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on stem1 to stem2. |
void |
privilegeCopy(GrouperSession s,
edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
void |
revokeAllPrivilegesForSubject(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject)
Revoke all naming privileges that this subject has. |
void |
revokePriv(GrouperSession s,
Stem ns,
Privilege priv)
Revoke this privilege from everyone on this stem. |
void |
revokePriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
Revoke the privilege from the subject on this stem. |
| Method Detail |
|---|
java.util.Set<Stem> getStemsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession,
java.lang.String stemId,
Stem.Scope scope,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
boolean considerAllSubject,
java.lang.String sqlLikeString)
grouperSession - stemId - scope - subject - privilege - considerAllSubject - sqlLikeString -
java.util.Set getSubjectsWithPriv(GrouperSession s,
Stem ns,
Privilege priv)
throws SchemaException
Set stemmers = np.getSubjectsWithPriv(s, ns, NamingPrivilege.STEM);
s - Get privileges within this session context.ns - Get privileges on this stem.priv - Get this privilege.
Subject objects.
SchemaException
java.util.Set getStemsWhereSubjectHasPriv(GrouperSession s,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws SchemaException
try {
Set isStemmer = np.getStemsWhereSubjectHasPriv(
s, subj, NamingPrivilege.STEM
);
}
catch (SchemaException eS) {
// Invalid priv
}
s - Get privileges within this session context.subj - Get privileges for this subject.priv - Get this privilege.
Stem objects.
SchemaException
java.util.Set<NamingPrivilege> getPrivs(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj)
Set privs = np.getPrivs(s, ns, subj);
s - Get privileges within this session context.ns - Get privileges on this stem.subj - Get privileges for this subject.
NamingPrivilege objects.
void grantPriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv,
java.lang.String uuid)
throws GrantPrivilegeException,
InsufficientPrivilegeException,
SchemaException
try {
np.grantPriv(s, ns, subj, NamingPrivilege.STEM);
}
catch (GrantPrivilegeException e0) {
// Unable to grant the privilege
}
catch (InsufficientPrivilegeException e1) {
// Not privileged to grant the privilege
}
s - Grant privilege in this session context.ns - Grant privilege on this stem.subj - Grant privilege to this subject.priv - Grant this privilege.uuid - is uuid if known or null if assign one
GrantPrivilegeException
InsufficientPrivilegeException
SchemaException
boolean hasPriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws SchemaException
try {
np.hasPriv(s, ns, subj, NamingPrivilege.STEM);
}
catch (SchemaException e) {
// Invalid privilege
}
s - Check privilege in this session context.ns - Check privilege on this stem.subj - Check privilege for this subject.priv - Check this privilege.
SchemaException
void revokePriv(GrouperSession s,
Stem ns,
Privilege priv)
throws InsufficientPrivilegeException,
RevokePrivilegeException,
SchemaException
try {
np.revokePriv(s, ns, NamingPrivilege.STEM);
}
catch (InsufficientPrivilegeException eIP) {
// Not privileged to revoke the privilege
}
catch (RevokePrivilegeException eRP) {
// Unable to revoke the privilege
}
s - Revoke privilege in this session context.ns - Revoke privilege on this stem.priv - Revoke this privilege.
InsufficientPrivilegeException
RevokePrivilegeException
SchemaException
void revokePriv(GrouperSession s,
Stem ns,
edu.internet2.middleware.subject.Subject subj,
Privilege priv)
throws InsufficientPrivilegeException,
RevokePrivilegeException,
SchemaException
try {
np.revokePriv(s, ns, subj, NamingPrivilege.STEM);
}
catch (InsufficientPrivilegeException eIP) {
// Not privileged to grant the privilege
}
catch (RevokePrivilegeException eRP) {
// Unable to revoke the privilege
}
s - Revoke privilege in this session context.ns - Revoke privilege on this stem.subj - Revoke privilege from this subject.priv - Revoke this privilege.
InsufficientPrivilegeException
RevokePrivilegeException
SchemaException
void privilegeCopy(GrouperSession s,
Stem stem1,
Stem stem2,
Privilege priv)
throws InsufficientPrivilegeException,
GrantPrivilegeException,
SchemaException
s - stem1 - stem2 - priv -
InsufficientPrivilegeException
GrantPrivilegeException
SchemaException
void privilegeCopy(GrouperSession s,
edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
throws InsufficientPrivilegeException,
GrantPrivilegeException,
SchemaException
s - subj1 - subj2 - priv -
InsufficientPrivilegeException
GrantPrivilegeException
SchemaException
boolean hqlFilterStemsWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
java.util.Set<Privilege> privInSet)
grouperSession - subject - which needs view access to the groupshql - is the select and part part (hql prefix)hqlQuery - stemColumn - is the name of the stem column to join toprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
java.util.Set<Stem> postHqlFilterStems(GrouperSession grouperSession,
java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
grouperSession - stems - subject - which needs view access to the groupsprivInSet - find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege
void revokeAllPrivilegesForSubject(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject)
grouperSession - subject -
boolean hqlFilterStemsNotWithPrivWhereClause(GrouperSession grouperSession,
edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
Privilege privilege,
boolean considerAllSubject)
grouperSession - subject - which needs view access to the groupshql - is the select and part part (hql prefix)hqlQuery - stemColumn - is the name of the stem column to join toprivilege - find a privilege which is in this set
(e.g. naming privs).considerAllSubject - if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||