Package | Description |
---|---|
edu.internet2.middleware.grouper.internal.dao |
This package contains the data access object interfaces that a DB
layer would have to implement (generally revolving around queries to DB)
|
edu.internet2.middleware.grouper.internal.dao.hib3 |
This package contains hib3 related data access object implementations
and mappings
|
edu.internet2.middleware.grouper.permissions | |
edu.internet2.middleware.grouper.permissions.limits |
This package has classes involving permission limits.
|
edu.internet2.middleware.grouper.permissions.limits.impl |
This package has classes involving builtin implementations of permission limits.
|
edu.internet2.middleware.grouper.pit | |
edu.internet2.middleware.grouper.privs |
This package contains access and privilege related classes
|
edu.internet2.middleware.grouper.rules |
Modifier and Type | Method and Description |
---|---|
Set<PermissionEntry> |
PermissionEntryDAO.findAllPermissionsNotInGroupAndType(String attributeDefId,
String groupId,
boolean immediateRoleMembershipsOrRoleSubject,
QueryOptions queryOptions,
Boolean enabled,
boolean hasNoEndDate)
find subjects who are not in a group but who have permissions
|
Set<PermissionEntry> |
PermissionEntryDAO.findAllPermissionsNotInStem(String attributeDefId,
Stem stem,
Stem.Scope stemScope,
boolean immediateRoleMembershipsOrRoleSubject,
QueryOptions queryOptions,
Boolean enabled,
boolean hasNoEndDate)
find subjects who are not in a group but who have permissions
|
Set<PermissionEntry> |
PermissionEntryDAO.findByMemberId(String memberId)
find all permissions that a subject has
|
Set<PermissionEntry> |
PermissionEntryDAO.findByMemberIdAndAttributeDefNameId(String memberId,
String attributeDefNameId)
get attribute assigns by member and attribute def name id
|
Set<PermissionEntry> |
PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIds)
securely search for assignments.
|
Set<PermissionEntry> |
PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIds,
boolean noEndDate)
securely search for assignments.
|
Set<PermissionEntry> |
PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIds,
boolean noEndDate,
Stem permissionNameInStem,
Stem.Scope permissionNameInStemScope)
securely search for assignments.
|
Set<PermissionEntry> |
PITPermissionAllViewDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Collection<String> memberIds,
Timestamp pointInTimeFrom,
Timestamp pointInTimeTo) |
Set<PermissionEntry> |
PermissionEntryDAO.findPermissions(String attributeDefId,
String attributeDefNameId,
String ownerRoleId,
String ownerMemberId,
String action,
Boolean enabled)
securely search for assignments
|
Set<PermissionEntry> |
PermissionEntryDAO.findPermissionsByAttributeDefDisabledRange(String attributeDefId,
Timestamp disabledDateFrom,
Timestamp disabledDateTo)
Find all permissions based on attributeDefinition, and a range of disabled dates
|
Set<PermissionEntry> |
PermissionEntryDAO.findRolePermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
boolean noEndDate)
securely search for role assignments.
|
Set<PermissionEntry> |
PermissionEntryDAO.findRolePermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
boolean noEndDate,
Stem permissionNameInStem,
Stem.Scope permissionNameInStemScope)
securely search for role assignments.
|
Set<PermissionEntry> |
PermissionEntryDAO.findRolePermissions(String attributeDefId,
String attributeDefNameId,
String ownerRoleId,
String action,
Boolean enabled)
securely search for assignments
|
Modifier and Type | Method and Description |
---|---|
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findAllPermissionsNotInGroupAndType(String attributeDefId,
String groupId,
boolean immediateRoleMembershipsOrRoleSubject,
QueryOptions queryOptions,
Boolean enabled,
boolean hasNoEndDate) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findAllPermissionsNotInStem(String attributeDefId,
Stem ownerNotInStem,
Stem.Scope stemScope,
boolean immediateRoleMembershipsOrRoleSubject,
QueryOptions queryOptions,
Boolean enabled,
boolean hasNoEndDate) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findByMemberId(String memberId) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findByMemberIdAndAttributeDefNameId(String memberId,
String attributeDefNameId) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIds) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIdsTotal,
boolean noEndDate) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findPermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
Collection<String> memberIdsTotal,
boolean noEndDate,
Stem permissionNameInStem,
Stem.Scope permissionNameInStemScope) |
Set<PermissionEntry> |
Hib3PITPermissionAllViewDAO.findPermissions(Collection<String> attributeDefSourceIds,
Collection<String> attributeDefNameSourceIds,
Collection<String> roleSourceIds,
Collection<String> actions,
Collection<String> memberSourceIds,
Timestamp pointInTimeFrom,
Timestamp pointInTimeTo) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findPermissions(String attributeDefId,
String attributeDefNameId,
String ownerRoleId,
String ownerMemberId,
String action,
Boolean enabled)
find permissions based on filter criteria
|
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findPermissionsByAttributeDefDisabledRange(String attributeDefId,
Timestamp disabledDateFrom,
Timestamp disabledDateTo) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findRolePermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
boolean noEndDate) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findRolePermissions(Collection<String> attributeDefIds,
Collection<String> attributeDefNameIds,
Collection<String> roleIds,
Collection<String> actions,
Boolean enabled,
boolean noEndDate,
Stem permissionNameInStem,
Stem.Scope permissionNameInStemScope) |
Set<PermissionEntry> |
Hib3PermissionEntryDAO.findRolePermissions(String attributeDefId,
String attributeDefNameId,
String ownerRoleId,
String action,
Boolean enabled) |
Modifier and Type | Class and Description |
---|---|
class |
PermissionEntryBase |
class |
PermissionEntryImpl |
Modifier and Type | Method and Description |
---|---|
static PermissionEntry |
PermissionEntryUtils.collectionFindFirst(Collection<PermissionEntry> permissionEntries,
String roleName,
String attributeDefNameName,
String action,
String subjectSourceId,
String subjectId,
String permissionType)
find the first permission entry in the list of entries
|
static PermissionEntry |
PermissionEntryUtils.collectionFindFirst(Collection<PermissionEntry> permissionEntries,
String roleName,
String attributeDefNameName,
String action,
String subjectSourceId,
String subjectId,
String permissionType,
boolean considerPermissionType)
find the first permission entry in the list of entries
|
PermissionEntry |
PermissionFinder.findPermission(boolean exceptionIfNotFound)
find a permission
|
Modifier and Type | Method and Description |
---|---|
Set<PermissionEntry> |
PermissionFinder.findPermissions()
find a list of permissions
|
Map<PermissionEntry,Set<PermissionLimitBean>> |
PermissionFinder.findPermissionsAndLimits()
get the permissions, and the limits, so the caller (e.g.
|
Modifier and Type | Method and Description |
---|---|
int |
PermissionEntryImpl.compareTo(PermissionEntry o2) |
int |
PermissionEntryBase.compareTo(PermissionEntry o) |
static long |
PermissionHeuristic.computePermissionHeuristic(PermissionEntry permissionEntry)
compute a heuristic based on how important the aspects of the permissionEntry are
see the class javadoc for more info
|
Modifier and Type | Method and Description |
---|---|
static boolean |
PermissionEntryUtils.collectionContains(Collection<PermissionEntry> permissionEntries,
String roleName,
String attributeDefNameName,
String action,
String subjectSourceId,
String subjectId)
see if a permission is in the list of entries
|
static PermissionEntry |
PermissionEntryUtils.collectionFindFirst(Collection<PermissionEntry> permissionEntries,
String roleName,
String attributeDefNameName,
String action,
String subjectSourceId,
String subjectId,
String permissionType)
find the first permission entry in the list of entries
|
static PermissionEntry |
PermissionEntryUtils.collectionFindFirst(Collection<PermissionEntry> permissionEntries,
String roleName,
String attributeDefNameName,
String action,
String subjectSourceId,
String subjectId,
String permissionType,
boolean considerPermissionType)
find the first permission entry in the list of entries
|
static void |
PermissionEntryUtils.orderByAndSetFriendlyHeuristic(List<PermissionEntry> permissionEntries)
if internal heuristic is not set, set it, order by so most important as at top...
|
static void |
PermissionProcessor.processLimits(Collection<PermissionEntry> permissionEntrySet,
Map<String,Object> limitEnvVarsString,
Map<PermissionEntry,Set<PermissionLimitBean>> permissionLimitBeanMap)
process limits on some permission entries
|
static void |
PermissionProcessor.processLimits(Collection<PermissionEntry> permissionEntrySet,
Map<String,Object> limitEnvVarsString,
Map<PermissionEntry,Set<PermissionLimitBean>> permissionLimitBeanMap)
process limits on some permission entries
|
abstract void |
PermissionProcessor.processPermissions(Collection<PermissionEntry> permissionEntrySet,
Map<String,Object> limitEnvVars)
filer permissions out which can be pruned based on the type of processor
|
Constructor and Description |
---|
PermissionResult(Set<PermissionEntry> thePermissionEntries) |
Modifier and Type | Method and Description |
---|---|
static Map<PermissionEntry,Set<PermissionLimitBean>> |
PermissionLimitBean.findPermissionLimits(Collection<PermissionEntry> permissionEntrySet)
find permission limits based on the permission entries.
|
Modifier and Type | Method and Description |
---|---|
boolean |
PermissionLimitInterface.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans)
if the limit allowed the permission to be allowed
|
Modifier and Type | Method and Description |
---|---|
static Map<PermissionEntry,Set<PermissionLimitBean>> |
PermissionLimitBean.findPermissionLimits(Collection<PermissionEntry> permissionEntrySet)
find permission limits based on the permission entries.
|
Modifier and Type | Method and Description |
---|---|
boolean |
PermissionLimitWeekday9to5Logic.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitLabelsContain.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitIpOnNetworks.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitIpOnNetworkRealm.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitElLogic.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitAmountLessThanEquals.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
boolean |
PermissionLimitAmountLessThan.allowPermission(PermissionEntry permissionEntry,
AttributeAssign limitAssignment,
Set<AttributeAssignValue> limitAssignmentValues,
Map<String,Object> limitEnvVars,
Set<PermissionLimitBean> permissionLimitBeans) |
Modifier and Type | Class and Description |
---|---|
class |
PITPermissionAllView |
Modifier and Type | Method and Description |
---|---|
static Set<PermissionEntry> |
PrivilegeHelper.canViewPermissions(GrouperSession grouperSession,
Collection<PermissionEntry> inputPermissionEntries)
see if the attribute assigns are viewable
|
Set<PermissionEntry> |
GrouperAttributeDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries) |
Set<PermissionEntry> |
BaseAttrDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries) |
Set<PermissionEntry> |
AttributeDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries)
filter permissionEntries for things the subject can see, assume underlying assignments are ok to view
|
Set<PermissionEntry> |
WheelAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
ValidatingAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
GrouperSystemAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
CachingAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefWrapper.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefResolverDecorator.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries)
filter permissions for things the subject can see
|
Modifier and Type | Method and Description |
---|---|
static Set<PermissionEntry> |
PrivilegeHelper.canViewPermissions(GrouperSession grouperSession,
Collection<PermissionEntry> inputPermissionEntries)
see if the attribute assigns are viewable
|
Set<PermissionEntry> |
GrouperAttributeDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries) |
Set<PermissionEntry> |
BaseAttrDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries) |
Set<PermissionEntry> |
AttributeDefAdapter.postHqlFilterPermissions(GrouperSession grouperSession,
Subject subject,
Set<PermissionEntry> permissionEntries)
filter permissionEntries for things the subject can see, assume underlying assignments are ok to view
|
Set<PermissionEntry> |
WheelAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
ValidatingAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
GrouperSystemAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
CachingAttrDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefWrapper.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefResolverDecorator.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries) |
Set<PermissionEntry> |
AttributeDefResolver.postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries)
filter permissions for things the subject can see
|
Modifier and Type | Method and Description |
---|---|
static Set<PermissionEntry> |
RuleUtils.permissionsForUser(String attributeDefId,
RulesBean rulesBean,
boolean noEndDate) |
static Set<PermissionEntry> |
RuleUtils.permissionsForUser(String attributeDefId,
String memberId,
boolean noEndDate) |
Copyright © 2016 Internet2. All rights reserved.