edu.internet2.middleware.grouper.privs

Class GrouperNonDbAttrDefAdapter

java.lang.Object

edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter

edu.internet2.middleware.grouper.privs.GrouperNonDbAttrDefAdapter

All Implemented Interfaces:

AttributeDefAdapter

Direct Known Subclasses:

GrouperAttributeDefAdapter

public class GrouperNonDbAttrDefAdapter
extends BaseAttrDefAdapter
implements AttributeDefAdapter

This is the base grouper implementation which implements the required access adapter methods, but not the db specific ones. This should be slower and more explicit than the GrouperAttributeDefAdapter (subclass)

Version:

$Id: GrouperNonDbAttrDefAdapter.java,v 1.4 2009-12-07 07:31:09 mchyzer Exp $

Field Summary

Fields

Modifier and Type	Field and Description
protected static Map<Privilege,String>	priv2list

Constructor Summary

Constructors

Constructor and Description
GrouperNonDbAttrDefAdapter()

Method Summary

Modifier and Type	Method and Description
Set<AttributeDef>	getAttributeDefsWhereSubjectDoesHavePrivilege(GrouperSession grouperSession, String stemId, Stem.Scope scope, Subject subject, Privilege privilege, boolean considerAllSubject, String sqlLikeString) Get all attributedefs where this subject does have this privilege.
Set<AttributeDef>	getAttributeDefsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession, String stemId, Stem.Scope scope, Subject subject, Privilege privilege, boolean considerAllSubject, String sqlLikeString) Get all attributedefs where this subject doesnt have this privilege.
Set<AttributeDef>	getAttributeDefsWhereSubjectHasPriv(GrouperSession s, Subject subj, Privilege priv) Get all attribute defs where this subject has this privilege.
Set<AttributeDefPrivilege>	getPrivs(GrouperSession grouperSession, AttributeDef attributeDef, Subject subj) Get all privileges held by this subject on this attribute definition.
Set	getSubjectsWithPriv(GrouperSession s, AttributeDef attributeDef, Privilege priv) Get all subjects with this privilege on this attribute definition.
void	grantPriv(GrouperSession s, AttributeDef attributeDef, Subject subj, Privilege priv, String uuid) Grant the privilege to the subject on this attrDef.
boolean	hasPriv(GrouperSession grouperSession, AttributeDef attributeDef, Subject subj, Privilege priv) Check whether the subject has this privilege on this attrDef.
void	privilegeCopy(GrouperSession s, AttributeDef attributeDef1, AttributeDef attributeDef2, Privilege priv) Copies privileges for subjects that have the specified privilege on g1 to g2.
void	privilegeCopy(GrouperSession s, Subject subj1, Subject subj2, Privilege priv) Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2.
Set<PrivilegeSubjectContainer>	retrievePrivileges(GrouperSession grouperSession, AttributeDef attributeDef, Set<Privilege> privileges, MembershipType membershipType, QueryPaging queryPaging, Set<Member> additionalMembers) get a list of privilege subjects, there are no results with the same subject/privilege combination
void	revokeAllPrivilegesForSubject(GrouperSession grouperSession, Subject subject) Revoke all access privileges that this subject has.
void	revokePriv(GrouperSession grouperSession, AttributeDef attributeDef, Privilege priv) Revoke this privilege from everyone on this attrDef.
void	revokePriv(GrouperSession grouperSession, AttributeDef attributeDef, Subject subj, Privilege priv) Revoke the privilege from the subject on this attrDef.

Methods inherited from class edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter

hqlFilterAttrDefsWhereClause, hqlFilterAttributeDefsNotWithPrivWhereClause, hqlFilterAttributeDefsWithPrivWhereClause, postHqlFilterAttributeAssigns, postHqlFilterAttributeDefs, postHqlFilterPermissions, postHqlFilterPITAttributeAssigns

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface edu.internet2.middleware.grouper.privs.AttributeDefAdapter

hqlFilterAttrDefsWhereClause, hqlFilterAttributeDefsNotWithPrivWhereClause, hqlFilterAttributeDefsWithPrivWhereClause, postHqlFilterAttributeAssigns, postHqlFilterAttributeDefs, postHqlFilterPermissions, postHqlFilterPITAttributeAssigns

Field Detail

priv2list

protected static final Map<Privilege,String> priv2list

Constructor Detail

GrouperNonDbAttrDefAdapter

public GrouperNonDbAttrDefAdapter()

Method Detail

getSubjectsWithPriv

public Set getSubjectsWithPriv(GrouperSession s,
                               AttributeDef attributeDef,
                               Privilege priv)
                        throws SchemaException

Description copied from interface: AttributeDefAdapter

Get all subjects with this privilege on this attribute definition.

 Set admins = ap.getSubjectsWithPriv(s, attrDef, AccessPrivilege.ADMIN);
 

Specified by:

getSubjectsWithPriv in interface AttributeDefAdapter

Parameters:

s - Get privileges within this session context.

attributeDef - Get privileges on this attribute definition.

priv - Get this privilege.

Returns:

Set of Subject objects.

Throws:

SchemaException

See Also:

AttributeDefAdapter.getSubjectsWithPriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)

getAttributeDefsWhereSubjectHasPriv

public Set<AttributeDef> getAttributeDefsWhereSubjectHasPriv(GrouperSession s,
                                                             Subject subj,
                                                             Privilege priv)
                                                      throws SchemaException

Description copied from interface: AttributeDefAdapter

Get all attribute defs where this subject has this privilege.

 try {
   Set isAdmin = ap.getAttributeDefsWhereSubjectHasPriv(
     s, subj, AccessPrivilege.ADMIN
   );
 }
 catch (SchemaException eS) {
   // Invalid priv
 }
 

Specified by:

getAttributeDefsWhereSubjectHasPriv in interface AttributeDefAdapter

Parameters:

s - Get privileges within this session context.

subj - Get privileges for this subject.

priv - Get this privilege.

Returns:

Set of AttributeDef objects.

Throws:

SchemaException

See Also:

AttributeDefAdapter.getAttributeDefsWhereSubjectHasPriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

getPrivs

public Set<AttributeDefPrivilege> getPrivs(GrouperSession grouperSession,
                                           AttributeDef attributeDef,
                                           Subject subj)

Description copied from interface: AttributeDefAdapter

Get all privileges held by this subject on this attribute definition.

 Set privs = ap.getPrivs(s, g, subj);
 

Specified by:

getPrivs in interface AttributeDefAdapter

Parameters:

grouperSession - Get privileges within this session context.

attributeDef - Get privileges on this attrDef.

subj - Get privileges for this member.

Returns:

Set of privileges.

See Also:

AttributeDefAdapter.getPrivs(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject)

grantPriv

public void grantPriv(GrouperSession s,
                      AttributeDef attributeDef,
                      Subject subj,
                      Privilege priv,
                      String uuid)
               throws GrantPrivilegeException,
                      InsufficientPrivilegeException,
                      SchemaException

Description copied from interface: AttributeDefAdapter

Grant the privilege to the subject on this attrDef.

 try {
   ap.grantPriv(s, g, subj, AccessPrivilege.ADMIN);
 }
 catch (GrantPrivilegeException e0) {
   // Unable to grant the privilege
 }
 catch (InsufficientPrivilegeException e1) {
   // Not privileged to grant the privilege
 }
 catch (SchemaException e2) {
   // Invalid privilege
 }
 

Specified by:

grantPriv in interface AttributeDefAdapter

Parameters:

s - Grant privilege in this session context.

attributeDef - Grant privilege on this attrDef.

subj - Grant privilege to this subject.

priv - Grant this privilege.

uuid - is uuid or null if assign one

Throws:

GrantPrivilegeException

InsufficientPrivilegeException

SchemaException

See Also:

AttributeDefAdapter.grantPriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege, String)

hasPriv

public boolean hasPriv(GrouperSession grouperSession,
                       AttributeDef attributeDef,
                       Subject subj,
                       Privilege priv)
                throws SchemaException

Description copied from interface: AttributeDefAdapter

Check whether the subject has this privilege on this attrDef.

 try {
   ap.hasPriv(s, g, subject, AccessPrivilege.ADMIN);
 }
 catch (SchemaException e) {
   // Invalid privilege
 }
 

Specified by:

hasPriv in interface AttributeDefAdapter

Parameters:

grouperSession - Check privilege in this session context.

attributeDef - Check privilege on this attrDef.

subj - Check privilege for this subject.

priv - Check this privilege.

Returns:

if has priv

Throws:

SchemaException

See Also:

AttributeDefAdapter.hasPriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

privilegeCopy

public void privilegeCopy(GrouperSession s,
                          AttributeDef attributeDef1,
                          AttributeDef attributeDef2,
                          Privilege priv)
                   throws InsufficientPrivilegeException,
                          GrantPrivilegeException,
                          SchemaException

Description copied from interface: AttributeDefAdapter

Copies privileges for subjects that have the specified privilege on g1 to g2.

Specified by:

privilegeCopy in interface AttributeDefAdapter

Throws:

InsufficientPrivilegeException

GrantPrivilegeException

SchemaException

See Also:

AttributeDefAdapter.privilegeCopy(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)

privilegeCopy

public void privilegeCopy(GrouperSession s,
                          Subject subj1,
                          Subject subj2,
                          Privilege priv)
                   throws InsufficientPrivilegeException,
                          GrantPrivilegeException,
                          SchemaException

Description copied from interface: AttributeDefAdapter

Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. For instance, if subj1 has ADMIN privilege to AttributeDef x, this method will result with subj2 having ADMIN privilege to AttributeDef x.

Specified by:

privilegeCopy in interface AttributeDefAdapter

Throws:

InsufficientPrivilegeException

GrantPrivilegeException

SchemaException

See Also:

AttributeDefAdapter.privilegeCopy(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

revokePriv

public void revokePriv(GrouperSession grouperSession,
                       AttributeDef attributeDef,
                       Privilege priv)
                throws InsufficientPrivilegeException,
                       RevokePrivilegeException,
                       SchemaException

Description copied from interface: AttributeDefAdapter

Revoke this privilege from everyone on this attrDef.

 try {
   ap.revokePriv(s, g, AccessPrivilege.ADMIN);
 }
 catch (InsufficientPrivilegeException eIP) {
   // Not privileged to revoke the privilege
 }
 catch (RevokePrivilegeException eRP) {
   // Unable to revoke the privilege
 }
 

Specified by:

revokePriv in interface AttributeDefAdapter

Parameters:

grouperSession - Revoke privilege in this session context.

attributeDef - Revoke privilege on this group.

priv - Revoke this privilege.

Throws:

InsufficientPrivilegeException

RevokePrivilegeException

SchemaException

See Also:

AttributeDefAdapter.revokePriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)

revokePriv

public void revokePriv(GrouperSession grouperSession,
                       AttributeDef attributeDef,
                       Subject subj,
                       Privilege priv)
                throws InsufficientPrivilegeException,
                       RevokePrivilegeException,
                       SchemaException

Description copied from interface: AttributeDefAdapter

Revoke the privilege from the subject on this attrDef.

 try {
   ap.revokePriv(s, g, subj, AccessPrivilege.ADMIN);
 }
 catch (InsufficientPrivilegeException eIP) {
   // Not privileged to revoke the privilege
 }
 catch (RevokePrivilegeException eRP) {
   // Unable to revoke the privilege
 }
 

Specified by:

revokePriv in interface AttributeDefAdapter

Parameters:

grouperSession - Revoke privilege in this session context.

attributeDef - Revoke privilege on this attrDef.

subj - Revoke privilege from this subject.

priv - Revoke this privilege.

Throws:

InsufficientPrivilegeException

RevokePrivilegeException

SchemaException

See Also:

AttributeDefAdapter.revokePriv(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

revokeAllPrivilegesForSubject

public void revokeAllPrivilegesForSubject(GrouperSession grouperSession,
                                          Subject subject)

Description copied from interface: AttributeDefAdapter

Revoke all access privileges that this subject has.

Specified by:

revokeAllPrivilegesForSubject in interface AttributeDefAdapter

See Also:

AttributeDefAdapter.revokeAllPrivilegesForSubject(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject)

getAttributeDefsWhereSubjectDoesntHavePrivilege

public Set<AttributeDef> getAttributeDefsWhereSubjectDoesntHavePrivilege(GrouperSession grouperSession,
                                                                         String stemId,
                                                                         Stem.Scope scope,
                                                                         Subject subject,
                                                                         Privilege privilege,
                                                                         boolean considerAllSubject,
                                                                         String sqlLikeString)

Get all attributedefs where this subject doesnt have this privilege.

Specified by:

getAttributeDefsWhereSubjectDoesntHavePrivilege in interface AttributeDefAdapter

Parameters:

grouperSession -

stemId -

scope -

subject -

privilege -

considerAllSubject -

sqlLikeString -

Returns:

attributedefs

retrievePrivileges

public Set<PrivilegeSubjectContainer> retrievePrivileges(GrouperSession grouperSession,
                                                         AttributeDef attributeDef,
                                                         Set<Privilege> privileges,
                                                         MembershipType membershipType,
                                                         QueryPaging queryPaging,
                                                         Set<Member> additionalMembers)

Description copied from interface: AttributeDefAdapter

get a list of privilege subjects, there are no results with the same subject/privilege combination

Specified by:

retrievePrivileges in interface AttributeDefAdapter

Parameters:

grouperSession - grouper session

attributeDef - to search on

privileges - if blank, get all

membershipType - if immediate, effective, or blank for all

queryPaging - if a certain page should be returned based on subject

additionalMembers - additional members to query that the user is finding or adding

Returns:

the privilege subject combinations

See Also:

AttributeDefAdapter.retrievePrivileges(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.grouper.attr.AttributeDef, java.util.Set, edu.internet2.middleware.grouper.membership.MembershipType, edu.internet2.middleware.grouper.internal.dao.QueryPaging, Set)

getAttributeDefsWhereSubjectDoesHavePrivilege

public Set<AttributeDef> getAttributeDefsWhereSubjectDoesHavePrivilege(GrouperSession grouperSession,
                                                                       String stemId,
                                                                       Stem.Scope scope,
                                                                       Subject subject,
                                                                       Privilege privilege,
                                                                       boolean considerAllSubject,
                                                                       String sqlLikeString)

Get all attributedefs where this subject does have this privilege.

Specified by:

getAttributeDefsWhereSubjectDoesHavePrivilege in interface AttributeDefAdapter

Parameters:

grouperSession -

stemId -

scope -

subject -

privilege -

considerAllSubject -

sqlLikeString -

Returns:

attributedefs