Package edu.internet2.middleware.grouper.attr

Class AttributeDefPrivilegeDelegate

java.lang.Object
edu.internet2.middleware.grouper.attr.AttributeDefPrivilegeDelegate
public class AttributeDefPrivilegeDelegate extends Object
delegate privilege calls from attribute defs

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    canAttrAdmin(Subject subj)
    Check whether the subject has ATTR_ADMIN on this attributeDef, or something else that allows admin (well, actually, there isnt anything)
    boolean
    canAttrDefAttrRead(Subject subj)
    Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef, or something else that allows it (admin)
    boolean
    canAttrDefAttrUpdate(Subject subj)
    Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef, or something else that allows it (admin)
    boolean
    canAttrOptin(Subject subj)
    Check whether the subject has ATTR_OPTIN on this attributeDef, or something else that allows read (well, actually there isnt anything else right now)
    boolean
    canAttrOptout(Subject subj)
    Check whether the subject has ATTR_OPTOUT on this attributeDef, or something else that allows optout (well, actually, there isnt anything else right now)
    boolean
    canAttrRead(Subject subj)
    Check whether the subject has ATTR_READ on this attributeDef, or something else that allows read (admin)
    boolean
    canAttrUpdate(Subject subj)
    Check whether the subject has ATTR_UPDATE on this attributeDef, or something else that allows update (admin)
    boolean
    canAttrView(Subject subj)
    Check whether the subject has ATTR_VIEW on this attributeDef, or something else that allows view (admin, read, update, etc)
    boolean
    canHavePrivilege(Subject subject, String privilegeOrListName, boolean secure)
    see if the subject has a privilege or another privilege that implies this privilege.
    boolean
    grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember)
    Grant privilege to a subject on this attributeDef.
    boolean
    grantPrivs(Subject subject, boolean adminChecked, boolean updateChecked, boolean readChecked, boolean viewChecked, boolean optinChecked, boolean optoutChecked, boolean attrReadChecked, boolean attrUpdateChecked, boolean revokeIfUnchecked)
    grant privs to attributedef
    boolean
    hasAttrAdmin(Subject subj)
    Check whether the subject has ATTR_ADMIN on this attributeDef.
    boolean
    hasAttrDefAttrRead(Subject subj)
    Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef.
    boolean
    hasAttrDefAttrUpdate(Subject subj)
    Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef.
    boolean
    hasAttrOptin(Subject subj)
    Check whether the subject has ATTR_OPTIN on this attributeDef.
    boolean
    hasAttrOptout(Subject subj)
    Check whether the subject has ATTR_OPTOUT on this attributeDef.
    boolean
    hasAttrRead(Subject subj)
    Check whether the subject has ATTR_READ on this attributeDef.
    boolean
    hasAttrUpdate(Subject subj)
    Check whether the subject has ATTR_UPDATE on this attributeDef.
    boolean
    hasAttrView(Subject subj)
    Check whether the subject has ATTR_VIEW on this attributeDef.
    boolean
    hasPrivilege(Subject subject, String privilegeOrListName)
    see if the subject has a privilege.
    boolean
    internal_grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember, String uuid)
    Grant privilege to a subject on this attributeDef.
    boolean
    revokePriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyRevoked)
    Revoke a privilege from the specified subject.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • hasAttrAdmin

      public boolean hasAttrAdmin(Subject subj)
      Check whether the subject has ATTR_ADMIN on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrAdmin(subj)) {
   // Has ATTR_ADMIN
 }
 else {
   // Does not have ATTR_ADMIN
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_ADMIN.

    • hasAttrOptin

      public boolean hasAttrOptin(Subject subj)
      Check whether the subject has ATTR_OPTIN on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrOptin(subj)) {
   // Has ATTR_OPTIN
 }
 else {
   // Does not have ATTR_OPTIN
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_OPTIN.

    • hasAttrOptout

      public boolean hasAttrOptout(Subject subj)
      Check whether the subject has ATTR_OPTOUT on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrOptout(subj)) {
   // Has ATTR_OPTOUT
 }
 else {
   // Does not have ATTR_OPTOUT
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_OPTOUT.

    • hasAttrRead

      public boolean hasAttrRead(Subject subj)
      Check whether the subject has ATTR_READ on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrRead(subj)) {
   // Has ATTR_READ
 }
 else {
   // Does not have ATTR_READ
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_READ.

    • canAttrDefAttrUpdate

      public boolean canAttrDefAttrUpdate(Subject subj)
      Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef, or something else that allows it (admin) 
       if (attributeDef.getPrivilegeDelegate().canAttrDefAttrUpdate(subj)) {
   // Has ATTR_DEF_ATTR_UPDATE
 }
 else {
   // Does not have ATTR_DEF_ATTR_UPDATE
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_DEF_ATTR_UPDATE.

    • canAttrDefAttrRead

      public boolean canAttrDefAttrRead(Subject subj)
      Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef, or something else that allows it (admin) 
       if (attributeDef.getPrivilegeDelegate().canAttrDefAttrRead(subj)) {
   // Has ATTR_DEF_ATTR_READ
 }
 else {
   // Does not have ATTR_DEF_ATTR_READ
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_DEF_ATTR_READ.

    • hasAttrDefAttrRead

      public boolean hasAttrDefAttrRead(Subject subj)
      Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrDefAttrRead(subj)) {
   // Has ATTR_DEF_ATTR_READ
 }
 else {
   // Does not have ATTR_DEF_ATTR_READ
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_DEF_ATTR_READ.

    • hasAttrDefAttrUpdate

      public boolean hasAttrDefAttrUpdate(Subject subj)
      Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrDefAttrUpdate(subj)) {
   // Has ATTR_DEF_ATTR_UPDATE
 }
 else {
   // Does not have ATTR_DEF_ATTR_UPDATE
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_DEF_ATTR_UPDATE.

    • hasAttrUpdate

      public boolean hasAttrUpdate(Subject subj)
      Check whether the subject has ATTR_UPDATE on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrUpdate(subj)) {
   // Has ATTR_UPDATE
 }
 else {
   // Does not have ATTR_UPDATE
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_UPDATE.

    • hasAttrView

      public boolean hasAttrView(Subject subj)
      Check whether the subject has ATTR_VIEW on this attributeDef. 
       if (attributeDef.getPrivilegeDelegate().hasAttrView(subj)) {
   // Has ATTR_VIEW
 }
 else {
   // Does not have ATTR_VIEW
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_VIEW.

    • grantPriv

      public boolean grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember) throws GrantPrivilegeException, InsufficientPrivilegeException, SchemaException
      Grant privilege to a subject on this attributeDef. 
       try {
   attributeDef.getPrivilegeDelegate().grantPriv(subj, AttributeDefPrivilege.ATTR_ADMIN);
 }
 catch (GrantPrivilegeException e0) {
   // Cannot grant this privilege
 }
 catch (InsufficientPrivilegeException e1) {
   // Unable to grant this privilege
 }
      Parameters:
      subj - Grant privilege to this subject.
      priv - Grant this privilege.
      exceptionIfAlreadyMember - if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the list
      Returns:
      false if it already existed, true if it didnt already exist
      Throws:
      GrantPrivilegeException
      InsufficientPrivilegeException
      SchemaException

    • grantPrivs

      public boolean grantPrivs(Subject subject, boolean adminChecked, boolean updateChecked, boolean readChecked, boolean viewChecked, boolean optinChecked, boolean optoutChecked, boolean attrReadChecked, boolean attrUpdateChecked, boolean revokeIfUnchecked)
      grant privs to attributedef
      Parameters:
      subject - to add
      updateChecked -
      adminChecked -
      readChecked -
      viewChecked -
      optinChecked -
      optoutChecked -
      attrReadChecked -
      attrUpdateChecked -
      revokeIfUnchecked -
      Returns:
      if something was changed

    • internal_grantPriv

      public boolean internal_grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember, String uuid) throws GrantPrivilegeException, InsufficientPrivilegeException, SchemaException
      Grant privilege to a subject on this attributeDef. 
       try {
   attributeDef.getPrivilegeDelegate().grantPriv(subj, AttributeDefPrivilege.ATTR_ADMIN);
 }
 catch (GrantPrivilegeException e0) {
   // Cannot grant this privilege
 }
 catch (InsufficientPrivilegeException e1) {
   // Unable to grant this privilege
 }
      Parameters:
      subj - Grant privilege to this subject.
      priv - Grant this privilege.
      exceptionIfAlreadyMember - if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the list
      uuid - is uuid or null for assigned
      Returns:
      false if it already existed, true if it didnt already exist
      Throws:
      GrantPrivilegeException
      InsufficientPrivilegeException
      SchemaException

    • revokePriv

      public boolean revokePriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyRevoked) throws InsufficientPrivilegeException, RevokePrivilegeException, SchemaException
      Revoke a privilege from the specified subject. 
       try {
   g.getPrivilegeDelegate().revokePriv(subj, AttributeDefPrivilege.ATTR_ADMIN);
 }
 catch (InsufficientPrivilegeException e1) {
   // Not privileged to revoke this privilege
 }
 catch (RevokePrivilegeException eRP) {
   // Error revoking privilege
 }
      Parameters:
      subj - Revoke privilege from this subject.
      priv - Revoke this privilege.
      exceptionIfAlreadyRevoked - if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the list
      Returns:
      false if it was already revoked, true if it wasnt already deleted
      Throws:
      InsufficientPrivilegeException
      RevokePrivilegeException
      SchemaException

    • canAttrRead

      public boolean canAttrRead(Subject subj)
      Check whether the subject has ATTR_READ on this attributeDef, or something else that allows read (admin) 
       if (attributeDef.getPrivilegeDelegate().cabAttrRead(subj)) {
   // Has ATTR_READ
 }
 else {
   // Does not have ATTR_READ
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_READ.

    • canAttrView

      public boolean canAttrView(Subject subj)
      Check whether the subject has ATTR_VIEW on this attributeDef, or something else that allows view (admin, read, update, etc) 
       if (attributeDef.getPrivilegeDelegate().cabAttrRead(subj)) {
   // Has ATTR_VIEW
 }
 else {
   // Does not have ATTR_VIEW
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_VIEW.

    • canAttrUpdate

      public boolean canAttrUpdate(Subject subj)
      Check whether the subject has ATTR_UPDATE on this attributeDef, or something else that allows update (admin) 
       if (attributeDef.getPrivilegeDelegate().cabAttrUpdate(subj)) {
   // Has ATTR_UPDATE
 }
 else {
   // Does not have ATTR_UPDATE
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_UPDATE.

    • canAttrAdmin

      public boolean canAttrAdmin(Subject subj)
      Check whether the subject has ATTR_ADMIN on this attributeDef, or something else that allows admin (well, actually, there isnt anything) 
       if (attributeDef.getPrivilegeDelegate().cabAttrAdmin(subj)) {
   // Has ATTR_ADMIN
 }
 else {
   // Does not have ATTR_ADMIN
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_ADMIN.

    • hasPrivilege

      public boolean hasPrivilege(Subject subject, String privilegeOrListName)
      see if the subject has a privilege. Note it returns only if the subject has this privilege.
      Parameters:
      subject -
      privilegeOrListName -
      Returns:
      true if has privilege

    • canAttrOptin

      public boolean canAttrOptin(Subject subj)
      Check whether the subject has ATTR_OPTIN on this attributeDef, or something else that allows read (well, actually there isnt anything else right now) 
       if (attributeDef.getPrivilegeDelegate().cabAttrOptin(subj)) {
   // Has ATTR_OPTIN
 }
 else {
   // Does not have ATTR_OPTIN
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_OPTIN.

    • canAttrOptout

      public boolean canAttrOptout(Subject subj)
      Check whether the subject has ATTR_OPTOUT on this attributeDef, or something else that allows optout (well, actually, there isnt anything else right now) 
       if (attributeDef.getPrivilegeDelegate().cabAttrOptout(subj)) {
   // Has ATTR_OPTOUT
 }
 else {
   // Does not have ATTR_OPTOUT
 }
      Parameters:
      subj - Check this subject.
      Returns:
      Boolean true if subject has ATTR_OPTOUT.

    • canHavePrivilege

      public boolean canHavePrivilege(Subject subject, String privilegeOrListName, boolean secure)
      see if the subject has a privilege or another privilege that implies this privilege.
      Parameters:
      subject -
      privilegeOrListName -
      secure - if the user must be an admin to check
      Returns:
      true if has privilege