Class AttributeDefPrivilegeDelegate
java.lang.Object
edu.internet2.middleware.grouper.attr.AttributeDefPrivilegeDelegate
delegate privilege calls from attribute defs
-
Method Summary
Modifier and TypeMethodDescriptionboolean
canAttrAdmin
(Subject subj) Check whether the subject has ATTR_ADMIN on this attributeDef, or something else that allows admin (well, actually, there isnt anything)boolean
canAttrDefAttrRead
(Subject subj) Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef, or something else that allows it (admin)boolean
canAttrDefAttrUpdate
(Subject subj) Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef, or something else that allows it (admin)boolean
canAttrOptin
(Subject subj) Check whether the subject has ATTR_OPTIN on this attributeDef, or something else that allows read (well, actually there isnt anything else right now)boolean
canAttrOptout
(Subject subj) Check whether the subject has ATTR_OPTOUT on this attributeDef, or something else that allows optout (well, actually, there isnt anything else right now)boolean
canAttrRead
(Subject subj) Check whether the subject has ATTR_READ on this attributeDef, or something else that allows read (admin)boolean
canAttrUpdate
(Subject subj) Check whether the subject has ATTR_UPDATE on this attributeDef, or something else that allows update (admin)boolean
canAttrView
(Subject subj) Check whether the subject has ATTR_VIEW on this attributeDef, or something else that allows view (admin, read, update, etc)boolean
canHavePrivilege
(Subject subject, String privilegeOrListName, boolean secure) see if the subject has a privilege or another privilege that implies this privilege.boolean
Grant privilege to a subject on this attributeDef.boolean
grantPrivs
(Subject subject, boolean adminChecked, boolean updateChecked, boolean readChecked, boolean viewChecked, boolean optinChecked, boolean optoutChecked, boolean attrReadChecked, boolean attrUpdateChecked, boolean revokeIfUnchecked) grant privs to attributedefboolean
hasAttrAdmin
(Subject subj) Check whether the subject has ATTR_ADMIN on this attributeDef.boolean
hasAttrDefAttrRead
(Subject subj) Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef.boolean
hasAttrDefAttrUpdate
(Subject subj) Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef.boolean
hasAttrOptin
(Subject subj) Check whether the subject has ATTR_OPTIN on this attributeDef.boolean
hasAttrOptout
(Subject subj) Check whether the subject has ATTR_OPTOUT on this attributeDef.boolean
hasAttrRead
(Subject subj) Check whether the subject has ATTR_READ on this attributeDef.boolean
hasAttrUpdate
(Subject subj) Check whether the subject has ATTR_UPDATE on this attributeDef.boolean
hasAttrView
(Subject subj) Check whether the subject has ATTR_VIEW on this attributeDef.boolean
hasPrivilege
(Subject subject, String privilegeOrListName) see if the subject has a privilege.boolean
internal_grantPriv
(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember, String uuid) Grant privilege to a subject on this attributeDef.boolean
revokePriv
(Subject subj, Privilege priv, boolean exceptionIfAlreadyRevoked) Revoke a privilege from the specified subject.
-
Method Details
-
hasAttrAdmin
Check whether the subject has ATTR_ADMIN on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrAdmin(subj)) { // Has ATTR_ADMIN } else { // Does not have ATTR_ADMIN }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_ADMIN.
-
hasAttrOptin
Check whether the subject has ATTR_OPTIN on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrOptin(subj)) { // Has ATTR_OPTIN } else { // Does not have ATTR_OPTIN }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_OPTIN.
-
hasAttrOptout
Check whether the subject has ATTR_OPTOUT on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrOptout(subj)) { // Has ATTR_OPTOUT } else { // Does not have ATTR_OPTOUT }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_OPTOUT.
-
hasAttrRead
Check whether the subject has ATTR_READ on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrRead(subj)) { // Has ATTR_READ } else { // Does not have ATTR_READ }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_READ.
-
canAttrDefAttrUpdate
Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef, or something else that allows it (admin)if (attributeDef.getPrivilegeDelegate().canAttrDefAttrUpdate(subj)) { // Has ATTR_DEF_ATTR_UPDATE } else { // Does not have ATTR_DEF_ATTR_UPDATE }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_DEF_ATTR_UPDATE.
-
canAttrDefAttrRead
Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef, or something else that allows it (admin)if (attributeDef.getPrivilegeDelegate().canAttrDefAttrRead(subj)) { // Has ATTR_DEF_ATTR_READ } else { // Does not have ATTR_DEF_ATTR_READ }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_DEF_ATTR_READ.
-
hasAttrDefAttrRead
Check whether the subject has ATTR_DEF_ATTR_READ on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrDefAttrRead(subj)) { // Has ATTR_DEF_ATTR_READ } else { // Does not have ATTR_DEF_ATTR_READ }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_DEF_ATTR_READ.
-
hasAttrDefAttrUpdate
Check whether the subject has ATTR_DEF_ATTR_UPDATE on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrDefAttrUpdate(subj)) { // Has ATTR_DEF_ATTR_UPDATE } else { // Does not have ATTR_DEF_ATTR_UPDATE }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_DEF_ATTR_UPDATE.
-
hasAttrUpdate
Check whether the subject has ATTR_UPDATE on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrUpdate(subj)) { // Has ATTR_UPDATE } else { // Does not have ATTR_UPDATE }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_UPDATE.
-
hasAttrView
Check whether the subject has ATTR_VIEW on this attributeDef.if (attributeDef.getPrivilegeDelegate().hasAttrView(subj)) { // Has ATTR_VIEW } else { // Does not have ATTR_VIEW }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_VIEW.
-
grantPriv
public boolean grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember) throws GrantPrivilegeException, InsufficientPrivilegeException, SchemaException Grant privilege to a subject on this attributeDef.try { attributeDef.getPrivilegeDelegate().grantPriv(subj, AttributeDefPrivilege.ATTR_ADMIN); } catch (GrantPrivilegeException e0) { // Cannot grant this privilege } catch (InsufficientPrivilegeException e1) { // Unable to grant this privilege }
- Parameters:
subj
- Grant privilege to this subject.priv
- Grant this privilege.exceptionIfAlreadyMember
- if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the list- Returns:
- false if it already existed, true if it didnt already exist
- Throws:
GrantPrivilegeException
InsufficientPrivilegeException
SchemaException
-
grantPrivs
public boolean grantPrivs(Subject subject, boolean adminChecked, boolean updateChecked, boolean readChecked, boolean viewChecked, boolean optinChecked, boolean optoutChecked, boolean attrReadChecked, boolean attrUpdateChecked, boolean revokeIfUnchecked) grant privs to attributedef- Parameters:
subject
- to addupdateChecked
-adminChecked
-readChecked
-viewChecked
-optinChecked
-optoutChecked
-attrReadChecked
-attrUpdateChecked
-revokeIfUnchecked
-- Returns:
- if something was changed
-
internal_grantPriv
public boolean internal_grantPriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyMember, String uuid) throws GrantPrivilegeException, InsufficientPrivilegeException, SchemaException Grant privilege to a subject on this attributeDef.try { attributeDef.getPrivilegeDelegate().grantPriv(subj, AttributeDefPrivilege.ATTR_ADMIN); } catch (GrantPrivilegeException e0) { // Cannot grant this privilege } catch (InsufficientPrivilegeException e1) { // Unable to grant this privilege }
- Parameters:
subj
- Grant privilege to this subject.priv
- Grant this privilege.exceptionIfAlreadyMember
- if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the listuuid
- is uuid or null for assigned- Returns:
- false if it already existed, true if it didnt already exist
- Throws:
GrantPrivilegeException
InsufficientPrivilegeException
SchemaException
-
revokePriv
public boolean revokePriv(Subject subj, Privilege priv, boolean exceptionIfAlreadyRevoked) throws InsufficientPrivilegeException, RevokePrivilegeException, SchemaException Revoke a privilege from the specified subject.try { g.getPrivilegeDelegate().revokePriv(subj, AttributeDefPrivilege.ATTR_ADMIN); } catch (InsufficientPrivilegeException e1) { // Not privileged to revoke this privilege } catch (RevokePrivilegeException eRP) { // Error revoking privilege }
- Parameters:
subj
- Revoke privilege from this subject.priv
- Revoke this privilege.exceptionIfAlreadyRevoked
- if false, and subject is already a member, then dont throw a MemberAddException if the member is already in the list- Returns:
- false if it was already revoked, true if it wasnt already deleted
- Throws:
InsufficientPrivilegeException
RevokePrivilegeException
SchemaException
-
canAttrRead
Check whether the subject has ATTR_READ on this attributeDef, or something else that allows read (admin)if (attributeDef.getPrivilegeDelegate().cabAttrRead(subj)) { // Has ATTR_READ } else { // Does not have ATTR_READ }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_READ.
-
canAttrView
Check whether the subject has ATTR_VIEW on this attributeDef, or something else that allows view (admin, read, update, etc)if (attributeDef.getPrivilegeDelegate().cabAttrRead(subj)) { // Has ATTR_VIEW } else { // Does not have ATTR_VIEW }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_VIEW.
-
canAttrUpdate
Check whether the subject has ATTR_UPDATE on this attributeDef, or something else that allows update (admin)if (attributeDef.getPrivilegeDelegate().cabAttrUpdate(subj)) { // Has ATTR_UPDATE } else { // Does not have ATTR_UPDATE }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_UPDATE.
-
canAttrAdmin
Check whether the subject has ATTR_ADMIN on this attributeDef, or something else that allows admin (well, actually, there isnt anything)if (attributeDef.getPrivilegeDelegate().cabAttrAdmin(subj)) { // Has ATTR_ADMIN } else { // Does not have ATTR_ADMIN }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_ADMIN.
-
hasPrivilege
see if the subject has a privilege. Note it returns only if the subject has this privilege.- Parameters:
subject
-privilegeOrListName
-- Returns:
- true if has privilege
-
canAttrOptin
Check whether the subject has ATTR_OPTIN on this attributeDef, or something else that allows read (well, actually there isnt anything else right now)if (attributeDef.getPrivilegeDelegate().cabAttrOptin(subj)) { // Has ATTR_OPTIN } else { // Does not have ATTR_OPTIN }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_OPTIN.
-
canAttrOptout
Check whether the subject has ATTR_OPTOUT on this attributeDef, or something else that allows optout (well, actually, there isnt anything else right now)if (attributeDef.getPrivilegeDelegate().cabAttrOptout(subj)) { // Has ATTR_OPTOUT } else { // Does not have ATTR_OPTOUT }
- Parameters:
subj
- Check this subject.- Returns:
- Boolean true if subject has ATTR_OPTOUT.
-
canHavePrivilege
see if the subject has a privilege or another privilege that implies this privilege.- Parameters:
subject
-privilegeOrListName
-secure
- if the user must be an admin to check- Returns:
- true if has privilege
-