Package edu.internet2.middleware.grouper.internal.dao

Interface PermissionEntryDAO

All Superinterfaces:
GrouperDAO
All Known Implementing Classes:
Hib3PermissionEntryDAO
public interface PermissionEntryDAO extends GrouperDAO
Basic PermissionEntry DAO interface.
Version:
$Id: PermissionEntryDAO.java,v 1.3 2009-10-26 04:52:17 mchyzer Exp $

  • Method Details

    • findByMemberId

      Set<PermissionEntry> findByMemberId(String memberId)
      find all permissions that a subject has
      Parameters:
      memberId -
      Returns:
      the permissions

    • findByMemberIdAndAttributeDefNameId

      Set<PermissionEntry> findByMemberIdAndAttributeDefNameId(String memberId, String attributeDefNameId)
      get attribute assigns by member and attribute def name id
      Parameters:
      memberId -
      attributeDefNameId -
      Returns:
      set of assigns or empty if none there

    • hasPermissionBySubjectIdSourceIdActionAttributeDefName

      boolean hasPermissionBySubjectIdSourceIdActionAttributeDefName(String subjectId, String sourceId, String action, String attributeDefNameName)
      see if the permission exists and is enabled
      Parameters:
      subjectId -
      sourceId -
      action -
      attributeDefNameName -
      Returns:
      true if has permissions and is enabled

    • findPermissions

      Set<PermissionEntry> findPermissions(Collection<String> attributeDefIds, Collection<String> attributeDefNameIds, Collection<String> roleIds, Collection<String> actions, Boolean enabled, Collection<String> memberIds, boolean noEndDate)
      securely search for assignments. need to pass in either the assign ids, def ids, def name ids, or group ids cannot have more than 100 bind variables. well, you can pass more than 100 members... it will batch
      Parameters:
      attributeDefIds - optional
      attributeDefNameIds - mutually exclusive with attributeDefIds
      roleIds - optional
      actions - (null means all actions)
      enabled - (null means all, true means enabled, false means disabled)
      memberIds -
      noEndDate - true if no end date on memberships
      Returns:
      the permissions

    • findPermissions

      Set<PermissionEntry> findPermissions(Collection<String> attributeDefIds, Collection<String> attributeDefNameIds, Collection<String> roleIds, Collection<String> actions, Boolean enabled, Collection<String> memberIds, boolean noEndDate, Stem permissionNameInStem, Stem.Scope permissionNameInStemScope)
      securely search for assignments. need to pass in either the assign ids, def ids, def name ids, or group ids cannot have more than 100 bind variables. well, you can pass more than 100 members... it will batch
      Parameters:
      attributeDefIds - optional
      attributeDefNameIds - mutually exclusive with attributeDefIds
      roleIds - optional
      actions - (null means all actions)
      enabled - (null means all, true means enabled, false means disabled)
      memberIds -
      noEndDate - true if no end date on memberships
      permissionNameInStem - if looking for permission names in a certain stem, put it here
      permissionNameInStemScope - if looking for permission names in a certain stem, put scope here
      Returns:
      the permissions

    • findPermissions

      Set<PermissionEntry> findPermissions(String attributeDefId, String attributeDefNameId, String ownerRoleId, String ownerMemberId, String action, Boolean enabled)
      securely search for assignments
      Parameters:
      attributeAssignType -
      attributeDefId - optional
      attributeDefNameId - mutually exclusive with attributeDefIds
      ownerRoleId - optional
      ownerStemId - optional
      ownerMemberId - optional
      ownerAttributeDefId - optional
      ownerMembershipId - optional
      action - optional
      enabled - (null means all, true means enabled, false means disabled)
      includeAssignmentsOnAssignments - if assignments on assignments should also be included
      Returns:
      the assignments

    • findRolePermissions

      Set<PermissionEntry> findRolePermissions(String attributeDefId, String attributeDefNameId, String ownerRoleId, String action, Boolean enabled)
      securely search for assignments
      Parameters:
      attributeAssignType -
      attributeDefId - optional
      attributeDefNameId - mutually exclusive with attributeDefIds
      ownerRoleId - optional
      ownerStemId - optional
      ownerAttributeDefId - optional
      ownerMembershipId - optional
      action - optional
      enabled - (null means all, true means enabled, false means disabled)
      includeAssignmentsOnAssignments - if assignments on assignments should also be included
      Returns:
      the assignments

    • findPermissions

      Set<PermissionEntry> findPermissions(Collection<String> attributeDefIds, Collection<String> attributeDefNameIds, Collection<String> roleIds, Collection<String> actions, Boolean enabled, Collection<String> memberIds)
      securely search for assignments. need to pass in either the assign ids, def ids, def name ids, or group ids cannot have more than 100 bind variables
      Parameters:
      attributeDefIds - optional
      attributeDefNameIds - mutually exclusive with attributeDefIds
      roleIds - optional
      actions - (null means all actions)
      enabled - (null means all, true means enabled, false means disabled)
      memberIds -
      Returns:
      the permissions

    • findPermissionsByAttributeDefDisabledRange

      Set<PermissionEntry> findPermissionsByAttributeDefDisabledRange(String attributeDefId, Timestamp disabledDateFrom, Timestamp disabledDateTo)
      Find all permissions based on attributeDefinition, and a range of disabled dates
      Parameters:
      attributeDefId -
      disabledDateFrom - null if dont consider
      disabledDateTo - null if dont consider
      Returns:
      the permission records

    • findAllPermissionsNotInGroupAndType

      Set<PermissionEntry> findAllPermissionsNotInGroupAndType(String attributeDefId, String groupId, boolean immediateRoleMembershipsOrRoleSubject, QueryOptions queryOptions, Boolean enabled, boolean hasNoEndDate)
      find subjects who are not in a group but who have permissions
      Parameters:
      attributeDefId -
      groupId -
      immediateRoleMembershipsOrRoleSubject -
      queryOptions -
      enabled -
      hasNoEndDate -
      Returns:
      the set of members

    • findAllPermissionsNotInStem

      Set<PermissionEntry> findAllPermissionsNotInStem(String attributeDefId, Stem stem, Stem.Scope stemScope, boolean immediateRoleMembershipsOrRoleSubject, QueryOptions queryOptions, Boolean enabled, boolean hasNoEndDate)
      find subjects who are not in a group but who have permissions
      Parameters:
      attributeDefId -
      stem -
      stemScope -
      immediateRoleMembershipsOrRoleSubject -
      queryOptions -
      enabled -
      hasNoEndDate -
      Returns:
      the set of members

    • findRolePermissions

      Set<PermissionEntry> findRolePermissions(Collection<String> attributeDefIds, Collection<String> attributeDefNameIds, Collection<String> roleIds, Collection<String> actions, Boolean enabled, boolean noEndDate)
      securely search for role assignments. need to pass in either the assign ids, def ids, def name ids, or group ids cannot have more than 100 bind variables
      Parameters:
      attributeDefIds - optional
      attributeDefNameIds - mutually exclusive with attributeDefIds
      roleIds - optional
      actions - (null means all actions)
      enabled - (null means all, true means enabled, false means disabled)
      memberIds -
      noEndDate - true if no end date on memberships
      Returns:
      the permissions

    • findRolePermissions

      Set<PermissionEntry> findRolePermissions(Collection<String> attributeDefIds, Collection<String> attributeDefNameIds, Collection<String> roleIds, Collection<String> actions, Boolean enabled, boolean noEndDate, Stem permissionNameInStem, Stem.Scope permissionNameInStemScope)
      securely search for role assignments. need to pass in either the assign ids, def ids, def name ids, or group ids cannot have more than 100 bind variables
      Parameters:
      attributeDefIds - optional
      attributeDefNameIds - mutually exclusive with attributeDefIds
      roleIds - optional
      actions - (null means all actions)
      enabled - (null means all, true means enabled, false means disabled)
      memberIds -
      noEndDate - true if no end date on memberships
      permissionNameInStem - if looking for permission names in a certain stem, put it here
      permissionNameInStemScope - if looking for permission names in a certain stem, put scope here
      Returns:
      the permissions