Class PermissionFinder

java.lang.Object
edu.internet2.middleware.grouper.permissions.PermissionFinder

public class PermissionFinder extends Object
  • Constructor Details

    • PermissionFinder

      public PermissionFinder()
  • Method Details

    • addLimitEnvVar

      public PermissionFinder addLimitEnvVar(String key, Object value)
      limitEnvVars if processing limits with PermissionProcessor, pass in a map of limits. The name is the name of the variable, and the value is the value. Note, you can typecast the values by putting a valid type in parens in front of the param name. e.g. name: (int)amount, value: 50
      Parameters:
      key -
      value -
      Returns:
      this for chaining
    • assignLimitEnvVars

      public PermissionFinder assignLimitEnvVars(Map<String,Object> theEnvVars)
      limitEnvVars if processing limits, pass in a map of limits. The name is the name of the variable, and the value is the value. Note, you can typecast the values by putting a valid type in parens in front of the param name. e.g. name: (int)amount, value: 50
      Parameters:
      theEnvVars - the map to replace
      Returns:
      this for chaining
    • addMemberId

      public PermissionFinder addMemberId(String memberId)
      add a member id to the search criteria
      Parameters:
      memberId -
      Returns:
      this for chaining
    • assignMemberIds

      public PermissionFinder assignMemberIds(Collection<String> theMemberIds)
      add a collection of member ids to look for
      Parameters:
      theMemberIds -
      Returns:
      this for chaining
    • addSubject

      public PermissionFinder addSubject(Subject subject)
      add a subject to look for.
      Parameters:
      subject -
      Returns:
      this for chaining
    • addRoleId

      public PermissionFinder addRoleId(String roleId)
      add a role id to the search criteria
      Parameters:
      roleId -
      Returns:
      this for chaining
    • assignRoleIds

      public PermissionFinder assignRoleIds(Collection<String> theRoleIds)
      assign a collection of role ids to look for
      Parameters:
      theRoleIds -
      Returns:
      this for chaining
    • addRole

      public PermissionFinder addRole(Role role)
      add a role to look for.
      Parameters:
      role -
      Returns:
      this for chaining
    • addRole

      public PermissionFinder addRole(String name)
      add a role to look for by name.
      Parameters:
      name -
      Returns:
      this for chaining
    • addPermissionDefId

      public PermissionFinder addPermissionDefId(String attributeDefId)
      add a attribute def id to the search criteria
      Parameters:
      attributeDefId -
      Returns:
      this for chaining
    • assignPermissionDefIds

      public PermissionFinder assignPermissionDefIds(Collection<String> theAttributeDefIds)
      assign a collection of attribute def ids to look for
      Parameters:
      theAttributeDefIds -
      Returns:
      this for chaining
    • assignPermissionNameFolder

      public PermissionFinder assignPermissionNameFolder(Stem permissionNameFolder1)
      if narrowing search for permissions in a certain folder only
      Parameters:
      permissionNameFolder1 -
      Returns:
      this for chaining
    • assignPermissionNameFolderScope

      public PermissionFinder assignPermissionNameFolderScope(Stem.Scope scope)
      if searching in a folder, this is the scope: only in this folder, or also in subfolders
      Parameters:
      scope -
      Returns:
      this for chaining
    • addPermissionDef

      public PermissionFinder addPermissionDef(AttributeDef attributeDef)
      add a attribute def to look for.
      Parameters:
      attributeDef -
      Returns:
      this for chaining
    • addPermissionDef

      public PermissionFinder addPermissionDef(String attributeDefName)
      add a attribute def to look for by name.
      Parameters:
      attributeDefName -
      Returns:
      this for chaining
    • addPermissionNameId

      public PermissionFinder addPermissionNameId(String attributeDefNameId)
      add an attribute def name id to the search criteria
      Parameters:
      attributeDefNameId -
      Returns:
      this for chaining
    • assignPermissionNameIds

      public PermissionFinder assignPermissionNameIds(Collection<String> theAttributeDefNameIds)
      assign a collection of attribute def name ids to look for
      Parameters:
      theAttributeDefNameIds -
      Returns:
      this for chaining
    • addPermissionName

      public PermissionFinder addPermissionName(AttributeDefName attributeDefName)
      add a attribute def name to look for.
      Parameters:
      attributeDefName -
      Returns:
      this for chaining
    • addPermissionName

      public PermissionFinder addPermissionName(String name)
      add a attribute def name to look for by name.
      Parameters:
      name -
      Returns:
      this for chaining
    • addAction

      public PermissionFinder addAction(String action)
      add a action to the search criteria
      Parameters:
      action -
      Returns:
      this for chaining
    • assignActions

      public PermissionFinder assignActions(Collection<String> theActions)
      assign actions to search for, return this for chaining
      Parameters:
      theActions -
      Returns:
      this for chaining
    • assignEnabled

      public PermissionFinder assignEnabled(Boolean theEnabled)
      true means enabled only, false, means disabled only, and null means all
      Parameters:
      theEnabled -
      Returns:
      this for chaining
    • assignPermissionProcessor

      public PermissionFinder assignPermissionProcessor(PermissionProcessor thePermissionProcessor)
      if we should find the best answer, or process limits, etc
      Parameters:
      thePermissionProcessor -
      Returns:
      this for chaining
    • assignImmediateOnly

      public PermissionFinder assignImmediateOnly(boolean theImmediate)
      if we should filter out non immediate permissions
      Parameters:
      theImmediate -
      Returns:
      this for chaining
    • assignPermissionType

      public PermissionFinder assignPermissionType(PermissionEntry.PermissionType thePermissionType)
      are we looking for role permissions or subject permissions? cant be null
      Parameters:
      thePermissionType -
      Returns:
      this for chaining
    • hasPermission

      public boolean hasPermission()
      based on what you are querying for, see if has permission. Note, you should be looking for one subject, one action, one resource, one role or multiple roles, etc If you are looking for multiple, it will see if anyone has that permission
      Returns:
      true if has permission, false if not
    • findPermissionsAndLimits

      public Map<PermissionEntry,Set<PermissionLimitBean>> findPermissionsAndLimits()
      get the permissions, and the limits, so the caller (e.g. the UI/WS) doesnt have to get them again
      Returns:
      the map of entry to the limits and values
    • findPermissionResult

      public PermissionResult findPermissionResult()
      permission result gives helper methods in processing the results
      Returns:
      the permission result
    • findPermissions

      public Set<PermissionEntry> findPermissions()
      find a list of permissions
      Returns:
      the set of permissions never null
    • findPermission

      public PermissionEntry findPermission(boolean exceptionIfNotFound)
      find a permission
      Parameters:
      exceptionIfNotFound - true if exception should be thrown if permission not found
      Returns:
      the permission or null
    • toString

      public String toString()
      Overrides:
      toString in class Object
      See Also:
    • assignPointInTimeFrom

      public PermissionFinder assignPointInTimeFrom(Timestamp pointInTimeFrom)
      To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeTo. This parameter specifies the start of the range of the point in time query. If this is specified but pointInTimeTo is not specified, then the point in time query range will be from the time specified to now.
      Parameters:
      pointInTimeFrom -
      Returns:
      this for changing
    • assignPointInTimeTo

      public PermissionFinder assignPointInTimeTo(Timestamp pointInTimeTo)
      To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeFrom. This parameter specifies the end of the range of the point in time query. If this is the same as pointInTimeFrom, then the query will be done at a single point in time rather than a range. If this is specified but pointInTimeFrom is not specified, then the point in time query range will be from the minimum point in time to the time specified.
      Parameters:
      pointInTimeTo -
      Returns:
      this for changing