Class CachingNamingResolver
java.lang.Object
edu.internet2.middleware.grouper.privs.NamingResolverDecorator
edu.internet2.middleware.grouper.privs.CachingNamingResolver
- All Implemented Interfaces:
NamingResolver
Decorator that provides caching for
NamingResolver.
- Since:
- 1.2.1
- Version:
- $Id: CachingNamingResolver.java,v 1.12 2009-09-21 06:14:26 mchyzer Exp $
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidflush cache if caching resolverget a reference to the sessionvoidgrantPrivilege(Stem stem, Subject subject, Privilege privilege, String uuid) Grant privilege to subject on group.booleanhasPrivilege(Stem stem, Subject subject, Privilege privilege) Check whether subject has privilege on group.booleanhqlFilterStemsNotWithPrivWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Privilege privilege, boolean considerAllSubject) for a stem query, check to make sure the subject doesnt have privsafter HQL is run, filter stems.voidprivilegeCopy(Stem stem1, Stem stem2, Privilege priv) Copies privileges for subjects that have the specified privilege on stem1 to stem2.voidprivilegeCopy(Subject subj1, Subject subj2, Privilege priv) Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2.voidrevokeAllPrivilegesForSubject(Subject subject) Revoke all naming privileges that this subject has.voidrevokePrivilege(Stem stem, Privilege privilege) Revoke privilege from all subjects on group.voidrevokePrivilege(Stem stem, Subject subject, Privilege privilege) Revoke privilege from subject on group.voidstop()clean up resources, session is stoppedMethods inherited from class edu.internet2.middleware.grouper.privs.NamingResolverDecorator
getDecoratedResolver, getPrivileges, getStemsWhereSubjectDoesHavePrivilege, getStemsWhereSubjectDoesntHavePrivilege, getStemsWhereSubjectHasPrivilege, getSubjectsWithPrivilege, hqlFilterStemsWhereClause, hqlFilterStemsWithPrivWhereClause
-
Field Details
-
CACHE_HASPRIV
-
-
Constructor Details
-
CachingNamingResolver
- Parameters:
resolver-- Since:
- 1.2.1
-
-
Method Details
-
flushCache
public void flushCache()Description copied from interface:NamingResolverflush cache if caching resolver- Specified by:
flushCachein interfaceNamingResolver- Overrides:
flushCachein classNamingResolverDecorator- See Also:
-
getGrouperSession
Description copied from interface:NamingResolverget a reference to the session- Specified by:
getGrouperSessionin interfaceNamingResolver- Overrides:
getGrouperSessionin classNamingResolverDecorator- Returns:
- the session
- See Also:
-
getStats
- Parameters:
cache-- Returns:
- ehcache statistics for cache.
- Since:
- 1.2.1
-
grantPrivilege
public void grantPrivilege(Stem stem, Subject subject, Privilege privilege, String uuid) throws IllegalArgumentException, UnableToPerformException Description copied from interface:NamingResolverGrant privilege to subject on group.- Specified by:
grantPrivilegein interfaceNamingResolver- Overrides:
grantPrivilegein classNamingResolverDecoratoruuid- if known or null- Throws:
IllegalArgumentException- if any parameter is null.UnableToPerformException- if the privilege could not be granted.- Since:
- 1.2.1
- See Also:
-
hasPrivilege
public boolean hasPrivilege(Stem stem, Subject subject, Privilege privilege) throws IllegalArgumentException Description copied from interface:NamingResolverCheck whether subject has privilege on group.- Specified by:
hasPrivilegein interfaceNamingResolver- Overrides:
hasPrivilegein classNamingResolverDecorator- Returns:
- if has privilege
- Throws:
IllegalArgumentException- if any parameter is null.- Since:
- 1.2.1
- See Also:
-
revokePrivilege
public void revokePrivilege(Stem stem, Privilege privilege) throws IllegalArgumentException, UnableToPerformException Description copied from interface:NamingResolverRevoke privilege from all subjects on group.- Specified by:
revokePrivilegein interfaceNamingResolver- Overrides:
revokePrivilegein classNamingResolverDecorator- Throws:
IllegalArgumentException- if any parameter is null.UnableToPerformException- if the privilege could not be revoked.- Since:
- 1.2.1
- See Also:
-
revokePrivilege
public void revokePrivilege(Stem stem, Subject subject, Privilege privilege) throws IllegalArgumentException, UnableToPerformException Description copied from interface:NamingResolverRevoke privilege from subject on group.- Specified by:
revokePrivilegein interfaceNamingResolver- Overrides:
revokePrivilegein classNamingResolverDecorator- Throws:
IllegalArgumentException- if any parameter is null.UnableToPerformException- if the privilege could not be revoked.- Since:
- 1.2.1
- See Also:
-
privilegeCopy
public void privilegeCopy(Stem stem1, Stem stem2, Privilege priv) throws IllegalArgumentException, UnableToPerformException Description copied from interface:NamingResolverCopies privileges for subjects that have the specified privilege on stem1 to stem2.- Specified by:
privilegeCopyin interfaceNamingResolver- Overrides:
privilegeCopyin classNamingResolverDecorator- Throws:
IllegalArgumentExceptionUnableToPerformException- See Also:
-
privilegeCopy
public void privilegeCopy(Subject subj1, Subject subj2, Privilege priv) throws IllegalArgumentException, UnableToPerformException Description copied from interface:NamingResolverCopies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. For instance, if subj1 has STEM privilege to Stem x, this method will result with subj2 having STEM privilege to Stem x.- Specified by:
privilegeCopyin interfaceNamingResolver- Overrides:
privilegeCopyin classNamingResolverDecorator- Throws:
IllegalArgumentExceptionUnableToPerformException- See Also:
-
postHqlFilterStems
Description copied from interface:NamingResolverafter HQL is run, filter stems. If you are filtering in HQL, then dont filter here- Specified by:
postHqlFilterStemsin interfaceNamingResolver- Overrides:
postHqlFilterStemsin classNamingResolverDecoratorsubject- which needs view access to the groupsprivInSet- find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege- Returns:
- the set of filtered groups
- See Also:
-
stop
public void stop()Description copied from interface:NamingResolverclean up resources, session is stopped- Specified by:
stopin interfaceNamingResolver- Overrides:
stopin classNamingResolverDecorator- See Also:
-
revokeAllPrivilegesForSubject
Description copied from interface:NamingResolverRevoke all naming privileges that this subject has.- Specified by:
revokeAllPrivilegesForSubjectin interfaceNamingResolver- Overrides:
revokeAllPrivilegesForSubjectin classNamingResolverDecorator- See Also:
-
hqlFilterStemsNotWithPrivWhereClause
public boolean hqlFilterStemsNotWithPrivWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Privilege privilege, boolean considerAllSubject) Description copied from interface:NamingResolverfor a stem query, check to make sure the subject doesnt have privs- Specified by:
hqlFilterStemsNotWithPrivWhereClausein interfaceNamingResolver- Overrides:
hqlFilterStemsNotWithPrivWhereClausein classNamingResolverDecorator- Parameters:
subject- which needs view access to the groupshql- the select and current from partstemColumn- is the name of the group column to join toprivilege- find a privilege which is in this set (e.g. stem or create)considerAllSubject- if true, then consider GrouperAll when seeign if subject has priv, else do not- Returns:
- if the statement was changed
- See Also:
-
edu.internet2.middleware.grouper.privs.NamingResolver#hqlFilterStemsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege)
-