Class GrouperAttributeDefAdapter
java.lang.Object
edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter
edu.internet2.middleware.grouper.privs.GrouperNonDbAttrDefAdapter
edu.internet2.middleware.grouper.privs.GrouperAttributeDefAdapter
- All Implemented Interfaces:
AttributeDefAdapter
Grouper Attribute Definition Access Privilege interface.Unless you are implementing a new implementation of this interface, you should not need to directly use these methods as they are all wrapped by methods in the
This access adapter affects the HQL queries to give better performanceAttributeDef
class.
- Version:
- $Id: GrouperAttributeDefAdapter.java,v 1.1 2009-09-21 06:14:26 mchyzer Exp $
-
Field Summary
Fields inherited from class edu.internet2.middleware.grouper.privs.GrouperNonDbAttrDefAdapter
priv2list
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
hqlFilterAttrDefsWhereClause
(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hqlTables, StringBuilder hqlWhereClause, String attributeDefColumn, Set<Privilege> privInSet) for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like).boolean
hqlFilterAttributeDefsNotWithPrivWhereClause
(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String attributeDefColumn, Privilege privilege, boolean considerAllSubject) for an attributeDef query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).boolean
hqlFilterAttributeDefsWithPrivWhereClause
(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String attributeDefColumn, Privilege privilege, boolean considerAllSubject) for an attributeDef query, check to make sure the subject has priv (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).postHqlFilterAttributeAssigns
(GrouperSession grouperSession, Subject subject, Set<AttributeAssign> attributeAssigns) filter attribute assignments for things the subject can see, assume underlying assignments are ok to viewpostHqlFilterPermissions
(GrouperSession grouperSession, Subject subject, Set<PermissionEntry> permissionEntries) filter permissionEntries for things the subject can see, assume underlying assignments are ok to viewpostHqlFilterPITAttributeAssigns
(GrouperSession grouperSession, Subject subject, Set<PITAttributeAssign> pitAttributeAssigns) filter pit attribute assignments for things the subject can see, assume underlying assignments are ok to viewMethods inherited from class edu.internet2.middleware.grouper.privs.GrouperNonDbAttrDefAdapter
getAttributeDefsWhereSubjectDoesHavePrivilege, getAttributeDefsWhereSubjectDoesntHavePrivilege, getAttributeDefsWhereSubjectHasPriv, getPrivs, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, retrievePrivileges, revokeAllPrivilegesForSubject, revokePriv, revokePriv
Methods inherited from class edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter
postHqlFilterAttributeDefs
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface edu.internet2.middleware.grouper.privs.AttributeDefAdapter
postHqlFilterAttributeDefs
-
Constructor Details
-
GrouperAttributeDefAdapter
public GrouperAttributeDefAdapter()
-
-
Method Details
-
hqlFilterAttrDefsWhereClause
public boolean hqlFilterAttrDefsWhereClause(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hqlTables, StringBuilder hqlWhereClause, String attributeDefColumn, Set<Privilege> privInSet) Description copied from interface:AttributeDefAdapter
for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like). Note, this joins to tables, so the queries should probably be "distinct"- Specified by:
hqlFilterAttrDefsWhereClause
in interfaceAttributeDefAdapter
- Overrides:
hqlFilterAttrDefsWhereClause
in classBaseAttrDefAdapter
subject
- which needs view access to the attrDefshqlTables
- is the select and part part (hql prefix)hqlWhereClause
- is there where clause part of the queryattributeDefColumn
- is the name of the attrDef column to join toprivInSet
- find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege- Returns:
- if the query was changed
- See Also:
-
postHqlFilterAttributeAssigns
public Set<AttributeAssign> postHqlFilterAttributeAssigns(GrouperSession grouperSession, Subject subject, Set<AttributeAssign> attributeAssigns) Description copied from interface:AttributeDefAdapter
filter attribute assignments for things the subject can see, assume underlying assignments are ok to view- Specified by:
postHqlFilterAttributeAssigns
in interfaceAttributeDefAdapter
- Overrides:
postHqlFilterAttributeAssigns
in classBaseAttrDefAdapter
- Returns:
- the memberships
- See Also:
-
postHqlFilterPITAttributeAssigns
public Set<PITAttributeAssign> postHqlFilterPITAttributeAssigns(GrouperSession grouperSession, Subject subject, Set<PITAttributeAssign> pitAttributeAssigns) Description copied from interface:AttributeDefAdapter
filter pit attribute assignments for things the subject can see, assume underlying assignments are ok to view- Specified by:
postHqlFilterPITAttributeAssigns
in interfaceAttributeDefAdapter
- Overrides:
postHqlFilterPITAttributeAssigns
in classBaseAttrDefAdapter
- Returns:
- the pit attribute assignments
- See Also:
-
postHqlFilterPermissions
public Set<PermissionEntry> postHqlFilterPermissions(GrouperSession grouperSession, Subject subject, Set<PermissionEntry> permissionEntries) Description copied from interface:AttributeDefAdapter
filter permissionEntries for things the subject can see, assume underlying assignments are ok to view- Specified by:
postHqlFilterPermissions
in interfaceAttributeDefAdapter
- Overrides:
postHqlFilterPermissions
in classBaseAttrDefAdapter
- Returns:
- the memberships
- See Also:
-
hqlFilterAttributeDefsNotWithPrivWhereClause
public boolean hqlFilterAttributeDefsNotWithPrivWhereClause(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String attributeDefColumn, Privilege privilege, boolean considerAllSubject) Description copied from interface:AttributeDefAdapter
for an attributeDef query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).- Specified by:
hqlFilterAttributeDefsNotWithPrivWhereClause
in interfaceAttributeDefAdapter
- Overrides:
hqlFilterAttributeDefsNotWithPrivWhereClause
in classBaseAttrDefAdapter
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)attributeDefColumn
- is the name of the attributeDef column to join toprivilege
- find a privilege which is in this set (e.g. attributeDef privs).considerAllSubject
- if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider- Returns:
- if the query was changed
- See Also:
-
hqlFilterAttributeDefsWithPrivWhereClause
public boolean hqlFilterAttributeDefsWithPrivWhereClause(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String attributeDefColumn, Privilege privilege, boolean considerAllSubject) Description copied from interface:AttributeDefAdapter
for an attributeDef query, check to make sure the subject has priv (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).- Specified by:
hqlFilterAttributeDefsWithPrivWhereClause
in interfaceAttributeDefAdapter
- Overrides:
hqlFilterAttributeDefsWithPrivWhereClause
in classBaseAttrDefAdapter
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)attributeDefColumn
- is the name of the attributeDef column to join toprivilege
- find a privilege which is in this set (e.g. attributeDef privs).considerAllSubject
- if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider- Returns:
- if the query was changed
- See Also:
-