|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.grouper.privs.NamingResolverDecorator
public abstract class NamingResolverDecorator
Decorator for NamingResolver
.
Constructor Summary | |
---|---|
NamingResolverDecorator(NamingResolver resolver)
|
Method Summary | |
---|---|
NamingResolver |
getDecoratedResolver()
|
GrouperSession |
getGrouperSession()
get a reference to the session |
Set<NamingPrivilege> |
getPrivileges(Stem stem,
Subject subject)
Get all privileges subject has on group. |
Set<Stem> |
getStemsWhereSubjectHasPrivilege(Subject subject,
Privilege privilege)
Get all groups where subject has privilege. |
Set<Subject> |
getSubjectsWithPrivilege(Stem stem,
Privilege privilege)
Get all subjects with privilege on group. |
void |
grantPrivilege(Stem stem,
Subject subject,
Privilege privilege,
String uuid)
Grant privilege to subject on group. |
boolean |
hasPrivilege(Stem stem,
Subject subject,
Privilege privilege)
Check whether subject has privilege on group. |
boolean |
hqlFilterStemsWhereClause(Subject subject,
HqlQuery hqlQuery,
StringBuilder hql,
String stemColumn,
Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
Set<Stem> |
postHqlFilterStems(Set<Stem> stems,
Subject subject,
Set<Privilege> privInSet)
after HQL is run, filter stems. |
void |
privilegeCopy(Stem stem1,
Stem stem2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on stem1 to stem2. |
void |
privilegeCopy(Subject subj1,
Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
void |
revokeAllPrivilegesForSubject(Subject subject)
Revoke all naming privileges that this subject has. |
void |
revokePrivilege(Stem stem,
Privilege privilege)
Revoke privilege from all subjects on group. |
void |
revokePrivilege(Stem stem,
Subject subject,
Privilege privilege)
Revoke privilege from subject on group. |
void |
stop()
clean up resources, session is stopped |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public NamingResolverDecorator(NamingResolver resolver) throws IllegalArgumentException
resolver
- NamingResolver to decorate.
IllegalArgumentException
- if resolver is null.Method Detail |
---|
public NamingResolver getDecoratedResolver() throws IllegalStateException
IllegalStateException
- if no decorated NamingResolver.public GrouperSession getGrouperSession()
NamingResolver
getGrouperSession
in interface NamingResolver
NamingResolver.getGrouperSession()
public Set<NamingPrivilege> getPrivileges(Stem stem, Subject subject) throws IllegalArgumentException
NamingResolver
getPrivileges
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.NamingResolver.getPrivileges(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject)
public Set<Stem> getStemsWhereSubjectHasPrivilege(Subject subject, Privilege privilege) throws IllegalArgumentException
NamingResolver
getStemsWhereSubjectHasPrivilege
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.NamingResolver.getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public Set<Subject> getSubjectsWithPrivilege(Stem stem, Privilege privilege) throws IllegalArgumentException
NamingResolver
getSubjectsWithPrivilege
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.NamingResolver.getSubjectsWithPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)
public void grantPrivilege(Stem stem, Subject subject, Privilege privilege, String uuid) throws IllegalArgumentException, UnableToPerformException
NamingResolver
grantPrivilege
in interface NamingResolver
uuid
- if known or null
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be granted.NamingResolver.grantPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege, String)
public boolean hasPrivilege(Stem stem, Subject subject, Privilege privilege) throws IllegalArgumentException
NamingResolver
hasPrivilege
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.NamingResolver.hasPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public boolean hqlFilterStemsWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Set<Privilege> privInSet)
NamingResolver
hqlFilterStemsWhereClause
in interface NamingResolver
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)stemColumn
- is the name of the stem column to join toprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
NamingResolver.hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)
public Set<Stem> postHqlFilterStems(Set<Stem> stems, Subject subject, Set<Privilege> privInSet)
NamingResolver
postHqlFilterStems
in interface NamingResolver
subject
- which needs view access to the groupsprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege
NamingResolver.postHqlFilterStems(java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)
public void privilegeCopy(Stem stem1, Stem stem2, Privilege priv) throws IllegalArgumentException, UnableToPerformException
NamingResolver
privilegeCopy
in interface NamingResolver
IllegalArgumentException
UnableToPerformException
NamingResolver.privilegeCopy(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(Subject subj1, Subject subj2, Privilege priv) throws IllegalArgumentException, UnableToPerformException
NamingResolver
privilegeCopy
in interface NamingResolver
IllegalArgumentException
UnableToPerformException
NamingResolver.privilegeCopy(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void revokeAllPrivilegesForSubject(Subject subject)
NamingResolver
revokeAllPrivilegesForSubject
in interface NamingResolver
NamingResolver.revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject)
public void revokePrivilege(Stem stem, Privilege privilege) throws IllegalArgumentException, UnableToPerformException
NamingResolver
revokePrivilege
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.NamingResolver.revokePrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)
public void revokePrivilege(Stem stem, Subject subject, Privilege privilege) throws IllegalArgumentException, UnableToPerformException
NamingResolver
revokePrivilege
in interface NamingResolver
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.NamingResolver.revokePrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void stop()
NamingResolver
stop
in interface NamingResolver
NamingResolver.stop()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |