|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.grouper.privs.AttributeDefResolverDecorator
edu.internet2.middleware.grouper.privs.ValidatingAttrDefResolver
public class ValidatingAttrDefResolver
Decorator that provides parameter validation for AttributeDefResolver
.
Constructor Summary | |
---|---|
ValidatingAttrDefResolver(AttributeDefResolver resolver)
|
Method Summary | |
---|---|
Set<AttributeDef> |
getAttributeDefsWhereSubjectHasPrivilege(Subject subject,
Privilege privilege)
Get all attributedefs where subject has privilege. |
Set<AttributeDefPrivilege> |
getPrivileges(AttributeDef attributeDef,
Subject subject)
Get all privileges subject has on attributeDef. |
Set<Subject> |
getSubjectsWithPrivilege(AttributeDef attributeDef,
Privilege privilege)
Get all subjects with privilege on attributeDef. |
void |
grantPrivilege(AttributeDef attributeDef,
Subject subject,
Privilege privilege,
String uuid)
Grant privilege to subject on attributeDef. |
boolean |
hasPrivilege(AttributeDef attributeDef,
Subject subject,
Privilege privilege)
Check whether subject has privilege on attributeDef. |
boolean |
hqlFilterAttrDefsWhereClause(Subject subject,
HqlQuery hqlQuery,
StringBuilder hqlTables,
StringBuilder hqlWhereClause,
String attrDefColumn,
Set<Privilege> privInSet)
for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttDefs instead if you like) |
Set<AttributeDef> |
postHqlFilterAttrDefs(Set<AttributeDef> attributeDefs,
Subject subject,
Set<Privilege> privInSet)
after HQL is run, filter attributeDefs. |
Set<AttributeAssign> |
postHqlFilterAttributeAssigns(Subject subject,
Set<AttributeAssign> attributeDefs)
filter attributeDefs for things the subject can see |
Set<PermissionEntry> |
postHqlFilterPermissions(Subject subject,
Set<PermissionEntry> permissionsEntries)
filter permissions for things the subject can see |
void |
privilegeCopy(AttributeDef attributeDef1,
AttributeDef attributeDef2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on g1 to g2. |
void |
privilegeCopy(Subject subj1,
Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
void |
revokeAllPrivilegesForSubject(Subject subject)
Revoke all attrDef privileges that this subject has. |
void |
revokePrivilege(AttributeDef attributeDef,
Privilege privilege)
Revoke privilege from all subjects on attributeDef. |
void |
revokePrivilege(AttributeDef attributeDef,
Subject subject,
Privilege privilege)
Revoke privilege from subject on attributeDef. |
Methods inherited from class edu.internet2.middleware.grouper.privs.AttributeDefResolverDecorator |
---|
flushCache, getDecoratedResolver, getGrouperSession, stop |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ValidatingAttrDefResolver(AttributeDefResolver resolver)
resolver
- Method Detail |
---|
public Set<AttributeDef> getAttributeDefsWhereSubjectHasPrivilege(Subject subject, Privilege privilege) throws IllegalArgumentException
AttributeDefResolver
getAttributeDefsWhereSubjectHasPrivilege
in interface AttributeDefResolver
getAttributeDefsWhereSubjectHasPrivilege
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.AttributeDefResolverDecorator.getAttributeDefsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public Set<AttributeDefPrivilege> getPrivileges(AttributeDef attributeDef, Subject subject) throws IllegalArgumentException
AttributeDefResolver
getPrivileges
in interface AttributeDefResolver
getPrivileges
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.AttributeDefResolverDecorator.getPrivileges(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject)
public Set<Subject> getSubjectsWithPrivilege(AttributeDef attributeDef, Privilege privilege) throws IllegalArgumentException
AttributeDefResolver
getSubjectsWithPrivilege
in interface AttributeDefResolver
getSubjectsWithPrivilege
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.AttributeDefResolverDecorator.getSubjectsWithPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public void grantPrivilege(AttributeDef attributeDef, Subject subject, Privilege privilege, String uuid) throws IllegalArgumentException, UnableToPerformException
AttributeDefResolver
grantPrivilege
in interface AttributeDefResolver
grantPrivilege
in class AttributeDefResolverDecorator
uuid
- is uuid or null for assigned
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be granted.AttributeDefResolverDecorator.grantPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege, String)
public boolean hasPrivilege(AttributeDef attributeDef, Subject subject, Privilege privilege) throws IllegalArgumentException
AttributeDefResolver
hasPrivilege
in interface AttributeDefResolver
hasPrivilege
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.AttributeDefResolverDecorator.hasPrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void revokePrivilege(AttributeDef attributeDef, Privilege privilege) throws IllegalArgumentException, UnableToPerformException
AttributeDefResolver
revokePrivilege
in interface AttributeDefResolver
revokePrivilege
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.AttributeDefResolverDecorator.revokePrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public Set<AttributeDef> postHqlFilterAttrDefs(Set<AttributeDef> attributeDefs, Subject subject, Set<Privilege> privInSet)
AttributeDefResolver
postHqlFilterAttrDefs
in interface AttributeDefResolver
postHqlFilterAttrDefs
in class AttributeDefResolverDecorator
subject
- which needs view access to the attribute defsprivInSet
- find a privilege which is in this set
(e.g. for view, send all attrDef privs). There are pre-canned sets in AttributeDefAdapter
AttributeDefResolverDecorator.postHqlFilterAttrDefs(Set, Subject, Set)
public void revokePrivilege(AttributeDef attributeDef, Subject subject, Privilege privilege) throws IllegalArgumentException, UnableToPerformException
AttributeDefResolver
revokePrivilege
in interface AttributeDefResolver
revokePrivilege
in class AttributeDefResolverDecorator
IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.AttributeDefResolverDecorator.revokePrivilege(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(AttributeDef attributeDef1, AttributeDef attributeDef2, Privilege priv) throws IllegalArgumentException, UnableToPerformException
AttributeDefResolver
privilegeCopy
in interface AttributeDefResolver
privilegeCopy
in class AttributeDefResolverDecorator
IllegalArgumentException
UnableToPerformException
AttributeDefResolverDecorator.privilegeCopy(edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.attr.AttributeDef, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(Subject subj1, Subject subj2, Privilege priv) throws IllegalArgumentException, UnableToPerformException
AttributeDefResolver
privilegeCopy
in interface AttributeDefResolver
privilegeCopy
in class AttributeDefResolverDecorator
IllegalArgumentException
UnableToPerformException
AttributeDefResolverDecorator.privilegeCopy(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public boolean hqlFilterAttrDefsWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hqlTables, StringBuilder hqlWhereClause, String attrDefColumn, Set<Privilege> privInSet)
AttributeDefResolver
hqlFilterAttrDefsWhereClause
in interface AttributeDefResolver
hqlFilterAttrDefsWhereClause
in class AttributeDefResolverDecorator
subject
- which needs view access to the attrDefshqlTables
- the select and current from parthqlWhereClause
- is there where clause part of the queryattrDefColumn
- is the name of the attributeDef column to join toprivInSet
- find a privilege which is in this set (e.g. for view, send all attrDef privs)
AttributeDefResolverDecorator.hqlFilterAttrDefsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.StringBuilder, java.lang.String, java.util.Set)
public Set<AttributeAssign> postHqlFilterAttributeAssigns(Subject subject, Set<AttributeAssign> attributeDefs)
AttributeDefResolver
postHqlFilterAttributeAssigns
in interface AttributeDefResolver
postHqlFilterAttributeAssigns
in class AttributeDefResolverDecorator
AttributeDefResolverDecorator.postHqlFilterAttributeAssigns(edu.internet2.middleware.subject.Subject, java.util.Set)
public void revokeAllPrivilegesForSubject(Subject subject)
AttributeDefResolver
revokeAllPrivilegesForSubject
in interface AttributeDefResolver
revokeAllPrivilegesForSubject
in class AttributeDefResolverDecorator
AttributeDefResolverDecorator.revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject)
public Set<PermissionEntry> postHqlFilterPermissions(Subject subject, Set<PermissionEntry> permissionsEntries)
AttributeDefResolver
postHqlFilterPermissions
in interface AttributeDefResolver
postHqlFilterPermissions
in class AttributeDefResolverDecorator
AttributeDefResolver.postHqlFilterPermissions(edu.internet2.middleware.subject.Subject, java.util.Set)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |