edu.internet2.middleware.grouper.privs
Class BaseAttrDefAdapter

java.lang.Object
  extended by edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter
All Implemented Interfaces:
AttributeDefAdapter
Direct Known Subclasses:
GrouperNonDbAttrDefAdapter

public abstract class BaseAttrDefAdapter
extends java.lang.Object
implements AttributeDefAdapter

Base class for attr def access adapter


Constructor Summary
BaseAttrDefAdapter()
           
 
Method Summary
 boolean hqlFilterAttrDefsWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, java.lang.StringBuilder hqlTables, java.lang.StringBuilder hqlWhereClause, java.lang.String attributeDefColumn, java.util.Set<Privilege> privInSet)
          for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like).
 java.util.Set<AttributeAssign> postHqlFilterAttributeAssigns(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, java.util.Set<AttributeAssign> attributeAssigns)
          filter attribute assignments for things the subject can see, assume underlying assignments are ok to view
 java.util.Set<AttributeDef> postHqlFilterAttributeDefs(GrouperSession grouperSession, java.util.Set<AttributeDef> inputAttributeDefs, edu.internet2.middleware.subject.Subject subject, java.util.Set<Privilege> privInSet)
          after HQL is run, filter attributeDefs.
 java.util.Set<PermissionEntry> postHqlFilterPermissions(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, java.util.Set<PermissionEntry> permissionEntries)
          filter permissionEntries for things the subject can see, assume underlying assignments are ok to view
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface edu.internet2.middleware.grouper.privs.AttributeDefAdapter
getAttributeDefsWhereSubjectHasPriv, getPrivs, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, revokeAllPrivilegesForSubject, revokePriv, revokePriv
 

Constructor Detail

BaseAttrDefAdapter

public BaseAttrDefAdapter()
Method Detail

postHqlFilterPermissions

public java.util.Set<PermissionEntry> postHqlFilterPermissions(GrouperSession grouperSession,
                                                               edu.internet2.middleware.subject.Subject subject,
                                                               java.util.Set<PermissionEntry> permissionEntries)
Description copied from interface: AttributeDefAdapter
filter permissionEntries for things the subject can see, assume underlying assignments are ok to view

Specified by:
postHqlFilterPermissions in interface AttributeDefAdapter
Returns:
the memberships
See Also:
AttributeDefAdapter.postHqlFilterPermissions(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)

postHqlFilterAttributeDefs

public java.util.Set<AttributeDef> postHqlFilterAttributeDefs(GrouperSession grouperSession,
                                                              java.util.Set<AttributeDef> inputAttributeDefs,
                                                              edu.internet2.middleware.subject.Subject subject,
                                                              java.util.Set<Privilege> privInSet)
Description copied from interface: AttributeDefAdapter
after HQL is run, filter attributeDefs. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterAttributeDefs in interface AttributeDefAdapter
subject - which needs view access to the groups
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
Returns:
the set of filtered groups
See Also:
AttributeDefAdapter.postHqlFilterAttributeDefs(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

hqlFilterAttrDefsWhereClause

public boolean hqlFilterAttrDefsWhereClause(GrouperSession grouperSession,
                                            edu.internet2.middleware.subject.Subject subject,
                                            HqlQuery hqlQuery,
                                            java.lang.StringBuilder hqlTables,
                                            java.lang.StringBuilder hqlWhereClause,
                                            java.lang.String attributeDefColumn,
                                            java.util.Set<Privilege> privInSet)
Description copied from interface: AttributeDefAdapter
for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like). Note, this joins to tables, so the queries should probably be "distinct"

Specified by:
hqlFilterAttrDefsWhereClause in interface AttributeDefAdapter
subject - which needs view access to the attrDefs
hqlTables - is the select and part part (hql prefix)
hqlWhereClause - is there where clause part of the query
attributeDefColumn - is the name of the attrDef column to join to
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege
Returns:
if the query was changed
See Also:
AttributeDefAdapter.hqlFilterAttrDefsWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.StringBuilder, java.lang.String, java.util.Set)

postHqlFilterAttributeAssigns

public java.util.Set<AttributeAssign> postHqlFilterAttributeAssigns(GrouperSession grouperSession,
                                                                    edu.internet2.middleware.subject.Subject subject,
                                                                    java.util.Set<AttributeAssign> attributeAssigns)
Description copied from interface: AttributeDefAdapter
filter attribute assignments for things the subject can see, assume underlying assignments are ok to view

Specified by:
postHqlFilterAttributeAssigns in interface AttributeDefAdapter
Returns:
the memberships
See Also:
AttributeDefAdapter.postHqlFilterAttributeAssigns(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)