|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.grouper.privs.NamingResolverDecorator
edu.internet2.middleware.grouper.privs.ValidatingNamingResolver
public class ValidatingNamingResolver
Decorator that provides parameter validation for NamingResolver
.
Constructor Summary | |
---|---|
ValidatingNamingResolver(NamingResolver resolver)
|
Method Summary | |
---|---|
java.util.Set<NamingPrivilege> |
getPrivileges(Stem stem,
edu.internet2.middleware.subject.Subject subject)
Get all privileges subject has on group. |
java.util.Set<Stem> |
getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Get all groups where subject has privilege. |
java.util.Set<edu.internet2.middleware.subject.Subject> |
getSubjectsWithPrivilege(Stem stem,
Privilege privilege)
Get all subjects with privilege on group. |
void |
grantPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege,
java.lang.String uuid)
Grant privilege to subject on group. |
boolean |
hasPrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Check whether subject has privilege on group. |
boolean |
hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject,
HqlQuery hqlQuery,
java.lang.StringBuilder hql,
java.lang.String stemColumn,
java.util.Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). |
java.util.Set<Stem> |
postHqlFilterStems(java.util.Set<Stem> stems,
edu.internet2.middleware.subject.Subject subject,
java.util.Set<Privilege> privInSet)
after HQL is run, filter stems. |
void |
privilegeCopy(Stem stem1,
Stem stem2,
Privilege priv)
Copies privileges for subjects that have the specified privilege on stem1 to stem2. |
void |
privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
edu.internet2.middleware.subject.Subject subj2,
Privilege priv)
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. |
void |
revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
Revoke all naming privileges that this subject has. |
void |
revokePrivilege(Stem stem,
Privilege privilege)
Revoke privilege from all subjects on group. |
void |
revokePrivilege(Stem stem,
edu.internet2.middleware.subject.Subject subject,
Privilege privilege)
Revoke privilege from subject on group. |
Methods inherited from class edu.internet2.middleware.grouper.privs.NamingResolverDecorator |
---|
getDecoratedResolver, getGrouperSession, stop |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ValidatingNamingResolver(NamingResolver resolver)
resolver
- Method Detail |
---|
public java.util.Set<Stem> getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject, Privilege privilege) throws java.lang.IllegalArgumentException
NamingResolver
getStemsWhereSubjectHasPrivilege
in interface NamingResolver
getStemsWhereSubjectHasPrivilege
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.NamingResolver.getStemsWhereSubjectHasPrivilege(Subject, Privilege)
public java.util.Set<NamingPrivilege> getPrivileges(Stem stem, edu.internet2.middleware.subject.Subject subject) throws java.lang.IllegalArgumentException
NamingResolver
getPrivileges
in interface NamingResolver
getPrivileges
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.NamingResolver.getPrivileges(Stem, Subject)
public java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPrivilege(Stem stem, Privilege privilege) throws java.lang.IllegalArgumentException
NamingResolver
getSubjectsWithPrivilege
in interface NamingResolver
getSubjectsWithPrivilege
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.NamingResolver.getSubjectsWithPrivilege(Stem, Privilege)
public void grantPrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege, java.lang.String uuid) throws java.lang.IllegalArgumentException, UnableToPerformException
NamingResolver
grantPrivilege
in interface NamingResolver
grantPrivilege
in class NamingResolverDecorator
uuid
- if known or null
java.lang.IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be granted.NamingResolver.grantPrivilege(Stem, Subject, Privilege, String)
public boolean hasPrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege) throws java.lang.IllegalArgumentException
NamingResolver
hasPrivilege
in interface NamingResolver
hasPrivilege
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.NamingResolver.hasPrivilege(Stem, Subject, Privilege)
public void revokePrivilege(Stem stem, Privilege privilege) throws java.lang.IllegalArgumentException, UnableToPerformException
NamingResolver
revokePrivilege
in interface NamingResolver
revokePrivilege
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.NamingResolver.revokePrivilege(Stem, Privilege)
public void revokePrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege) throws java.lang.IllegalArgumentException, UnableToPerformException
NamingResolver
revokePrivilege
in interface NamingResolver
revokePrivilege
in class NamingResolverDecorator
java.lang.IllegalArgumentException
- if any parameter is null.
UnableToPerformException
- if the privilege could not be revoked.NamingResolver.revokePrivilege(Stem, Subject, Privilege)
public void privilegeCopy(Stem stem1, Stem stem2, Privilege priv) throws java.lang.IllegalArgumentException, UnableToPerformException
NamingResolver
privilegeCopy
in interface NamingResolver
privilegeCopy
in class NamingResolverDecorator
java.lang.IllegalArgumentException
UnableToPerformException
NamingResolver.privilegeCopy(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)
public void privilegeCopy(edu.internet2.middleware.subject.Subject subj1, edu.internet2.middleware.subject.Subject subj2, Privilege priv) throws java.lang.IllegalArgumentException, UnableToPerformException
NamingResolver
privilegeCopy
in interface NamingResolver
privilegeCopy
in class NamingResolverDecorator
java.lang.IllegalArgumentException
UnableToPerformException
NamingResolver.privilegeCopy(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)
public boolean hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, java.lang.StringBuilder hql, java.lang.String stemColumn, java.util.Set<Privilege> privInSet)
NamingResolver
hqlFilterStemsWhereClause
in interface NamingResolver
hqlFilterStemsWhereClause
in class NamingResolverDecorator
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)stemColumn
- is the name of the stem column to join toprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
NamingResolver.hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)
public java.util.Set<Stem> postHqlFilterStems(java.util.Set<Stem> stems, edu.internet2.middleware.subject.Subject subject, java.util.Set<Privilege> privInSet)
NamingResolver
postHqlFilterStems
in interface NamingResolver
postHqlFilterStems
in class NamingResolverDecorator
subject
- which needs view access to the groupsprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege
NamingResolver.postHqlFilterStems(java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)
public void revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
NamingResolver
revokeAllPrivilegesForSubject
in interface NamingResolver
revokeAllPrivilegesForSubject
in class NamingResolverDecorator
NamingResolver.revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |