edu.internet2.middleware.grouper.privs
Class NamingResolverDecorator

java.lang.Object
  extended by edu.internet2.middleware.grouper.privs.NamingResolverDecorator
All Implemented Interfaces:
NamingResolver
Direct Known Subclasses:
CachingNamingResolver, GrouperAllNamingResolver, GrouperSystemNamingResolver, ValidatingNamingResolver, WheelNamingResolver

public abstract class NamingResolverDecorator
extends java.lang.Object
implements NamingResolver

Decorator for NamingResolver.

Since:
1.2.1
Version:
$Id: NamingResolverDecorator.java,v 1.3 2009-09-21 06:14:26 mchyzer Exp $
Author:
blair christensen.

Constructor Summary
NamingResolverDecorator(NamingResolver resolver)
           
 
Method Summary
 NamingResolver getDecoratedResolver()
           
 GrouperSession getGrouperSession()
          get a reference to the session
 java.util.Set<NamingPrivilege> getPrivileges(Stem stem, edu.internet2.middleware.subject.Subject subject)
          Get all privileges subject has on group.
 java.util.Set<Stem> getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject, Privilege privilege)
          Get all groups where subject has privilege.
 java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPrivilege(Stem stem, Privilege privilege)
          Get all subjects with privilege on group.
 void grantPrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege, java.lang.String uuid)
          Grant privilege to subject on group.
 boolean hasPrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege)
          Check whether subject has privilege on group.
 boolean hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, java.lang.StringBuilder hql, java.lang.String stemColumn, java.util.Set<Privilege> privInSet)
          for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).
 java.util.Set<Stem> postHqlFilterStems(java.util.Set<Stem> stems, edu.internet2.middleware.subject.Subject subject, java.util.Set<Privilege> privInSet)
          after HQL is run, filter stems.
 void privilegeCopy(Stem stem1, Stem stem2, Privilege priv)
          Copies privileges for subjects that have the specified privilege on stem1 to stem2.
 void privilegeCopy(edu.internet2.middleware.subject.Subject subj1, edu.internet2.middleware.subject.Subject subj2, Privilege priv)
          Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2.
 void revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
          Revoke all naming privileges that this subject has.
 void revokePrivilege(Stem stem, Privilege privilege)
          Revoke privilege from all subjects on group.
 void revokePrivilege(Stem stem, edu.internet2.middleware.subject.Subject subject, Privilege privilege)
          Revoke privilege from subject on group.
 void stop()
          clean up resources, session is stopped
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

NamingResolverDecorator

public NamingResolverDecorator(NamingResolver resolver)
                        throws java.lang.IllegalArgumentException
Parameters:
resolver - NamingResolver to decorate.
Throws:
java.lang.IllegalArgumentException - if resolver is null.
Since:
1.2.1
Method Detail

getDecoratedResolver

public NamingResolver getDecoratedResolver()
                                    throws java.lang.IllegalStateException
Returns:
Decorated NamingResolver.
Throws:
java.lang.IllegalStateException - if no decorated NamingResolver.
Since:
1.2.1

getGrouperSession

public GrouperSession getGrouperSession()
Description copied from interface: NamingResolver
get a reference to the session

Specified by:
getGrouperSession in interface NamingResolver
Returns:
the session
See Also:
NamingResolver.getGrouperSession()

getPrivileges

public java.util.Set<NamingPrivilege> getPrivileges(Stem stem,
                                                    edu.internet2.middleware.subject.Subject subject)
                                             throws java.lang.IllegalArgumentException
Description copied from interface: NamingResolver
Get all privileges subject has on group.

Specified by:
getPrivileges in interface NamingResolver
Returns:
set of naming privileges
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
See Also:
NamingResolver.getPrivileges(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject)

getStemsWhereSubjectHasPrivilege

public java.util.Set<Stem> getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject subject,
                                                            Privilege privilege)
                                                     throws java.lang.IllegalArgumentException
Description copied from interface: NamingResolver
Get all groups where subject has privilege.

Specified by:
getStemsWhereSubjectHasPrivilege in interface NamingResolver
Returns:
set
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
See Also:
NamingResolver.getStemsWhereSubjectHasPrivilege(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

getSubjectsWithPrivilege

public java.util.Set<edu.internet2.middleware.subject.Subject> getSubjectsWithPrivilege(Stem stem,
                                                                                        Privilege privilege)
                                                                                 throws java.lang.IllegalArgumentException
Description copied from interface: NamingResolver
Get all subjects with privilege on group.

Specified by:
getSubjectsWithPrivilege in interface NamingResolver
Returns:
set of subjects
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
See Also:
NamingResolver.getSubjectsWithPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)

grantPrivilege

public void grantPrivilege(Stem stem,
                           edu.internet2.middleware.subject.Subject subject,
                           Privilege privilege,
                           java.lang.String uuid)
                    throws java.lang.IllegalArgumentException,
                           UnableToPerformException
Description copied from interface: NamingResolver
Grant privilege to subject on group.

Specified by:
grantPrivilege in interface NamingResolver
uuid - if known or null
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be granted.
See Also:
NamingResolver.grantPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege, String)

hasPrivilege

public boolean hasPrivilege(Stem stem,
                            edu.internet2.middleware.subject.Subject subject,
                            Privilege privilege)
                     throws java.lang.IllegalArgumentException
Description copied from interface: NamingResolver
Check whether subject has privilege on group.

Specified by:
hasPrivilege in interface NamingResolver
Returns:
if has privilege
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
See Also:
NamingResolver.hasPrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

hqlFilterStemsWhereClause

public boolean hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject subject,
                                         HqlQuery hqlQuery,
                                         java.lang.StringBuilder hql,
                                         java.lang.String stemColumn,
                                         java.util.Set<Privilege> privInSet)
Description copied from interface: NamingResolver
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). Note, this joins to tables, so the queries should probably be "distinct"

Specified by:
hqlFilterStemsWhereClause in interface NamingResolver
Parameters:
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
stemColumn - is the name of the stem column to join to
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
Returns:
if the query was changed
See Also:
NamingResolver.hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)

postHqlFilterStems

public java.util.Set<Stem> postHqlFilterStems(java.util.Set<Stem> stems,
                                              edu.internet2.middleware.subject.Subject subject,
                                              java.util.Set<Privilege> privInSet)
Description copied from interface: NamingResolver
after HQL is run, filter stems. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterStems in interface NamingResolver
subject - which needs view access to the groups
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilege
Returns:
the set of filtered groups
See Also:
NamingResolver.postHqlFilterStems(java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

privilegeCopy

public void privilegeCopy(Stem stem1,
                          Stem stem2,
                          Privilege priv)
                   throws java.lang.IllegalArgumentException,
                          UnableToPerformException
Description copied from interface: NamingResolver
Copies privileges for subjects that have the specified privilege on stem1 to stem2.

Specified by:
privilegeCopy in interface NamingResolver
Throws:
java.lang.IllegalArgumentException
UnableToPerformException
See Also:
NamingResolver.privilegeCopy(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)

privilegeCopy

public void privilegeCopy(edu.internet2.middleware.subject.Subject subj1,
                          edu.internet2.middleware.subject.Subject subj2,
                          Privilege priv)
                   throws java.lang.IllegalArgumentException,
                          UnableToPerformException
Description copied from interface: NamingResolver
Copies privileges of type priv on any subject for the given Subject subj1 to the given Subject subj2. For instance, if subj1 has STEM privilege to Stem x, this method will result with subj2 having STEM privilege to Stem x.

Specified by:
privilegeCopy in interface NamingResolver
Throws:
java.lang.IllegalArgumentException
UnableToPerformException
See Also:
NamingResolver.privilegeCopy(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

revokeAllPrivilegesForSubject

public void revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject subject)
Description copied from interface: NamingResolver
Revoke all naming privileges that this subject has.

Specified by:
revokeAllPrivilegesForSubject in interface NamingResolver
See Also:
NamingResolver.revokeAllPrivilegesForSubject(edu.internet2.middleware.subject.Subject)

revokePrivilege

public void revokePrivilege(Stem stem,
                            Privilege privilege)
                     throws java.lang.IllegalArgumentException,
                            UnableToPerformException
Description copied from interface: NamingResolver
Revoke privilege from all subjects on group.

Specified by:
revokePrivilege in interface NamingResolver
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.
See Also:
NamingResolver.revokePrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.grouper.privs.Privilege)

revokePrivilege

public void revokePrivilege(Stem stem,
                            edu.internet2.middleware.subject.Subject subject,
                            Privilege privilege)
                     throws java.lang.IllegalArgumentException,
                            UnableToPerformException
Description copied from interface: NamingResolver
Revoke privilege from subject on group.

Specified by:
revokePrivilege in interface NamingResolver
Throws:
java.lang.IllegalArgumentException - if any parameter is null.
UnableToPerformException - if the privilege could not be revoked.
See Also:
NamingResolver.revokePrivilege(edu.internet2.middleware.grouper.Stem, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.privs.Privilege)

stop

public void stop()
Description copied from interface: NamingResolver
clean up resources, session is stopped

Specified by:
stop in interface NamingResolver
See Also:
NamingResolver.stop()