|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectedu.internet2.middleware.grouper.privs.PrivilegeHelper
public class PrivilegeHelper
Privilege helper class.
TODO 20070823 Relocate these methods once I figure out the best home for them.
Constructor Summary | |
---|---|
PrivilegeHelper()
|
Method Summary | |
---|---|
static boolean |
canAdmin(GrouperSession s,
Group g,
Subject subj)
|
static boolean |
canAttrAdmin(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canAttrOptin(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canAttrOptout(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canAttrRead(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canAttrUpdate(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canAttrView(GrouperSession s,
AttributeDef attributeDef,
Subject subj)
|
static boolean |
canCopyStems(Subject subject)
Is this user allowed to copy stems? |
static boolean |
canCreate(GrouperSession s,
Stem ns,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canMoveStems(Subject subject)
Is this user allowed to move stems? |
static boolean |
canOptin(GrouperSession s,
Group g,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canOptout(GrouperSession s,
Group g,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canRead(GrouperSession s,
Group g,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canRenameStems(Subject subject)
Is this user allowed to rename stems? |
static boolean |
canStem(Stem ns,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canUpdate(GrouperSession s,
Group g,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canView(GrouperSession s,
Group g,
Subject subj)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canViewAttributeAssign(GrouperSession grouperSession,
AttributeAssign attributeAssign,
boolean checkUnderlyingIfAssignmentOnAssignment)
see if the attribute assigns are viewable |
static Set<AttributeAssign> |
canViewAttributeAssigns(GrouperSession grouperSession,
Collection<AttributeAssign> inputAttributeAssigns,
boolean checkUnderlyingIfAssignmentOnAssignment)
see if the attribute assigns are viewable |
static Set<AttributeDef> |
canViewAttributeDefs(GrouperSession s,
Collection<AttributeDef> inputAttributeDefs)
TODO 20070823 find a real home for this and/or add tests |
static Set |
canViewGroups(GrouperSession s,
Set candidates)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
canViewMembers(GrouperSession grouperSession,
Group group,
Field field)
|
static boolean |
canViewMembership(GrouperSession grouperSession,
Membership membership)
|
static Set<Membership> |
canViewMemberships(GrouperSession grouperSession,
Collection<Membership> inputMemberships)
|
static Set<PermissionEntry> |
canViewPermissions(GrouperSession grouperSession,
Collection<PermissionEntry> inputPermissionEntries)
see if the attribute assigns are viewable |
static void |
dispatch(GrouperSession s,
AttributeDef attributeDef,
Subject subj,
Privilege priv)
TODO 20070823 find a real home for this and/or add tests |
static void |
dispatch(GrouperSession s,
Group g,
Subject subj,
Privilege priv)
TODO 20070823 find a real home for this and/or add tests |
static void |
dispatch(GrouperSession s,
Stem ns,
Subject subj,
Privilege priv)
TODO 20070823 find a real home for this and/or add tests |
static Privilege[] |
getAccessPrivileges(Privilege[] privileges)
TODO 20070824 add tests |
static Privilege[] |
getAttributeDefPrivileges(Privilege[] privileges)
TODO 20070824 add tests |
static Privilege[] |
getNamingPrivileges(Privilege[] privileges)
TODO 20070824 add tests |
static boolean |
hasPrivilege(GrouperSession s,
AttributeDef attributeDef,
Subject subj,
Set<Privilege> privInSet)
|
static boolean |
hasPrivilege(GrouperSession s,
Group g,
Subject subj,
Set<Privilege> privInSet)
|
static boolean |
hasPrivilege(GrouperSession s,
Stem stem,
Subject subj,
Set<Privilege> privInSet)
|
static boolean |
isRoot(GrouperSession s)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
isSystemSubject(Subject subject)
see if system subject |
static boolean |
isWheel(GrouperSession s)
TODO 20070823 find a real home for this and/or add tests |
static boolean |
isWheelOrRoot(Subject subject)
see if a subject is wheel or root |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public PrivilegeHelper()
Method Detail |
---|
public static boolean canAdmin(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static boolean canAttrAdmin(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canAttrRead(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canAttrView(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canAttrUpdate(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canAttrOptin(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canAttrOptout(GrouperSession s, AttributeDef attributeDef, Subject subj)
s
- attributeDef
- subj
-
public static boolean canCreate(GrouperSession s, Stem ns, Subject subj)
s
- ns
- subj
-
public static boolean canOptin(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static boolean hasPrivilege(GrouperSession s, Stem stem, Subject subj, Set<Privilege> privInSet)
s
- stem
- subj
- privInSet
-
public static boolean hasPrivilege(GrouperSession s, Group g, Subject subj, Set<Privilege> privInSet)
s
- g
- subj
- privInSet
-
public static boolean canOptout(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static boolean canRead(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static boolean canStem(Stem ns, Subject subj)
ns
- subj
-
public static boolean canUpdate(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static boolean canView(GrouperSession s, Group g, Subject subj)
s
- g
- subj
-
public static Set canViewGroups(GrouperSession s, Set candidates)
s
- candidates
-
public static boolean canViewMembership(GrouperSession grouperSession, Membership membership)
grouperSession
- membership
-
public static Set<Membership> canViewMemberships(GrouperSession grouperSession, Collection<Membership> inputMemberships)
grouperSession
- inputMemberships
-
public static boolean canViewMembers(GrouperSession grouperSession, Group group, Field field)
grouperSession
- group
- field
-
public static void dispatch(GrouperSession s, Group g, Subject subj, Privilege priv) throws InsufficientPrivilegeException, SchemaException
s
- g
- subj
- priv
-
InsufficientPrivilegeException
SchemaException
public static void dispatch(GrouperSession s, Stem ns, Subject subj, Privilege priv) throws InsufficientPrivilegeException, SchemaException
s
- ns
- subj
- priv
-
InsufficientPrivilegeException
SchemaException
public static void dispatch(GrouperSession s, AttributeDef attributeDef, Subject subj, Privilege priv) throws InsufficientPrivilegeException, SchemaException
s
- attributeDef
- subj
- priv
-
InsufficientPrivilegeException
SchemaException
public static Privilege[] getAccessPrivileges(Privilege[] privileges)
privileges
-
public static Privilege[] getAttributeDefPrivileges(Privilege[] privileges)
privileges
-
public static Privilege[] getNamingPrivileges(Privilege[] privileges)
privileges
-
public static boolean isRoot(GrouperSession s)
s
-
public static boolean isSystemSubject(Subject subject)
subject
-
public static boolean isWheel(GrouperSession s)
s
-
public static boolean isWheelOrRoot(Subject subject)
subject
-
public static boolean canMoveStems(Subject subject)
subject
-
public static boolean canCopyStems(Subject subject)
subject
-
public static boolean canRenameStems(Subject subject)
subject
-
public static boolean hasPrivilege(GrouperSession s, AttributeDef attributeDef, Subject subj, Set<Privilege> privInSet)
s
- attributeDef
- subj
- privInSet
-
public static Set<AttributeDef> canViewAttributeDefs(GrouperSession s, Collection<AttributeDef> inputAttributeDefs)
s
- inputAttributeDefs
-
public static boolean canViewAttributeAssign(GrouperSession grouperSession, AttributeAssign attributeAssign, boolean checkUnderlyingIfAssignmentOnAssignment)
grouperSession
- attributeAssign
- checkUnderlyingIfAssignmentOnAssignment
- if deep security check should take place on underlying assignments
public static Set<AttributeAssign> canViewAttributeAssigns(GrouperSession grouperSession, Collection<AttributeAssign> inputAttributeAssigns, boolean checkUnderlyingIfAssignmentOnAssignment)
grouperSession
- inputAttributeAssigns
- checkUnderlyingIfAssignmentOnAssignment
- if deep security check should take place on underlying assignments
public static Set<PermissionEntry> canViewPermissions(GrouperSession grouperSession, Collection<PermissionEntry> inputPermissionEntries)
grouperSession
- inputPermissionEntries
-
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |