ome.tools.hibernate
Class SecurityFilter

java.lang.Object
  extended by org.springframework.orm.hibernate3.FilterDefinitionFactoryBean
      extended by ome.tools.hibernate.SecurityFilter
All Implemented Interfaces:
org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.FactoryBean, org.springframework.beans.factory.InitializingBean

public class SecurityFilter
extends org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

overrides FilterDefinitionFactoryBean in order to construct our security filter in code and not in XML. This allows us to make use of the knowledge within Permissions With the addition of shares in 4.0, it is necessary to remove the security filter is a share is active and allow loading to throw the necessary exceptions.

Since:
3.0
Author:
Josh Moore, josh at glencoesoftware.com
See Also:
ticket117, ticket1154

Field Summary
static String current_groups
           
static String current_user
           
static String filterName
           
static String is_admin
           
static String is_share
           
static String leader_of_groups
           
 
Constructor Summary
SecurityFilter()
          default constructor which calls all the necessary setters for this FactoryBean.
 
Method Summary
protected static String isGranted(ome.model.internal.Permissions.Role role, ome.model.internal.Permissions.Right right)
           
static boolean passesFilter(ome.model.internal.Details d, Long currentUserId, Collection<Long> memberOfGroups, Collection<Long> leaderOfGroups, boolean admin, boolean share)
          tests that the Details argument passes the security test that this filter defines.
 
Methods inherited from class org.springframework.orm.hibernate3.FilterDefinitionFactoryBean
afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

is_share

public static final String is_share
See Also:
Constant Field Values

is_admin

public static final String is_admin
See Also:
Constant Field Values

current_user

public static final String current_user
See Also:
Constant Field Values

current_groups

public static final String current_groups
See Also:
Constant Field Values

leader_of_groups

public static final String leader_of_groups
See Also:
Constant Field Values

filterName

public static final String filterName
See Also:
Constant Field Values
Constructor Detail

SecurityFilter

public SecurityFilter()
default constructor which calls all the necessary setters for this FactoryBean. Also constructs the defaultFilterCondition This query clause must be kept in sync with #passesFilter(Details, Long, Collection, Collection, boolean)

See Also:
#passesFilter(Details, Long, Collection, Collection, boolean), FilterDefinitionFactoryBean.setFilterName(String), FilterDefinitionFactoryBean.setParameterTypes(Properties), FilterDefinitionFactoryBean.setDefaultFilterCondition(String)
Method Detail

passesFilter

public static boolean passesFilter(ome.model.internal.Details d,
                                   Long currentUserId,
                                   Collection<Long> memberOfGroups,
                                   Collection<Long> leaderOfGroups,
                                   boolean admin,
                                   boolean share)
tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor#onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.

Parameters:
d - Details instance. If null (or if its Permissions are null all rights will be assumed.
Returns:
true if the object to which this

isGranted

protected static String isGranted(ome.model.internal.Permissions.Role role,
                                  ome.model.internal.Permissions.Right right)


OmeroJava Api

Version: Beta-4.1.1-r5927-b91

Copyright © 2009 The University of Dundee. All Rights Reserved.