|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface ACLVoter
helper security interface for all decisions on access control
SecuritySystem
,
ACLEventListener
Method Summary | |
---|---|
boolean |
allowChmod(ome.model.IObject iObject)
test whether the given object can have its Permissions changed within the current
security context . |
boolean |
allowCreation(ome.model.IObject iObject)
test whether the given object should be insertable into the DB. |
boolean |
allowDelete(ome.model.IObject iObject,
ome.model.internal.Details trustedDetails)
test whether the given object should be deleteable given the trusted details . |
boolean |
allowLoad(Class<? extends ome.model.IObject> klass,
ome.model.internal.Details trustedDetails,
long id)
test whether the object of the given Class with the given
Details should be loadable in the current security context. |
boolean |
allowUpdate(ome.model.IObject iObject,
ome.model.internal.Details trustedDetails)
test whether the given object should be updateable given the trusted details . |
void |
throwCreationViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwDeleteViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwLoadViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwUpdateViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
Method Detail |
---|
boolean allowChmod(ome.model.IObject iObject)
Permissions
changed within the current
security context
.
boolean allowLoad(Class<? extends ome.model.IObject> klass, ome.model.internal.Details trustedDetails, long id)
Class
with the given
Details
should be loadable in the current security context.
This method does not take an actual object because that will not be
generated until after loading is permitted.
The SecuritySystem
implementors will usually call
throwLoadViolation(IObject)
if this method returns false.
klass
- a non-null class to test for loadingd
- the non-null trusted details (usually from the db) for this
instanceid
- the id of the object which will be loaded. As opposed to the
rest of the object, this must be known.
ACLEventListener.onPostLoad(org.hibernate.event.PostLoadEvent)
boolean allowCreation(ome.model.IObject iObject)
details
is passed to this method, since for
transient entities there are no trusted values.
The SecuritySystem
implementors will usually call
throwCreationViolation(IObject)
if this method returns false.
iObject
- a non-null entity to test for creation.
ACLEventListener.onPreInsert(org.hibernate.event.PreInsertEvent)
boolean allowUpdate(ome.model.IObject iObject, ome.model.internal.Details trustedDetails)
details
. The details will usually be retrieved from the
current state array coming from the database.
The SecuritySystem
implementors will usually call
throwUpdateViolation(IObject)
if this method returns false.
iObject
- a non-null entity to test for update.trustedDetails
- a Details
instance that is known to be valid.
ACLEventListener.onPreUpdate(org.hibernate.event.PreUpdateEvent)
boolean allowDelete(ome.model.IObject iObject, ome.model.internal.Details trustedDetails)
details
. The details will usually be retrieved from the
current state array coming from the database.
The SecuritySystem
implementors will usually call
throwDeleteViolation(IObject)
if this method returns false.
iObject
- a non-null entity to test for deletion.trustedDetails
- a Details
instance that is known to be valid.
ACLEventListener.onPreDelete(org.hibernate.event.PreDeleteEvent)
void throwLoadViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
SecurityViolation
based on the given IObject
and
the context of the current user.
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener#onPostLoad(org.hibernate.event.PostLoadEvent)}
void throwCreationViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
SecurityViolation
based on the given IObject
and
the context of the current user.
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener#onPreInsert(org.hibernate.event.PreInsertEvent)}
void throwUpdateViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
SecurityViolation
based on the given IObject
and
the context of the current user.
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener.onPreUpdate(org.hibernate.event.PreUpdateEvent)
void throwDeleteViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
SecurityViolation
based on the given IObject
and
the context of the current user.
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener.onPreDelete(org.hibernate.event.PreDeleteEvent)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Version: Beta-4.2.0-r7571-b29
Copyright © 2009 The University of Dundee. All Rights Reserved.