|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectome.security.basic.BasicACLVoter
public class BasicACLVoter
Token
,
SecuritySystem
,
Details
,
Permissions
Field Summary | |
---|---|
protected CurrentDetails |
currentUser
|
protected SecurityFilter |
securityFilter
|
protected SystemTypes |
sysTypes
|
protected TokenHolder |
tokenHolder
|
Constructor Summary | |
---|---|
BasicACLVoter(CurrentDetails cd,
SystemTypes sysTypes,
TokenHolder tokenHolder,
SecurityFilter securityFilter)
|
Method Summary | |
---|---|
boolean |
allowChmod(ome.model.IObject iObject)
test whether the given object can have its Permissions changed within the current
security context . |
boolean |
allowCreation(ome.model.IObject iObject)
test whether the given object should be insertable into the DB. |
boolean |
allowDelete(ome.model.IObject iObject,
ome.model.internal.Details trustedDetails)
test whether the given object should be deleteable given the trusted details . |
boolean |
allowLoad(Class<? extends ome.model.IObject> klass,
ome.model.internal.Details d,
long id)
delegates to SecurityFilter because that is where the logic is defined for the read filter
Ignores the id for the moment. |
boolean |
allowUpdate(ome.model.IObject iObject,
ome.model.internal.Details trustedDetails)
test whether the given object should be updateable given the trusted details . |
void |
throwCreationViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwDeleteViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwLoadViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
void |
throwUpdateViolation(ome.model.IObject iObject)
throws a SecurityViolation based on the given IObject and
the context of the current user. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected final CurrentDetails currentUser
protected final SystemTypes sysTypes
protected final TokenHolder tokenHolder
protected final SecurityFilter securityFilter
Constructor Detail |
---|
public BasicACLVoter(CurrentDetails cd, SystemTypes sysTypes, TokenHolder tokenHolder, SecurityFilter securityFilter)
Method Detail |
---|
public boolean allowChmod(ome.model.IObject iObject)
ACLVoter
Permissions
changed within the current
security context
.
allowChmod
in interface ACLVoter
public boolean allowLoad(Class<? extends ome.model.IObject> klass, ome.model.internal.Details d, long id)
read filter
Ignores the id for the moment.
Though we pass in whether or not a share is active for completeness, a
different ACLVoter
implementation will almost certainly be active
for share use.
allowLoad
in interface ACLVoter
klass
- a non-null class to test for loadingid
- the id of the object which will be loaded. As opposed to the
rest of the object, this must be known.
ACLEventListener.onPostLoad(org.hibernate.event.PostLoadEvent)
public void throwLoadViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
ACLVoter
SecurityViolation
based on the given IObject
and
the context of the current user.
throwLoadViolation
in interface ACLVoter
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener#onPostLoad(org.hibernate.event.PostLoadEvent)}
public boolean allowCreation(ome.model.IObject iObject)
ACLVoter
details
is passed to this method, since for
transient entities there are no trusted values.
The SecuritySystem
implementors will usually call
ACLVoter.throwCreationViolation(IObject)
if this method returns false.
allowCreation
in interface ACLVoter
iObject
- a non-null entity to test for creation.
ACLEventListener.onPreInsert(org.hibernate.event.PreInsertEvent)
public void throwCreationViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
ACLVoter
SecurityViolation
based on the given IObject
and
the context of the current user.
throwCreationViolation
in interface ACLVoter
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener#onPreInsert(org.hibernate.event.PreInsertEvent)}
public boolean allowUpdate(ome.model.IObject iObject, ome.model.internal.Details trustedDetails)
ACLVoter
details
. The details will usually be retrieved from the
current state array coming from the database.
The SecuritySystem
implementors will usually call
ACLVoter.throwUpdateViolation(IObject)
if this method returns false.
allowUpdate
in interface ACLVoter
iObject
- a non-null entity to test for update.trustedDetails
- a Details
instance that is known to be valid.
ACLEventListener.onPreUpdate(org.hibernate.event.PreUpdateEvent)
public void throwUpdateViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
ACLVoter
SecurityViolation
based on the given IObject
and
the context of the current user.
throwUpdateViolation
in interface ACLVoter
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener.onPreUpdate(org.hibernate.event.PreUpdateEvent)
public boolean allowDelete(ome.model.IObject iObject, ome.model.internal.Details trustedDetails)
ACLVoter
details
. The details will usually be retrieved from the
current state array coming from the database.
The SecuritySystem
implementors will usually call
ACLVoter.throwDeleteViolation(IObject)
if this method returns false.
allowDelete
in interface ACLVoter
iObject
- a non-null entity to test for deletion.trustedDetails
- a Details
instance that is known to be valid.
ACLEventListener.onPreDelete(org.hibernate.event.PreDeleteEvent)
public void throwDeleteViolation(ome.model.IObject iObject) throws ome.conditions.SecurityViolation
ACLVoter
SecurityViolation
based on the given IObject
and
the context of the current user.
throwDeleteViolation
in interface ACLVoter
iObject
- Non-null object which caused this violation
ome.conditions.SecurityViolation
ACLEventListener.onPreDelete(org.hibernate.event.PreDeleteEvent)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Version: Beta-4.2.0-r7571-b29
Copyright © 2009 The University of Dundee. All Rights Reserved.