ome.tools.hibernate
Class SecurityFilter

java.lang.Object
  extended by org.springframework.orm.hibernate3.FilterDefinitionFactoryBean
      extended by ome.tools.hibernate.SecurityFilter
All Implemented Interfaces:
org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.FactoryBean<org.hibernate.engine.FilterDefinition>, org.springframework.beans.factory.InitializingBean

public class SecurityFilter
extends org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

overrides FilterDefinitionFactoryBean in order to construct our security filter in code and not in XML. This allows us to make use of the knowledge within Permissions With the addition of shares in 4.0, it is necessary to remove the security filter if a share is active and allow loading to throw the necessary exceptions.

Since:
3.0
Author:
Josh Moore, josh at glencoesoftware.com
See Also:
ticket117, ticket1154

Field Summary
static String current_group
           
static String current_user
           
static String filterName
           
static String is_adminorpi
           
static String is_nonprivate
           
static String is_share
           
 
Constructor Summary
SecurityFilter()
          default constructor which calls all the necessary setters for this FactoryBean.
SecurityFilter(Roles roles)
           
 
Method Summary
protected static String isGranted(ome.model.internal.Permissions.Role role, ome.model.internal.Permissions.Right right)
           
protected static String isSet(ome.model.internal.Permissions.Flag flag)
           
 boolean passesFilter(ome.model.internal.Details d, Long currentGroupId, Long currentUserId, boolean nonPrivate, boolean adminOrPi, boolean share)
          tests that the Details argument passes the security test that this filter defines.
 
Methods inherited from class org.springframework.orm.hibernate3.FilterDefinitionFactoryBean
afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

is_share

public static final String is_share
See Also:
Constant Field Values

is_adminorpi

public static final String is_adminorpi
See Also:
Constant Field Values

is_nonprivate

public static final String is_nonprivate
See Also:
Constant Field Values

current_group

public static final String current_group
See Also:
Constant Field Values

current_user

public static final String current_user
See Also:
Constant Field Values

filterName

public static final String filterName
See Also:
Constant Field Values
Constructor Detail

SecurityFilter

public SecurityFilter()
default constructor which calls all the necessary setters for this FactoryBean. Also constructs the defaultFilterCondition This query clause must be kept in sync with #passesFilter(Details, Long, Collection, Collection, boolean)

See Also:
#passesFilter(Details, Long, Collection, Collection, boolean), FilterDefinitionFactoryBean.setFilterName(String), FilterDefinitionFactoryBean#setParameterTypes(Properties), FilterDefinitionFactoryBean.setDefaultFilterCondition(String)

SecurityFilter

public SecurityFilter(Roles roles)
Method Detail

passesFilter

public boolean passesFilter(ome.model.internal.Details d,
                            Long currentGroupId,
                            Long currentUserId,
                            boolean nonPrivate,
                            boolean adminOrPi,
                            boolean share)
tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.

Parameters:
d - Details instance. If null (or if its Permissions are null all rights will be assumed.
Returns:
true if the object to which this

isGranted

protected static String isGranted(ome.model.internal.Permissions.Role role,
                                  ome.model.internal.Permissions.Right right)

isSet

protected static String isSet(ome.model.internal.Permissions.Flag flag)


OmeroJava Api

Version: Beta-4.2.0-r7571-b29

Copyright © 2009 The University of Dundee. All Rights Reserved.