ome.security.basic

Class OneGroupSecurityFilter

java.lang.Object

org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

ome.security.basic.AbstractSecurityFilter

ome.security.basic.OneGroupSecurityFilter

All Implemented Interfaces:

SecurityFilter, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.FactoryBean<org.hibernate.engine.FilterDefinition>, org.springframework.beans.factory.InitializingBean

public class OneGroupSecurityFilter
extends AbstractSecurityFilter

overrides FilterDefinitionFactoryBean in order to construct our security filter in code and not in XML. This allows us to make use of the knowledge within Permissions With the addition of shares in 4.0, it is necessary to remove the security filter if a share is active and allow loading to throw the necessary exceptions.

Since:

3.0

Author:

Josh Moore, josh at glencoesoftware.com

See Also:

ticket117, ticket1154

Field Summary

Fields

Modifier and Type	Field and Description
static String	current_group

Fields inherited from class ome.security.basic.AbstractSecurityFilter

log, roles

Fields inherited from interface ome.security.SecurityFilter

current_user, is_adminorpi, is_nonprivate, is_share

Constructor Summary

Constructors

Constructor and Description
OneGroupSecurityFilter() default constructor which calls all the necessary setters for this FactoryBean.
OneGroupSecurityFilter(Roles roles)

Method Summary

Methods

Modifier and Type	Method and Description
void	enable(org.hibernate.Session sess, EventContext ec) Enables this filter with the settings from this filter.
String	getDefaultCondition() Return the string to be used as the condition.
Map<String,String>	getParameterTypes() Return a mapping of the hibernate types for each of the parameters that the condition takes.
boolean	passesFilter(org.hibernate.Session session, ome.model.internal.Details d, EventContext c) tests that the Details argument passes the security test that this filter defines.

Methods inherited from class ome.security.basic.AbstractSecurityFilter

disable, disableBaseFilters, enableBaseFilters, getName, isAdminOrPi, isNonPrivate, isShare

Methods inherited from class org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

current_group

public static final String current_group

See Also:

Constant Field Values

Constructor Detail

OneGroupSecurityFilter

public OneGroupSecurityFilter()

default constructor which calls all the necessary setters for this FactoryBean. Also constructs the FilterDefinitionFactoryBean.defaultFilterCondition This query clause must be kept in sync with #passesFilter(Details, Long, Collection, Collection, boolean)

See Also:

#passesFilter(Details, Long, Collection, Collection, boolean), FilterDefinitionFactoryBean.setFilterName(String), FilterDefinitionFactoryBean#setParameterTypes(Properties), FilterDefinitionFactoryBean.setDefaultFilterCondition(String)

OneGroupSecurityFilter

public OneGroupSecurityFilter(Roles roles)

Method Detail

getDefaultCondition

public String getDefaultCondition()

Description copied from interface: SecurityFilter

Return the string to be used as the condition.

getParameterTypes

public Map<String,String> getParameterTypes()

Description copied from interface: SecurityFilter

Return a mapping of the hibernate types for each of the parameters that the condition takes.

passesFilter

public boolean passesFilter(org.hibernate.Session session,
                   ome.model.internal.Details d,
                   EventContext c)

tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.

Parameters:

d - Details instance. If null (or if its Permissions are null all rights will be assumed.

Returns:

true if the object to which this

enable

public void enable(org.hibernate.Session sess,
          EventContext ec)

Description copied from interface: SecurityFilter

Enables this filter with the settings from this filter. The intent is that after this call, no Hibernate queries will return any objects that would fail a call to #passesFilter(Details, Long, Long, boolean, boolean, boolean, List).

Parameters:

sess - Non-null.

ec - Non-null.