public class AllGroupsSecurityFilter extends AbstractSecurityFilter
FilterDefinitionFactoryBean
in order to construct our
security filter in code and not in XML. This allows us to make use of the
knowledge within Permissions
With the addition of shares in 4.0, it is necessary to remove the security
filter if a share is active and allow loading to throw the necessary
exceptions.Modifier and Type | Field and Description |
---|---|
static String |
filterName |
static String |
is_admin |
static String |
leader_of_groups |
static String |
member_of_groups |
log, roles
current_user, is_adminorpi, is_nonprivate, is_share
Constructor and Description |
---|
AllGroupsSecurityFilter(SqlAction sql)
Default constructor which calls all the necessary setters for this
FactoryBean . |
AllGroupsSecurityFilter(SqlAction sql,
Roles roles) |
Modifier and Type | Method and Description |
---|---|
protected Collection<Long> |
configGroup(EventContext ec,
List<Long> list) |
void |
enable(org.hibernate.Session sess,
EventContext ec)
Since we assume that the group is "-1" for this method, we have to pass
in lists of all groups as we did before group permissions (~4.2).
|
String |
getDefaultCondition()
Return the string to be used as the condition.
|
Map<String,String> |
getParameterTypes()
Return a mapping of the hibernate types for each of the parameters
that the condition takes.
|
protected static String |
isGranted(Permissions.Role role,
Permissions.Right right) |
protected String |
myFilterCondition() |
boolean |
passesFilter(org.hibernate.Session session,
Details d,
EventContext c)
tests that the
Details argument passes the security test that
this filter defines. |
disable, disableBaseFilters, enableBaseFilters, getName, isAdminOrPi, isNonPrivate, isShare
afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes
public static final String is_admin
public static final String member_of_groups
public static final String leader_of_groups
public static final String filterName
public AllGroupsSecurityFilter(SqlAction sql)
FactoryBean
. Also calls FilterDefinitionFactoryBean.setDefaultFilterCondition(String)
.
This query clause must be kept in sync with
passesFilter(Session, Details, EventContext)
.sql
- an SQL action instancepassesFilter(Session, Details, EventContext)
,
FilterDefinitionFactoryBean.setFilterName(String)
,
FilterDefinitionFactoryBean.setParameterTypes(java.util.Map)
,
FilterDefinitionFactoryBean.setDefaultFilterCondition(String)
protected String myFilterCondition()
public String getDefaultCondition()
SecurityFilter
public Map<String,String> getParameterTypes()
SecurityFilter
public boolean passesFilter(org.hibernate.Session session, Details d, EventContext c)
Details
argument passes the security test that
this filter defines. The two must be kept in sync. This will be used
mostly by the
OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[])
method.d
- Details instance. If null (or if its Permissions
are
null all rights
will be assumed.public void enable(org.hibernate.Session sess, EventContext ec)
sess
- Non-null.ec
- Non-null.protected Collection<Long> configGroup(EventContext ec, List<Long> list)
protected static String isGranted(Permissions.Role role, Permissions.Right right)
Version: 5.2.8-ice35-b57
Copyright © 2017 The University of Dundee & Open Microscopy Environment. All Rights Reserved.