ome.security.basic

Class LightAdminPrivilegesSecurityFilter

java.lang.Object

org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

ome.security.basic.AbstractSecurityFilter

ome.security.basic.LightAdminPrivilegesSecurityFilter

All Implemented Interfaces:

SecurityFilter, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.FactoryBean<org.hibernate.engine.FilterDefinition>, org.springframework.beans.factory.InitializingBean

public class LightAdminPrivilegesSecurityFilter
extends AbstractSecurityFilter

Filter database queries to respect light administrator privileges. Specifically, provide means to be sudo-aware in filtering according to the current Session's ownership and the light administrator's privileges.

Since:

5.4.0

Author:

m.t.b.carroll@dundee.ac.uk

Field Summary

Fields inherited from class ome.security.basic.AbstractSecurityFilter

log, roles

Fields inherited from interface ome.security.SecurityFilter

current_user, is_adminorpi, is_nonprivate, is_share

Constructor Summary

Constructors

Constructor and Description
LightAdminPrivilegesSecurityFilter(Roles roles) Construct a new light administrator filter.

Method Summary

Modifier and Type	Method and Description
void	enable(org.hibernate.Session session, EventContext ec) Enables this filter with the settings from this filter.
java.lang.String	getDefaultCondition() Return the string to be used as the condition.
java.util.Map<java.lang.String,java.lang.String>	getParameterTypes() Return a mapping of the hibernate types for each of the parameters that the condition takes.
boolean	passesFilter(org.hibernate.Session session, Details details, EventContext ec) tests that the Details argument passes the security test that this filter defines.

Methods inherited from class ome.security.basic.AbstractSecurityFilter

disable, disableBaseFilters, enableBaseFilters, getName, isAdminOrPi, isNonPrivate, isShare

Methods inherited from class org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LightAdminPrivilegesSecurityFilter

public LightAdminPrivilegesSecurityFilter(Roles roles)

Construct a new light administrator filter.

Parameters:

roles - the users and groups that are special to OMERO

Method Detail

getParameterTypes

public java.util.Map<java.lang.String,java.lang.String> getParameterTypes()

Description copied from interface: SecurityFilter

Return a mapping of the hibernate types for each of the parameters that the condition takes.

getDefaultCondition

public java.lang.String getDefaultCondition()

Description copied from interface: SecurityFilter

Return the string to be used as the condition.

passesFilter

public boolean passesFilter(org.hibernate.Session session,
                            Details details,
                            EventContext ec)

Description copied from interface: SecurityFilter

tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.

details - Details instance. If null (or if its Permissions are null all rights will be assumed.

Returns:

true if the object to which this

enable

public void enable(org.hibernate.Session session,
                   EventContext ec)

Description copied from interface: SecurityFilter

Enables this filter with the settings from this filter. The intent is that after this call, no Hibernate queries will return any objects that would fail a call to SecurityFilter.passesFilter(Session, Details, EventContext).

Parameters:

session - Non-null.

ec - Non-null.