ome.security.policy

Class BinaryAccessPolicy

java.lang.Object

ome.security.policy.BasePolicy

ome.security.policy.BinaryAccessPolicy

All Implemented Interfaces:

Policy

public class BinaryAccessPolicy
extends BasePolicy

Policy which should be checked anytime access to original binary files in OMERO is being attempted. This check is in addition to the standard permission permission and is intended to allow customizing who has access to widely shared data.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	NAME This string can also be found in the Constants.ice file in the blitz package.

Fields inherited from class ome.security.policy.BasePolicy

types

Constructor Summary

Constructors

Constructor and Description
BinaryAccessPolicy(java.util.Set<java.lang.Class<IObject>> types, ACLVoter voter)
BinaryAccessPolicy(java.util.Set<java.lang.Class<IObject>> types, ACLVoter voter, java.lang.String[] config)

Method Summary

Modifier and Type	Method and Description
void	checkRestriction(IObject obj) Like Policy.isRestricted(IObject) but throws an appropriate SecurityViolation subclass if the restriction is active.
java.lang.String	getName() Unique name for a class of restrictions that this Policy will enforce.
protected java.util.Set<java.lang.String>	groupRestrictions(IObject obj)
boolean	isRestricted(IObject obj) Checks whether or not this instance would throw a SecurityViolation if the same instance were passed to Policy.checkRestriction(IObject).

Methods inherited from class ome.security.policy.BasePolicy

getTypes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NAME

public static final java.lang.String NAME

This string can also be found in the Constants.ice file in the blitz package.

See Also:

Constant Field Values

Constructor Detail

BinaryAccessPolicy

public BinaryAccessPolicy(java.util.Set<java.lang.Class<IObject>> types,
                          ACLVoter voter)

BinaryAccessPolicy

public BinaryAccessPolicy(java.util.Set<java.lang.Class<IObject>> types,
                          ACLVoter voter,
                          java.lang.String[] config)

Method Detail

getName

public java.lang.String getName()

Description copied from interface: Policy

Unique name for a class of restrictions that this Policy will enforce. This string will be sent to clients via Permissions.copyExtendedRestrictions() in order to prevent exceptions, and server-code will pass the same name to the check method to potentially have an exception thrown.

Specified by:

getName in interface Policy

Specified by:

getName in class BasePolicy

isRestricted

public boolean isRestricted(IObject obj)

Description copied from interface: Policy

Checks whether or not this instance would throw a SecurityViolation if the same instance were passed to Policy.checkRestriction(IObject). This is likely determined by first testing the type of the IObject and then that the current user context has access to the given context.

Specified by:

isRestricted in interface Policy

Overrides:

isRestricted in class BasePolicy

Parameters:

obj - a non-null IObject instance.

Returns:

true if this Policy decides that a restriction should be placed on the passed context.

groupRestrictions

protected java.util.Set<java.lang.String> groupRestrictions(IObject obj)

checkRestriction

public void checkRestriction(IObject obj)

Description copied from interface: Policy

Like Policy.isRestricted(IObject) but throws an appropriate SecurityViolation subclass if the restriction is active.

Specified by:

checkRestriction in interface Policy

Overrides:

checkRestriction in class BasePolicy