public class GrouperNamingAdapter extends GrouperNonDbNamingAdapter
NamingPrivilege
interface.
This implementation uses the Groups Registry and custom list types to manage naming privileges.
priv2list
Constructor and Description |
---|
GrouperNamingAdapter() |
Modifier and Type | Method and Description |
---|---|
boolean |
hqlFilterStemsNotWithPrivWhereClause(GrouperSession grouperSession,
Subject subject,
HqlQuery hqlQuery,
StringBuilder hql,
String stemColumn,
Privilege privilege,
boolean considerAllSubject)
for a stem query, check to make sure the subject cant see the records (if filtering HQL, you can do
the postHqlFilterStems instead if you like).
|
boolean |
hqlFilterStemsWhereClause(GrouperSession grouperSession,
Subject subject,
HqlQuery hqlQuery,
StringBuilder hql,
String stemColumn,
Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do
the postHqlFilterGroups instead if you like).
|
Set<Stem> |
postHqlFilterStems(GrouperSession grouperSession,
Set<Stem> inputStems,
Subject subject,
Set<Privilege> privInSet)
after HQL is run, filter stems.
|
getPrivs, getStemsWhereSubjectDoesntHavePrivilege, getStemsWhereSubjectHasPriv, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, revokeAllPrivilegesForSubject, revokePriv, revokePriv
public boolean hqlFilterStemsWhereClause(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Set<Privilege> privInSet)
NamingAdapter
hqlFilterStemsWhereClause
in interface NamingAdapter
hqlFilterStemsWhereClause
in class BaseNamingAdapter
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)stemColumn
- is the name of the stem column to join toprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapterBaseNamingAdapter.hqlFilterStemsWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)
public Set<Stem> postHqlFilterStems(GrouperSession grouperSession, Set<Stem> inputStems, Subject subject, Set<Privilege> privInSet)
NamingAdapter
postHqlFilterStems
in interface NamingAdapter
postHqlFilterStems
in class BaseNamingAdapter
subject
- which needs view access to the groupsprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilegeBaseNamingAdapter.postHqlFilterStems(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)
public boolean hqlFilterStemsNotWithPrivWhereClause(GrouperSession grouperSession, Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Privilege privilege, boolean considerAllSubject)
NamingAdapter
hqlFilterStemsNotWithPrivWhereClause
in interface NamingAdapter
hqlFilterStemsNotWithPrivWhereClause
in class BaseNamingAdapter
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)stemColumn
- is the name of the stem column to join toprivilege
- find a privilege which is in this set
(e.g. naming privs).considerAllSubject
- if true, then consider GrouperAll when seeing if doesnt have privilege, else do considerNamingAdapter.hqlFilterStemsNotWithPrivWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege, boolean)
Copyright © 2016 Internet2. All rights reserved.