public class WheelNamingResolver extends NamingResolverDecorator
NamingResolver
.
Constructor and Description |
---|
WheelNamingResolver(NamingResolver resolver) |
Modifier and Type | Method and Description |
---|---|
void |
flushCache()
flush cache if caching resolver
|
boolean |
hasPrivilege(Stem stem,
Subject subject,
Privilege privilege)
Check whether subject has privilege on group.
|
boolean |
hqlFilterStemsNotWithPrivWhereClause(Subject subject,
HqlQuery hqlQuery,
StringBuilder hql,
String stemColumn,
Privilege privilege,
boolean considerAllSubject)
for a stem query, check to make sure the subject cant see the records
|
boolean |
hqlFilterStemsWhereClause(Subject subject,
HqlQuery hqlQuery,
StringBuilder hql,
String stemColumn,
Set<Privilege> privInSet)
for a stem query, check to make sure the subject can see the records (if filtering HQL, you can do
the postHqlFilterGroups instead if you like).
|
Set<Stem> |
postHqlFilterStems(Set<Stem> stems,
Subject subject,
Set<Privilege> privInSet)
after HQL is run, filter stems.
|
getDecoratedResolver, getGrouperSession, getPrivileges, getStemsWhereSubjectDoesntHavePrivilege, getStemsWhereSubjectHasPrivilege, getSubjectsWithPrivilege, grantPrivilege, privilegeCopy, privilegeCopy, revokeAllPrivilegesForSubject, revokePrivilege, revokePrivilege, stop
public WheelNamingResolver(NamingResolver resolver)
resolver
- public void flushCache()
NamingResolver
flushCache
in interface NamingResolver
flushCache
in class NamingResolverDecorator
NamingResolver.flushCache()
public boolean hasPrivilege(Stem stem, Subject subject, Privilege privilege) throws IllegalArgumentException
NamingResolver
hasPrivilege
in interface NamingResolver
hasPrivilege
in class NamingResolverDecorator
IllegalArgumentException
- if any parameter is null.NamingResolver.hasPrivilege(Stem, Subject, Privilege)
public boolean hqlFilterStemsWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Set<Privilege> privInSet)
NamingResolver
hqlFilterStemsWhereClause
in interface NamingResolver
hqlFilterStemsWhereClause
in class NamingResolverDecorator
subject
- which needs view access to the groupshql
- is the select and part part (hql prefix)stemColumn
- is the name of the stem column to join toprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in AccessAdapterNamingResolver.hqlFilterStemsWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)
public Set<Stem> postHqlFilterStems(Set<Stem> stems, Subject subject, Set<Privilege> privInSet)
NamingResolver
postHqlFilterStems
in interface NamingResolver
postHqlFilterStems
in class NamingResolverDecorator
subject
- which needs view access to the groupsprivInSet
- find a privilege which is in this set
(e.g. for view, send all access privs). There are pre-canned sets in NamingPrivilegeNamingResolver.postHqlFilterStems(java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)
public boolean hqlFilterStemsNotWithPrivWhereClause(Subject subject, HqlQuery hqlQuery, StringBuilder hql, String stemColumn, Privilege privilege, boolean considerAllSubject)
NamingResolver
hqlFilterStemsNotWithPrivWhereClause
in interface NamingResolver
hqlFilterStemsNotWithPrivWhereClause
in class NamingResolverDecorator
subject
- which needs view access to the groupshql
- the select and current from partstemColumn
- is the name of the group column to join toprivilege
- find a privilege which is in this set (e.g. stem or create)considerAllSubject
- if true, then consider GrouperAll when seeign if subject has priv, else do notNamingResolver.hqlFilterStemsNotWithPrivWhereClause(edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege, boolean)
Copyright © 2016 Internet2. All rights reserved.