Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

edu.internet2.middleware.grouper
Class GrouperAccessAdapter

java.lang.Object
  extended by edu.internet2.middleware.grouper.privs.BaseAccessAdapter
      extended by edu.internet2.middleware.grouper.privs.GrouperNonDbAccessAdapter
          extended by edu.internet2.middleware.grouper.GrouperAccessAdapter
All Implemented Interfaces:
AccessAdapter
public class GrouperAccessAdapter
extends GrouperNonDbAccessAdapter

 
 Grouper Access Privilege interface.
 

 Unless you are implementing a new implementation of this interface,
 you should not need to directly use these methods as they are all
 wrapped by methods in the Group class.
 

 This access adapter affects the HQL queries to give better performance

Version:
$Id: GrouperAccessAdapter.java,v 1.84 2009-09-21 06:14:27 mchyzer Exp $
Author:
blair christensen.

Field Summary
static String HQL_FILTER_NO_RESULTS_INDICATOR
          Caller can see if this string ends up in the filter to indicate that no results would be returned.
 
Constructor Summary
GrouperAccessAdapter()
           
 
Method Summary
 boolean hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hql, String groupColumn, Privilege privilege, boolean considerAllSubject)
          for a group query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).
 boolean hqlFilterGroupsWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hql, String groupColumn, Set<Privilege> privInSet)
          note, can use
 Set<Group> postHqlFilterGroups(GrouperSession grouperSession, Set<Group> inputGroups, edu.internet2.middleware.subject.Subject subject, Set<Privilege> privInSet)
          after HQL is run, filter groups.
 Set<Stem> postHqlFilterStemsWithGroups(GrouperSession grouperSession, Set<Stem> stems, edu.internet2.middleware.subject.Subject subject, Set<Privilege> inPrivSet)
          after HQL is run, filter stems with groups.
 
Methods inherited from class edu.internet2.middleware.grouper.privs.GrouperNonDbAccessAdapter
getGroupsWhereSubjectDoesntHavePrivilege, getGroupsWhereSubjectHasPriv, getPrivs, getStemsWhereGroupThatSubjectHasPrivilege, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, retrievePrivileges, revokeAllPrivilegesForSubject, revokePriv, revokePriv
 
Methods inherited from class edu.internet2.middleware.grouper.privs.BaseAccessAdapter
postHqlFilterMemberships
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface edu.internet2.middleware.grouper.privs.AccessAdapter
postHqlFilterMemberships
 

Field Detail

HQL_FILTER_NO_RESULTS_INDICATOR

public static final String HQL_FILTER_NO_RESULTS_INDICATOR
Caller can see if this string ends up in the filter to indicate that no results would be returned.

See Also:
Constant Field Values
Constructor Detail

GrouperAccessAdapter

public GrouperAccessAdapter()
Method Detail

hqlFilterGroupsWhereClause

public boolean hqlFilterGroupsWhereClause(GrouperSession grouperSession,
                                          edu.internet2.middleware.subject.Subject subject,
                                          HqlQuery hqlQuery,
                                          StringBuilder hql,
                                          String groupColumn,
                                          Set<Privilege> privInSet)
note, can use

Specified by:
hqlFilterGroupsWhereClause in interface AccessAdapter
Overrides:
hqlFilterGroupsWhereClause in class BaseAccessAdapter
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
groupColumn - is the name of the group column to join to
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege
Returns:
if the query was changed
See Also:
AccessAdapter.hqlFilterGroupsWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)

hqlFilterGroupsNotWithPrivWhereClause

public boolean hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession,
                                                     edu.internet2.middleware.subject.Subject subject,
                                                     HqlQuery hqlQuery,
                                                     StringBuilder hql,
                                                     String groupColumn,
                                                     Privilege privilege,
                                                     boolean considerAllSubject)
Description copied from interface: AccessAdapter
for a group query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).

Specified by:
hqlFilterGroupsNotWithPrivWhereClause in interface AccessAdapter
Overrides:
hqlFilterGroupsNotWithPrivWhereClause in class BaseAccessAdapter
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
groupColumn - is the name of the group column to join to
privilege - find a privilege which is in this set (e.g. for view, send view).
considerAllSubject - if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider
Returns:
if the query was changed
See Also:
AccessAdapter.hqlFilterGroupsNotWithPrivWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege, boolean)

postHqlFilterGroups

public Set<Group> postHqlFilterGroups(GrouperSession grouperSession,
                                      Set<Group> inputGroups,
                                      edu.internet2.middleware.subject.Subject subject,
                                      Set<Privilege> privInSet)
Description copied from interface: AccessAdapter
after HQL is run, filter groups. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterGroups in interface AccessAdapter
Overrides:
postHqlFilterGroups in class BaseAccessAdapter
subject - which needs view access to the groups
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
Returns:
the set of filtered groups
See Also:
BaseAccessAdapter.postHqlFilterGroups(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

postHqlFilterStemsWithGroups

public Set<Stem> postHqlFilterStemsWithGroups(GrouperSession grouperSession,
                                              Set<Stem> stems,
                                              edu.internet2.middleware.subject.Subject subject,
                                              Set<Privilege> inPrivSet)
Description copied from interface: AccessAdapter
after HQL is run, filter stems with groups. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterStemsWithGroups in interface AccessAdapter
Overrides:
postHqlFilterStemsWithGroups in class BaseAccessAdapter
Returns:
the stems
See Also:
BaseAccessAdapter.postHqlFilterStemsWithGroups(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD