Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

edu.internet2.middleware.grouper.privs
Class BaseAccessAdapter

java.lang.Object
  extended by edu.internet2.middleware.grouper.privs.BaseAccessAdapter
All Implemented Interfaces:
AccessAdapter
Direct Known Subclasses:
GrouperNonDbAccessAdapter
public abstract class BaseAccessAdapter
extends Object
implements AccessAdapter

Base class for access adapter

Constructor Summary
BaseAccessAdapter()
           
 
Method Summary
 boolean hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hql, String groupColumn, Privilege privilege, boolean considerAllSubject)
          for a group query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).
 boolean hqlFilterGroupsWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hql, String groupColumn, Set<Privilege> privInSet)
          for a group query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).
 Set<Group> postHqlFilterGroups(GrouperSession grouperSession, Set<Group> inputGroups, edu.internet2.middleware.subject.Subject subject, Set<Privilege> privInSet)
          after HQL is run, filter groups.
 Set<Membership> postHqlFilterMemberships(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, Set<Membership> memberships)
          filter memberships for things the subject can see
 Set<Stem> postHqlFilterStemsWithGroups(GrouperSession grouperSession, Set<Stem> stems, edu.internet2.middleware.subject.Subject subject, Set<Privilege> inPrivSet)
          after HQL is run, filter stems with groups.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface edu.internet2.middleware.grouper.privs.AccessAdapter
getGroupsWhereSubjectDoesntHavePrivilege, getGroupsWhereSubjectHasPriv, getPrivs, getStemsWhereGroupThatSubjectHasPrivilege, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, retrievePrivileges, revokeAllPrivilegesForSubject, revokePriv, revokePriv
 

Constructor Detail

BaseAccessAdapter

public BaseAccessAdapter()
Method Detail

postHqlFilterGroups

public Set<Group> postHqlFilterGroups(GrouperSession grouperSession,
                                      Set<Group> inputGroups,
                                      edu.internet2.middleware.subject.Subject subject,
                                      Set<Privilege> privInSet)
Description copied from interface: AccessAdapter
after HQL is run, filter groups. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterGroups in interface AccessAdapter
subject - which needs view access to the groups
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
Returns:
the set of filtered groups
See Also:
AccessAdapter.postHqlFilterGroups(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

postHqlFilterStemsWithGroups

public Set<Stem> postHqlFilterStemsWithGroups(GrouperSession grouperSession,
                                              Set<Stem> stems,
                                              edu.internet2.middleware.subject.Subject subject,
                                              Set<Privilege> inPrivSet)
Description copied from interface: AccessAdapter
after HQL is run, filter stems with groups. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterStemsWithGroups in interface AccessAdapter
Returns:
the stems
See Also:
AccessAdapter.postHqlFilterStemsWithGroups(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

hqlFilterGroupsWhereClause

public boolean hqlFilterGroupsWhereClause(GrouperSession grouperSession,
                                          edu.internet2.middleware.subject.Subject subject,
                                          HqlQuery hqlQuery,
                                          StringBuilder hql,
                                          String groupColumn,
                                          Set<Privilege> privInSet)
Description copied from interface: AccessAdapter
for a group query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like). Note, this joins to tables, so the queries should probably be "distinct"

Specified by:
hqlFilterGroupsWhereClause in interface AccessAdapter
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
groupColumn - is the name of the group column to join to
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege
Returns:
if the query was changed
See Also:
AccessAdapter.hqlFilterGroupsWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, java.util.Set)

hqlFilterGroupsNotWithPrivWhereClause

public boolean hqlFilterGroupsNotWithPrivWhereClause(GrouperSession grouperSession,
                                                     edu.internet2.middleware.subject.Subject subject,
                                                     HqlQuery hqlQuery,
                                                     StringBuilder hql,
                                                     String groupColumn,
                                                     Privilege privilege,
                                                     boolean considerAllSubject)
Description copied from interface: AccessAdapter
for a group query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterGroups instead if you like).

Specified by:
hqlFilterGroupsNotWithPrivWhereClause in interface AccessAdapter
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
groupColumn - is the name of the group column to join to
privilege - find a privilege which is in this set (e.g. for view, send view).
considerAllSubject - if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider
Returns:
if the query was changed
See Also:
AccessAdapter.hqlFilterGroupsNotWithPrivWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege, boolean)

postHqlFilterMemberships

public Set<Membership> postHqlFilterMemberships(GrouperSession grouperSession,
                                                edu.internet2.middleware.subject.Subject subject,
                                                Set<Membership> memberships)
Description copied from interface: AccessAdapter
filter memberships for things the subject can see

Specified by:
postHqlFilterMemberships in interface AccessAdapter
Returns:
the memberships
See Also:
AccessAdapter.postHqlFilterMemberships(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD