Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

edu.internet2.middleware.grouper.privs
Class BaseAttrDefAdapter

java.lang.Object
  extended by edu.internet2.middleware.grouper.privs.BaseAttrDefAdapter
All Implemented Interfaces:
AttributeDefAdapter
Direct Known Subclasses:
GrouperNonDbAttrDefAdapter
public abstract class BaseAttrDefAdapter
extends Object
implements AttributeDefAdapter

Base class for attr def access adapter

Constructor Summary
BaseAttrDefAdapter()
           
 
Method Summary
 boolean hqlFilterAttrDefsWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hqlTables, StringBuilder hqlWhereClause, String attributeDefColumn, Set<Privilege> privInSet)
          for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like).
 boolean hqlFilterAttributeDefsNotWithPrivWhereClause(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, HqlQuery hqlQuery, StringBuilder hql, String attributeDefColumn, Privilege privilege, boolean considerAllSubject)
          for an attributeDef query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).
 Set<AttributeAssign> postHqlFilterAttributeAssigns(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, Set<AttributeAssign> attributeAssigns)
          filter attribute assignments for things the subject can see, assume underlying assignments are ok to view
 Set<AttributeDef> postHqlFilterAttributeDefs(GrouperSession grouperSession, Set<AttributeDef> inputAttributeDefs, edu.internet2.middleware.subject.Subject subject, Set<Privilege> privInSet)
          after HQL is run, filter attributeDefs.
 Set<PermissionEntry> postHqlFilterPermissions(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, Set<PermissionEntry> permissionEntries)
          filter permissionEntries for things the subject can see, assume underlying assignments are ok to view
 Set<PITAttributeAssign> postHqlFilterPITAttributeAssigns(GrouperSession grouperSession, edu.internet2.middleware.subject.Subject subject, Set<PITAttributeAssign> pitAttributeAssigns)
          filter pit attribute assignments for things the subject can see, assume underlying assignments are ok to view
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface edu.internet2.middleware.grouper.privs.AttributeDefAdapter
getAttributeDefsWhereSubjectDoesntHavePrivilege, getAttributeDefsWhereSubjectHasPriv, getPrivs, getSubjectsWithPriv, grantPriv, hasPriv, privilegeCopy, privilegeCopy, retrievePrivileges, revokeAllPrivilegesForSubject, revokePriv, revokePriv
 

Constructor Detail

BaseAttrDefAdapter

public BaseAttrDefAdapter()
Method Detail

postHqlFilterPermissions

public Set<PermissionEntry> postHqlFilterPermissions(GrouperSession grouperSession,
                                                     edu.internet2.middleware.subject.Subject subject,
                                                     Set<PermissionEntry> permissionEntries)
Description copied from interface: AttributeDefAdapter
filter permissionEntries for things the subject can see, assume underlying assignments are ok to view

Specified by:
postHqlFilterPermissions in interface AttributeDefAdapter
Returns:
the memberships
See Also:
AttributeDefAdapter.postHqlFilterPermissions(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)

postHqlFilterAttributeDefs

public Set<AttributeDef> postHqlFilterAttributeDefs(GrouperSession grouperSession,
                                                    Set<AttributeDef> inputAttributeDefs,
                                                    edu.internet2.middleware.subject.Subject subject,
                                                    Set<Privilege> privInSet)
Description copied from interface: AttributeDefAdapter
after HQL is run, filter attributeDefs. If you are filtering in HQL, then dont filter here

Specified by:
postHqlFilterAttributeDefs in interface AttributeDefAdapter
subject - which needs view access to the groups
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessAdapter
Returns:
the set of filtered groups
See Also:
AttributeDefAdapter.postHqlFilterAttributeDefs(edu.internet2.middleware.grouper.GrouperSession, java.util.Set, edu.internet2.middleware.subject.Subject, java.util.Set)

hqlFilterAttrDefsWhereClause

public boolean hqlFilterAttrDefsWhereClause(GrouperSession grouperSession,
                                            edu.internet2.middleware.subject.Subject subject,
                                            HqlQuery hqlQuery,
                                            StringBuilder hqlTables,
                                            StringBuilder hqlWhereClause,
                                            String attributeDefColumn,
                                            Set<Privilege> privInSet)
Description copied from interface: AttributeDefAdapter
for an attrDef query, check to make sure the subject can see the records (if filtering HQL, you can do the postHqlFilterAttrDefs instead if you like). Note, this joins to tables, so the queries should probably be "distinct"

Specified by:
hqlFilterAttrDefsWhereClause in interface AttributeDefAdapter
subject - which needs view access to the attrDefs
hqlTables - is the select and part part (hql prefix)
hqlWhereClause - is there where clause part of the query
attributeDefColumn - is the name of the attrDef column to join to
privInSet - find a privilege which is in this set (e.g. for view, send all access privs). There are pre-canned sets in AccessPrivilege
Returns:
if the query was changed
See Also:
AttributeDefAdapter.hqlFilterAttrDefsWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.StringBuilder, java.lang.String, java.util.Set)

postHqlFilterAttributeAssigns

public Set<AttributeAssign> postHqlFilterAttributeAssigns(GrouperSession grouperSession,
                                                          edu.internet2.middleware.subject.Subject subject,
                                                          Set<AttributeAssign> attributeAssigns)
Description copied from interface: AttributeDefAdapter
filter attribute assignments for things the subject can see, assume underlying assignments are ok to view

Specified by:
postHqlFilterAttributeAssigns in interface AttributeDefAdapter
Returns:
the memberships
See Also:
AttributeDefAdapter.postHqlFilterAttributeAssigns(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)

postHqlFilterPITAttributeAssigns

public Set<PITAttributeAssign> postHqlFilterPITAttributeAssigns(GrouperSession grouperSession,
                                                                edu.internet2.middleware.subject.Subject subject,
                                                                Set<PITAttributeAssign> pitAttributeAssigns)
Description copied from interface: AttributeDefAdapter
filter pit attribute assignments for things the subject can see, assume underlying assignments are ok to view

Specified by:
postHqlFilterPITAttributeAssigns in interface AttributeDefAdapter
Returns:
the pit attribute assignments
See Also:
AttributeDefAdapter.postHqlFilterPITAttributeAssigns(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, java.util.Set)

hqlFilterAttributeDefsNotWithPrivWhereClause

public boolean hqlFilterAttributeDefsNotWithPrivWhereClause(GrouperSession grouperSession,
                                                            edu.internet2.middleware.subject.Subject subject,
                                                            HqlQuery hqlQuery,
                                                            StringBuilder hql,
                                                            String attributeDefColumn,
                                                            Privilege privilege,
                                                            boolean considerAllSubject)
Description copied from interface: AttributeDefAdapter
for an attributeDef query, check to make sure the subject cant see the records (if filtering HQL, you can do the postHqlFilterAttributeDefs instead if you like).

Specified by:
hqlFilterAttributeDefsNotWithPrivWhereClause in interface AttributeDefAdapter
subject - which needs view access to the groups
hql - is the select and part part (hql prefix)
attributeDefColumn - is the name of the attributeDef column to join to
privilege - find a privilege which is in this set (e.g. attributeDef privs).
considerAllSubject - if true, then consider GrouperAll when seeing if doesnt have privilege, else do consider
Returns:
if the query was changed
See Also:
AttributeDefAdapter.hqlFilterAttributeDefsNotWithPrivWhereClause(edu.internet2.middleware.grouper.GrouperSession, edu.internet2.middleware.subject.Subject, edu.internet2.middleware.grouper.hibernate.HqlQuery, java.lang.StringBuilder, java.lang.String, Privilege, boolean)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD