Package org.gcube.informationsystem.resourceregistry.contexts.security

Class SecurityContext

java.lang.Object

org.gcube.informationsystem.resourceregistry.contexts.security.SecurityContext

Direct Known Subclasses:

AdminSecurityContext, ContextSecurityContext, QueryTemplatesSecurityContext, ShadowContextSecurityContext, TypeSecurityContext

public class SecurityContext
extends Object

Author:

Luca Frosini (ISTI - CNR)

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecurityContext.PermissionMode
static class	SecurityContext.SecurityType

Field Summary

Fields

Modifier and Type	Field	Description
protected Set<SecurityContext>	children
protected UUID	context
protected static String	DEFAULT_READER_ROLE
protected static String	DEFAULT_WRITER_ROLE
static String	H
protected boolean	hierarchical
protected SecurityContext	parentSecurityContext
protected Map<Boolean,Map<SecurityContext.PermissionMode,com.orientechnologies.orient.core.db.ODatabasePool>>	poolMap

Constructor Summary

Constructors

Modifier	Constructor	Description
	SecurityContext(UUID context)
protected	SecurityContext(UUID context, boolean hierarchical)

Method Summary

Modifier and Type	Method	Description
void	addElement(com.orientechnologies.orient.core.record.OElement element)
void	addElement(com.orientechnologies.orient.core.record.OElement element, com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)
protected com.orientechnologies.orient.core.metadata.security.ORole	addExtraRules(com.orientechnologies.orient.core.metadata.security.ORole role, SecurityContext.PermissionMode permissionMode)
protected void	addHierarchicalRoleToParent(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, SecurityContext.PermissionMode permissionMode, com.orientechnologies.orient.core.metadata.security.ORole... roles)
protected void	allow(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, com.orientechnologies.orient.core.record.impl.ODocument oDocument, boolean hierarchic)
protected boolean	allowed(com.orientechnologies.orient.core.metadata.security.ORole role, com.orientechnologies.orient.core.record.impl.ODocument oDocument)
void	changeParentSecurityContext(SecurityContext newParentSecurityContext, com.orientechnologies.orient.core.db.document.ODatabaseDocument orientGraph)	Use to change the parent not to set the first time
void	create()
void	create(com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)
protected void	createRolesAndUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)
void	delete()
void	delete(com.orientechnologies.orient.core.db.document.ODatabaseDocument orientGraph)
protected void	deleteRolesAndUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)
protected void	deny(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, com.orientechnologies.orient.core.record.impl.ODocument oDocument, boolean hierarchical)
protected com.orientechnologies.orient.core.db.document.ODatabaseDocument	getAdminDatabaseDocument()
Set<SecurityContext>	getChildren()
static Set<String>	getContexts(com.orientechnologies.orient.core.record.OElement element)
com.orientechnologies.orient.core.db.document.ODatabaseDocument	getDatabaseDocument(SecurityContext.PermissionMode permissionMode)
SecurityContext	getParentSecurityContext()
static String	getRoleOrUserName(SecurityContext.PermissionMode permissionMode, SecurityContext.SecurityType securityType)
static String	getRoleOrUserName(SecurityContext.PermissionMode permissionMode, SecurityContext.SecurityType securityType, boolean hierarchic)
String	getSecurityRoleOrUserName(SecurityContext.PermissionMode permissionMode, SecurityContext.SecurityType securityType, boolean hierarchic)
protected com.orientechnologies.orient.core.metadata.security.ORole	getSuperRole(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, SecurityContext.PermissionMode permissionMode)
UUID	getUUID()
boolean	isElementInContext(com.orientechnologies.orient.core.record.OElement element)
protected boolean	isHierarchicalMode()
protected void	removeChildrenHRolesFromMyHUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, Set<SecurityContext> children)
protected void	removeChildrenHRolesFromParents(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)
protected void	removeChildrenHRolesFromParents(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, Set<SecurityContext> parents, Set<SecurityContext> children)
void	removeElement(com.orientechnologies.orient.core.record.OElement element)
void	removeElement(com.orientechnologies.orient.core.record.OElement element, com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)
protected void	removeHierarchicRoleFromMyHUser(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity, SecurityContext.PermissionMode permissionMode, String roleName)
void	setParentSecurityContext(SecurityContext parentSecurityContext)
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DEFAULT_WRITER_ROLE

protected static final String DEFAULT_WRITER_ROLE

See Also:

Constant Field Values

DEFAULT_READER_ROLE

protected static final String DEFAULT_READER_ROLE

See Also:

Constant Field Values

H

public static final String H

See Also:

Constant Field Values

hierarchical

protected final boolean hierarchical

context

protected final UUID context

poolMap

protected final Map<Boolean,Map<SecurityContext.PermissionMode,com.orientechnologies.orient.core.db.ODatabasePool>> poolMap

parentSecurityContext

protected SecurityContext parentSecurityContext

children

protected Set<SecurityContext> children

Constructor Detail

SecurityContext

protected SecurityContext(UUID context,
                          boolean hierarchical)
                   throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

SecurityContext

public SecurityContext(UUID context)
                throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Method Detail

isHierarchicalMode

protected boolean isHierarchicalMode()

setParentSecurityContext

public void setParentSecurityContext(SecurityContext parentSecurityContext)

getParentSecurityContext

public SecurityContext getParentSecurityContext()

getChildren

public Set<SecurityContext> getChildren()

getAdminDatabaseDocument

protected com.orientechnologies.orient.core.db.document.ODatabaseDocument getAdminDatabaseDocument()
                                                                                            throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

changeParentSecurityContext

public void changeParentSecurityContext(SecurityContext newParentSecurityContext,
                                        com.orientechnologies.orient.core.db.document.ODatabaseDocument orientGraph)
                                 throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Use to change the parent not to set the first time

Parameters:

newParentSecurityContext -

orientGraph -

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

getUUID

public UUID getUUID()

getRoleOrUserName

public static String getRoleOrUserName(SecurityContext.PermissionMode permissionMode,
                                       SecurityContext.SecurityType securityType)

getRoleOrUserName

public static String getRoleOrUserName(SecurityContext.PermissionMode permissionMode,
                                       SecurityContext.SecurityType securityType,
                                       boolean hierarchic)

getSecurityRoleOrUserName

public String getSecurityRoleOrUserName(SecurityContext.PermissionMode permissionMode,
                                        SecurityContext.SecurityType securityType,
                                        boolean hierarchic)

getContexts

public static Set<String> getContexts(com.orientechnologies.orient.core.record.OElement element)

addElement

public void addElement(com.orientechnologies.orient.core.record.OElement element)
                throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

allow

protected void allow(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                     com.orientechnologies.orient.core.record.impl.ODocument oDocument,
                     boolean hierarchic)

isElementInContext

public boolean isElementInContext(com.orientechnologies.orient.core.record.OElement element)
                           throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

addElement

public void addElement(com.orientechnologies.orient.core.record.OElement element,
                       com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)

removeElement

public void removeElement(com.orientechnologies.orient.core.record.OElement element)
                   throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

deny

protected void deny(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                    com.orientechnologies.orient.core.record.impl.ODocument oDocument,
                    boolean hierarchical)

removeElement

public void removeElement(com.orientechnologies.orient.core.record.OElement element,
                          com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)

allowed

protected boolean allowed(com.orientechnologies.orient.core.metadata.security.ORole role,
                          com.orientechnologies.orient.core.record.impl.ODocument oDocument)

create

public void create()
            throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

addExtraRules

protected com.orientechnologies.orient.core.metadata.security.ORole addExtraRules(com.orientechnologies.orient.core.metadata.security.ORole role,
                                                                                  SecurityContext.PermissionMode permissionMode)

getSuperRole

protected com.orientechnologies.orient.core.metadata.security.ORole getSuperRole(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                                                                                 SecurityContext.PermissionMode permissionMode)

addHierarchicalRoleToParent

protected void addHierarchicalRoleToParent(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                                           SecurityContext.PermissionMode permissionMode,
                                           com.orientechnologies.orient.core.metadata.security.ORole... roles)

createRolesAndUsers

protected void createRolesAndUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)

create

public void create(com.orientechnologies.orient.core.db.document.ODatabaseDocument oDatabaseDocument)

delete

public void delete()
            throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

removeChildrenHRolesFromParents

protected void removeChildrenHRolesFromParents(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)

removeChildrenHRolesFromParents

protected void removeChildrenHRolesFromParents(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                                               Set<SecurityContext> parents,
                                               Set<SecurityContext> children)

removeChildrenHRolesFromMyHUsers

protected void removeChildrenHRolesFromMyHUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                                                Set<SecurityContext> children)

removeHierarchicRoleFromMyHUser

protected void removeHierarchicRoleFromMyHUser(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity,
                                               SecurityContext.PermissionMode permissionMode,
                                               String roleName)

deleteRolesAndUsers

protected void deleteRolesAndUsers(com.orientechnologies.orient.core.metadata.security.OSecurity oSecurity)

delete

public void delete(com.orientechnologies.orient.core.db.document.ODatabaseDocument orientGraph)

getDatabaseDocument

public com.orientechnologies.orient.core.db.document.ODatabaseDocument getDatabaseDocument(SecurityContext.PermissionMode permissionMode)
                                                                                    throws org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

Throws:

org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException

toString

public String toString()

Overrides:

toString in class Object