org.ametys.plugins.core.impl.right

Class JdbcProfileAssignmentStorage

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.core.datasource.AbstractMyBatisDAO

org.ametys.plugins.core.impl.right.JdbcProfileAssignmentStorage

All Implemented Interfaces:

ModifiableProfileAssignmentStorage, ProfileAssignmentStorage, LogEnabled, PluginAware, Component, Configurable, Contextualizable, Serviceable

public class JdbcProfileAssignmentStorage
extends AbstractMyBatisDAO
implements ModifiableProfileAssignmentStorage

Jdbc implementation of ProfileAssignmentStorage which stores profile assignments in database. This only supports String objects as contexts.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
private static class	JdbcProfileAssignmentStorage.Database

Field Summary

Fields

Modifier and Type	Field and Description
protected Map<String,JdbcProfileAssignmentStorage.Database>	_cache The jdbc cache
protected String	_supportedContext The handled context

Fields inherited from class org.ametys.core.datasource.AbstractMyBatisDAO

_manager

Fields inherited from interface org.ametys.core.right.ProfileAssignmentStorage

MAX_PRIORITY, MIN_PRIORITY

Constructor Summary

Constructors

Constructor and Description
JdbcProfileAssignmentStorage()

Method Summary

Modifier and Type	Method and Description
protected void	_clearCache() Clear the cache of _getFullData
protected void	_clearCache(Object context) Clear the cache of _getFullData
protected JdbcProfileAssignmentStorage.Database	_getFullData(Object context) Dump the SQL database in an cached object
void	addAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId) Associates some groups with an allowed profile on a given object
void	addAllowedProfilesForAnonymous(Object object, Set<String> profileIds) Adds allowed profiles an anonymous user has on the given object
void	addAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds) Adds allowed profiles any connected user has on the given object
void	addAllowedUsers(Set<UserIdentity> users, Object object, String profileId) Associates some users with an allowed profile on a given object
void	addDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId) Associates some groups with a denied profile on a given object
void	addDeniedProfilesForAnonymous(Object object, Set<String> profileIds) Adds denied profiles an anonymous user has on the given object
void	addDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds) Adds denied profiles any connected user has on the given object
void	addDeniedUsers(Set<UserIdentity> users, Object object, String profileId) Associates some users with a denied profile on a given object
void	configure(Configuration configuration)
Set<GroupIdentity>	getAllowedGroups(Object object, String profileId) Gets the groups that have the given allowed profile on the given object
Set<String>	getAllowedProfilesForAnonymous(Object object) Gets the allowed profiles an anonymous user has on the given object
Set<String>	getAllowedProfilesForAnyConnectedUser(Object object) Gets the allowed profiles any connected user has on the given object
Map<GroupIdentity,Set<String>>	getAllowedProfilesForGroups(Object object) Gets the groups that have allowed profiles assigned on the given object
Set<String>	getAllowedProfilesForUser(UserIdentity user, Object object) Get the allowed profiles assigned on the given object for the given user
Map<UserIdentity,Set<String>>	getAllowedProfilesForUsers(Object object) Gets the users that have allowed profiles assigned on the given object
Set<UserIdentity>	getAllowedUsers(Object object, String profileId) Gets the users that have the given allowed profile on the given object
Set<GroupIdentity>	getDeniedGroups(Object object, String profileId) Gets the groups that have the given denied profile on the given object
Set<String>	getDeniedProfilesForAnonymous(Object object) Gets the denied profiles an anonymous user has on the given object
Set<String>	getDeniedProfilesForAnyConnectedUser(Object object) Gets the denied profiles any connected user has on the given object
Map<GroupIdentity,Set<String>>	getDeniedProfilesForGroups(Object object) Gets the groups that have denied profiles assigned on the given object
Set<String>	getDeniedProfilesForUser(UserIdentity user, Object object) Get the denied profiles assigned on the given object for the given user
Map<UserIdentity,Set<String>>	getDeniedProfilesForUsers(Object object) Gets the users that have denied profiles assigned on the given object
Set<UserIdentity>	getDeniedUsers(Object object, String profileId) Gets the users that have the given denied profile on the given object
protected Object	getObjectWithPrefix(Object context) Get the object context with prefix if necessary
protected String	getPrefix() Get the prefix for object context
int	getPriority() Returns the priority of this profile storage The ProfileAssignmentStorageExtensionPoint will take the profile storage which supports the object with the highest priority to return the allowed/denied users/groups
boolean	hasAnonymousAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds) Returns true if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasAnonymousDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds) Returns true if anonymous user has the denied profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasAnyConnectedAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds) Returns true if any connected user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasAnyConnectedDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds) Returns true if any connected user has the denied profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasGroupAllowedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds) Returns true if group has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasGroupDeniedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds) Returns true if group has the denied profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasUserAllowedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds) Returns true if user has the allowed profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	hasUserDeniedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds) Returns true if user has the denied profile for any given root context (or any sub context), given some profiles. Only supported objects are transmitted
boolean	isAnonymousAllowed(Object object, String profileId) Returns true if anonymous is allowed with the given profile
boolean	isAnonymousDenied(Object object, String profileId) Returns true if anonymous is denied with the given profile
boolean	isAnyConnectedUserAllowed(Object object, String profileId) Returns true if any connected user is allowed with the given profile
boolean	isAnyConnectedUserDenied(Object object, String profileId) Returns true if any connected user is denied with the given profile
boolean	isRootContextSupported(Object rootContext) Returns true if this profile storage supports the given object as a root context i.e.
boolean	isSupported(Object object) Returns true if this profile storage supports the given object, i.e.
void	removeAllowedGroups(Set<GroupIdentity> groups, Object object) Removes the association between some groups and all allowed profiles on a given object
void	removeAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId) Removes the association between some groups and an allowed profile on a given object
void	removeAllowedProfilesForAnonymous(Object object, Set<String> profileIds) Removes allowed profiles an anonymous user has on the given object
void	removeAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds) Removes allowed profiles any connected user has on the given object
void	removeAllowedUsers(Set<UserIdentity> users, Object object) Removes the association between some users and all allowed profiles on a given object
void	removeAllowedUsers(Set<UserIdentity> users, Object object, String profileId) Removes the association between some users and an allowed profile on a given object
void	removeDeniedGroups(Set<GroupIdentity> groups, Object object) Removes the association between some groups and all denied profiles on a given object
void	removeDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId) Removes the association between some groups and a denied profile on a given object
void	removeDeniedProfilesForAnonymous(Object object, Set<String> profileIds) Removes denied profiles an anonymous user has on the given object
void	removeDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds) Removes denied profiles any connected user has on the given object
void	removeDeniedUsers(Set<UserIdentity> users, Object object) Removes the association between some users and all denied profiles on a given object
void	removeDeniedUsers(Set<UserIdentity> users, Object object, String profileId) Removes the association between some users and an denied profile on a given object
void	removeGroup(GroupIdentity group) Removes all the assignments involving this group
void	removeProfile(String profileId) Removes all the assignments between this profile and users/groups/anonymous/any connected
void	removeUser(UserIdentity user) Removes all the assignments involving this user

Methods inherited from class org.ametys.core.datasource.AbstractMyBatisDAO

_configureDatasource, _getDataSourceId, _getMyBatisConfiguration, contextualize, getSession, getSession, reload, service, setPluginInfo

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_cache

protected final Map<String,JdbcProfileAssignmentStorage.Database> _cache

The jdbc cache

_supportedContext

protected String _supportedContext

The handled context

Constructor Detail

JdbcProfileAssignmentStorage

public JdbcProfileAssignmentStorage()

Method Detail

configure

public void configure(Configuration configuration)
               throws ConfigurationException

Specified by:

configure in interface Configurable

Overrides:

configure in class AbstractMyBatisDAO

Throws:

ConfigurationException

_getFullData

protected JdbcProfileAssignmentStorage.Database _getFullData(Object context)

Dump the SQL database in an cached object

Parameters:

context - The context to seek

Returns:

The database

_clearCache

protected void _clearCache()

Clear the cache of _getFullData

_clearCache

protected void _clearCache(Object context)

Clear the cache of _getFullData

Parameters:

context - The context to seek

getObjectWithPrefix

protected Object getObjectWithPrefix(Object context)

Get the object context with prefix if necessary

Parameters:

context - The context object

Returns:

The prefixed object

getPrefix

protected String getPrefix()

Get the prefix for object context

Returns:

The prefix. Can be null if no prefix is necessary

hasUserDeniedProfile

public boolean hasUserDeniedProfile(Set<? extends Object> rootContexts,
                                    UserIdentity user,
                                    Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasUserDeniedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

user - The user to test

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasUserAllowedProfile

public boolean hasUserAllowedProfile(Set<? extends Object> rootContexts,
                                     UserIdentity user,
                                     Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasUserAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

user - The user to test

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasGroupDeniedProfile

public boolean hasGroupDeniedProfile(Set<? extends Object> rootContexts,
                                     GroupIdentity group,
                                     Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if group has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasGroupDeniedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

group - The group to test

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasGroupAllowedProfile

public boolean hasGroupAllowedProfile(Set<? extends Object> rootContexts,
                                      GroupIdentity group,
                                      Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if group has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasGroupAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

group - The group to test

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasAnyConnectedDeniedProfile

public boolean hasAnyConnectedDeniedProfile(Set<? extends Object> rootContexts,
                                            Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if any connected user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnyConnectedDeniedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasAnyConnectedAllowedProfile

public boolean hasAnyConnectedAllowedProfile(Set<? extends Object> rootContexts,
                                             Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if any connected user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnyConnectedAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasAnonymousDeniedProfile

public boolean hasAnonymousDeniedProfile(Set<? extends Object> rootContexts,
                                         Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if anonymous user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnonymousDeniedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

hasAnonymousAllowedProfile

public boolean hasAnonymousAllowedProfile(Set<? extends Object> rootContexts,
                                          Set<String> profileIds)

Description copied from interface: ProfileAssignmentStorage

Returns true if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted

Specified by:

hasAnonymousAllowedProfile in interface ProfileAssignmentStorage

Parameters:

rootContexts - The root contexts to search rights for

profileIds - The ids of the profiles

Returns:

true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles

getAllowedProfilesForAnyConnectedUser

public Set<String> getAllowedProfilesForAnyConnectedUser(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the allowed profiles any connected user has on the given object

Specified by:

getAllowedProfilesForAnyConnectedUser in interface ProfileAssignmentStorage

Parameters:

object - The object

Returns:

the allowed profiles any connected user has on the given object

isAnyConnectedUserAllowed

public boolean isAnyConnectedUserAllowed(Object object,
                                         String profileId)

Description copied from interface: ProfileAssignmentStorage

Returns true if any connected user is allowed with the given profile

Specified by:

isAnyConnectedUserAllowed in interface ProfileAssignmentStorage

Parameters:

object - The object

profileId - The id of the profile

Returns:

true if any connected user is allowed with the given profile

addAllowedProfilesForAnyConnectedUser

public void addAllowedProfilesForAnyConnectedUser(Object object,
                                                  Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Adds allowed profiles any connected user has on the given object

Specified by:

addAllowedProfilesForAnyConnectedUser in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to add

removeAllowedProfilesForAnyConnectedUser

public void removeAllowedProfilesForAnyConnectedUser(Object object,
                                                     Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes allowed profiles any connected user has on the given object

Specified by:

removeAllowedProfilesForAnyConnectedUser in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to remove

getDeniedProfilesForAnyConnectedUser

public Set<String> getDeniedProfilesForAnyConnectedUser(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the denied profiles any connected user has on the given object

Specified by:

getDeniedProfilesForAnyConnectedUser in interface ProfileAssignmentStorage

Parameters:

object - The object

Returns:

the denied profiles any connected user has on the given object

isAnyConnectedUserDenied

public boolean isAnyConnectedUserDenied(Object object,
                                        String profileId)

Description copied from interface: ProfileAssignmentStorage

Returns true if any connected user is denied with the given profile

Specified by:

isAnyConnectedUserDenied in interface ProfileAssignmentStorage

Parameters:

object - The object

profileId - The id of the profile

Returns:

true if any connected user is denied with the given profile

addDeniedProfilesForAnyConnectedUser

public void addDeniedProfilesForAnyConnectedUser(Object object,
                                                 Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Adds denied profiles any connected user has on the given object

Specified by:

addDeniedProfilesForAnyConnectedUser in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to add

removeDeniedProfilesForAnyConnectedUser

public void removeDeniedProfilesForAnyConnectedUser(Object object,
                                                    Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes denied profiles any connected user has on the given object

Specified by:

removeDeniedProfilesForAnyConnectedUser in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to remove

getAllowedProfilesForAnonymous

public Set<String> getAllowedProfilesForAnonymous(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the allowed profiles an anonymous user has on the given object

Specified by:

getAllowedProfilesForAnonymous in interface ProfileAssignmentStorage

Parameters:

object - The object

Returns:

the allowed profiles an anonymous user has on the given object

isAnonymousAllowed

public boolean isAnonymousAllowed(Object object,
                                  String profileId)

Description copied from interface: ProfileAssignmentStorage

Returns true if anonymous is allowed with the given profile

Specified by:

isAnonymousAllowed in interface ProfileAssignmentStorage

Parameters:

object - The object

profileId - The id of the profile

Returns:

true if anonymous is allowed with the given profile

addAllowedProfilesForAnonymous

public void addAllowedProfilesForAnonymous(Object object,
                                           Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Adds allowed profiles an anonymous user has on the given object

Specified by:

addAllowedProfilesForAnonymous in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to add

removeAllowedProfilesForAnonymous

public void removeAllowedProfilesForAnonymous(Object object,
                                              Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes allowed profiles an anonymous user has on the given object

Specified by:

removeAllowedProfilesForAnonymous in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to remove

getDeniedProfilesForAnonymous

public Set<String> getDeniedProfilesForAnonymous(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the denied profiles an anonymous user has on the given object

Specified by:

getDeniedProfilesForAnonymous in interface ProfileAssignmentStorage

Parameters:

object - The object

Returns:

the denied profiles an anonymous user has on the given object

isAnonymousDenied

public boolean isAnonymousDenied(Object object,
                                 String profileId)

Description copied from interface: ProfileAssignmentStorage

Returns true if anonymous is denied with the given profile

Specified by:

isAnonymousDenied in interface ProfileAssignmentStorage

Parameters:

object - The object

profileId - The id of the profile

Returns:

true if anonymous is denied with the given profile

addDeniedProfilesForAnonymous

public void addDeniedProfilesForAnonymous(Object object,
                                          Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Adds denied profiles an anonymous user has on the given object

Specified by:

addDeniedProfilesForAnonymous in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to add

removeDeniedProfilesForAnonymous

public void removeDeniedProfilesForAnonymous(Object object,
                                             Set<String> profileIds)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes denied profiles an anonymous user has on the given object

Specified by:

removeDeniedProfilesForAnonymous in interface ModifiableProfileAssignmentStorage

Parameters:

object - The object

profileIds - The profiles to remove

getAllowedProfilesForUser

public Set<String> getAllowedProfilesForUser(UserIdentity user,
                                             Object object)

Description copied from interface: ProfileAssignmentStorage

Get the allowed profiles assigned on the given object for the given user

Specified by:

getAllowedProfilesForUser in interface ProfileAssignmentStorage

Parameters:

user - The user

object - The object to test

Returns:

The allowed profiles

getAllowedProfilesForUsers

public Map<UserIdentity,Set<String>> getAllowedProfilesForUsers(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the users that have allowed profiles assigned on the given object

Specified by:

getAllowedProfilesForUsers in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

The map of allowed users (keys) with their assigned profiles (values)

getAllowedUsers

public Set<UserIdentity> getAllowedUsers(Object object,
                                         String profileId)

Description copied from interface: ProfileAssignmentStorage

Gets the users that have the given allowed profile on the given object

Specified by:

getAllowedUsers in interface ProfileAssignmentStorage

Parameters:

object - The object to test

profileId - The id of the profile

Returns:

The allowed users with that profile on that object

addAllowedUsers

public void addAllowedUsers(Set<UserIdentity> users,
                            Object object,
                            String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Associates some users with an allowed profile on a given object

Specified by:

addAllowedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to add

object - The object

profileId - The id of the profile

removeAllowedUsers

public void removeAllowedUsers(Set<UserIdentity> users,
                               Object object,
                               String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some users and an allowed profile on a given object

Specified by:

removeAllowedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to remove

object - The object

profileId - The id of the profile

removeAllowedUsers

public void removeAllowedUsers(Set<UserIdentity> users,
                               Object object)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some users and all allowed profiles on a given object

Specified by:

removeAllowedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to remove

object - The object

getAllowedProfilesForGroups

public Map<GroupIdentity,Set<String>> getAllowedProfilesForGroups(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the groups that have allowed profiles assigned on the given object

Specified by:

getAllowedProfilesForGroups in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

The map of allowed groups (keys) with their assigned profiles (values)

getAllowedGroups

public Set<GroupIdentity> getAllowedGroups(Object object,
                                           String profileId)

Description copied from interface: ProfileAssignmentStorage

Gets the groups that have the given allowed profile on the given object

Specified by:

getAllowedGroups in interface ProfileAssignmentStorage

Parameters:

object - The object to test

profileId - The id of the profile

Returns:

The allowed groups with that profile on that object

addAllowedGroups

public void addAllowedGroups(Set<GroupIdentity> groups,
                             Object object,
                             String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Associates some groups with an allowed profile on a given object

Specified by:

addAllowedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to add

object - The object

profileId - The id of the profile

removeAllowedGroups

public void removeAllowedGroups(Set<GroupIdentity> groups,
                                Object object,
                                String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some groups and an allowed profile on a given object

Specified by:

removeAllowedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to remove

object - The object

profileId - The id of the profile

removeAllowedGroups

public void removeAllowedGroups(Set<GroupIdentity> groups,
                                Object object)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some groups and all allowed profiles on a given object

Specified by:

removeAllowedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to remove

object - The object

getDeniedProfilesForUser

public Set<String> getDeniedProfilesForUser(UserIdentity user,
                                            Object object)

Description copied from interface: ProfileAssignmentStorage

Get the denied profiles assigned on the given object for the given user

Specified by:

getDeniedProfilesForUser in interface ProfileAssignmentStorage

Parameters:

user - The user

object - The object to test

Returns:

The denied profiles

getDeniedProfilesForUsers

public Map<UserIdentity,Set<String>> getDeniedProfilesForUsers(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the users that have denied profiles assigned on the given object

Specified by:

getDeniedProfilesForUsers in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

The map of denied users (keys) with their assigned profiles (values)

getDeniedUsers

public Set<UserIdentity> getDeniedUsers(Object object,
                                        String profileId)

Description copied from interface: ProfileAssignmentStorage

Gets the users that have the given denied profile on the given object

Specified by:

getDeniedUsers in interface ProfileAssignmentStorage

Parameters:

object - The object to test

profileId - The id of the profile

Returns:

The denied users with that profile on that object

addDeniedUsers

public void addDeniedUsers(Set<UserIdentity> users,
                           Object object,
                           String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Associates some users with a denied profile on a given object

Specified by:

addDeniedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to add

object - The object

profileId - The id of the profile

removeDeniedUsers

public void removeDeniedUsers(Set<UserIdentity> users,
                              Object object,
                              String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some users and an denied profile on a given object

Specified by:

removeDeniedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to remove

object - The object

profileId - The id of the profile

removeDeniedUsers

public void removeDeniedUsers(Set<UserIdentity> users,
                              Object object)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some users and all denied profiles on a given object

Specified by:

removeDeniedUsers in interface ModifiableProfileAssignmentStorage

Parameters:

users - The users to remove

object - The object

getDeniedProfilesForGroups

public Map<GroupIdentity,Set<String>> getDeniedProfilesForGroups(Object object)

Description copied from interface: ProfileAssignmentStorage

Gets the groups that have denied profiles assigned on the given object

Specified by:

getDeniedProfilesForGroups in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

The map of denied groups (keys) with their assigned profiles (values)

getDeniedGroups

public Set<GroupIdentity> getDeniedGroups(Object object,
                                          String profileId)

Description copied from interface: ProfileAssignmentStorage

Gets the groups that have the given denied profile on the given object

Specified by:

getDeniedGroups in interface ProfileAssignmentStorage

Parameters:

object - The object to test

profileId - The id of the profile

Returns:

The denied groups with that profile on that object

addDeniedGroups

public void addDeniedGroups(Set<GroupIdentity> groups,
                            Object object,
                            String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Associates some groups with a denied profile on a given object

Specified by:

addDeniedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to add

object - The object

profileId - The id of the profile

removeDeniedGroups

public void removeDeniedGroups(Set<GroupIdentity> groups,
                               Object object,
                               String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some groups and a denied profile on a given object

Specified by:

removeDeniedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to remove

object - The object

profileId - The id of the profile

removeDeniedGroups

public void removeDeniedGroups(Set<GroupIdentity> groups,
                               Object object)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes the association between some groups and all denied profiles on a given object

Specified by:

removeDeniedGroups in interface ModifiableProfileAssignmentStorage

Parameters:

groups - The groups to remove

object - The object

removeProfile

public void removeProfile(String profileId)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes all the assignments between this profile and users/groups/anonymous/any connected

Specified by:

removeProfile in interface ModifiableProfileAssignmentStorage

Parameters:

profileId - The profile to remove

removeUser

public void removeUser(UserIdentity user)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes all the assignments involving this user

Specified by:

removeUser in interface ModifiableProfileAssignmentStorage

Parameters:

user - The user

removeGroup

public void removeGroup(GroupIdentity group)

Description copied from interface: ModifiableProfileAssignmentStorage

Removes all the assignments involving this group

Specified by:

removeGroup in interface ModifiableProfileAssignmentStorage

Parameters:

group - The group

isSupported

public boolean isSupported(Object object)

Description copied from interface: ProfileAssignmentStorage

Returns true if this profile storage supports the given object, i.e. if it is able to retrieve the allowed users/groups on that object

Specified by:

isSupported in interface ProfileAssignmentStorage

Parameters:

object - The object to test

Returns:

true if this profile storage supports the given object

isRootContextSupported

public boolean isRootContextSupported(Object rootContext)

Description copied from interface: ProfileAssignmentStorage

Returns true if this profile storage supports the given object as a root context i.e. it can seek any permission under this object

Specified by:

isRootContextSupported in interface ProfileAssignmentStorage

Parameters:

rootContext - The object to start searching

Returns:

true if this profile storage support this a as root context to search in

getPriority

public int getPriority()

Description copied from interface: ProfileAssignmentStorage

Returns the priority of this profile storage The ProfileAssignmentStorageExtensionPoint will take the profile storage which supports the object with the highest priority to return the allowed/denied users/groups

Specified by:

getPriority in interface ProfileAssignmentStorage

Returns:

the priority of this profile storage