Class JdbcProfileAssignmentStorage
- java.lang.Object
-
- org.ametys.runtime.plugin.component.AbstractLogEnabled
-
- org.ametys.core.datasource.AbstractMyBatisDAO
-
- org.ametys.plugins.core.impl.right.JdbcProfileAssignmentStorage
-
- All Implemented Interfaces:
ModifiableProfileAssignmentStorage
,ProfileAssignmentStorage
,LogEnabled
,PluginAware
,Component
,Configurable
,Contextualizable
,Serviceable
public class JdbcProfileAssignmentStorage extends AbstractMyBatisDAO implements ModifiableProfileAssignmentStorage
Jdbc implementation ofProfileAssignmentStorage
which stores profile assignments in database. This only supports String objects as contexts.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
JdbcProfileAssignmentStorage.Database
-
Field Summary
Fields Modifier and Type Field Description protected Map<String,JdbcProfileAssignmentStorage.Database>
_cache
The jdbc cacheprotected Map<String,Boolean>
_inheritances
The cache for inheritancesprotected boolean
_inheritancesUpToDate
If cache of inheritances is up-to-dateprotected String
_supportedContext
The handled context-
Fields inherited from class org.ametys.core.datasource.AbstractMyBatisDAO
_manager
-
Fields inherited from interface org.ametys.core.right.ProfileAssignmentStorage
MAX_PRIORITY, MIN_PRIORITY
-
-
Constructor Summary
Constructors Constructor Description JdbcProfileAssignmentStorage()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
_clearCache()
Clear the cache of _getFullDataprotected void
_clearCache(Object context)
Clear the cache of _getFullDataprotected void
_clearInheritanceCache()
Clear the cache of _getFullDataprotected JdbcProfileAssignmentStorage.Database
_getFullData(Object context)
Dump the SQL database in an cached objectprotected Map<String,Boolean>
_getInheritances()
Get the full inheritances from SQL database in an cached objectvoid
addAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Associates some groups with an allowed profile on a given objectvoid
addAllowedProfilesForAnonymous(Object object, Set<String> profileIds)
Adds allowed profiles an anonymous user has on the given objectvoid
addAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Adds allowed profiles any connected user has on the given objectvoid
addAllowedUsers(Set<UserIdentity> users, Object object, String profileId)
Associates some users with an allowed profile on a given objectvoid
addDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Associates some groups with a denied profile on a given objectvoid
addDeniedProfilesForAnonymous(Object object, Set<String> profileIds)
Adds denied profiles an anonymous user has on the given objectvoid
addDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Adds denied profiles any connected user has on the given objectvoid
addDeniedUsers(Set<UserIdentity> users, Object object, String profileId)
Associates some users with a denied profile on a given objectvoid
configure(Configuration configuration)
void
disallowInheritance(Object object, boolean disallow)
Allow or disallow inheritance of permissions on the given objectSet<GroupIdentity>
getAllowedGroups(Object object, String profileId)
Gets the groups that have the given allowed profile on the given objectSet<String>
getAllowedProfilesForAnonymous(Object object)
Gets the allowed profiles an anonymous user has on the given objectSet<String>
getAllowedProfilesForAnyConnectedUser(Object object)
Gets the allowed profiles any connected user has on the given objectMap<GroupIdentity,Set<String>>
getAllowedProfilesForGroups(Object object)
Gets the groups that have allowed profiles assigned on the given objectSet<String>
getAllowedProfilesForUser(UserIdentity user, Object object)
Get the allowed profiles assigned on the given object for the given userMap<UserIdentity,Set<String>>
getAllowedProfilesForUsers(Object object)
Gets the users that have allowed profiles assigned on the given objectSet<UserIdentity>
getAllowedUsers(Object object, String profileId)
Gets the users that have the given allowed profile on the given objectSet<GroupIdentity>
getDeniedGroups(Object object, String profileId)
Gets the groups that have the given denied profile on the given objectSet<String>
getDeniedProfilesForAnonymous(Object object)
Gets the denied profiles an anonymous user has on the given objectSet<String>
getDeniedProfilesForAnyConnectedUser(Object object)
Gets the denied profiles any connected user has on the given objectMap<GroupIdentity,Set<String>>
getDeniedProfilesForGroups(Object object)
Gets the groups that have denied profiles assigned on the given objectSet<String>
getDeniedProfilesForUser(UserIdentity user, Object object)
Get the denied profiles assigned on the given object for the given userMap<UserIdentity,Set<String>>
getDeniedProfilesForUsers(Object object)
Gets the users that have denied profiles assigned on the given objectSet<UserIdentity>
getDeniedUsers(Object object, String profileId)
Gets the users that have the given denied profile on the given objectprotected Object
getObjectWithPrefix(Object context)
Get the object context with prefix if necessaryprotected String
getPrefix()
Get the prefix for object contextint
getPriority()
Returns the priority of this profile storage TheProfileAssignmentStorageExtensionPoint
will take the profile storage which supports the object with the highest priority to return the allowed/denied users/groupsboolean
hasAnonymousAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Returns true if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasAnonymousDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Returns true if anonymous user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasAnyConnectedAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Returns true if any connected user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasAnyConnectedDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Returns true if any connected user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasGroupAllowedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
Returns true if group has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasGroupDeniedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
Returns true if group has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasUserAllowedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
Returns true if user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
hasUserDeniedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
Returns true if user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmittedboolean
isAnonymousAllowed(Object object, String profileId)
Returns true if anonymous is allowed with the given profileboolean
isAnonymousDenied(Object object, String profileId)
Returns true if anonymous is denied with the given profileboolean
isAnyConnectedUserAllowed(Object object, String profileId)
Returns true if any connected user is allowed with the given profileboolean
isAnyConnectedUserDenied(Object object, String profileId)
Returns true if any connected user is denied with the given profileboolean
isInheritanceDisallowed(Object object)
Returns true if the inheritance of permissions is disallowed on the given objectboolean
isRootContextSupported(Object rootContext)
Returns true if this profile storage supports the given object as a root context i.e.boolean
isSupported(Object object)
Returns true if this profile storage supports the given object, i.e.void
removeAllowedGroups(Set<GroupIdentity> groups, Object object)
Removes the association between some groups and all allowed profiles on a given objectvoid
removeAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Removes the association between some groups and an allowed profile on a given objectvoid
removeAllowedProfilesForAnonymous(Object object, Set<String> profileIds)
Removes allowed profiles an anonymous user has on the given objectvoid
removeAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Removes allowed profiles any connected user has on the given objectvoid
removeAllowedUsers(Set<UserIdentity> users, Object object)
Removes the association between some users and all allowed profiles on a given objectvoid
removeAllowedUsers(Set<UserIdentity> users, Object object, String profileId)
Removes the association between some users and an allowed profile on a given objectvoid
removeDeniedGroups(Set<GroupIdentity> groups, Object object)
Removes the association between some groups and all denied profiles on a given objectvoid
removeDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Removes the association between some groups and a denied profile on a given objectvoid
removeDeniedProfilesForAnonymous(Object object, Set<String> profileIds)
Removes denied profiles an anonymous user has on the given objectvoid
removeDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Removes denied profiles any connected user has on the given objectvoid
removeDeniedUsers(Set<UserIdentity> users, Object object)
Removes the association between some users and all denied profiles on a given objectvoid
removeDeniedUsers(Set<UserIdentity> users, Object object, String profileId)
Removes the association between some users and an denied profile on a given objectvoid
removeGroup(GroupIdentity group)
Removes all the assignments involving this groupvoid
removeProfile(String profileId)
Removes all the assignments between this profile and users/groups/anonymous/any connectedvoid
removeUser(UserIdentity user)
Removes all the assignments involving this user-
Methods inherited from class org.ametys.core.datasource.AbstractMyBatisDAO
_configureDatasource, _getDataSourceId, _getMyBatisConfiguration, contextualize, getSession, getSession, reload, service, setPluginInfo
-
Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLogger
-
-
-
-
Field Detail
-
_cache
protected final Map<String,JdbcProfileAssignmentStorage.Database> _cache
The jdbc cache
-
_inheritances
protected final Map<String,Boolean> _inheritances
The cache for inheritances
-
_inheritancesUpToDate
protected boolean _inheritancesUpToDate
If cache of inheritances is up-to-date
-
_supportedContext
protected String _supportedContext
The handled context
-
-
Constructor Detail
-
JdbcProfileAssignmentStorage
public JdbcProfileAssignmentStorage()
-
-
Method Detail
-
configure
public void configure(Configuration configuration) throws ConfigurationException
- Specified by:
configure
in interfaceConfigurable
- Overrides:
configure
in classAbstractMyBatisDAO
- Throws:
ConfigurationException
-
_getFullData
protected JdbcProfileAssignmentStorage.Database _getFullData(Object context)
Dump the SQL database in an cached object- Parameters:
context
- The context to seek- Returns:
- The database
-
_clearCache
protected void _clearCache()
Clear the cache of _getFullData
-
_clearCache
protected void _clearCache(Object context)
Clear the cache of _getFullData- Parameters:
context
- The context to seek
-
_getInheritances
protected Map<String,Boolean> _getInheritances()
Get the full inheritances from SQL database in an cached object- Returns:
- The inheritances
-
_clearInheritanceCache
protected void _clearInheritanceCache()
Clear the cache of _getFullData
-
getObjectWithPrefix
protected Object getObjectWithPrefix(Object context)
Get the object context with prefix if necessary- Parameters:
context
- The context object- Returns:
- The prefixed object
-
getPrefix
protected String getPrefix()
Get the prefix for object context- Returns:
- The prefix. Can be null if no prefix is necessary
-
hasUserDeniedProfile
public boolean hasUserDeniedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasUserDeniedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights foruser
- The user to testprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasUserAllowedProfile
public boolean hasUserAllowedProfile(Set<? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasUserAllowedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights foruser
- The user to testprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasGroupDeniedProfile
public boolean hasGroupDeniedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if group has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasGroupDeniedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forgroup
- The group to testprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasGroupAllowedProfile
public boolean hasGroupAllowedProfile(Set<? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if group has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasGroupAllowedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forgroup
- The group to testprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasAnyConnectedDeniedProfile
public boolean hasAnyConnectedDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if any connected user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasAnyConnectedDeniedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasAnyConnectedAllowedProfile
public boolean hasAnyConnectedAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if any connected user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasAnyConnectedAllowedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasAnonymousDeniedProfile
public boolean hasAnonymousDeniedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if anonymous user has the denied profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasAnonymousDeniedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
hasAnonymousAllowedProfile
public boolean hasAnonymousAllowedProfile(Set<? extends Object> rootContexts, Set<String> profileIds)
Description copied from interface:ProfileAssignmentStorage
Returns true if anonymous user has the allowed profile for any given root context (or any sub context), given some profiles.
Only supported objects are transmitted- Specified by:
hasAnonymousAllowedProfile
in interfaceProfileAssignmentStorage
- Parameters:
rootContexts
- The root contexts to search rights forprofileIds
- The ids of the profiles- Returns:
- true if any connected user has a permission on at least one object supported by this profile assignment storage, given some groups and profiles
-
getAllowedProfilesForAnyConnectedUser
public Set<String> getAllowedProfilesForAnyConnectedUser(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the allowed profiles any connected user has on the given object- Specified by:
getAllowedProfilesForAnyConnectedUser
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object- Returns:
- the allowed profiles any connected user has on the given object
-
isAnyConnectedUserAllowed
public boolean isAnyConnectedUserAllowed(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Returns true if any connected user is allowed with the given profile- Specified by:
isAnyConnectedUserAllowed
in interfaceProfileAssignmentStorage
- Parameters:
object
- The objectprofileId
- The id of the profile- Returns:
- true if any connected user is allowed with the given profile
-
addAllowedProfilesForAnyConnectedUser
public void addAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Adds allowed profiles any connected user has on the given object- Specified by:
addAllowedProfilesForAnyConnectedUser
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to add
-
removeAllowedProfilesForAnyConnectedUser
public void removeAllowedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes allowed profiles any connected user has on the given object- Specified by:
removeAllowedProfilesForAnyConnectedUser
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to remove
-
getDeniedProfilesForAnyConnectedUser
public Set<String> getDeniedProfilesForAnyConnectedUser(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the denied profiles any connected user has on the given object- Specified by:
getDeniedProfilesForAnyConnectedUser
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object- Returns:
- the denied profiles any connected user has on the given object
-
isAnyConnectedUserDenied
public boolean isAnyConnectedUserDenied(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Returns true if any connected user is denied with the given profile- Specified by:
isAnyConnectedUserDenied
in interfaceProfileAssignmentStorage
- Parameters:
object
- The objectprofileId
- The id of the profile- Returns:
- true if any connected user is denied with the given profile
-
addDeniedProfilesForAnyConnectedUser
public void addDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Adds denied profiles any connected user has on the given object- Specified by:
addDeniedProfilesForAnyConnectedUser
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to add
-
removeDeniedProfilesForAnyConnectedUser
public void removeDeniedProfilesForAnyConnectedUser(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes denied profiles any connected user has on the given object- Specified by:
removeDeniedProfilesForAnyConnectedUser
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to remove
-
getAllowedProfilesForAnonymous
public Set<String> getAllowedProfilesForAnonymous(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the allowed profiles an anonymous user has on the given object- Specified by:
getAllowedProfilesForAnonymous
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object- Returns:
- the allowed profiles an anonymous user has on the given object
-
isAnonymousAllowed
public boolean isAnonymousAllowed(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Returns true if anonymous is allowed with the given profile- Specified by:
isAnonymousAllowed
in interfaceProfileAssignmentStorage
- Parameters:
object
- The objectprofileId
- The id of the profile- Returns:
- true if anonymous is allowed with the given profile
-
addAllowedProfilesForAnonymous
public void addAllowedProfilesForAnonymous(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Adds allowed profiles an anonymous user has on the given object- Specified by:
addAllowedProfilesForAnonymous
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to add
-
removeAllowedProfilesForAnonymous
public void removeAllowedProfilesForAnonymous(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes allowed profiles an anonymous user has on the given object- Specified by:
removeAllowedProfilesForAnonymous
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to remove
-
getDeniedProfilesForAnonymous
public Set<String> getDeniedProfilesForAnonymous(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the denied profiles an anonymous user has on the given object- Specified by:
getDeniedProfilesForAnonymous
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object- Returns:
- the denied profiles an anonymous user has on the given object
-
isAnonymousDenied
public boolean isAnonymousDenied(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Returns true if anonymous is denied with the given profile- Specified by:
isAnonymousDenied
in interfaceProfileAssignmentStorage
- Parameters:
object
- The objectprofileId
- The id of the profile- Returns:
- true if anonymous is denied with the given profile
-
addDeniedProfilesForAnonymous
public void addDeniedProfilesForAnonymous(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Adds denied profiles an anonymous user has on the given object- Specified by:
addDeniedProfilesForAnonymous
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to add
-
removeDeniedProfilesForAnonymous
public void removeDeniedProfilesForAnonymous(Object object, Set<String> profileIds)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes denied profiles an anonymous user has on the given object- Specified by:
removeDeniedProfilesForAnonymous
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectprofileIds
- The profiles to remove
-
getAllowedProfilesForUser
public Set<String> getAllowedProfilesForUser(UserIdentity user, Object object)
Description copied from interface:ProfileAssignmentStorage
Get the allowed profiles assigned on the given object for the given user- Specified by:
getAllowedProfilesForUser
in interfaceProfileAssignmentStorage
- Parameters:
user
- The userobject
- The object to test- Returns:
- The allowed profiles
-
getAllowedProfilesForUsers
public Map<UserIdentity,Set<String>> getAllowedProfilesForUsers(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the users that have allowed profiles assigned on the given object- Specified by:
getAllowedProfilesForUsers
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- The map of allowed users (keys) with their assigned profiles (values)
-
getAllowedUsers
public Set<UserIdentity> getAllowedUsers(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Gets the users that have the given allowed profile on the given object- Specified by:
getAllowedUsers
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to testprofileId
- The id of the profile- Returns:
- The allowed users with that profile on that object
-
addAllowedUsers
public void addAllowedUsers(Set<UserIdentity> users, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Associates some users with an allowed profile on a given object- Specified by:
addAllowedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to addobject
- The objectprofileId
- The id of the profile
-
removeAllowedUsers
public void removeAllowedUsers(Set<UserIdentity> users, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some users and an allowed profile on a given object- Specified by:
removeAllowedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to removeobject
- The objectprofileId
- The id of the profile
-
removeAllowedUsers
public void removeAllowedUsers(Set<UserIdentity> users, Object object)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some users and all allowed profiles on a given object- Specified by:
removeAllowedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to removeobject
- The object
-
getAllowedProfilesForGroups
public Map<GroupIdentity,Set<String>> getAllowedProfilesForGroups(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the groups that have allowed profiles assigned on the given object- Specified by:
getAllowedProfilesForGroups
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- The map of allowed groups (keys) with their assigned profiles (values)
-
getAllowedGroups
public Set<GroupIdentity> getAllowedGroups(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Gets the groups that have the given allowed profile on the given object- Specified by:
getAllowedGroups
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to testprofileId
- The id of the profile- Returns:
- The allowed groups with that profile on that object
-
addAllowedGroups
public void addAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Associates some groups with an allowed profile on a given object- Specified by:
addAllowedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to addobject
- The objectprofileId
- The id of the profile
-
removeAllowedGroups
public void removeAllowedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some groups and an allowed profile on a given object- Specified by:
removeAllowedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to removeobject
- The objectprofileId
- The id of the profile
-
removeAllowedGroups
public void removeAllowedGroups(Set<GroupIdentity> groups, Object object)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some groups and all allowed profiles on a given object- Specified by:
removeAllowedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to removeobject
- The object
-
getDeniedProfilesForUser
public Set<String> getDeniedProfilesForUser(UserIdentity user, Object object)
Description copied from interface:ProfileAssignmentStorage
Get the denied profiles assigned on the given object for the given user- Specified by:
getDeniedProfilesForUser
in interfaceProfileAssignmentStorage
- Parameters:
user
- The userobject
- The object to test- Returns:
- The denied profiles
-
getDeniedProfilesForUsers
public Map<UserIdentity,Set<String>> getDeniedProfilesForUsers(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the users that have denied profiles assigned on the given object- Specified by:
getDeniedProfilesForUsers
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- The map of denied users (keys) with their assigned profiles (values)
-
getDeniedUsers
public Set<UserIdentity> getDeniedUsers(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Gets the users that have the given denied profile on the given object- Specified by:
getDeniedUsers
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to testprofileId
- The id of the profile- Returns:
- The denied users with that profile on that object
-
addDeniedUsers
public void addDeniedUsers(Set<UserIdentity> users, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Associates some users with a denied profile on a given object- Specified by:
addDeniedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to addobject
- The objectprofileId
- The id of the profile
-
removeDeniedUsers
public void removeDeniedUsers(Set<UserIdentity> users, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some users and an denied profile on a given object- Specified by:
removeDeniedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to removeobject
- The objectprofileId
- The id of the profile
-
removeDeniedUsers
public void removeDeniedUsers(Set<UserIdentity> users, Object object)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some users and all denied profiles on a given object- Specified by:
removeDeniedUsers
in interfaceModifiableProfileAssignmentStorage
- Parameters:
users
- The users to removeobject
- The object
-
getDeniedProfilesForGroups
public Map<GroupIdentity,Set<String>> getDeniedProfilesForGroups(Object object)
Description copied from interface:ProfileAssignmentStorage
Gets the groups that have denied profiles assigned on the given object- Specified by:
getDeniedProfilesForGroups
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- The map of denied groups (keys) with their assigned profiles (values)
-
getDeniedGroups
public Set<GroupIdentity> getDeniedGroups(Object object, String profileId)
Description copied from interface:ProfileAssignmentStorage
Gets the groups that have the given denied profile on the given object- Specified by:
getDeniedGroups
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to testprofileId
- The id of the profile- Returns:
- The denied groups with that profile on that object
-
addDeniedGroups
public void addDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Associates some groups with a denied profile on a given object- Specified by:
addDeniedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to addobject
- The objectprofileId
- The id of the profile
-
removeDeniedGroups
public void removeDeniedGroups(Set<GroupIdentity> groups, Object object, String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some groups and a denied profile on a given object- Specified by:
removeDeniedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to removeobject
- The objectprofileId
- The id of the profile
-
removeDeniedGroups
public void removeDeniedGroups(Set<GroupIdentity> groups, Object object)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes the association between some groups and all denied profiles on a given object- Specified by:
removeDeniedGroups
in interfaceModifiableProfileAssignmentStorage
- Parameters:
groups
- The groups to removeobject
- The object
-
disallowInheritance
public void disallowInheritance(Object object, boolean disallow)
Description copied from interface:ModifiableProfileAssignmentStorage
Allow or disallow inheritance of permissions on the given object- Specified by:
disallowInheritance
in interfaceModifiableProfileAssignmentStorage
- Parameters:
object
- The objectdisallow
- true to disallow inheritance, false otherwise
-
isInheritanceDisallowed
public boolean isInheritanceDisallowed(Object object)
Description copied from interface:ProfileAssignmentStorage
Returns true if the inheritance of permissions is disallowed on the given object- Specified by:
isInheritanceDisallowed
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- true if the inheritance of permissions is disallowed on the given object
-
removeProfile
public void removeProfile(String profileId)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes all the assignments between this profile and users/groups/anonymous/any connected- Specified by:
removeProfile
in interfaceModifiableProfileAssignmentStorage
- Parameters:
profileId
- The profile to remove
-
removeUser
public void removeUser(UserIdentity user)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes all the assignments involving this user- Specified by:
removeUser
in interfaceModifiableProfileAssignmentStorage
- Parameters:
user
- The user
-
removeGroup
public void removeGroup(GroupIdentity group)
Description copied from interface:ModifiableProfileAssignmentStorage
Removes all the assignments involving this group- Specified by:
removeGroup
in interfaceModifiableProfileAssignmentStorage
- Parameters:
group
- The group
-
isSupported
public boolean isSupported(Object object)
Description copied from interface:ProfileAssignmentStorage
Returns true if this profile storage supports the given object, i.e. if it is able to retrieve the allowed users/groups on that object- Specified by:
isSupported
in interfaceProfileAssignmentStorage
- Parameters:
object
- The object to test- Returns:
- true if this profile storage supports the given object
-
isRootContextSupported
public boolean isRootContextSupported(Object rootContext)
Description copied from interface:ProfileAssignmentStorage
Returns true if this profile storage supports the given object as a root context i.e. it can seek any permission under this object- Specified by:
isRootContextSupported
in interfaceProfileAssignmentStorage
- Parameters:
rootContext
- The object to start searching- Returns:
- true if this profile storage support this a as root context to search in
-
getPriority
public int getPriority()
Description copied from interface:ProfileAssignmentStorage
Returns the priority of this profile storage TheProfileAssignmentStorageExtensionPoint
will take the profile storage which supports the object with the highest priority to return the allowed/denied users/groups- Specified by:
getPriority
in interfaceProfileAssignmentStorage
- Returns:
- the priority of this profile storage
-
-