org.opencrx.kernel.layer.model
Class AccessControl_1
java.lang.Object
org.openmdx.compatibility.base.dataprovider.spi.Layer_1
org.openmdx.compatibility.base.dataprovider.spi.BeforeImageCachingLayer_1
org.openmdx.compatibility.base.dataprovider.layer.model.SystemAttributes_1
org.openmdx.compatibility.base.dataprovider.layer.model.OptimisticLocking_1
org.openmdx.compatibility.base.dataprovider.layer.model.Standard_1
org.opencrx.kernel.layer.model.AccessControl_1
- All Implemented Interfaces:
- Dataprovider_1_0, Layer_1_0, Layer_1_1, Layer_1_2, Operation_1_0
public class AccessControl_1
- extends Standard_1
openCRX access control plugin. Implements the openCRX access control logic.
This plugin is implemented as openMDX compatibility plugin. It will be
migrated to a JMI plugin in one of the next versions.
|
Method Summary |
void |
activate(short id,
Configuration configuration,
Layer_1_0 delegation)
|
protected void |
completeAccessGrantedByParent(ServiceHeader header,
DataproviderObject_1_0 object,
DataproviderObject_1_0 accessGrantedByParent)
|
protected void |
completeObject(ServiceHeader header,
DataproviderObject_1_0 object,
DataproviderObject_1_0 accessGrantedByParent)
|
protected void |
completeOwningUserAndGroup(ServiceHeader header,
DataproviderObject_1_0 object)
|
protected DataproviderReply |
completeReply(ServiceHeader header,
DataproviderReply reply,
DataproviderObject_1_0 accessGrantedByParent)
|
DataproviderReply |
create(ServiceHeader header,
DataproviderRequest request)
|
void |
epilog(ServiceHeader header,
DataproviderRequest[] requests,
DataproviderReply[] replies)
|
DataproviderReply |
find(ServiceHeader header,
DataproviderRequest request)
|
DataproviderReply |
get(ServiceHeader header,
DataproviderRequest request)
|
protected Path |
getGroupIdentity(Path accessPath,
String qualifiedPrincipalName)
|
List |
getInheritFromParentTypes()
Returns a list of types as path patterns of object references which inherit
the security settings from the parent object. |
protected String |
getQualifiedPrincipalName(Path principalIdentity)
|
protected String |
getQualifiedPrincipalName(Path accessPath,
String principalName)
|
protected ModelElement_1_0 |
getReferencedType(Path accessPath,
FilterProperty[] filter)
|
RequestCollection |
getRunAsRootDelegation()
|
protected Path |
getUserIdentity(Path accessPath,
String qualifiedPrincipalName)
|
protected boolean |
isPrincipalGroup(DataproviderObject_1_0 object)
|
protected boolean |
isSecureObject(DataproviderObject_1_0 object)
|
protected boolean |
isSecureObject(ModelElement_1_0 type)
|
DataproviderReply |
operation(ServiceHeader header,
DataproviderRequest request)
|
void |
prolog(ServiceHeader header,
DataproviderRequest[] requests)
|
DataproviderReply |
remove(ServiceHeader header,
DataproviderRequest request)
|
DataproviderReply |
replace(ServiceHeader header,
DataproviderRequest request)
|
protected DataproviderObject_1_0 |
retrieveObjectFromLocal(ServiceHeader header,
Path identity)
|
protected String |
uidAsString()
|
| Methods inherited from class org.openmdx.compatibility.base.dataprovider.layer.model.Standard_1 |
attributeIsInstanceOf, attributeMightBeInstanceOfAnXMLDatatype, completeDatatypes, completeObject, completeReply, getBeforeImage, getInstanceOf, getObjectClass, getObjectClassName, isInstanceOfBasicObject, modify, notifyPreDelete, prepareDatatypes, prepareRequest, removeNonPersistentAttributes, setIdentity, useDatatypes |
| Methods inherited from class org.openmdx.compatibility.base.dataprovider.spi.Layer_1 |
configurationSpecification, deactivate, epilog, getConfiguration, getDelegation, getDelegation, getId, getLenientProcessor, isBypassedByLenientRequests, isLenient, process, process, process, process, prolog, set, startPublishing, terminal |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
EXTENT_PATTERN
protected static final Path EXTENT_PATTERN
delegation
protected RequestCollection delegation
AccessControl_1
public AccessControl_1()
getUserIdentity
protected Path getUserIdentity(Path accessPath,
String qualifiedPrincipalName)
getGroupIdentity
protected Path getGroupIdentity(Path accessPath,
String qualifiedPrincipalName)
getQualifiedPrincipalName
protected String getQualifiedPrincipalName(Path accessPath,
String principalName)
getQualifiedPrincipalName
protected String getQualifiedPrincipalName(Path principalIdentity)
retrieveObjectFromLocal
protected DataproviderObject_1_0 retrieveObjectFromLocal(ServiceHeader header,
Path identity)
throws ServiceException
- Throws:
ServiceException
completeOwningUserAndGroup
protected void completeOwningUserAndGroup(ServiceHeader header,
DataproviderObject_1_0 object)
throws ServiceException
- Throws:
ServiceException
completeAccessGrantedByParent
protected void completeAccessGrantedByParent(ServiceHeader header,
DataproviderObject_1_0 object,
DataproviderObject_1_0 accessGrantedByParent)
throws ServiceException
- Throws:
ServiceException
completeObject
protected void completeObject(ServiceHeader header,
DataproviderObject_1_0 object,
DataproviderObject_1_0 accessGrantedByParent)
throws ServiceException
- Throws:
ServiceException
completeReply
protected DataproviderReply completeReply(ServiceHeader header,
DataproviderReply reply,
DataproviderObject_1_0 accessGrantedByParent)
throws ServiceException
- Throws:
ServiceException
isPrincipalGroup
protected boolean isPrincipalGroup(DataproviderObject_1_0 object)
throws ServiceException
- Throws:
ServiceException
isSecureObject
protected boolean isSecureObject(DataproviderObject_1_0 object)
throws ServiceException
- Throws:
ServiceException
isSecureObject
protected boolean isSecureObject(ModelElement_1_0 type)
throws ServiceException
- Throws:
ServiceException
getRunAsRootDelegation
public RequestCollection getRunAsRootDelegation()
getInheritFromParentTypes
public List getInheritFromParentTypes()
- Returns a list of types as path patterns of object references which inherit
the security settings from the parent object. This option should be used
only for performance improvements and applied only to business objects
which define a self-contained security entity (e.g. contract, its positions,
depot references and product configurations). Additional paths can be added
by overriding
getInheritFromParentTypes. The API exposes the
granting parent by the reference SecureObject.accessGrantedByParent
and is set by completeObject.
activate
public void activate(short id,
Configuration configuration,
Layer_1_0 delegation)
throws Exception
- Specified by:
activate in interface Layer_1_0- Overrides:
activate in class Standard_1
- Throws:
Exception
prolog
public void prolog(ServiceHeader header,
DataproviderRequest[] requests)
throws ServiceException
- Specified by:
prolog in interface Layer_1_0- Overrides:
prolog in class SystemAttributes_1
- Throws:
ServiceException
epilog
public void epilog(ServiceHeader header,
DataproviderRequest[] requests,
DataproviderReply[] replies)
throws ServiceException
- Specified by:
epilog in interface Layer_1_0- Overrides:
epilog in class OptimisticLocking_1
- Throws:
ServiceException
create
public DataproviderReply create(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
create in interface Layer_1_0- Overrides:
create in class Standard_1
- Throws:
ServiceException
getReferencedType
protected ModelElement_1_0 getReferencedType(Path accessPath,
FilterProperty[] filter)
throws ServiceException
- Throws:
ServiceException
find
public DataproviderReply find(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
find in interface Layer_1_0- Overrides:
find in class Standard_1
- Throws:
ServiceException
get
public DataproviderReply get(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
get in interface Layer_1_0- Overrides:
get in class Standard_1
- Throws:
ServiceException
remove
public DataproviderReply remove(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
remove in interface Layer_1_0- Overrides:
remove in class Standard_1
- Throws:
ServiceException
replace
public DataproviderReply replace(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
replace in interface Layer_1_0- Overrides:
replace in class Standard_1
- Throws:
ServiceException
operation
public DataproviderReply operation(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Specified by:
operation in interface Operation_1_0- Overrides:
operation in class Standard_1
- Throws:
ServiceException
uidAsString
protected final String uidAsString()
This software is published under the BSD license. Copyright © 2003-2008, CRIXP AG, Switzerland, All rights reserved. Use is subject to license terms.