org.opencrx.kernel.layer.model
Class AccessControl_1
java.lang.Object
org.openmdx.application.dataprovider.spi.Layer_1
org.openmdx.application.dataprovider.layer.model.Standard_1
org.opencrx.kernel.layer.model.AccessControl_1
- All Implemented Interfaces:
- Dataprovider_1_0, Port
public class AccessControl_1
- extends Standard_1
openCRX access control plugin. Implements the openCRX access control logic.
| Fields inherited from class org.openmdx.application.dataprovider.spi.Layer_1 |
delegation |
|
Method Summary |
void |
activate(short id,
Configuration configuration,
Layer_1 delegation)
|
protected void |
completeObject(ServiceHeader header,
MappedRecord object,
MappedRecord parent)
|
protected void |
completeOwningUserAndGroup(ServiceHeader header,
MappedRecord object)
|
protected DataproviderReply |
completeReply(ServiceHeader header,
DataproviderReply reply,
MappedRecord parent)
|
protected MappedRecord |
createResult(DataproviderRequest request,
String structName)
|
protected Path |
getGroupIdentity(Path accessPath,
String qualifiedPrincipalName)
|
Interaction |
getInteraction(Connection connection)
|
protected static ConcurrentMap<Path,Object[]> |
getObjectCache()
|
protected String |
getPrincipalName(ServiceHeader header)
|
protected String |
getQualifiedPrincipalName(Path principalIdentity)
|
protected String |
getQualifiedPrincipalName(Path accessPath,
String principalName)
|
protected AccessControl_1.DefaultRealm |
getRealm(ServiceHeader header,
DataproviderRequest request)
|
protected ModelElement_1_0 |
getReferencedType(Path accessPath,
FilterProperty[] filter)
|
protected Path |
getUser(AccessControl_1.CachedPrincipal principal)
|
protected Path |
getUserIdentity(AccessControl_1.CachedPrincipal principal)
|
protected Path |
getUserIdentity(String qualifiedPrincipalName)
|
protected Path |
getUserIdentity(String realmName,
String principalName)
|
protected boolean |
isPrincipalGroup(MappedRecord object)
|
protected boolean |
isSecureObject(MappedRecord object)
|
protected boolean |
isSecureObject(ModelElement_1_0 type)
|
javax.jdo.PersistenceManager |
newDelegatingPersistenceManager()
|
protected AccessControl_1.DefaultRealm |
newRealm(Path realmIdentity)
Allows to provide a custom-specific realm implementation. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
EXTENT_PATTERN
protected static final Path EXTENT_PATTERN
USER_HOME_PATH_PATTERN
protected static final Path USER_HOME_PATH_PATTERN
ALL_PERMISSION
protected static final String ALL_PERMISSION
- See Also:
- Constant Field Values
connectionFactories
protected List<Object> connectionFactories
realmIdentity
protected Path realmIdentity
model
protected Model_1_0 model
useExtendedAccessLevelBasic
protected boolean useExtendedAccessLevelBasic
objectCache
protected static final ConcurrentMap<Path,Object[]> objectCache
AccessControl_1
public AccessControl_1()
getInteraction
public Interaction getInteraction(Connection connection)
throws ResourceException
- Specified by:
getInteraction in interface Port- Overrides:
getInteraction in class Standard_1
- Throws:
ResourceException
getUserIdentity
protected Path getUserIdentity(AccessControl_1.CachedPrincipal principal)
getUserIdentity
protected Path getUserIdentity(String qualifiedPrincipalName)
getUserIdentity
protected Path getUserIdentity(String realmName,
String principalName)
getUser
protected Path getUser(AccessControl_1.CachedPrincipal principal)
throws ServiceException
- Throws:
ServiceException
getGroupIdentity
protected Path getGroupIdentity(Path accessPath,
String qualifiedPrincipalName)
getQualifiedPrincipalName
protected String getQualifiedPrincipalName(Path accessPath,
String principalName)
getQualifiedPrincipalName
protected String getQualifiedPrincipalName(Path principalIdentity)
completeOwningUserAndGroup
protected void completeOwningUserAndGroup(ServiceHeader header,
MappedRecord object)
throws ServiceException
- Throws:
ServiceException
completeObject
protected void completeObject(ServiceHeader header,
MappedRecord object,
MappedRecord parent)
throws ServiceException
- Throws:
ServiceException
completeReply
protected DataproviderReply completeReply(ServiceHeader header,
DataproviderReply reply,
MappedRecord parent)
throws ServiceException
- Throws:
ServiceException
isPrincipalGroup
protected boolean isPrincipalGroup(MappedRecord object)
throws ServiceException
- Throws:
ServiceException
isSecureObject
protected boolean isSecureObject(MappedRecord object)
throws ServiceException
- Throws:
ServiceException
isSecureObject
protected boolean isSecureObject(ModelElement_1_0 type)
throws ServiceException
- Throws:
ServiceException
newDelegatingPersistenceManager
public javax.jdo.PersistenceManager newDelegatingPersistenceManager()
activate
public void activate(short id,
Configuration configuration,
Layer_1 delegation)
throws ServiceException
- Overrides:
activate in class Layer_1
- Throws:
ServiceException
getPrincipalName
protected String getPrincipalName(ServiceHeader header)
newRealm
protected AccessControl_1.DefaultRealm newRealm(Path realmIdentity)
throws ServiceException
- Allows to provide a custom-specific realm implementation.
- Throws:
ServiceException
getRealm
protected AccessControl_1.DefaultRealm getRealm(ServiceHeader header,
DataproviderRequest request)
throws ServiceException
- Throws:
ServiceException
getReferencedType
protected ModelElement_1_0 getReferencedType(Path accessPath,
FilterProperty[] filter)
throws ServiceException
- Throws:
ServiceException
createResult
protected MappedRecord createResult(DataproviderRequest request,
String structName)
throws ServiceException
- Throws:
ServiceException
getObjectCache
protected static ConcurrentMap<Path,Object[]> getObjectCache()
This software is published under the BSD license. Copyright © 2003-2012, CRIXP AG, Switzerland, All rights reserved. Use is subject to license terms.