ALLOW_ALL_FIELD, ALLOW_DELETE_FIELD, ALLOW_READ_FIELD, ALLOW_UPDATE_FIELD, IDENTITY_CLASSNAME, ONCREATE_FIELD, ONCREATE_IDENTITY_TYPE, RESTRICTED_CLASSNAME
Constructor and Description |
---|
OSecurityProxy(OSecurityInternal security,
ODatabaseDocumentInternal session) |
Modifier and Type | Method and Description |
---|---|
OIdentifiable |
allowRole(ODocument iDocument,
ORestrictedOperation iOperationType,
String iRoleName)
Record level security: allows a role to access to a record.
|
OIdentifiable |
allowUser(ODocument iDocument,
ORestrictedOperation iOperationType,
String iUserName)
Record level security: allows a user to access to a record.
|
OUser |
authenticate(OToken authToken) |
OUser |
authenticate(String iUsername,
String iUserPassword) |
ORole |
createRole(String iRoleName,
ORole iParent,
OSecurityRole.ALLOW_MODES iAllowMode) |
ORole |
createRole(String iRoleName,
OSecurityRole.ALLOW_MODES iAllowMode) |
OUser |
createUser(String iUserName,
String iUserPassword,
ORole... iRoles) |
OUser |
createUser(String iUserName,
String iUserPassword,
String... iRoles) |
OIdentifiable |
denyRole(ODocument iDocument,
ORestrictedOperation iOperationType,
String iRoleName)
Record level security: deny a role to access to a record.
|
OIdentifiable |
denyUser(ODocument iDocument,
ORestrictedOperation iOperationType,
String iUserName)
Record level security: deny a user to access to a record.
|
boolean |
dropRole(String iRoleName) |
boolean |
dropUser(String iUserName) |
List<ODocument> |
getAllRoles() |
List<ODocument> |
getAllUsers() |
ORole |
getRole(OIdentifiable iRole) |
ORole |
getRole(String iRoleName) |
OUser |
getUser(ORID iUserId) |
OUser |
getUser(String iUserName) |
boolean |
isAllowed(Set<OIdentifiable> iAllowAll,
Set<OIdentifiable> iAllowOperation) |
String |
toString() |
public OSecurityProxy(OSecurityInternal security, ODatabaseDocumentInternal session)
public boolean isAllowed(Set<OIdentifiable> iAllowAll, Set<OIdentifiable> iAllowOperation)
public OIdentifiable allowUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
OSecurity
allowUser
in interface OSecurity
iDocument
- ODocument instance to give accessiOperationType
- Operation type to use based on the permission to allow:
iUserName
- User name to provide the accesspublic OIdentifiable allowRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
OSecurity
allowRole
in interface OSecurity
iDocument
- ODocument instance to give accessiOperationType
- Operation type to use based on the permission to allow:
iRoleName
- Role name to provide the accesspublic OIdentifiable denyUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
OSecurity
denyUser
in interface OSecurity
iDocument
- ODocument instance to give accessiOperationType
- Operation type to use based on the permission to deny:
iUserName
- User name to deny the accesspublic OIdentifiable denyRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
OSecurity
denyRole
in interface OSecurity
iDocument
- ODocument instance to give accessiOperationType
- Operation type to use based on the permission to deny:
iRoleName
- Role name to deny the accesspublic OUser authenticate(String iUsername, String iUserPassword)
authenticate
in interface OSecurity
public OUser authenticate(OToken authToken)
authenticate
in interface OSecurity
public OUser createUser(String iUserName, String iUserPassword, String... iRoles)
createUser
in interface OSecurity
public OUser createUser(String iUserName, String iUserPassword, ORole... iRoles)
createUser
in interface OSecurity
public ORole getRole(OIdentifiable iRole)
public ORole createRole(String iRoleName, OSecurityRole.ALLOW_MODES iAllowMode)
createRole
in interface OSecurity
public ORole createRole(String iRoleName, ORole iParent, OSecurityRole.ALLOW_MODES iAllowMode)
createRole
in interface OSecurity
public List<ODocument> getAllUsers()
getAllUsers
in interface OSecurity
public List<ODocument> getAllRoles()
getAllRoles
in interface OSecurity
Copyright © 2009–2020 OrientDB. All rights reserved.