public class OSecurityRemote extends Object implements OSecurityInternal
Constructor and Description |
---|
OSecurityRemote(OSecurityInternal delegate) |
public OSecurityRemote(OSecurityInternal delegate)
public boolean isAllowed(ODatabaseSession session, Set<OIdentifiable> iAllowAll, Set<OIdentifiable> iAllowOperation)
isAllowed
in interface OSecurityInternal
public OIdentifiable allowUser(ODatabaseSession session, ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
allowUser
in interface OSecurityInternal
public OIdentifiable allowRole(ODatabaseSession session, ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
allowRole
in interface OSecurityInternal
public OIdentifiable denyUser(ODatabaseSession session, ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
denyUser
in interface OSecurityInternal
public OIdentifiable denyRole(ODatabaseSession session, ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
denyRole
in interface OSecurityInternal
public OIdentifiable allowIdentity(ODatabaseSession session, ODocument iDocument, String iAllowFieldName, OIdentifiable iId)
allowIdentity
in interface OSecurityInternal
public OIdentifiable disallowIdentity(ODatabaseSession session, ODocument iDocument, String iAllowFieldName, OIdentifiable iId)
disallowIdentity
in interface OSecurityInternal
public OUser authenticate(ODatabaseSession session, String iUsername, String iUserPassword)
authenticate
in interface OSecurityInternal
public OUser createUser(ODatabaseSession session, String iUserName, String iUserPassword, String[] iRoles)
createUser
in interface OSecurityInternal
public OUser createUser(ODatabaseSession session, String iUserName, String iUserPassword, ORole[] iRoles)
createUser
in interface OSecurityInternal
public OUser authenticate(ODatabaseSession session, OToken authToken)
authenticate
in interface OSecurityInternal
public ORole createRole(ODatabaseSession session, String iRoleName, ORole iParent, OSecurityRole.ALLOW_MODES iAllowMode)
createRole
in interface OSecurityInternal
public ORole createRole(ODatabaseSession session, String iRoleName, OSecurityRole.ALLOW_MODES iAllowMode)
createRole
in interface OSecurityInternal
public OUser getUser(ODatabaseSession session, String iUserName)
getUser
in interface OSecurityInternal
public OUser getUser(ODatabaseSession session, ORID userId)
getUser
in interface OSecurityInternal
public ORole getRole(ODatabaseSession session, String iRoleName)
getRole
in interface OSecurityInternal
public ORole getRole(ODatabaseSession session, OIdentifiable iRoleRid)
getRole
in interface OSecurityInternal
public List<ODocument> getAllUsers(ODatabaseSession session)
getAllUsers
in interface OSecurityInternal
public List<ODocument> getAllRoles(ODatabaseSession session)
getAllRoles
in interface OSecurityInternal
public Map<String,OSecurityPolicy> getSecurityPolicies(ODatabaseSession session, OSecurityRole role)
getSecurityPolicies
in interface OSecurityInternal
public OSecurityPolicy getSecurityPolicy(ODatabaseSession session, OSecurityRole role, String resource)
OSecurityInternal
getSecurityPolicy
in interface OSecurityInternal
session
- an active DB sessionrole
- the roleresource
- the string representation of the security resource, eg. "database.class.Person"public void setSecurityPolicy(ODatabaseSession session, OSecurityRole role, String resource, OSecurityPolicy policy)
OSecurityInternal
setSecurityPolicy
in interface OSecurityInternal
session
- a valid db session to perform the operation (that has permissions to do it)role
- The roleresource
- the string representation of the security resource, eg. "database.class.Person"policy
- The security policypublic OSecurityPolicy createSecurityPolicy(ODatabaseSession session, String name)
OSecurityInternal
createSecurityPolicy
in interface OSecurityInternal
session
- the session to a DB where the policy has to be createdname
- the policy namepublic OSecurityPolicy getSecurityPolicy(ODatabaseSession session, String name)
getSecurityPolicy
in interface OSecurityInternal
public void saveSecurityPolicy(ODatabaseSession session, OSecurityPolicy policy)
saveSecurityPolicy
in interface OSecurityInternal
public void deleteSecurityPolicy(ODatabaseSession session, String name)
deleteSecurityPolicy
in interface OSecurityInternal
public void removeSecurityPolicy(ODatabaseSession session, ORole role, String resource)
OSecurityInternal
removeSecurityPolicy
in interface OSecurityInternal
session
- A valid db session to perform the operationrole
- the roleresource
- the string representation of the security resource, eg. "database.class.Person"public boolean dropUser(ODatabaseSession session, String iUserName)
dropUser
in interface OSecurityInternal
public boolean dropRole(ODatabaseSession session, String iRoleName)
dropRole
in interface OSecurityInternal
public void createClassTrigger(ODatabaseSession session)
createClassTrigger
in interface OSecurityInternal
public long getVersion(ODatabaseSession session)
getVersion
in interface OSecurityInternal
public void incrementVersion(ODatabaseSession session)
incrementVersion
in interface OSecurityInternal
public OUser create(ODatabaseSession session)
create
in interface OSecurityInternal
public void load(ODatabaseSession session)
load
in interface OSecurityInternal
public void close()
close
in interface OSecurityInternal
public Set<String> getFilteredProperties(ODatabaseSession session, ODocument document)
OSecurityInternal
getFilteredProperties
in interface OSecurityInternal
session
- the db sessiondocument
- the document to filterpublic boolean isAllowedWrite(ODatabaseSession session, ODocument document, String propertyName)
OSecurityInternal
isAllowedWrite
in interface OSecurityInternal
document
- current document to check for proeprty-level securitypropertyName
- the property to check for write accesspublic boolean canCreate(ODatabaseSession session, ORecord record)
canCreate
in interface OSecurityInternal
public boolean canRead(ODatabaseSession session, ORecord record)
canRead
in interface OSecurityInternal
public boolean canUpdate(ODatabaseSession session, ORecord record)
canUpdate
in interface OSecurityInternal
public boolean canDelete(ODatabaseSession session, ORecord record)
canDelete
in interface OSecurityInternal
public boolean canExecute(ODatabaseSession session, OFunction function)
canExecute
in interface OSecurityInternal
public boolean isReadRestrictedBySecurityPolicy(ODatabaseSession session, String resource)
OSecurityInternal
isReadRestrictedBySecurityPolicy
in interface OSecurityInternal
session
- The session to check for the existece of policiesresource
- a resource string, eg. "database.class.Person"public Set<OSecurityResourceProperty> getAllFilteredProperties(ODatabaseDocumentInternal database)
OSecurityInternal
getAllFilteredProperties
in interface OSecurityInternal
Copyright © 2009–2020 OrientDB. All rights reserved.