ome.security.basic

Class AllGroupsSecurityFilter

java.lang.Object

org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

ome.security.basic.AbstractSecurityFilter

ome.security.basic.AllGroupsSecurityFilter

All Implemented Interfaces:

SecurityFilter, BeanNameAware, FactoryBean<org.hibernate.engine.FilterDefinition>, InitializingBean

public class AllGroupsSecurityFilter
extends AbstractSecurityFilter

overrides FilterDefinitionFactoryBean in order to construct our security filter in code and not in XML. This allows us to make use of the knowledge within Permissions With the addition of shares in 4.0, it is necessary to remove the security filter if a share is active and allow loading to throw the necessary exceptions.

Since:

3.0

Author:

Josh Moore, josh at glencoesoftware.com

See Also:

ticket117, ticket1154

Field Summary

Fields

Modifier and Type	Field and Description
static String	filterName
static String	is_admin
static String	leader_of_groups
static String	member_of_groups

Fields inherited from class ome.security.basic.AbstractSecurityFilter

log, roles

Fields inherited from interface ome.security.SecurityFilter

current_user, is_adminorpi, is_nonprivate, is_share

Constructor Summary

Constructors

Constructor and Description
AllGroupsSecurityFilter(SqlAction sql) Default constructor which calls all the necessary setters for this FactoryBean.
AllGroupsSecurityFilter(SqlAction sql, Roles roles)

Method Summary

Modifier and Type	Method and Description
protected Collection<Long>	configGroup(EventContext ec, List<Long> list)
void	enable(org.hibernate.Session sess, EventContext ec) Since we assume that the group is "-1" for this method, we have to pass in lists of all groups as we did before group permissions (~4.2).
String	getDefaultCondition() Return the string to be used as the condition.
Map<String,String>	getParameterTypes() Return a mapping of the hibernate types for each of the parameters that the condition takes.
protected static String	isGranted(Permissions.Role role, Permissions.Right right)
protected String	myFilterCondition()
boolean	passesFilter(org.hibernate.Session session, Details d, EventContext c) tests that the Details argument passes the security test that this filter defines.

Methods inherited from class ome.security.basic.AbstractSecurityFilter

disable, disableBaseFilters, enableBaseFilters, getName, isAdminOrPi, isNonPrivate, isShare

Methods inherited from class org.springframework.orm.hibernate3.FilterDefinitionFactoryBean

afterPropertiesSet, getObject, getObjectType, isSingleton, setBeanName, setDefaultFilterCondition, setFilterName, setParameterTypes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

is_admin

public static final String is_admin

See Also:

Constant Field Values

member_of_groups

public static final String member_of_groups

See Also:

Constant Field Values

leader_of_groups

public static final String leader_of_groups

See Also:

Constant Field Values

filterName

public static final String filterName

See Also:

Constant Field Values

Constructor Detail

AllGroupsSecurityFilter

public AllGroupsSecurityFilter(SqlAction sql)

Default constructor which calls all the necessary setters for this FactoryBean. Also calls FilterDefinitionFactoryBean.setDefaultFilterCondition(String). This query clause must be kept in sync with passesFilter(Session, Details, EventContext).

Parameters:

sql - an SQL action instance

See Also:

passesFilter(Session, Details, EventContext), FilterDefinitionFactoryBean.setFilterName(String), FilterDefinitionFactoryBean.setParameterTypes(java.util.Map), FilterDefinitionFactoryBean.setDefaultFilterCondition(String)

AllGroupsSecurityFilter

public AllGroupsSecurityFilter(SqlAction sql,
                               Roles roles)

Method Detail

myFilterCondition

protected String myFilterCondition()

getDefaultCondition

public String getDefaultCondition()

Description copied from interface: SecurityFilter

Return the string to be used as the condition.

getParameterTypes

public Map<String,String> getParameterTypes()

Description copied from interface: SecurityFilter

Return a mapping of the hibernate types for each of the parameters that the condition takes.

passesFilter

public boolean passesFilter(org.hibernate.Session session,
                            Details d,
                            EventContext c)

tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.

Parameters:

d - Details instance. If null (or if its Permissions are null all rights will be assumed.

Returns:

true if the object to which this

enable

public void enable(org.hibernate.Session sess,
                   EventContext ec)

Since we assume that the group is "-1" for this method, we have to pass in lists of all groups as we did before group permissions (~4.2).

Parameters:

sess - Non-null.

ec - Non-null.

configGroup

protected Collection<Long> configGroup(EventContext ec,
                                       List<Long> list)

isGranted

protected static String isGranted(Permissions.Role role,
                                  Permissions.Right right)