|
Hyperic HQ Plugin API v. 4.4.0.2 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.hyperic.hq.authz.server.session.AuthzSession
org.hyperic.hq.authz.shared.PermissionManager
public abstract class PermissionManager
Nested Class Summary | |
---|---|
static interface |
PermissionManager.RolePermNativeSQL
|
Field Summary | |
---|---|
static java.lang.String |
OPERATION_PAGER
|
Fields inherited from class org.hyperic.hq.authz.server.session.AuthzSession |
---|
ctx, log |
Constructor Summary | |
---|---|
PermissionManager()
|
Method Summary | |
---|---|
abstract void |
check(java.lang.Integer subjectId,
java.lang.Integer typeId,
java.lang.Integer instanceId,
java.lang.Integer operationId)
Check permission. |
abstract void |
check(java.lang.Integer subject,
ResourceType type,
java.lang.Integer instanceId,
java.lang.String operation)
Check permission. |
abstract void |
check(java.lang.Integer subjectId,
java.lang.String resType,
java.lang.Integer instanceId,
java.lang.String operation)
Check permission. |
abstract java.util.List |
findOperationScopeBySubject(AuthzSubject subj,
java.lang.Integer opId)
Find the list of instance ids for which a given subject id has a given operation. |
abstract java.util.List |
findOperationScopeBySubject(AuthzSubject subj,
java.lang.String opName,
java.lang.String resType)
Find the list of instance ids for which a given subject id has the named operation in one of their roles or owns a resource for which the operation is valid |
abstract Resource[] |
findOperationScopeBySubjectBatch(AuthzSubject whoami,
ResourceValue[] resArr,
java.lang.String[] opArr)
Find the list of resources for which a given subject id can perform specified operation. |
int |
findResourceCount(AuthzSubject subj,
java.lang.String resourceType,
java.lang.String operation,
java.util.Collection excludes)
|
abstract java.util.Collection |
findServiceResources(AuthzSubject subj,
java.lang.Boolean fsystem)
|
abstract java.util.List |
findViewableResources(AuthzSubject subj,
java.lang.String searchFor,
PageControl pc)
Search viewable resources of any type |
abstract java.util.List |
findViewableResources(AuthzSubject subj,
java.lang.String resType,
java.lang.String resName,
java.lang.String appdefTypeStr,
java.lang.Integer typeId,
PageControl pc)
Get viewable resources of a specific type |
abstract java.lang.String |
getAlertDefsHQL()
|
abstract java.lang.String |
getAlertsHQL(boolean inEscalation,
boolean notFixed,
java.lang.Integer groupId,
java.lang.Integer alertDefId,
boolean count)
|
abstract java.util.List |
getAllOperations(AuthzSubject subject,
PageControl pc)
Get all operations for a given subject |
abstract CloningBossInterface |
getCloningBoss()
Return the CloningBoss implementation |
protected java.sql.Connection |
getConnection()
|
abstract java.lang.String |
getGroupAlertDefsHQL()
|
abstract java.lang.String |
getGroupAlertsHQL(boolean inEscalation,
boolean notFixed,
java.lang.Integer groupId,
java.lang.Integer galertDefId)
|
abstract java.util.Collection |
getGroupResources(java.lang.Integer subjectId,
java.lang.Integer groupId,
java.lang.Boolean fsystem)
|
abstract HierarchicalAlertingManagerInterface |
getHierarchicalAlertingManager()
Return the HierarchicalAlertingManager implementation |
abstract MaintenanceEventManagerInterface |
getMaintenanceEventManager()
Return the MaintenanceEventManager implementation |
abstract java.lang.String |
getOperableGroupsHQL(AuthzSubject subject,
java.lang.String alias,
java.lang.String oper)
|
abstract java.lang.String |
getResourceTypeSQL(java.lang.String instanceId,
java.lang.Integer subjectId,
java.lang.String resType,
java.lang.String op)
|
abstract PermissionManager.RolePermNativeSQL |
getRolePermissionNativeSQL(java.lang.String resourceVar,
java.lang.String eventLogVar,
java.lang.String subjectParam,
java.lang.String opListViewResourcesParam,
java.lang.String opListManageAlertsParam)
|
abstract java.lang.String |
getSQLWhere(java.lang.Integer subjectId)
Get a clause that you can append to an existing WHERE clause to make it authz-aware. |
abstract boolean |
hasAdminPermission(java.lang.Integer who)
Check whether a user has permission to access the admin component. |
abstract boolean |
hasGuestRole()
Check to see if user can see role dashboards |
EdgePermCheck |
makePermCheckHql(java.lang.String resourceVar,
boolean includeDescendants)
Creates an edge perm check with default names of the replacement variables and parameters. |
abstract EdgePermCheck |
makePermCheckHql(java.lang.String subjectParam,
java.lang.String resourceVar,
java.lang.String resourceParam,
java.lang.String distanceParam,
java.lang.String opsParam,
boolean includeDescendants)
Generates an object which aids in the creation of hierarchical, permission checking HQL. |
EdgePermCheck |
makePermCheckSql(java.lang.String resourceVar,
boolean includeDescendants)
Creates an edge perm check with default names of the replacement variables and parameters. |
abstract EdgePermCheck |
makePermCheckSql(java.lang.String subjectParam,
java.lang.String resourceVar,
java.lang.String resourceParam,
java.lang.String distanceParam,
java.lang.String opsParam,
boolean includeDescendants)
Generates an object which aids in the creation of hierarchical, permission checking SQL. |
Methods inherited from class org.hyperic.hq.authz.server.session.AuthzSession |
---|
findPrototype, findSubjectByAuth, getContainmentRelation, getInitialContext, getNetworkRelation, getOperationDAO, getResourceDAO, getResourceGroupDAO, getResourceTypeDAO, getRoleDAO, getRootResourceType, getSessionContext, getSubjectDAO, getVirtualRelation, lookupSubject, setSessionContext, toPojos |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String OPERATION_PAGER
Constructor Detail |
---|
public PermissionManager()
Method Detail |
---|
public abstract void check(java.lang.Integer subject, ResourceType type, java.lang.Integer instanceId, java.lang.String operation) throws PermissionException
subject
- The subject.type
- The type of the resource.instanceId
- The consumer's ID for the resource in question.operation
- The operation (as a String) that the subject may want
to perform.
PermissionException
- If subject is not authorized to
perform the given operation on the resource of the given type whose
id is instanceId.public abstract void check(java.lang.Integer subjectId, java.lang.Integer typeId, java.lang.Integer instanceId, java.lang.Integer operationId) throws PermissionException
subjectId
- ID of the subject.typeId
- ID of the type of the resource.instanceId
- The consumer's ID for the resource in question.operationId
- ID of the operation that the subject may want
to perform.
PermissionException
- If subject is not authorized to
perform the given operation on the resource of the given type whose
id is instanceId.public abstract void check(java.lang.Integer subjectId, java.lang.String resType, java.lang.Integer instanceId, java.lang.String operation) throws PermissionException
subjectId
- ID of the subject.typeId
- ID of the type of the resource.instanceId
- The consumer's ID for the resource in question.operationId
- ID of the operation that the subject may want
to perform.
PermissionException
- If subject is not authorized to
perform the given operation on the resource of the given type whose
id is instanceId.public abstract boolean hasAdminPermission(java.lang.Integer who)
public abstract boolean hasGuestRole()
public abstract java.util.List findOperationScopeBySubject(AuthzSubject subj, java.lang.String opName, java.lang.String resType) throws javax.ejb.FinderException, PermissionException
javax.ejb.FinderException
PermissionException
public abstract java.util.List findOperationScopeBySubject(AuthzSubject subj, java.lang.Integer opId) throws javax.ejb.FinderException, PermissionException
javax.ejb.FinderException
PermissionException
public abstract Resource[] findOperationScopeBySubjectBatch(AuthzSubject whoami, ResourceValue[] resArr, java.lang.String[] opArr) throws javax.ejb.FinderException
whoami
- - subjectresArr
- - batch of resources to verifyopArr
- - corresponding batch of operations
javax.ejb.FinderException
public abstract java.util.List findViewableResources(AuthzSubject subj, java.lang.String resType, java.lang.String resName, java.lang.String appdefTypeStr, java.lang.Integer typeId, PageControl pc)
resType
- the authz resource type nameresName
- if result should filter by resource nameappdefTypeStr
- the Appdef type name, like 'platform', 'server', etctypeId
- the appdef type ID, e.g. the platform_type_id
public abstract java.util.List findViewableResources(AuthzSubject subj, java.lang.String searchFor, PageControl pc)
public abstract java.lang.String getSQLWhere(java.lang.Integer subjectId)
public abstract java.util.List getAllOperations(AuthzSubject subject, PageControl pc) throws PermissionException, javax.ejb.FinderException
PermissionException
javax.ejb.FinderException
public abstract java.lang.String getResourceTypeSQL(java.lang.String instanceId, java.lang.Integer subjectId, java.lang.String resType, java.lang.String op)
public abstract java.lang.String getOperableGroupsHQL(AuthzSubject subject, java.lang.String alias, java.lang.String oper)
public abstract java.util.Collection getGroupResources(java.lang.Integer subjectId, java.lang.Integer groupId, java.lang.Boolean fsystem)
public abstract java.util.Collection findServiceResources(AuthzSubject subj, java.lang.Boolean fsystem)
public abstract PermissionManager.RolePermNativeSQL getRolePermissionNativeSQL(java.lang.String resourceVar, java.lang.String eventLogVar, java.lang.String subjectParam, java.lang.String opListViewResourcesParam, java.lang.String opListManageAlertsParam)
public abstract java.lang.String getAlertsHQL(boolean inEscalation, boolean notFixed, java.lang.Integer groupId, java.lang.Integer alertDefId, boolean count)
public abstract java.lang.String getAlertDefsHQL()
public abstract java.lang.String getGroupAlertsHQL(boolean inEscalation, boolean notFixed, java.lang.Integer groupId, java.lang.Integer galertDefId)
public abstract java.lang.String getGroupAlertDefsHQL()
public EdgePermCheck makePermCheckSql(java.lang.String resourceVar, boolean includeDescendants)
includeDescendants
- - include the resource's descendants in the querypublic EdgePermCheck makePermCheckHql(java.lang.String resourceVar, boolean includeDescendants)
includeDescendants
- - include the resource's descendants in the querypublic abstract EdgePermCheck makePermCheckSql(java.lang.String subjectParam, java.lang.String resourceVar, java.lang.String resourceParam, java.lang.String distanceParam, java.lang.String opsParam, boolean includeDescendants)
includeDescendants
- - include the resource's descendants in the querypublic abstract EdgePermCheck makePermCheckHql(java.lang.String subjectParam, java.lang.String resourceVar, java.lang.String resourceParam, java.lang.String distanceParam, java.lang.String opsParam, boolean includeDescendants)
includeDescendants
- - include the resource's descendants in the querypublic abstract MaintenanceEventManagerInterface getMaintenanceEventManager()
public abstract CloningBossInterface getCloningBoss()
public abstract HierarchicalAlertingManagerInterface getHierarchicalAlertingManager()
public int findResourceCount(AuthzSubject subj, java.lang.String resourceType, java.lang.String operation, java.util.Collection excludes)
subj
- AuthzSubject
platformResType
- The resource_type associated with the EAM_RESOURCE and
EAM_RESOURCE_TYPE tables. e.g. "covalentEAMPlatform" from AuthzConstants
class.operation
- The associated operation from AuthzConstants
. e.g. "viewPlatform"excludes
- Collection
of Integer
s that represent the Resource
Id
of the protoTypes to exclude
protected java.sql.Connection getConnection() throws java.sql.SQLException
java.sql.SQLException
|
Hyperic HQ Plugin API v. 4.4.0.2 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |