OSymmetricKeySecurity (OrientDB 3.0.44 API)

java.lang.Object
- com.orientechnologies.orient.core.db.record.OProxedResource<OSecurity>
- - com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKeySecurity

All Implemented Interfaces:

OSecurity
```
public class OSymmetricKeySecurity
extends OProxedResource<OSecurity>
implements OSecurity
```
Provides a symmetric key specific authentication. Implements an OSecurity interface that delegates to the specified OSecurity object.
This is used with embedded (non-server) databases, like so: db.setProperty(ODatabase.OPTIONS.SECURITY.toString(), OSymmetricKeySecurity.class);

Author:

S. Colin Leister

Field Summary
- Fields inherited from class com.orientechnologies.orient.core.db.record.OProxedResource
  database, delegate
- Fields inherited from interface com.orientechnologies.orient.core.metadata.security.OSecurity
  ALLOW_ALL_FIELD, ALLOW_DELETE_FIELD, ALLOW_READ_FIELD, ALLOW_UPDATE_FIELD, IDENTITY_CLASSNAME, ONCREATE_FIELD, ONCREATE_IDENTITY_TYPE, RESTRICTED_CLASSNAME

Constructor Summary

Constructors
Constructor and Description

OSymmetricKeySecurity(OSecurity iDelegate, ODatabaseDocumentInternal iDatabase)

Constructors
Constructor and Description
`OSymmetricKeySecurity(OSecurity iDelegate, ODatabaseDocumentInternal iDatabase)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`OIdentifiable`	`allowIdentity(ODocument iDocument, String iAllowFieldName, OIdentifiable iId)` Uses the version with ENUM instead.
`OIdentifiable`	`allowRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)` Record level security: allows a role to access to a record.
`OIdentifiable`	`allowRole(ODocument iDocument, String iAllowFieldName, String iRoleName)` Uses the version with ENUM instead.
`OIdentifiable`	`allowUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)` Record level security: allows a user to access to a record.
`OIdentifiable`	`allowUser(ODocument iDocument, String iAllowFieldName, String iUserName)` Uses the version with ENUM instead.
`OUser`	`authenticate(OToken authToken)`
`OUser`	`authenticate(String username, String password)`
`void`	`close(boolean onDelete)`
`OUser`	`create()`
`void`	`createClassTrigger()`
`ORole`	`createRole(String iRoleName, ORole iParent, OSecurityRole.ALLOW_MODES iAllowMode)`
`ORole`	`createRole(String iRoleName, OSecurityRole.ALLOW_MODES iAllowMode)`
`OUser`	`createUser(String iUserName, String iUserPassword, ORole... iRoles)`
`OUser`	`createUser(String iUserName, String iUserPassword, String... iRoles)`
`OIdentifiable`	`denyRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)` Record level security: deny a role to access to a record.
`OIdentifiable`	`denyUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)` Record level security: deny a user to access to a record.
`OIdentifiable`	`disallowIdentity(ODocument iDocument, String iAllowFieldName, OIdentifiable iId)` Uses the version with ENUM instead.
`OIdentifiable`	`disallowRole(ODocument iDocument, String iAllowFieldName, String iRoleName)` Uses the version with ENUM instead.
`OIdentifiable`	`disallowUser(ODocument iDocument, String iAllowFieldName, String iUserName)` Uses the version with ENUM instead.
`boolean`	`dropRole(String iRoleName)`
`boolean`	`dropUser(String iUserName)`
`List<ODocument>`	`getAllRoles()`
`List<ODocument>`	`getAllUsers()`
`ORole`	`getRole(OIdentifiable iRole)`
`ORole`	`getRole(String iRoleName)`
`OSecurity`	`getUnderlying()`
`OUser`	`getUser(ORID iUserId)`
`OUser`	`getUser(String iUserName)`
`long`	`getVersion()`
`void`	`incrementVersion()`
`boolean`	`isAllowed(Set<OIdentifiable> iAllowAll, Set<OIdentifiable> iAllowOperation)`
`void`	`load()`
`String`	`toString()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OSymmetricKeySecurity

public OSymmetricKeySecurity(OSecurity iDelegate,
                             ODatabaseDocumentInternal iDatabase)

Method Detail

authenticate

public OUser authenticate(String username,
                          String password)

Specified by:: authenticate in interface OSecurity

isAllowed

public boolean isAllowed(Set<OIdentifiable> iAllowAll,
                         Set<OIdentifiable> iAllowOperation)

Specified by:: isAllowed in interface OSecurity

allowUser
```
public OIdentifiable allowUser(ODocument iDocument,
                               ORestrictedOperation iOperationType,
                               String iUserName)
```
Description copied from interface: OSecurity

Record level security: allows a user to access to a record.
Specified by:

allowUser in interface OSecurity

Parameters:

iDocument - ODocument instance to give access
iOperationType - Operation type to use based on the permission to allow:
- ALLOW_ALL, to provide full access (RUD)
- ALLOW_READ, to provide read access
- ALLOW_UPDATE, to provide update access
- ALLOW_DELETE, to provide delete access
iUserName - User name to provide the access

Returns:

The OIdentity instance allowed

allowRole
```
public OIdentifiable allowRole(ODocument iDocument,
                               ORestrictedOperation iOperationType,
                               String iRoleName)
```
Description copied from interface: OSecurity

Record level security: allows a role to access to a record.
Specified by:

allowRole in interface OSecurity

Parameters:

iDocument - ODocument instance to give access
iOperationType - Operation type to use based on the permission to allow:
- ALLOW_ALL, to provide full access (RUD)
- ALLOW_READ, to provide read access
- ALLOW_UPDATE, to provide update access
- ALLOW_DELETE, to provide delete access
iRoleName - Role name to provide the access

Returns:

The OIdentity instance allowed

denyUser
```
public OIdentifiable denyUser(ODocument iDocument,
                              ORestrictedOperation iOperationType,
                              String iUserName)
```
Description copied from interface: OSecurity

Record level security: deny a user to access to a record.
Specified by:

denyUser in interface OSecurity

Parameters:

iDocument - ODocument instance to give access
iOperationType - Operation type to use based on the permission to deny:
- ALLOW_ALL, to provide full access (RUD)
- ALLOW_READ, to provide read access
- ALLOW_UPDATE, to provide update access
- ALLOW_DELETE, to provide delete access
iUserName - User name to deny the access

Returns:

The OIdentity instance denied

denyRole
```
public OIdentifiable denyRole(ODocument iDocument,
                              ORestrictedOperation iOperationType,
                              String iRoleName)
```
Description copied from interface: OSecurity

Record level security: deny a role to access to a record.
Specified by:

denyRole in interface OSecurity

Parameters:

iDocument - ODocument instance to give access
iOperationType - Operation type to use based on the permission to deny:
- ALLOW_ALL, to provide full access (RUD)
- ALLOW_READ, to provide read access
- ALLOW_UPDATE, to provide update access
- ALLOW_DELETE, to provide delete access
iRoleName - Role name to deny the access

Returns:

The OIdentity instance denied