com.orientechnologies.orient.core.metadata.security

Class OSecurityProxy

java.lang.Object

com.orientechnologies.orient.core.metadata.security.OSecurityProxy

All Implemented Interfaces:

OSecurity

public class OSecurityProxy
extends Object
implements OSecurity

Proxy class for user management

Author:

Luca Garulli (l.garulli--(at)--orientdb.com)

Field Summary

Fields inherited from interface com.orientechnologies.orient.core.metadata.security.OSecurity

ALLOW_ALL_FIELD, ALLOW_DELETE_FIELD, ALLOW_READ_FIELD, ALLOW_UPDATE_FIELD, IDENTITY_CLASSNAME, ONCREATE_FIELD, ONCREATE_IDENTITY_TYPE, RESTRICTED_CLASSNAME

Constructor Summary

Constructors

Constructor and Description
OSecurityProxy(OSecurityInternal security, ODatabaseDocumentInternal session)

Method Summary

Modifier and Type	Method and Description
OIdentifiable	allowRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName) Record level security: allows a role to access to a record.
OIdentifiable	allowUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName) Record level security: allows a user to access to a record.
OUser	authenticate(OToken authToken)
OUser	authenticate(String iUsername, String iUserPassword)
ORole	createRole(String iRoleName, ORole iParent, OSecurityRole.ALLOW_MODES iAllowMode)
ORole	createRole(String iRoleName, OSecurityRole.ALLOW_MODES iAllowMode)
OUser	createUser(String iUserName, String iUserPassword, ORole... iRoles)
OUser	createUser(String iUserName, String iUserPassword, String... iRoles)
OIdentifiable	denyRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName) Record level security: deny a role to access to a record.
OIdentifiable	denyUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName) Record level security: deny a user to access to a record.
boolean	dropRole(String iRoleName)
boolean	dropUser(String iUserName)
List<ODocument>	getAllRoles()
List<ODocument>	getAllUsers()
ORole	getRole(OIdentifiable iRole)
ORole	getRole(String iRoleName)
OUser	getUser(ORID iUserId)
OUser	getUser(String iUserName)
boolean	isAllowed(Set<OIdentifiable> iAllowAll, Set<OIdentifiable> iAllowOperation)
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OSecurityProxy

public OSecurityProxy(OSecurityInternal security,
                      ODatabaseDocumentInternal session)

Method Detail

isAllowed

public boolean isAllowed(Set<OIdentifiable> iAllowAll,
                         Set<OIdentifiable> iAllowOperation)

Specified by:

isAllowed in interface OSecurity

allowUser

public OIdentifiable allowUser(ODocument iDocument,
                               ORestrictedOperation iOperationType,
                               String iUserName)

Description copied from interface: OSecurity

Record level security: allows a user to access to a record.

Specified by:

allowUser in interface OSecurity

Parameters:

iDocument - ODocument instance to give access

iOperationType - Operation type to use based on the permission to allow:

• ALLOW_ALL, to provide full access (RUD)
• ALLOW_READ, to provide read access
• ALLOW_UPDATE, to provide update access
• ALLOW_DELETE, to provide delete access

iUserName - User name to provide the access

Returns:

The OIdentity instance allowed

allowRole

public OIdentifiable allowRole(ODocument iDocument,
                               ORestrictedOperation iOperationType,
                               String iRoleName)

Description copied from interface: OSecurity

Record level security: allows a role to access to a record.

Specified by:

allowRole in interface OSecurity

Parameters:

iDocument - ODocument instance to give access

iOperationType - Operation type to use based on the permission to allow:

• ALLOW_ALL, to provide full access (RUD)
• ALLOW_READ, to provide read access
• ALLOW_UPDATE, to provide update access
• ALLOW_DELETE, to provide delete access

iRoleName - Role name to provide the access

Returns:

The OIdentity instance allowed

denyUser

public OIdentifiable denyUser(ODocument iDocument,
                              ORestrictedOperation iOperationType,
                              String iUserName)

Description copied from interface: OSecurity

Record level security: deny a user to access to a record.

Specified by:

denyUser in interface OSecurity

Parameters:

iDocument - ODocument instance to give access

iOperationType - Operation type to use based on the permission to deny:

• ALLOW_ALL, to provide full access (RUD)
• ALLOW_READ, to provide read access
• ALLOW_UPDATE, to provide update access
• ALLOW_DELETE, to provide delete access

iUserName - User name to deny the access

Returns:

The OIdentity instance denied

denyRole

public OIdentifiable denyRole(ODocument iDocument,
                              ORestrictedOperation iOperationType,
                              String iRoleName)

Description copied from interface: OSecurity

Record level security: deny a role to access to a record.

Specified by:

denyRole in interface OSecurity

Parameters:

iDocument - ODocument instance to give access

iOperationType - Operation type to use based on the permission to deny:

• ALLOW_ALL, to provide full access (RUD)
• ALLOW_READ, to provide read access
• ALLOW_UPDATE, to provide update access
• ALLOW_DELETE, to provide delete access

iRoleName - Role name to deny the access

Returns:

The OIdentity instance denied

authenticate

public OUser authenticate(String iUsername,
                          String iUserPassword)

Specified by:

authenticate in interface OSecurity

authenticate

public OUser authenticate(OToken authToken)

Specified by:

authenticate in interface OSecurity

getUser

public OUser getUser(String iUserName)

Specified by:

getUser in interface OSecurity

getUser

public OUser getUser(ORID iUserId)

Specified by:

getUser in interface OSecurity

createUser

public OUser createUser(String iUserName,
                        String iUserPassword,
                        String... iRoles)

Specified by:

createUser in interface OSecurity

createUser

public OUser createUser(String iUserName,
                        String iUserPassword,
                        ORole... iRoles)

Specified by:

createUser in interface OSecurity

getRole

public ORole getRole(String iRoleName)

Specified by:

getRole in interface OSecurity

getRole

public ORole getRole(OIdentifiable iRole)

Specified by:

getRole in interface OSecurity

createRole

public ORole createRole(String iRoleName,
                        OSecurityRole.ALLOW_MODES iAllowMode)

Specified by:

createRole in interface OSecurity

createRole

public ORole createRole(String iRoleName,
                        ORole iParent,
                        OSecurityRole.ALLOW_MODES iAllowMode)

Specified by:

createRole in interface OSecurity

getAllUsers

public List<ODocument> getAllUsers()

Specified by:

getAllUsers in interface OSecurity

getAllRoles

public List<ODocument> getAllRoles()

Specified by:

getAllRoles in interface OSecurity

toString

public String toString()

Overrides:

toString in class Object

dropUser

public boolean dropUser(String iUserName)

Specified by:

dropUser in interface OSecurity

dropRole

public boolean dropRole(String iRoleName)

Specified by:

dropRole in interface OSecurity