Package com.orientechnologies.orient.core.metadata.security

Class OSessionSecurity

java.lang.Object
com.orientechnologies.orient.core.metadata.security.OSessionSecurity
All Implemented Interfaces:
OSecurity
public class OSessionSecurity extends Object implements OSecurity
Proxy class for user management
Author:
Luca Garulli (l.garulli--(at)--orientdb.com)

  • Constructor Details

  • Method Details

    • isAllowed

      public boolean isAllowed(Set<OIdentifiable> iAllowAll, Set<OIdentifiable> iAllowOperation)
      Specified by:
      isAllowed in interface OSecurity

    • allowUser

      public OIdentifiable allowUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
      Description copied from interface: OSecurity
      Record level security: allows a user to access to a record.
      Specified by:
      allowUser in interface OSecurity
      Parameters:
      iDocument - ODocument instance to give access
      iOperationType - Operation type to use based on the permission to allow:
      • ALLOW_ALL, to provide full access (RUD)
      • ALLOW_READ, to provide read access
      • ALLOW_UPDATE, to provide update access
      • ALLOW_DELETE, to provide delete access
      iUserName - User name to provide the access
      Returns:
      The OIdentity instance allowed

    • allowRole

      public OIdentifiable allowRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
      Description copied from interface: OSecurity
      Record level security: allows a role to access to a record.
      Specified by:
      allowRole in interface OSecurity
      Parameters:
      iDocument - ODocument instance to give access
      iOperationType - Operation type to use based on the permission to allow:
      • ALLOW_ALL, to provide full access (RUD)
      • ALLOW_READ, to provide read access
      • ALLOW_UPDATE, to provide update access
      • ALLOW_DELETE, to provide delete access
      iRoleName - Role name to provide the access
      Returns:
      The OIdentity instance allowed

    • denyUser

      public OIdentifiable denyUser(ODocument iDocument, ORestrictedOperation iOperationType, String iUserName)
      Description copied from interface: OSecurity
      Record level security: deny a user to access to a record.
      Specified by:
      denyUser in interface OSecurity
      Parameters:
      iDocument - ODocument instance to give access
      iOperationType - Operation type to use based on the permission to deny:
      • ALLOW_ALL, to provide full access (RUD)
      • ALLOW_READ, to provide read access
      • ALLOW_UPDATE, to provide update access
      • ALLOW_DELETE, to provide delete access
      iUserName - User name to deny the access
      Returns:
      The OIdentity instance denied

    • denyRole

      public OIdentifiable denyRole(ODocument iDocument, ORestrictedOperation iOperationType, String iRoleName)
      Description copied from interface: OSecurity
      Record level security: deny a role to access to a record.
      Specified by:
      denyRole in interface OSecurity
      Parameters:
      iDocument - ODocument instance to give access
      iOperationType - Operation type to use based on the permission to deny:
      • ALLOW_ALL, to provide full access (RUD)
      • ALLOW_READ, to provide read access
      • ALLOW_UPDATE, to provide update access
      • ALLOW_DELETE, to provide delete access
      iRoleName - Role name to deny the access
      Returns:
      The OIdentity instance denied

    • authenticate

      public OUser authenticate(String iUsername, String iUserPassword)
      Specified by:
      authenticate in interface OSecurity

    • authenticate

      public OUser authenticate(OToken authToken)
      Specified by:
      authenticate in interface OSecurity

    • getUser

      public OUser getUser(String iUserName)
      Specified by:
      getUser in interface OSecurity

    • getUser

      public OUser getUser(ORID iUserId)
      Specified by:
      getUser in interface OSecurity

    • createUser

      public OUser createUser(String iUserName, String iUserPassword, String... iRoles)
      Specified by:
      createUser in interface OSecurity

    • createUser

      public OUser createUser(String iUserName, String iUserPassword, ORole... iRoles)
      Specified by:
      createUser in interface OSecurity

    • getRole

      public ORole getRole(String iRoleName)
      Specified by:
      getRole in interface OSecurity

    • getRole

      public ORole getRole(OIdentifiable iRole)
      Specified by:
      getRole in interface OSecurity

    • createRole

      public ORole createRole(String iRoleName, OSecurityRole.ALLOW_MODES iAllowMode)
      Specified by:
      createRole in interface OSecurity

    • createRole

      public ORole createRole(String iRoleName, ORole iParent, OSecurityRole.ALLOW_MODES iAllowMode)
      Specified by:
      createRole in interface OSecurity

    • getAllUsers

      public List<ODocument> getAllUsers()
      Specified by:
      getAllUsers in interface OSecurity

    • getAllRoles

      public List<ODocument> getAllRoles()
      Specified by:
      getAllRoles in interface OSecurity

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • dropUser

      public boolean dropUser(String iUserName)
      Specified by:
      dropUser in interface OSecurity

    • dropRole

      public boolean dropRole(String iRoleName)
      Specified by:
      dropRole in interface OSecurity