Overview  Package   Class  Tree  Deprecated  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.mmbase.security.implementation.cloudcontext.builders
Class Contexts

java.lang.Object
  extended byorg.mmbase.module.core.MMTable
      extended byorg.mmbase.module.core.MMObjectBuilder
          extended byorg.mmbase.security.implementation.cloudcontext.builders.Contexts
Direct Known Subclasses:
PeopleContexts
public class Contexts
extends MMObjectBuilder

Representation of a 'context', which can be read as a valid value of the 'owner' field of any object in MMBase. Rights are distributed using this thing. This is part of cloud context security, so the 'context' values need to be present in the cloud.

Version:
$Id: Contexts.java,v 1.36 2004/03/08 17:43:56 michiel Exp $
Author:
Eduard Witteveen, Pierre van Rooden, Michiel Meeuwissen
See Also:
Verify, Authorization

Nested Class Summary
protected static class Contexts.OperationsCache
           
 
Field Summary
protected static Cache allowingContextsCache
           
static Parameter[] ALLOWS_PARAMETERS
           
protected static Cache contextCache
           
static Parameter[] GRANT_PARAMETERS
           
protected static java.util.Map invalidableObjects
           
static Parameter[] MAY_PARAMETERS
           
static Parameter[] MAYGRANT_PARAMETERS
           
static Parameter[] MAYREVOKE_PARAMETERS
           
protected static Contexts.OperationsCache operationsCache
           
static Parameter PARAMETER_GROUPORUSER
           
static Parameter PARAMETER_OPERATION
           
static Parameter[] PARENTSALLOW_PARAMETERS
           
static Parameter[] REVOKE_PARAMETERS
           
 
Fields inherited from class org.mmbase.module.core.MMObjectBuilder
AGE_PARAMETERS, broadcastChanges, database, DEFAULT_ALINEA, DEFAULT_EOL, description, descriptions, fields, GUI_PARAMETERS, listCache, nodeCache, OBJ2TYPE_MAX_SIZE, oType, REPLACE_CACHE, searchAge, sortedDBLayout, TEMPNODE_DEFAULT_SIZE, TemporaryNodes, virtual
 
Fields inherited from class org.mmbase.module.core.MMTable
mmb, tableName
 
Constructor Summary
Contexts()
           
 
Method Summary
protected  boolean allows(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation)
          Wether users of the given group may do operation on a node of given context (so no following)
 Authorization.QueryCheck check(User userContext, Query query, Operation operation)
          Implements check function with same arguments of Authorisation security implementation
protected  java.lang.Object executeFunction(MMObjectNode node, java.lang.String function, java.util.List args)
          Executes a function on the field of a node, and returns the result.
protected  java.util.SortedSet getAllContexts()
          Returns a Set (of Strings) of all existing contexts
protected  java.util.SortedSet getAllowingContexts(User user, Operation operation)
           
static Contexts getBuilder()
          Staticly receives the MMObjectBuilder instance (casted to Contexts).
 java.lang.String getContext(User user, int nodeId)
          Returns this Context node as a String (so the name field)
protected  MMObjectNode getContextNode(java.lang.String context)
           
protected  java.util.SortedSet getDisallowingContexts(User user, Operation operation)
          Returns a Set (of Strings) of all existing contexts for which the given operation is not allowed for the given user.
protected  MMObjectNode getGroupOrUserNode(Parameters a)
           
protected  java.util.Set getGroupsAndUsers(MMObjectNode contextNode, Operation operation)
           
protected  java.util.Collection getGroupsOrUsers(MMObjectNode contextNode, Operation operation, MMObjectBuilder groupsOrUsers)
           
 Parameter[] getParameterDefinition(java.lang.String function)
          perhaps we need something like this
 java.util.SortedSet getPossibleContexts(User user, int nodeId)
          Wraps getPossibleContexts of Authorisation implementation Verify.
protected  MMObjectNode getUserNode(User bridgeUser)
          util
protected  boolean grant(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation, MMObjectNode user)
           
 boolean init()
          Initializes this builder The property 'mmb' needs to be set for the builder before this method can be called.
protected  boolean isOwnNode(User user, MMObjectNode node)
          Returns wether the given node is an 'own' node.
protected  boolean mayDo(MMObjectNode user, MMObjectNode contextNode, Operation operation, boolean checkOwnRights)
           
 boolean mayDo(User user, int nodeId, int sourceNodeId, int destinationNodeId, Operation operation)
          Implements check function with same arguments of Authorisation security implementation.
 boolean mayDo(User user, int nodeId, Operation operation)
          Implements check function with same arguments of Authorisation security implementation
protected  boolean mayDo(User user, MMObjectNode contextNode, Operation operation)
          Returns wether user may do operation on a node with given context.
protected  boolean mayGrant(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation, MMObjectNode user)
           
protected  boolean mayRevoke(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation, MMObjectNode user)
           
protected  boolean parentsAllow(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation)
          Wether users of the given group may do operation on a node of given context, because (one of) the parents of this group allow it.
protected  boolean revoke(MMObjectNode contextNode, MMObjectNode groupOrUserNode, Operation operation, MMObjectNode user)
           
 MMObjectNode setContext(User user, int nodeId, java.lang.String context)
          Sets the context of a node to a certain String Value
 void setDefaults(MMObjectNode node)
          Makes sure unique values and not-null's are filed
 java.lang.String toString(MMObjectNode n)
          Implements for MMObjectNode
 
Methods inherited from class org.mmbase.module.core.MMObjectBuilder
addField, addLocalObserver, addRemoteObserver, buildSet, checkAddTmpField, commit, convertMMNode2SQL, count, count, create, createAlias, delete, deleteNodeCache, drop, equals, equals, executeFunction, fieldLocalChanged, getAge, getAliasedNode, getAncestors, getCacheNumbers, getCacheSize, getCacheSize, getClassName, getConfigFile, getDBByte, getDBKey, getDBState, getDBText, getDBType, getDefaultTeaser, getDefaultUrl, getDescendants, getDescription, getDescription, getDescriptions, getEditFields, getField, getFieldNames, getFields, getFields, getFunctionParameters, getGUIIndicator, getGUIIndicator, getHardNode, getHardNode, getHTML, getInitParameter, getInitParameters, getList, getLocaleGUIIndicator, getLocaleGUIIndicator, getMachineName, getMaintainer, getMMBase, getNewNode, getNewTmpNode, getNextField, getNextField, getNode, getNode, getNode, getNode, getNodes, getNodes, getNodeType, getNumberFromName, getObjectType, getObjectValue, getParentBuilder, getPluralName, getPluralName, getPluralNames, getQuery, getQuery, getQuery, getRawNodes, getRelations_main, getSearchAge, getShort, getShortedByte, getShortedText, getSingularName, getSingularName, getSingularNames, getSmartPath, getSortedFields, getSortedListFields, getTmpNode, getURLEncode, getValue, getVersion, getWAP, getXMLPath, hashCode, hostname_function, insert, insert, insertDone, isExtensionOf, isNodeCached, isVirtual, nodeLocalChanged, nodeRemoteChanged, preCommit, preEdit, process, processSearchResults, putTmpNode, readSearchResults, removeField, removeNode, removeRelations, removeSyncNodes, removeTmpNode, replace, safeCache, safeCommit, safeInsert, search, search, search, searchIn, searchIn, searchIn, searchList, searchList, searchNumbers, searchVector, searchVector, searchVector, searchVector, searchVectorIn, searchVectorIn, searchVectorIn, searchVectorIn, searchWithWhere, sendFieldChangeSignal, setDBLayout_xml, setDescription, setDescriptions, setInitParameter, setMaintainer, setMMBase, setParentBuilder, setPluralNames, setSearchAge, setSingularNames, setTableName, setUniqueValue, setUniqueValue, setValue, setValue, setVersion, setXMLPath, setXMLValues, signalNewObject, testValidData, toString, toXML, updateFields, waitUntilNodeChanged, wrap
 
Methods inherited from class org.mmbase.module.core.MMTable
created, getFullTableName, getTableName, size
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

PARAMETER_OPERATION

public static final Parameter PARAMETER_OPERATION

PARAMETER_GROUPORUSER

public static final Parameter PARAMETER_GROUPORUSER

ALLOWS_PARAMETERS

public static final Parameter[] ALLOWS_PARAMETERS

PARENTSALLOW_PARAMETERS

public static final Parameter[] PARENTSALLOW_PARAMETERS

GRANT_PARAMETERS

public static final Parameter[] GRANT_PARAMETERS

REVOKE_PARAMETERS

public static final Parameter[] REVOKE_PARAMETERS

MAYGRANT_PARAMETERS

public static final Parameter[] MAYGRANT_PARAMETERS

MAYREVOKE_PARAMETERS

public static final Parameter[] MAYREVOKE_PARAMETERS

MAY_PARAMETERS

public static final Parameter[] MAY_PARAMETERS

contextCache

protected static Cache contextCache

allowingContextsCache

protected static Cache allowingContextsCache

operationsCache

protected static Contexts.OperationsCache operationsCache

invalidableObjects

protected static java.util.Map invalidableObjects
Constructor Detail

Contexts

public Contexts()
Method Detail

init

public boolean init()
Description copied from class: MMObjectBuilder
Initializes this builder The property 'mmb' needs to be set for the builder before this method can be called. The method retrieves data from the TypeDef builder, or adds data to that builder if the current builder is not yet registered.

Overrides:
init in class MMObjectBuilder
Returns:
true if init was completed, false if uncompleted.
See Also:
MMObjectBuilder.create()
Warning: No Java Documentation Available.

getBuilder

public static Contexts getBuilder()
Staticly receives the MMObjectBuilder instance (casted to Contexts). A utility function.

mayDo

public boolean mayDo(User user,
                     int nodeId,
                     int sourceNodeId,
                     int destinationNodeId,
                     Operation operation)
              throws SecurityException
Implements check function with same arguments of Authorisation security implementation.

Throws:
SecurityException
See Also:
Verify#check(user, nodeId, sourceNodeI, destinationNodeI, operation)

mayDo

public boolean mayDo(User user,
                     int nodeId,
                     Operation operation)
              throws SecurityException
Implements check function with same arguments of Authorisation security implementation

Throws:
SecurityException
See Also:
Verify#check(user, nodeId, operation)

isOwnNode

protected boolean isOwnNode(User user,
                            MMObjectNode node)
Returns wether the given node is an 'own' node. It should return true if the node is representing the mmbaseusers object which represents the current user. Extensions could e.g. also implement returning true for the associated people node.

mayDo

protected boolean mayDo(User user,
                        MMObjectNode contextNode,
                        Operation operation)
Returns wether user may do operation on a node with given context.

mayDo

protected boolean mayDo(MMObjectNode user,
                        MMObjectNode contextNode,
                        Operation operation,
                        boolean checkOwnRights)

getAllContexts

protected java.util.SortedSet getAllContexts()
Returns a Set (of Strings) of all existing contexts

getDisallowingContexts

protected java.util.SortedSet getDisallowingContexts(User user,
                                                     Operation operation)
Returns a Set (of Strings) of all existing contexts for which the given operation is not allowed for the given user.

getAllowingContexts

protected java.util.SortedSet getAllowingContexts(User user,
                                                  Operation operation)

check

public Authorization.QueryCheck check(User userContext,
                                      Query query,
                                      Operation operation)
Implements check function with same arguments of Authorisation security implementation

See Also:
Verify#check(user, query, operation)

getGroupsOrUsers

protected java.util.Collection getGroupsOrUsers(MMObjectNode contextNode,
                                                Operation operation,
                                                MMObjectBuilder groupsOrUsers)
Returns:
A Collection of groups or users which are allowed for the given operation (not recursively)

getGroupsAndUsers

protected java.util.Set getGroupsAndUsers(MMObjectNode contextNode,
                                          Operation operation)
Returns:
a Set of all groups and users which are allowed for the given operation (not recursively).

getContextNode

protected final MMObjectNode getContextNode(java.lang.String context)

getContext

public java.lang.String getContext(User user,
                                   int nodeId)
                            throws SecurityException
Returns this Context node as a String (so the name field)

Throws:
SecurityException

setContext

public MMObjectNode setContext(User user,
                               int nodeId,
                               java.lang.String context)
                        throws SecurityException
Sets the context of a node to a certain String Value

Parameters:
user - The user doing this.
nodeId - The number of the node which' context must be changed
context - The String describing the desired new context
Returns:
The MMObjectNode
Throws:
SecurityException

getPossibleContexts

public java.util.SortedSet getPossibleContexts(User user,
                                               int nodeId)
                                        throws SecurityException
Wraps getPossibleContexts of Authorisation implementation Verify.

Throws:
SecurityException
See Also:
Verify.getPossibleContexts(org.mmbase.security.UserContext, int)
To Do:
Perhaps we need a possibleContextCache.

allows

protected boolean allows(MMObjectNode contextNode,
                         MMObjectNode groupOrUserNode,
                         Operation operation)
Wether users of the given group may do operation on a node of given context (so no following)

Returns:
boolean

parentsAllow

protected boolean parentsAllow(MMObjectNode contextNode,
                               MMObjectNode groupOrUserNode,
                               Operation operation)
Wether users of the given group may do operation on a node of given context, because (one of) the parents of this group allow it.

Returns:
boolean

mayGrant

protected boolean mayGrant(MMObjectNode contextNode,
                           MMObjectNode groupOrUserNode,
                           Operation operation,
                           MMObjectNode user)

grant

protected boolean grant(MMObjectNode contextNode,
                        MMObjectNode groupOrUserNode,
                        Operation operation,
                        MMObjectNode user)

setDefaults

public void setDefaults(MMObjectNode node)
Makes sure unique values and not-null's are filed

Overrides:
setDefaults in class MMObjectBuilder
Parameters:
node - The node to set the defaults of.

mayRevoke

protected boolean mayRevoke(MMObjectNode contextNode,
                            MMObjectNode groupOrUserNode,
                            Operation operation,
                            MMObjectNode user)

revoke

protected boolean revoke(MMObjectNode contextNode,
                         MMObjectNode groupOrUserNode,
                         Operation operation,
                         MMObjectNode user)

getUserNode

protected MMObjectNode getUserNode(User bridgeUser)
util

getGroupOrUserNode

protected MMObjectNode getGroupOrUserNode(Parameters a)

getParameterDefinition

public Parameter[] getParameterDefinition(java.lang.String function)
Description copied from class: MMObjectBuilder
perhaps we need something like this

Overrides:
getParameterDefinition in class MMObjectBuilder

executeFunction

protected java.lang.Object executeFunction(MMObjectNode node,
                                           java.lang.String function,
                                           java.util.List args)
Description copied from class: MMObjectBuilder
Executes a function on the field of a node, and returns the result. This method is called by the builder's MMObjectBuilder.getValue(org.mmbase.module.core.MMObjectNode, java.lang.String) method. Derived builders should override this method to provide additional functions.

Overrides:
executeFunction in class MMObjectBuilder
See Also:
MMObjectBuilder.executeFunction(org.mmbase.module.core.MMObjectNode, java.lang.String, java.util.List)

toString

public java.lang.String toString(MMObjectNode n)
Description copied from class: MMObjectBuilder
Implements for MMObjectNode

Overrides:
toString in class MMObjectBuilder
Overview  Package   Class  Tree  Deprecated  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
MMBase build 1.7.4.20050922