edu.internet2.middleware.grouper.permissions
Class PermissionFinder

java.lang.Object
  edu.internet2.middleware.grouper.permissions.PermissionFinder

public class PermissionFinder
extends java.lang.Object

Constructor Summary

PermissionFinder()

Method Summary

PermissionFinder	addAction(java.lang.String action) add a action to the search criteria
PermissionFinder	addLimitEnvVar(java.lang.String key, java.lang.Object value) limitEnvVars if processing limits with PermissionProcessor, pass in a map of limits.
PermissionFinder	addMemberId(java.lang.String memberId) add a member id to the search criteria
PermissionFinder	addPermissionDef(AttributeDef attributeDef) add a attribute def to look for.
PermissionFinder	addPermissionDef(java.lang.String attributeDefName) add a attribute def to look for by name.
PermissionFinder	addPermissionDefId(java.lang.String attributeDefId) add a attribute def id to the search criteria
PermissionFinder	addPermissionName(AttributeDefName attributeDefName) add a attribute def name to look for.
PermissionFinder	addPermissionName(java.lang.String name) add a attribute def name to look for by name.
PermissionFinder	addPermissionNameId(java.lang.String attributeDefNameId) add an attribute def name id to the search criteria
PermissionFinder	addRole(Role role) add a role to look for.
PermissionFinder	addRole(java.lang.String name) add a role to look for by name.
PermissionFinder	addRoleId(java.lang.String roleId) add a role id to the search criteria
PermissionFinder	addSubject(edu.internet2.middleware.subject.Subject subject) add a subject to look for.
PermissionFinder	assignActions(java.util.Collection<java.lang.String> theActions) assign actions to search for, return this for chaining
PermissionFinder	assignEnabled(java.lang.Boolean theEnabled) true means enabled only, false, means disabled only, and null means all
PermissionFinder	assignImmediateOnly(boolean theImmediate) if we should filter out non immediate permissions
PermissionFinder	assignLimitEnvVars(java.util.Map<java.lang.String,java.lang.Object> theEnvVars) limitEnvVars if processing limits, pass in a map of limits.
PermissionFinder	assignMemberIds(java.util.Collection<java.lang.String> theMemberIds) add a collection of member ids to look for
PermissionFinder	assignPermissionDefIds(java.util.Collection<java.lang.String> theAttributeDefIds) assign a collection of attribute def ids to look for
PermissionFinder	assignPermissionNameFolder(Stem permissionNameFolder1) if narrowing search for permissions in a certain folder only
PermissionFinder	assignPermissionNameFolderScope(Stem.Scope scope) if searching in a folder, this is the scope: only in this folder, or also in subfolders
PermissionFinder	assignPermissionNameIds(java.util.Collection<java.lang.String> theAttributeDefNameIds) assign a collection of attribute def name ids to look for
PermissionFinder	assignPermissionProcessor(PermissionProcessor thePermissionProcessor) if we should find the best answer, or process limits, etc
PermissionFinder	assignPermissionType(PermissionEntry.PermissionType thePermissionType) are we looking for role permissions or subject permissions?
PermissionFinder	assignPointInTimeFrom(java.sql.Timestamp pointInTimeFrom) To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeTo.
PermissionFinder	assignPointInTimeTo(java.sql.Timestamp pointInTimeTo) To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeFrom.
PermissionFinder	assignRoleIds(java.util.Collection<java.lang.String> theRoleIds) assign a collection of role ids to look for
PermissionEntry	findPermission(boolean exceptionIfNotFound) find a permission
PermissionResult	findPermissionResult() permission result gives helper methods in processing the results
java.util.Set<PermissionEntry>	findPermissions() find a list of permissions
java.util.Map<PermissionEntry,java.util.Set<PermissionLimitBean>>	findPermissionsAndLimits() get the permissions, and the limits, so the caller (e.g. the UI/WS) doesnt have to get them again
boolean	hasPermission() based on what you are querying for, see if has permission.
java.lang.String	toString()

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

PermissionFinder

public PermissionFinder()

Method Detail

addLimitEnvVar

public PermissionFinder addLimitEnvVar(java.lang.String key,
                                       java.lang.Object value)

limitEnvVars if processing limits with PermissionProcessor, pass in a map of limits. The name is the name of the variable, and the value is the value. Note, you can typecast the values by putting a valid type in parens in front of the param name. e.g. name: (int)amount, value: 50

Parameters:

key -

value -

Returns:

this for chaining

assignLimitEnvVars

public PermissionFinder assignLimitEnvVars(java.util.Map<java.lang.String,java.lang.Object> theEnvVars)

limitEnvVars if processing limits, pass in a map of limits. The name is the name of the variable, and the value is the value. Note, you can typecast the values by putting a valid type in parens in front of the param name. e.g. name: (int)amount, value: 50

Parameters:

theEnvVars - the map to replace

Returns:

this for chaining

addMemberId

public PermissionFinder addMemberId(java.lang.String memberId)

add a member id to the search criteria

Parameters:

memberId -

Returns:

this for chaining

assignMemberIds

public PermissionFinder assignMemberIds(java.util.Collection<java.lang.String> theMemberIds)

add a collection of member ids to look for

Parameters:

theMemberIds -

Returns:

this for chaining

addSubject

public PermissionFinder addSubject(edu.internet2.middleware.subject.Subject subject)

add a subject to look for.

Parameters:

subject -

Returns:

this for chaining

addRoleId

public PermissionFinder addRoleId(java.lang.String roleId)

add a role id to the search criteria

Parameters:

roleId -

Returns:

this for chaining

assignRoleIds

public PermissionFinder assignRoleIds(java.util.Collection<java.lang.String> theRoleIds)

assign a collection of role ids to look for

Parameters:

theRoleIds -

Returns:

this for chaining

addRole

public PermissionFinder addRole(Role role)

add a role to look for.

Parameters:

role -

Returns:

this for chaining

addRole

public PermissionFinder addRole(java.lang.String name)

add a role to look for by name.

Parameters:

name -

Returns:

this for chaining

addPermissionDefId

public PermissionFinder addPermissionDefId(java.lang.String attributeDefId)

add a attribute def id to the search criteria

Parameters:

attributeDefId -

Returns:

this for chaining

assignPermissionDefIds

public PermissionFinder assignPermissionDefIds(java.util.Collection<java.lang.String> theAttributeDefIds)

assign a collection of attribute def ids to look for

Parameters:

theAttributeDefIds -

Returns:

this for chaining

assignPermissionNameFolder

public PermissionFinder assignPermissionNameFolder(Stem permissionNameFolder1)

if narrowing search for permissions in a certain folder only

Parameters:

permissionNameFolder1 -

Returns:

this for chaining

assignPermissionNameFolderScope

public PermissionFinder assignPermissionNameFolderScope(Stem.Scope scope)

if searching in a folder, this is the scope: only in this folder, or also in subfolders

Parameters:

scope -

Returns:

this for chaining

addPermissionDef

public PermissionFinder addPermissionDef(AttributeDef attributeDef)

add a attribute def to look for.

Parameters:

attributeDef -

Returns:

this for chaining

addPermissionDef

public PermissionFinder addPermissionDef(java.lang.String attributeDefName)

add a attribute def to look for by name.

Parameters:

attributeDefName -

Returns:

this for chaining

addPermissionNameId

public PermissionFinder addPermissionNameId(java.lang.String attributeDefNameId)

add an attribute def name id to the search criteria

Parameters:

attributeDefNameId -

Returns:

this for chaining

assignPermissionNameIds

public PermissionFinder assignPermissionNameIds(java.util.Collection<java.lang.String> theAttributeDefNameIds)

assign a collection of attribute def name ids to look for

Parameters:

theAttributeDefNameIds -

Returns:

this for chaining

addPermissionName

public PermissionFinder addPermissionName(AttributeDefName attributeDefName)

add a attribute def name to look for.

Parameters:

attributeDefName -

Returns:

this for chaining

addPermissionName

public PermissionFinder addPermissionName(java.lang.String name)

add a attribute def name to look for by name.

Parameters:

name -

Returns:

this for chaining

addAction

public PermissionFinder addAction(java.lang.String action)

add a action to the search criteria

Parameters:

action -

Returns:

this for chaining

assignActions

public PermissionFinder assignActions(java.util.Collection<java.lang.String> theActions)

assign actions to search for, return this for chaining

Parameters:

theActions -

Returns:

this for chaining

assignEnabled

public PermissionFinder assignEnabled(java.lang.Boolean theEnabled)

true means enabled only, false, means disabled only, and null means all

Parameters:

theEnabled -

Returns:

this for chaining

assignPermissionProcessor

public PermissionFinder assignPermissionProcessor(PermissionProcessor thePermissionProcessor)

if we should find the best answer, or process limits, etc

Parameters:

thePermissionProcessor -

Returns:

this for chaining

assignImmediateOnly

public PermissionFinder assignImmediateOnly(boolean theImmediate)

if we should filter out non immediate permissions

Parameters:

theImmediate -

Returns:

this for chaining

assignPermissionType

public PermissionFinder assignPermissionType(PermissionEntry.PermissionType thePermissionType)

are we looking for role permissions or subject permissions? cant be null

Parameters:

thePermissionType -

Returns:

this for chaining

hasPermission

public boolean hasPermission()

based on what you are querying for, see if has permission. Note, you should be looking for one subject, one action, one resource, one role or multiple roles, etc If you are looking for multiple, it will see if anyone has that permission

Returns:

true if has permission, false if not

findPermissionsAndLimits

public java.util.Map<PermissionEntry,java.util.Set<PermissionLimitBean>> findPermissionsAndLimits()

get the permissions, and the limits, so the caller (e.g. the UI/WS) doesnt have to get them again

Returns:

the map of entry to the limits and values

findPermissionResult

public PermissionResult findPermissionResult()

permission result gives helper methods in processing the results

Returns:

the permission result

findPermissions

public java.util.Set<PermissionEntry> findPermissions()

find a list of permissions

Returns:

the set of permissions never null

findPermission

public PermissionEntry findPermission(boolean exceptionIfNotFound)

find a permission

Parameters:

exceptionIfNotFound - true if exception should be thrown if permission not found

Returns:

the permission or null

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object

See Also:

Object.toString()

assignPointInTimeFrom

public PermissionFinder assignPointInTimeFrom(java.sql.Timestamp pointInTimeFrom)

To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeTo. This parameter specifies the start of the range of the point in time query. If this is specified but pointInTimeTo is not specified, then the point in time query range will be from the time specified to now.

Parameters:

pointInTimeFrom -

Returns:

this for changing

assignPointInTimeTo

public PermissionFinder assignPointInTimeTo(java.sql.Timestamp pointInTimeTo)

To query permissions at a certain point in time or time range in the past, set this value and/or the value of pointInTimeFrom. This parameter specifies the end of the range of the point in time query. If this is the same as pointInTimeFrom, then the query will be done at a single point in time rather than a range. If this is specified but pointInTimeFrom is not specified, then the point in time query range will be from the minimum point in time to the time specified.

Parameters:

pointInTimeTo -

Returns:

this for changing