|
2.17.2: 2011-06-17 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object net.sf.basedb.core.Keyring
class Keyring
Objects of this class holds information about a user's access permissions,
group and role membership. This object is created when a user logs in and
is managed entirely by the SessionControl
. It is never exposed
to client applications.
The object is not populated with information at creation time. It is done
the first time it needs the information. Thereafter, a timer is set to
make sure the information is updated at regular intervals, in case
some adminstrator changes the permissions and/or membership for
the user. The interval is specified by the permission.timeout
value in the base.config
file.
SessionControl.login(String, String, String, boolean)
Nested Class Summary | |
---|---|
private class |
Keyring.ReloadTask
|
Field Summary | |
---|---|
private static int |
ALL
|
private static int |
ALL_ITEM
|
private static int |
DENY_ITEM
|
private static int |
EVERYONE
|
private Set<Integer> |
groups
Holds the ID of all groups that the user is a member of, directly or indirectly. |
private Set<Integer> |
groupsWithNonHiddenMembers
A subset of the 'groups' set that holds the id of the groups that has hiddenMembers = false |
private static boolean |
isInitialised
|
private Set<Integer> |
itemKeys
A set holding all item keys, which is needed for efficient listing of shared items. |
private int[][] |
itemPermissions
Two-dimensional array for holding the permissions for ItemKey :s. |
private static Logger |
log
Log core events. |
private int |
maxProjectPermission
Holds the logged in user's maximum Permission
within the active project. |
private int |
pluginId
The running plugin's ID. |
private int[][] |
pluginPermissions
Two-dimensional array for holding the permission for PluginDefinition :s. |
private int |
projectId
The active project's ID. |
private Set<Integer> |
projectKeys
A set holding all project keys, which is needed for efficient listing of shared items. |
private int[][] |
projectPermissions
Two-dimensional array for holding the permissions for ProjectKey :s. |
private Map<Integer,Integer> |
projects
Holds the ID and permission of all projects that the user is a member of, directly or via a group. |
private boolean |
reload
TRUE if the Timer has signaled that it is time to reload the information. |
private int[][] |
rolePermissions
Two-dimensional array for holding the permissions for RoleKey :s. |
private Set<Integer> |
roles
Holds the ID of all roles that the user is a member of. |
private static int |
ROOT
|
private boolean |
usePluginPermissions
If the running plugin should use specific permissions or not. |
private int |
userId
The logged in user's ID. |
private Set<Integer> |
users
Holds the ID of all users which are members of at least one of the groups that the logged in user is also a member of. |
Constructor Summary | |
---|---|
Keyring(int userId)
Create a new Keyring object. |
|
Keyring(Keyring parent,
int pluginId,
boolean usePluginPermissions)
|
Method Summary | |
---|---|
(package private) int |
getAllPermissions(Item itemType,
UserData owner,
ItemKeyData itemKey,
ProjectKeyData projectKey)
|
(package private) Set<Integer> |
getGroups(boolean onlyWithNonHiddenMembers)
|
(package private) Set<Integer> |
getItemKeys(Permission permission)
|
(package private) PluginPermission |
getPluginPermissions(Item itemType)
Get the active plugin's permissions to an unspecified item of a certain Item type. |
(package private) Set<Integer> |
getProjectKeys(Permission permission)
|
(package private) Map<Integer,Integer> |
getProjects()
|
(package private) boolean |
getReload()
|
(package private) int |
getRolePermissions(Item itemType)
Get the logged in user's permission to an unspecified item of a certain Item type. |
(package private) Set<Integer> |
getRoles()
|
(package private) int |
getSharedPermissions(ShareableData sharableData)
|
(package private) Set<Integer> |
getUsers()
Get all users that share group membership with the logged in user. |
(package private) static void |
init()
|
private boolean |
isDenied(int permission)
Checks if the DENIED bit is set in the permission. |
private void |
loadGroups(org.hibernate.Session session)
Loads group membership for the user and put that information in the groups and groupsWithNonHiddenMembers variables. |
private void |
loadItemKeys(org.hibernate.Session session)
Load all ItemKey :s for the logged in user and put the result
in itemPermissions |
private void |
loadMaxProjectPermission(org.hibernate.Session session,
ProjectData projectData)
Find out the logged in user's maximum permission to the active project and put the result in maxProjectPermission . |
private void |
loadPluginPermissionKeys(org.hibernate.Session session)
Load all PluginKeys :s for the active plugin. |
private void |
loadProjectKeys(org.hibernate.Session session)
Load all ProjectKey :s for the logged in user. |
private void |
loadProjects(org.hibernate.Session session)
Loads project membership for the user and put that information in the projects variable. |
private void |
loadRoleKeys(org.hibernate.Session session)
Load all RoleKey :s for the logged in user and put
the result in rolePermissions |
private void |
loadRoles(org.hibernate.Session session)
Loads role membership for the user and put that information in the roles variable. |
private void |
loadUsers(org.hibernate.Session session)
Load all users which are member of at least one group where the logged in user is also a member and put that information in the users variable. |
private int |
permissionForKey(int key,
int[][] permissions)
Returns the permission value for the specified key or PERMISSION.DENIED if not found in the array of keys. |
private boolean |
reload()
Reload all permission information |
(package private) void |
setActiveProject(ProjectData projectData)
Set the active project. |
(package private) void |
setReload(boolean reload)
|
(package private) static void |
unload()
Unload all settings. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private static final Logger log
private static boolean isInitialised
private final int userId
private int[][] itemPermissions
ItemKey
:s.
The first column holds the key ID, the second the Permission
.
Ie. key_id = [0, x], permission = [1, x]
The rows are sorted by key_id in ascending order.
private int[][] rolePermissions
RoleKey
:s.
The first column holds the key ID, the second the Permission
.
Ie. key_id = [0, x], permission = [1, x]
The rows are sorted by key_id in ascending order.
private int[][] projectPermissions
ProjectKey
:s.
The first column holds the key ID, the second the Permission
.
Ie. key_id = [0, x], permission = [1, x]
The rows are sorted by key_id in ascending order.
private int[][] pluginPermissions
PluginDefinition
:s.
The first column holds the key ID, the second the maximum permission, and
the third the override permissions.
Ie. key_id = [0, x], maxPermission = [1, x], overridePermission = [2, x]
private Set<Integer> groups
private Set<Integer> groupsWithNonHiddenMembers
private Map<Integer,Integer> projects
private Set<Integer> users
private Set<Integer> roles
private int projectId
private int maxProjectPermission
Permission
within the active project.
private final boolean usePluginPermissions
private final int pluginId
private boolean reload
private Set<Integer> itemKeys
private Set<Integer> projectKeys
private static int ROOT
private static int EVERYONE
private static int ALL
private static int ALL_ITEM
private static int DENY_ITEM
Constructor Detail |
---|
Keyring(int userId) throws BaseException
Keyring
object.
userId
- The ID of the user
BaseException
- This exception is thrown if there is an errorKeyring(Keyring parent, int pluginId, boolean usePluginPermissions)
Method Detail |
---|
static void init()
static void unload()
void setReload(boolean reload)
boolean getReload()
private boolean reload()
private void loadRoles(org.hibernate.Session session) throws BaseException
roles
variable.
BaseException
private void loadGroups(org.hibernate.Session session) throws BaseException
groups
and groupsWithNonHiddenMembers
variables.
BaseException
private void loadProjects(org.hibernate.Session session) throws BaseException
projects
variable.
BaseException
private void loadUsers(org.hibernate.Session session) throws BaseException
users
variable. If a project is active, also load the members
and owner of that project.
BaseException
private void loadItemKeys(org.hibernate.Session session) throws BaseException
ItemKey
:s for the logged in user and put the result
in itemPermissions
BaseException
private void loadRoleKeys(org.hibernate.Session session) throws BaseException
RoleKey
:s for the logged in user and put
the result in rolePermissions
BaseException
private void loadPluginPermissionKeys(org.hibernate.Session session) throws BaseException
PluginKeys
:s for the active plugin.
session
- The session to get the query through.
BaseException
- If there is an error.private void loadProjectKeys(org.hibernate.Session session) throws BaseException
ProjectKey
:s for the logged in user.
BaseException
private void loadMaxProjectPermission(org.hibernate.Session session, ProjectData projectData) throws BaseException
maxProjectPermission
.
BaseException
void setActiveProject(ProjectData projectData) throws PermissionDeniedException, BaseException
projectData
- The project to make active, or null to
disable it
PermissionDeniedException
BaseException
private int permissionForKey(int key, int[][] permissions)
key
- The key to look forpermissions
- An array with two columns, the first holds
the key_id and the second the permission
private boolean isDenied(int permission)
int getRolePermissions(Item itemType)
Item
type. If Permission.DENIED
is set,
it overrides all other permissions.
itemType
- The item type as defined by the Item
class
PluginPermission getPluginPermissions(Item itemType)
Item
type.
itemType
- The item type as defined by the Item
class
int getSharedPermissions(ShareableData sharableData)
int getAllPermissions(Item itemType, UserData owner, ItemKeyData itemKey, ProjectKeyData projectKey)
Set<Integer> getRoles()
Set<Integer> getGroups(boolean onlyWithNonHiddenMembers)
Set<Integer> getUsers()
Map<Integer,Integer> getProjects()
Set<Integer> getItemKeys(Permission permission)
Set<Integer> getProjectKeys(Permission permission)
|
2.17.2: 2011-06-17 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |