Package net.sf.basedb.core
Class RoleKey
java.lang.Object
net.sf.basedb.core.BasicItem
net.sf.basedb.core.Key
net.sf.basedb.core.RoleKey
- All Implemented Interfaces:
AccessControlled
,Identifiable
,Nameable
This class is used to represent a role key. A role key
is, as the name suggests, a key that can be given to roles.
A BASE installation comes with a default set of role
keys, one for every type of item. The keys cannot be deleted
and no new ones can be created. The id of a role key for
an item can be found by calling SystemItems.getRoleKeyId(Item)
.
The permission given to a role is applied to all items of the type that the role key is valid for. The following example code will give all users the permission to create samples.
Role r = Role.getById(dbControl, Role.USER); RoleKey rk = RoleKey.getById(dbControl, SystemItems.getRoleKeyId(Item.SAMPLE)); rk.setPermission(r, Permission.CREATE); dbControl.commit();
- Version:
- 2.0
- Author:
- Nicklas
- Last modified
- $Date: 2015-04-17 14:02:22 +0200 (fr, 17 apr 2015) $
-
Field Summary
Modifier and TypeFieldDescriptionprivate static final QueryRuntimeFilter
This filter will only return items if the logged in user has generic read permission to roles.static final Item
The type of item represented by this class.Fields inherited from interface net.sf.basedb.core.Nameable
MAX_DESCRIPTION_LENGTH, MAX_NAME_LENGTH
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic RoleKey
Get aRoleKey
item when you know the ID.static RoleKey
getByItemType
(DbControl dc, Item itemType) Get aRoleKey
item when you know theItem
type.(package private) RoleKeyData
getData()
Get theBasicData
object that holds all data for this item.Get the description for the item.Get theItem
type for the type of items this role key applies to.getName()
Get the name of the item.getPermissions
(Role role) Get the permissions for a role.(package private) PluginPermission
getQuery()
Get a query object configured to retrieve role keys.getType()
Get the type of item represented by the object.(package private) void
initPermissions
(int granted, int denied) CREATE and DELETE permissions are always denied.boolean
isUsed()
Always return TRUE.void
setDescription
(String description) Set the description for the item.void
Set the name of the item.void
setPermissions
(Role role, Set<Permission> permissions) Grant permissions to a role.Methods inherited from class net.sf.basedb.core.BasicItem
addAnnotatableParents, addUsingItems, addUsingItems, breakCircularReferences, checkBatchAnnotatableUsage, checkPermission, equals, getBasicData, getDbControl, getId, getPermissions, getSessionControl, getUsingItems, getVersion, hashCode, hasPermission, isDetached, isInDatabase, onAfterCommit, onAfterInsert, onBeforeCommit, onRollback, setDbControl, setProjectDefaults, toString, validate
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface net.sf.basedb.core.AccessControlled
checkPermission, getPermissions, hasPermission
Methods inherited from interface net.sf.basedb.core.Identifiable
getId, getVersion
-
Field Details
-
TYPE
The type of item represented by this class.- See Also:
-
RUNTIME_FILTER
This filter will only return items if the logged in user has generic read permission to roles.
-
-
Constructor Details
-
RoleKey
RoleKey(RoleKeyData roleKeyData)
-
-
Method Details
-
getById
public static RoleKey getById(DbControl dc, int id) throws ItemNotFoundException, PermissionDeniedException, BaseException Get aRoleKey
item when you know the ID. The ID of a role key can be found by callingSystemItems.getRoleKeyId(Item)
.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.id
- The ID of the item to load- Returns:
- The
RoleKey
item - Throws:
ItemNotFoundException
- If an item with the specified ID is not foundPermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is another error
-
getByItemType
public static RoleKey getByItemType(DbControl dc, Item itemType) throws ItemNotFoundException, PermissionDeniedException, BaseException Get aRoleKey
item when you know theItem
type.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.itemType
- The item type of the role key to load- Returns:
- The
RoleKey
item - Throws:
ItemNotFoundException
- If a role key for the specified item type is not foundPermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is another error
-
getQuery
Get a query object configured to retrieve role keys. If the logged in user doesn't have generic permission to roles, no role keys are returned.- Returns:
- An
ItemQuery
object
-
getData
RoleKeyData getData()Description copied from class:BasicItem
Get theBasicData
object that holds all data for this item. -
getType
Description copied from interface:Identifiable
Get the type of item represented by the object. The returned value is one of the values defined in theItem
enumeration.- Specified by:
getType
in interfaceIdentifiable
- Returns:
- A value indicating the type of item
-
getName
Description copied from interface:Nameable
Get the name of the item. -
setName
Description copied from interface:Nameable
Set the name of the item. The name cannot be null and mustn't be longer than the value specified by theNameable.MAX_NAME_LENGTH
constant.- Specified by:
setName
in interfaceNameable
- Parameters:
name
- The new name for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the name is null or longer than specified by theNameable.MAX_NAME_LENGTH
constant
-
getDescription
Description copied from interface:Nameable
Get the description for the item.- Specified by:
getDescription
in interfaceNameable
- Returns:
- A
String
with a description of the item
-
setDescription
public void setDescription(String description) throws PermissionDeniedException, InvalidDataException Description copied from interface:Nameable
Set the description for the item. The description can be null but mustn't be longer than the value specified by theNameable.MAX_DESCRIPTION_LENGTH
constant.- Specified by:
setDescription
in interfaceNameable
- Parameters:
description
- The new description for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the description longer than specified by theNameable.MAX_DESCRIPTION_LENGTH
constant
-
isUsed
Always return TRUE. All role keys are system items and cannot be deleted.- Overrides:
isUsed
in classBasicItem
- Returns:
- TRUE if this item is used, FALSE otherwise
- Throws:
BaseException
- If not able to tell if item is used or not.- See Also:
-
initPermissions
CREATE and DELETE permissions are always denied. READ permission is always granted. Other permissions are inherited from theRole
.- Overrides:
initPermissions
in classBasicItem
- Parameters:
granted
- Permissions that have been granted by the subclassdenied
- Permissions that have been denied by the subclass- Throws:
BaseException
- If the permissions couldn't be initialised
-
getPluginPermissions
PluginPermission getPluginPermissions()- Overrides:
getPluginPermissions
in classBasicItem
-
getItemType
Get theItem
type for the type of items this role key applies to.- Returns:
- An
Item
object
-
setPermissions
public void setPermissions(Role role, Set<Permission> permissions) throws PermissionDeniedException, InvalidDataException Grant permissions to a role. IfPermission.DENIED
is set it will override permissions gained from other keys. Ie. if a user has a role key withPermission.DENIED
it takes precedence over all other permissions. Use an emptySet
or null to remove all permissions for the role.- Parameters:
role
- TheRole
permissions
- The permissions to grant- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the role keyInvalidDataException
- If the role is null- See Also:
-
getPermissions
Get the permissions for a role.- Parameters:
role
- TheRole
for which we want to get the permission- Returns:
- An
EnumSet
containing the granted permissions, or an empty set if no permissions have been granted - Throws:
InvalidDataException
- If the role is null- See Also:
-