Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle ADF Model
11g Release 1 (11.1.1)
E10653-03
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.jbo.server.security
Class XSDataSecurityProviderImpl

java.lang.Object
  extended by oracle.jbo.server.security.AbstractDataSecurityProviderImpl
      extended by oracle.jbo.server.security.XSDataSecurityProviderImpl

All Implemented Interfaces:
DataSecurityProvider
public class XSDataSecurityProviderImpl
extends AbstractDataSecurityProviderImpl

Constructor Summary
XSDataSecurityProviderImpl()
           

 

Method Summary
 oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row, java.lang.String privToCheck, AttributeDef attrDef, StructureDef defObject)
          Checks row instance privilege.
 java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck, StructureDef defObject)
          Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query.
 java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView, StructureDef defObject, java.lang.String entityRefName)
          Gets the where clause for read restriction.

 

Methods inherited from class oracle.jbo.server.security.AbstractDataSecurityProviderImpl
getTransaction, setTransaction

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

XSDataSecurityProviderImpl

public XSDataSecurityProviderImpl()

Method Detail

checkPrivilege

public oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row,
                                                                              java.lang.String privToCheck,
                                                                              AttributeDef attrDef,
                                                                              StructureDef defObject)
Description copied from interface: DataSecurityProvider
Checks row instance privilege. This method is called when evaluating the allows.priv EL. Privilege check for XDB is a DataPermission check of the privilege with the aclids on the row instance. Privilege check for native JAAS case would be AccessConntroller.checkPermission of java permission.
Specified by:
checkPrivilege in interface DataSecurityProvider
Overrides:
checkPrivilege in class AbstractDataSecurityProviderImpl
Parameters:
row - The row instance to be checked for privilege.
privToCheck - The privilege to be checked.
attrDef - The attribute definition.
defObject - The entity or view def.
Returns:
A PrivilegeHoder for the privilege checked.
See Also:
StructureDef, oracle.jbo.PrivilegeHolder

getPrivilegeFilterWhereClause

public java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView,
                                                      StructureDef defObject,
                                                      java.lang.String entityRefName)
Description copied from interface: DataSecurityProvider
Gets the where clause for read restriction. XDB security with read enabled in the database should return null.
Specified by:
getPrivilegeFilterWhereClause in interface DataSecurityProvider
Overrides:
getPrivilegeFilterWhereClause in class AbstractDataSecurityProviderImpl
Parameters:
privsRequiredToView - The row filter privileges for read.
defObject - The definition object in which the filter apply.
entityRefName - The name of the entiry reference in which the filter apply.
Returns:
A string containing the sql expression for read restriction where clause fragment.
See Also:
StructureDef

getImplicitSecurityAttrSQLExpressionAndDomain

public java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck,
                                                                                                           StructureDef defObject)
Description copied from interface: DataSecurityProvider
Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query. The return type of this is XMLType and require a special java type to retrieve data from query result. This method is not call unless getImplicitSecurityAttrSQLExpression return an expression.
Specified by:
getImplicitSecurityAttrSQLExpressionAndDomain in interface DataSecurityProvider
Overrides:
getImplicitSecurityAttrSQLExpressionAndDomain in class AbstractDataSecurityProviderImpl
Parameters:
privsToCheck - The privileges for the SQL expression.
defObject - The entity or view definition.
Returns:
The a Map of SQL expression and domain class of security attributes.
See Also:
StructureDef

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle ADF Model
11g Release 1 (11.1.1)
E10653-03
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 1997, 2009, Oracle. All rights reserved.