oracle.jbo
Interface DataSecurityProvider

All Known Implementing Classes:

AbstractDataSecurityProviderImpl, JAASDataSecurityProviderImpl, XSDataSecurityProviderImpl

public interface DataSecurityProvider

Method Summary

oracle.adf.share.security.authorization.PrivilegeHolder	checkPrivilege(Row row, java.lang.String privToCheck, AttributeDef attrDef, StructureDef defObject) Checks row instance privilege.
java.util.Map.Entry<java.lang.String,java.lang.Class>	getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck, StructureDef defObject) Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query.
java.lang.String	getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView, StructureDef defObject, java.lang.String entityRefName) Gets the where clause for read restriction.
Transaction	getTransaction()

Method Detail

getTransaction

Transaction getTransaction()

Returns:

The DB Transaction that the view or entity object is using.

See Also:

Transaction

checkPrivilege

oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row,
                                                                       java.lang.String privToCheck,
                                                                       AttributeDef attrDef,
                                                                       StructureDef defObject)

Checks row instance privilege. This method is called when evaluating the allows.priv EL. Privilege check for XDB is a DataPermission check of the privilege with the aclids on the row instance. Privilege check for native JAAS case would be AccessConntroller.checkPermission of java permission.

Parameters:

row - The row instance to be checked for privilege.

privToCheck - The privilege to be checked.

attrDef - The attribute definition.

defObject - The entity or view def.

Returns:

A PrivilegeHoder for the privilege checked.

See Also:

StructureDef, oracle.jbo.PrivilegeHolder

getImplicitSecurityAttrSQLExpressionAndDomain

java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck,
                                                                                                    StructureDef defObject)

Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query. The return type of this is XMLType and require a special java type to retrieve data from query result. This method is not call unless getImplicitSecurityAttrSQLExpression return an expression.

Parameters:

privsToCheck - The privileges for the SQL expression.

defObject - The entity or view definition.

Returns:

The a Map of SQL expression and domain class of security attributes.

See Also:

StructureDef

getPrivilegeFilterWhereClause

java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView,
                                               StructureDef defObject,
                                               java.lang.String entityRefName)

Gets the where clause for read restriction. XDB security with read enabled in the database should return null.

Parameters:

privsRequiredToView - The row filter privileges for read.

defObject - The definition object in which the filter apply.

entityRefName - The name of the entiry reference in which the filter apply.

Returns:

A string containing the sql expression for read restriction where clause fragment.

See Also:

StructureDef