Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle ADF Model
11g Release 1 (11.1.1.6.0)
E10653-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.jbo.server.security
Class XSDataSecurityProviderImpl

java.lang.Object
  extended by oracle.jbo.server.security.AbstractDataSecurityProviderImpl
      extended by oracle.jbo.server.security.XSDataSecurityProviderImpl
All Implemented Interfaces:
DataSecurityProvider
public class XSDataSecurityProviderImpl
extends AbstractDataSecurityProviderImpl

Constructor Summary
XSDataSecurityProviderImpl()
           
 
Method Summary
 oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row, java.lang.String privToCheck, AttributeDef attrDef, StructureDef defObject)
          Checks row instance privilege.
 java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck, StructureDef defObject)
          Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query.
 java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView, StructureDef defObject, java.lang.String entityRefName)
          Gets the where clause for read restriction.
 
Methods inherited from class oracle.jbo.server.security.AbstractDataSecurityProviderImpl
getTransaction, initAndAttachElevatedSession, restoreOriginalSession, setTransaction
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

XSDataSecurityProviderImpl

public XSDataSecurityProviderImpl()
Method Detail

checkPrivilege

public oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row,
                                                                              java.lang.String privToCheck,
                                                                              AttributeDef attrDef,
                                                                              StructureDef defObject)
Description copied from interface: DataSecurityProvider
Checks row instance privilege. This method is called when evaluating the allows.priv EL. Privilege check for XDB is a DataPermission check of the privilege with the aclids on the row instance. Privilege check for native JAAS case would be AccessConntroller.checkPermission of java permission.

Specified by:
checkPrivilege in interface DataSecurityProvider
Overrides:
checkPrivilege in class AbstractDataSecurityProviderImpl
Parameters:
row - The row instance to be checked for privilege.
privToCheck - The privilege to be checked.
attrDef - The attribute definition.
defObject - The entity or view def.
Returns:
A PrivilegeHoder for the privilege checked.
See Also:
StructureDef, oracle.jbo.PrivilegeHolder

getPrivilegeFilterWhereClause

public java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView,
                                                      StructureDef defObject,
                                                      java.lang.String entityRefName)
Description copied from interface: DataSecurityProvider
Gets the where clause for read restriction. XDB security with read enabled in the database should return null.

Specified by:
getPrivilegeFilterWhereClause in interface DataSecurityProvider
Overrides:
getPrivilegeFilterWhereClause in class AbstractDataSecurityProviderImpl
Parameters:
privsRequiredToView - The row filter privileges for read.
defObject - The definition object in which the filter apply.
entityRefName - The name of the entiry reference in which the filter apply.
Returns:
A string containing the sql expression for read restriction where clause fragment.
See Also:
StructureDef

getImplicitSecurityAttrSQLExpressionAndDomain

public java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck,
                                                                                                           StructureDef defObject)
Description copied from interface: DataSecurityProvider
Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query. The return type of this is XMLType and require a special java type to retrieve data from query result. This method is not call unless getImplicitSecurityAttrSQLExpression return an expression.

Specified by:
getImplicitSecurityAttrSQLExpressionAndDomain in interface DataSecurityProvider
Overrides:
getImplicitSecurityAttrSQLExpressionAndDomain in class AbstractDataSecurityProviderImpl
Parameters:
privsToCheck - The privileges for the SQL expression.
defObject - The entity or view definition.
Returns:
The a Map of SQL expression and domain class of security attributes.
See Also:
StructureDef
Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle ADF Model
11g Release 1 (11.1.1.6.0)
E10653-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1997, 2011, Oracle. All rights reserved.