oracle.jbo.server.security

Class AbstractDataSecurityProviderImpl

java.lang.Object

oracle.jbo.server.security.AbstractDataSecurityProviderImpl

All Implemented Interfaces:

DataSecurityProvider

Direct Known Subclasses:

JAASDataSecurityProviderImpl, XSDataSecurityProviderImpl

public abstract class AbstractDataSecurityProviderImpl
extends java.lang.Object
implements DataSecurityProvider

Constructor Summary

Constructors

Constructor and Description
AbstractDataSecurityProviderImpl()

Method Summary

Modifier and Type	Method and Description
oracle.adf.share.security.authorization.PrivilegeHolder	checkPrivilege(Row row, java.lang.String privToCheck, AttributeDef attrDef, StructureDef defObject) Checks row instance privilege.
java.util.Map.Entry<java.lang.String,java.lang.Class>	getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck, StructureDef defObject) Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query.
java.lang.String	getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView, StructureDef defObject, java.lang.String entityRefName) Gets the where clause for read restriction.
Transaction	getTransaction()
void	initAndAttachElevatedSession(java.lang.String userName)
void	restoreOriginalSession()
void	setTransaction(DBTransaction dbTransaction) Internal: Applications should not use this method.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractDataSecurityProviderImpl

public AbstractDataSecurityProviderImpl()

Method Detail

getTransaction

public Transaction getTransaction()

Specified by:

getTransaction in interface DataSecurityProvider

Returns:

The DB Transaction that the view or entity object is using.

See Also:

Transaction

setTransaction

public void setTransaction(DBTransaction dbTransaction)

Internal: Applications should not use this method.

checkPrivilege

public oracle.adf.share.security.authorization.PrivilegeHolder checkPrivilege(Row row,
                                                                              java.lang.String privToCheck,
                                                                              AttributeDef attrDef,
                                                                              StructureDef defObject)

Description copied from interface: DataSecurityProvider

Checks row instance privilege. This method is called when evaluating the allows.priv EL. Privilege check for XDB is a DataPermission check of the privilege with the aclids on the row instance. Privilege check for native JAAS case would be AccessConntroller.checkPermission of java permission.

Specified by:

checkPrivilege in interface DataSecurityProvider

Parameters:

row - The row instance to be checked for privilege.

privToCheck - The privilege to be checked.

attrDef - The attribute definition.

defObject - The entity or view def.

Returns:

A PrivilegeHoder for the privilege checked.

See Also:

StructureDef, oracle.jbo.PrivilegeHolder

getPrivilegeFilterWhereClause

public java.lang.String getPrivilegeFilterWhereClause(java.lang.String privsRequiredToView,
                                                      StructureDef defObject,
                                                      java.lang.String entityRefName)

Description copied from interface: DataSecurityProvider

Gets the where clause for read restriction. XDB security with read enabled in the database should return null.

Specified by:

getPrivilegeFilterWhereClause in interface DataSecurityProvider

Parameters:

privsRequiredToView - The row filter privileges for read.

defObject - The definition object in which the filter apply.

entityRefName - The name of the entiry reference in which the filter apply.

Returns:

A string containing the sql expression for read restriction where clause fragment.

See Also:

StructureDef

getImplicitSecurityAttrSQLExpressionAndDomain

public java.util.Map.Entry<java.lang.String,java.lang.Class> getImplicitSecurityAttrSQLExpressionAndDomain(java.util.List<java.lang.String> privsToCheck,
                                                                                                           StructureDef defObject)

Description copied from interface: DataSecurityProvider

Optional: XDB data security requires additional sql attribute sys_get_aclids(table_alias, privsToCheck) for getting aclids of row instances in the query. The return type of this is XMLType and require a special java type to retrieve data from query result. This method is not call unless getImplicitSecurityAttrSQLExpression return an expression.

Specified by:

getImplicitSecurityAttrSQLExpressionAndDomain in interface DataSecurityProvider

Parameters:

privsToCheck - The privileges for the SQL expression.

defObject - The entity or view definition.

Returns:

The a Map of SQL expression and domain class of security attributes.

See Also:

StructureDef

initAndAttachElevatedSession

public void initAndAttachElevatedSession(java.lang.String userName)

restoreOriginalSession

public void restoreOriginalSession()