public class AuditingAuthorizer extends Object implements StorageAccessAuthorizer
REASON_AGGREGATE, REASON_CLEAR, REASON_ENTRYSET, REASON_GET, REASON_INDEX_ADD, REASON_INDEX_REMOVE, REASON_INTERCEPTOR_ADD, REASON_INTERCEPTOR_REMOVE, REASON_INVOKE, REASON_KEYSET, REASON_LISTENER_ADD, REASON_LISTENER_REMOVE, REASON_PUT, REASON_REMOVE, REASON_TRIGGER_ADD, REASON_TRIGGER_REMOVE, REASON_UNKNOWN, REASON_VALUES
Constructor and Description |
---|
AuditingAuthorizer()
Construct a non-strict AuditingAuthorizer.
|
AuditingAuthorizer(boolean fStrict)
Construct an AuditingAuthorizer.
|
Modifier and Type | Method and Description |
---|---|
void |
checkRead(BinaryEntry entry, Subject subject, int nReason)
Check if the caller represented by the specified Subject is authorized to a read access for the specified entry.
|
void |
checkReadAny(BackingMapContext context, Subject subject, int nReason)
Check if the caller represented by the specified Subject is authorized to read any data.
|
void |
checkWrite(BinaryEntry entry, Subject subject, int nReason)
Check if the caller represented by the specified Subject is authorized to a write access for the specified entry.
|
void |
checkWriteAny(BackingMapContext context, Subject subject, int nReason)
Check if the caller represented by the specified Subject is authorized to update any data.
|
protected void |
logEntryRequest(BinaryEntry entry, Subject subject, boolean fWrite, int nReason)
Log the entry level authorization request.
|
protected void |
logMapRequest(BackingMapContext context, Subject subject, boolean fWrite, int nReason)
Log the backing map level authorization request.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
reasonToString
public AuditingAuthorizer()
public AuditingAuthorizer(boolean fStrict)
fStrict
- if true, a non-null Subject must be presented for the operation to proceedpublic void checkRead(BinaryEntry entry, Subject subject, int nReason)
StorageAccessAuthorizer
checkRead
in interface StorageAccessAuthorizer
entry
- the entrysubject
- the SubjectnReason
- one of the REASON_* constantspublic void checkWrite(BinaryEntry entry, Subject subject, int nReason)
StorageAccessAuthorizer
checkWrite
in interface StorageAccessAuthorizer
entry
- the entrysubject
- the SubjectnReason
- one of the REASON_* constantspublic void checkReadAny(BackingMapContext context, Subject subject, int nReason)
StorageAccessAuthorizer
For example, this check would be performed to install a map listener
(except for lite listeners)
checkReadAny
in interface StorageAccessAuthorizer
context
- the BackingMapContextsubject
- the SubjectnReason
- one of the REASON_* constantspublic void checkWriteAny(BackingMapContext context, Subject subject, int nReason)
StorageAccessAuthorizer
For example, this check would be performed to install a trigger.
checkWriteAny
in interface StorageAccessAuthorizer
context
- the BackingMapContextsubject
- the SubjectnReason
- one of the REASON_* constantsprotected void logEntryRequest(BinaryEntry entry, Subject subject, boolean fWrite, int nReason)
entry
- the entry to authorize access tosubject
- the SubjectfWrite
- true for write operation; read otherwisenReason
- the reason for the checkprotected void logMapRequest(BackingMapContext context, Subject subject, boolean fWrite, int nReason)
context
- the context of the backing map to authorize access tosubject
- the SubjectfWrite
- true for write operation; read otherwisenReason
- the reason for the check