/
SecurityFilter.java
89 lines (73 loc) · 2.67 KB
/
SecurityFilter.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
/*
* Copyright 2012 Glencoe Software, Inc. All rights reserved.
* Use is subject to license terms supplied in LICENSE.txt
*/
package ome.security;
import java.util.List;
import java.util.Map;
import org.hibernate.Session;
import ome.model.internal.Details;
import ome.model.internal.Permissions;
import ome.model.internal.Permissions.Right;
import ome.security.basic.OmeroInterceptor;
import ome.system.EventContext;
/**
* Base filter interface ...
*
* @author Josh Moore, josh at glencoesoftware.com
* @since 4.4
* @see <a
* href="https://trac.openmicroscopy.org/ome/ticket/117">ticket117</a>
* @see <a
* href="https://trac.openmicroscopy.org/ome/ticket/1154">ticket1154</a>
* @see <a
* href="https://trac.openmicroscopy.org/ome/ticket/3529">ticket3529</a>
*/
public interface SecurityFilter {
static public final String is_share = "is_share";
static public final String is_adminorpi = "is_adminorpi";
static public final String is_nonprivate = "is_nonprivate";
static public final String current_user = "current_user";
/**
* Name of this security filter. By default this will likely return
* the simple class name for the instance. This value will be used
* to activate the filter on the Hibernate session.
*/
public String getName();
/**
* Return a mapping of the hibernate types for each of the parameters
* that the condition takes.
*/
public Map<String, String> getParameterTypes();
/**
* Return the string to be used as the condition.
*/
public String getDefaultCondition();
/**
* tests that the {@link Details} argument passes the security test that
* this filter defines. The two must be kept in sync. This will be used
* mostly by the
* {@link OmeroInterceptor#onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[])}
* method.
*
* @param d
* Details instance. If null (or if its {@link Permissions} are
* null all {@link Right rights} will be assumed.
* @return true if the object to which this
*/
public boolean passesFilter(Session session, Details d, EventContext c);
/**
* Enables this filter with the settings from this filter. The intent is
* that after this call, no Hibernate queries will return any objects that
* would fail a call to
* {@link #passesFilter(Session, Details, EventContext)}.
*
* @param sess Non-null.
* @param ec Non-null.
*/
public void enable(Session sess, EventContext ec);
/**
* Reverts the call to {@link #enable(Session, EventContext)}.
*/
public void disable(Session sess);
}