SecurityFilter.java example

Explorer
openmicroscopy-master
/*
 *   Copyright 2012 Glencoe Software, Inc. All rights reserved.
 *   Use is subject to license terms supplied in LICENSE.txt
 */

package ome.security;

import java.util.List;
import java.util.Map;

import org.hibernate.Session;

import ome.model.internal.Details;
import ome.model.internal.Permissions;
import ome.model.internal.Permissions.Right;
import ome.security.basic.OmeroInterceptor;
import ome.system.EventContext;

/**
 * Base filter interface ...
 *
 * @author Josh Moore, josh at glencoesoftware.com
 * @since 4.4
 * @see <a
 *      href="http://trac.openmicroscopy.org.uk/ome/ticket/117">ticket117</a>
 * @see <a
 *      href="http://trac.openmicroscopy.org.uk/ome/ticket/1154">ticket1154</a>
 * @see <a
 *      href="http://trac.openmicroscopy.org.uk/ome/ticket/3529">ticket3529</a>
 */
public interface SecurityFilter {

    static public final String is_share = "is_share";

    static public final String is_adminorpi = "is_adminorpi";

    static public final String is_nonprivate = "is_nonprivate";

    static public final String current_user = "current_user";

    /**
     * Name of this security filter. By default this will likely return
     * the simple class name for the instance. This value will be used
     * to activate the filter on the Hibernate session.
     */
    public String getName();

    /**
     * Return a mapping of the hibernate types for each of the parameters
     * that the condition takes.
     */
    public Map<String, String> getParameterTypes();

    /**
     * Return the string to be used as the condition.
     */
    public String getDefaultCondition();

    /**
     * tests that the {@link Details} argument passes the security test that
     * this filter defines. The two must be kept in sync. This will be used
     * mostly by the
     * {@link OmeroInterceptor#onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[])}
     * method.
     *
     * @param d
     *            Details instance. If null (or if its {@link Permissions} are
     *            null all {@link Right rights} will be assumed.
     * @return true if the object to which this
     */
    public boolean passesFilter(Session session, Details d, EventContext c);

    /**
     * Enables this filter with the settings from this filter. The intent is
     * that after this call, no Hibernate queries will return any objects that
     * would fail a call to
     * {@link #passesFilter(Session, Details, EventContext)}.
     *
     * @param sess Non-null.
     * @param ec Non-null.
     */
    public void enable(Session sess, EventContext ec);

    /**
     * Reverts the call to {@link #enable(Session, EventContext)}.
     */
    public void disable(Session sess);

}