|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.ObjectARoad0.gBase.BasicImpl
ARoad0.gBase.ResourceImpl
ARoad0.gBase.ActorImpl
ARoad0.AcsAddon.Accbee.MySQL.gBase.ActorMySQLImpl
public class ActorMySQLImpl
This class is responsible for modeling a MySQL Actor to implement varied constraints on the instance, the property isRightProxy_ and the inherited AclEntries. The editing of the default true value on the property isRightProxy_ is forbidden. This class handles the Resource types 'trigger', 'view_delegate', 'stored_function', 'stored_procedure', 'user socket'. Note: the constructor forbids to have a Host that is not the host group of the Definer account. This is why there is an error message 'The Host is not the host group of the Definer'. Nonetheless, this is not the behavior of the MySQL Server, where it is possible to have a disabled Definer.
This class manages a map of primary rights, as inherited AclEntry rights, and a map of global rights that says what users have a global access on the resource database. The final access rights does not depends directly on the primary rights map, but no global rights for a couple user/host means no access at all to the target.
The class VirtualFolderMySQLImpl is responsible to create an Actor having the type 'view delegate' under the database node in the resources tree, for the database the virtual folder is associate to. The ACS types policy, with 'Resource.NoNonConditionalACL' and 'Resource.NoConditionalACL', sets that there is an empty 'AclEntry' property for the 'view_delegate' and the 'trigger' actors as Respources, while the 'stored_function' and 'stored_procedure' actors allows direct ACL to simulate the MySQL privileges table 'procs_priv'.
This class implements the following rules, and informs the Access Road user with the same sentence as error message when they are not fulfilled with:
- The Host is mandatory when there is a Definer.
- The Host ACS is not the ACS of this actor.
- The Host have to be a simple host group.
- The Host is not the host group of the Definer.
- A non-null Definer User must have a non-null Definer Host.
- A trigger must have a non-null Definer user and a non-null Definer host.
- An host group can have an AclEntry only for a database.
- The AclEntry of a MySQL Actor must have a condition group.
- A MySQL conditional AclEntry cannot use a standard group.
This class has no subclass in this package. It is a javabean without specific bound properties. The 'InheritedTargetAclEntries' events are bound when the primary AclEntries map is changing. Excepting for EPRViewInBaseImpl, the listeners are outside gBase, they are transient (not serialized in this instance backup). They are called in any order. They receive only a copy of the new value, to protect the property. All the exceptions from the listeners are catched, and a dialog box is displayed to inform the user.
Field Summary | |
---|---|
static ActorMySQLImpl |
EMPTY_INSTANCE
A reusable empty instance for initialization, to avoid the use of 'new' for temporary values. |
private static long |
serialVersionUID__
|
Fields inherited from class ARoad0.gBase.ActorImpl |
---|
bridgeTarget_, currentGroupID_, currentUserID_, isRightProxy_, l_bridgeSources_, l_SecondaryGroup_, m_AclEntriesResources_, serialPersistentFields |
Fields inherited from class ARoad0.gBase.ResourceImpl |
---|
actorActivated_, groupID_, l_aclEntry_, l_groupRights_, l_inheritedT_AclEntries_, l_OpenAcsControllerNames_, l_ownerRights_, l_parentTreeAGRightsAllowToGoAcross_, l_rootRights_, m_inheritedT_ACLRights_, parent_, userID_ |
Fields inherited from class ARoad0.gBase.BasicImpl |
---|
aCS_, aCS_Name_, aliasHandler_, changeSupport_, comment_, folderMember_, INCREMENT_CAPACITY, INITIAL_CAPACITY, INITIAL_CAPACITY_2, iS_Name_, m_ConstrainedChildACS_, name_, PRIME, privHandler_, type_ |
Constructor Summary | |
---|---|
ActorMySQLImpl()
The basic constructor |
|
ActorMySQLImpl(ImmutableName _name,
ACS _acs,
Directory _parent,
UserID _owner,
java.lang.String _resourceType,
GroupIDMySQL _host)
Used for the creation of an instance through the GUI. |
Method Summary | |
---|---|
AclEntry |
addAclEntry(ImmutableACS _aclAcs,
ImmutableEligibleParty _ep,
StringRight[] _l_right,
java.lang.Boolean _positiveRight,
ImmutableGroupID _conditionGroup)
Creates the AclEntry, and sorts the new AclEntry list. |
void |
addInheritedAclEntry(AclEntry _acl)
Adds the inherited AclEntry in the good sorting. |
java.lang.Object |
clone()
Clones without registering of the new object in the ACSs. |
java.lang.Object |
copy(ImmutableName _name,
ACS _acs,
Directory _parent,
java.lang.Boolean _toRegisterInManager)
This method provides a copy of the instance with another name, following Copyable. |
protected ActorMySQLImpl |
copyOwnVariables(ActorMySQLImpl _result,
boolean _withoutInternalAcl)
This method provides a copy of the instance variables. |
java.lang.Object |
copyWithoutInternalAcl(ImmutableName _name,
ACS _acs,
Directory _parent,
java.lang.Boolean _toRegisterInManager)
This method provides a copy of the instance as copy() but without copying the internal AclEntries. |
void |
finalizeForBase()
This method sets to null the primary inherited rights map. |
protected void |
finalizeFromDeserialization()
NO USE. |
java.util.Map<java.lang.String,java.lang.String> |
getAddonInnerPropertiesToListen()
Gets the specific events to listen from an ACSObject, because these events should change the rights of an ACSObject in an ACS Addon.Returns always null, because these events are listened only to update the views containing these ACSObjects. |
java.util.Map<java.lang.String,StringRight[]> |
getM_TargetInheritedACLRights()
Gets the internal map of the primary rights from each parent level of this resource. |
long |
getSerialVersionUID()
For the java serialization. |
void |
removeAclEntry(ImmutableACS _aclAcs,
ImmutableEligibleParty _ep,
boolean _positiveRight,
ImmutableGroupID _conditionGroup)
Removes the AclEntry and the primary rights. |
void |
removeAclEntryWithoutFiring(ImmutableACS _aclAcs,
ImmutableEligibleParty _ep,
boolean _positiveRight,
ImmutableGroupID _conditionGroup)
Removes the direct AclEntry, but without event firing. |
void |
removeInheritedAclEntry(AclEntry _acl)
Removes the inherited AclEntries in the children. |
void |
resetInheritedAclEntryRights(AclEntry _acl)
Resets the inherited AclEntry rights and the primary rights after an user edition. |
AclEntry |
selectInheritedAclEntry(AclEntry _acl,
java.lang.String _type)
Returns the AclEntry to use as inherited AclEntry in a child. |
protected void |
setEorL_TargetInheritedAclEntries(java.util.ArrayList<AclEntry> _l_acl)
Sets all the inherited AclEntries for this target. |
void |
setIsRightProxy(boolean _b)
No operation, and fires an exception 'An Actor in the AcsAddon MySQL cannot change the 'right-proxy' value'. |
protected void |
setM_TargetInheritedACLRights(java.util.List<AclEntry> _l_acl)
Sets the internal maps of the inherited AclEntry rights and the primary rights. |
Methods inherited from class java.lang.Object |
---|
getClass, notify, notifyAll, wait, wait, wait |
Methods inherited from interface ARoad0.gBaseInterface.Actor |
---|
setEorACSBridgeTarget, setEorCurrentGroupIDForUser, setEorCurrentUserIDForUser, setEorL_SecondaryGroupForUser |
Methods inherited from interface ARoad0.gBaseInterface.EligibleParty |
---|
setEPType |
Methods inherited from interface ARoad0.gBaseInterface.PrivilegeSource |
---|
addEorPrivilegeForTypeToSource, removeEorPrivilegeToSource |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableActor |
---|
getEorACSBridgeTarget, getEorCurrentGroupID, getEorCurrentUserID, getEorL_bridgeSources, getEorL_SecondaryGroup, getIsACSBridgeSource, getIsRightProxy, isMemberToSecondaryGroup |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableEligibleParty |
---|
getEorL_AclConnectedResources, getEPType, getM_ConstrainedChildACS |
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilegeSource |
---|
getEorL_SourcePrivilegeForLinks, getEorL_SourcePrivilegeForTypes, getEorL_SourcePrivileges |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableSource |
---|
getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getL_AcsOfSoftReferences, getL_SoftAlias, getType |
Methods inherited from interface ARoad0.gBaseInterface.Resource |
---|
resetInheritedPrivilegeRights, selectInheritedPrivilege, setEorGroupID, setEorUserID, setL_groupRights, setL_ownerRights, setL_rootRights, setResourceType |
Methods inherited from interface ARoad0.gBaseInterface.Basic |
---|
finalizeForUser, setComment |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableBasic |
---|
getComment, getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getImpliedViews, getIS_Name, getL_AcsOfSoftReferences, getL_SoftAlias, getPropertyChangeListeners, getVirtualFolders |
Methods inherited from interface ARoad0.gBaseInterface.PrivilegeTarget |
---|
addEorPrivilegeForTypeToTarget, removeEorPrivilegeToTarget |
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilegeTarget |
---|
getEorImmutableL_TargetInheritedLinkedPrivileges, getEorL_TargetPrivilegeForLinks, getEorL_TargetPrivilegeForTypes, getEorL_TargetPrivileges, getM_TargetInheritedLinkedPRIRights, getType |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableTarget |
---|
getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getL_AcsOfSoftReferences, getL_SoftAlias |
Methods inherited from interface ARoad0.gBaseInterface.ACSObject |
---|
getAcsName, getEorACS |
Methods inherited from interface ARoad0.gBaseInterface.BaseObject |
---|
equals, getFullName, getName, getNickName, hashCode |
Field Detail |
---|
private static final long serialVersionUID__
public static final ActorMySQLImpl EMPTY_INSTANCE
Constructor Detail |
---|
public ActorMySQLImpl()
public ActorMySQLImpl(ImmutableName _name, ACS _acs, Directory _parent, UserID _owner, java.lang.String _resourceType, GroupIDMySQL _host) throws CreateError
- The Host is mandatory when there is a Definer.
- The Host ACS is not the ACS of this actor.
- The Host have to be a simple host group.
- The Host is not the host group of the Definer.
- A non-null Definer User must have a non-null Definer Host.
- A trigger must have a non-null Definer user and a non-null Definer host.
_name
- of the actor as a resource._acs
- main ACS of the actor._parent
- of the actor._owner
- owns the resource and is its current UserID; may be null._resourceType
- is also the EP type, and may be null if the ACS allows it._host
- the current GroupID. Has to be the simple host of _owner. May be null.
Never null if _owner is not null.
CreateError
- from the super constructor, or _host null with _owner not null.Method Detail |
---|
public void setIsRightProxy(boolean _b) throws UpDateError
setIsRightProxy
in interface Actor
setIsRightProxy
in class ActorImpl
_b
- true if this Actor may be a proxy in the access paths, that is,
as rights user, it gets some rights to the other
rights users which have an 'execute' right on it
UpDateError
- in all casespublic long getSerialVersionUID()
BasicImpl
getSerialVersionUID
in interface ImmutableBasic
getSerialVersionUID
in class ActorImpl
public java.util.Map<java.lang.String,java.lang.String> getAddonInnerPropertiesToListen()
- 'THIS' to say that the single object to listen is the ACSObject,
- 'ACS.method_name' to say that the list of objects to listen is returned by the method 'method_name' in the Addon ACS class.
For each map key, the values have the following format:
'AAA.method_name IF BBB'
where:
- AAA: THIS (mandatory),
- method_name: 'get' method name of the ACSObject that is associated, in the relevant BeanInfo class, to the event to listen (mandatory)
- IF BBB: is optional, where BBB is TRUE, or FALSE, or NULL, or NOT-NULL, to say that the event must be listened if and only if the returned value of the method_name is respectively a boolean TRUE, or FALSE, or an object NULL, or NOT-NULL.
When the map value starts with 'ACS', the ACS method to call has the ACSObject as one argument. Otherwise, the ACS or the ACSObject method has no argument. Called by ARoad0.UtilityImpl.removeAddonParentPropertyChangeListener().
getAddonInnerPropertiesToListen
in interface ACSObjectAddon
AcsAddon.getAddonParentPropertiesToListen()
public AclEntry addAclEntry(ImmutableACS _aclAcs, ImmutableEligibleParty _ep, StringRight[] _l_right, java.lang.Boolean _positiveRight, ImmutableGroupID _conditionGroup) throws CreateError
The ACS types policy, with 'Resource.NoNonConditionalACL' and 'Resource.NoConditionalACL', sets that there is an empty 'AclEntry' property for the 'view_delegate' and the 'trigger' actors, while the 'stored_function' and 'stored_procedure' actors allows direct ACL to simulate the MySQL privileges table 'procs_priv'. The generic firing order on 'AclRights' and 'EPsThroughAclEntry' is inversed in this method. The four types of host groups can be used as ACL sources only for the databases, which are not ActorMySQL. Calls the super.addAclEntry() method to do it, and BaseUtilityMySQLImpl.addInSortedAclList().
addAclEntry
in interface Resource
addAclEntry
in class ResourceImpl
_aclAcs
- ImmutableACS which owns the new AclEntry, and to be recorded
as an ACS controller of this resource if it is not its main ACS._ep
- eligible party connected to the resource through a new aclEntry._l_right
- is an array of positive or negative rights of _ep on this resource
(that is, if READ is a right, _ep can read on the resource). May be null._positiveRight
- is true if the rights are set to authorize (grant),
and false if they are set to forbid (deny)._conditionGroup
- first condition group. May be null.
java.lang.InternalError
- if this resource has a null name or a null ACS,
or if _ep is not an EligiblePartyImpl nor an ActorImpl.
CreateError
- from the super method or notpublic void removeAclEntry(ImmutableACS _aclAcs, ImmutableEligibleParty _ep, boolean _positiveRight, ImmutableGroupID _conditionGroup) throws UpDateError
removeAclEntry
in interface Resource
removeAclEntry
in class ResourceImpl
_aclAcs
- ImmutableACS which owns the AclEntry, and is recorded
as an ACS controller of this resource._ep
- eligible party connected to the resource through an AclEntry.
This method unrecords the relevant aclEntry in _ep, in this resource,
and in the relevant ACS. The ACS of the aclEntry may be unrecorded in this
resource if there are no other aclEntry owned by this ACS in this resource._positiveRight
- is true if the rights are oriented to authorize,
and false if they are oriented to forbid._conditionGroup
- first condition group. May be null.
UpDateError
- if _ep is null, unknown, if _aclAcs is closed or unknown,
or if the type does not allow this operation.DirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
public void addInheritedAclEntry(AclEntry _acl)
addInheritedAclEntry
in interface ResourceMySQL
_acl
- inherited AclEntry to put in the list at the right orderDirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
public void removeInheritedAclEntry(AclEntry _acl) throws UpDateError
removeInheritedAclEntry
in interface ResourceMySQL
_acl
- inherited AclEntry
UpDateError
- if _acl is null or unknownDirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
public AclEntry selectInheritedAclEntry(AclEntry _acl, java.lang.String _type)
selectInheritedAclEntry
in interface ImmutableResource
selectInheritedAclEntry
in class ResourceImpl
_acl
- the initial AclEntry which may be given to the child_type
- type of a child, as Resource
public void resetInheritedAclEntryRights(AclEntry _acl)
resetInheritedAclEntryRights
in interface ResourceMySQL
resetInheritedAclEntryRights
in interface Resource
resetInheritedAclEntryRights
in class ResourceImpl
_acl
- inherited AclEntry with updated rights. Never null.public java.util.Map<java.lang.String,StringRight[]> getM_TargetInheritedACLRights()
getM_TargetInheritedACLRights
in interface ResourceMySQL
getM_TargetInheritedACLRights
in interface ImmutableResource
getM_TargetInheritedACLRights
in class ResourceImpl
DirectoryMySQLImpl.getM_TargetInheritedACLRights()
public void removeAclEntryWithoutFiring(ImmutableACS _aclAcs, ImmutableEligibleParty _ep, boolean _positiveRight, ImmutableGroupID _conditionGroup) throws UpDateError
removeAclEntryWithoutFiring
in interface ResourceMySQL
_aclAcs
- ImmutableACS which owns the AclEntry, and is recorded
as an ACS controller of this resource._ep
- eligible party connected to the resource through an AclEntry.
This method unrecords the relevant aclEntry in _ep, in this resource,
and in the relevant ACS. The ACS of the aclEntry may be unrecorded in this
resource if there are no other aclEntry owned by this ACS in this resource._positiveRight
- is true if the rights are oriented to authorize,
and false if they are oriented to forbid._conditionGroup
- first condition group. May be null.
UpDateError
- if _ep is null, unknown, if _aclAcs is closed or unknown,
or if the type does not allow this operation.DirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
public java.lang.Object clone()
clone
in class ActorImpl
java.lang.CloneNotSupportedException
public void finalizeForBase() throws UpDateError
finalizeForBase
in interface FinalizedObject
finalizeForBase
in class ActorImpl
UpDateError
- if the main ACS do not known the resource (if
it is a clone without setName(), typically)public java.lang.Object copy(ImmutableName _name, ACS _acs, Directory _parent, java.lang.Boolean _toRegisterInManager) throws CreateError
copy
in interface Copyable
copy
in class ActorImpl
_name
- copy name. Usually created as an extension of _parent name._acs
- main ACS of the copy to create. May not be the ACS of this instance._parent
- DirectoryImpl which belongs to _acs and will have the copy.
May be null._toRegisterInManager
- false if this method must not register
the instance in the ACS.
CreateError
- of the constructor with the same parameters,
or if _parent ACS is not _acs, or addAclEntry() exceptions.public java.lang.Object copyWithoutInternalAcl(ImmutableName _name, ACS _acs, Directory _parent, java.lang.Boolean _toRegisterInManager) throws CreateError
copyWithoutInternalAcl
in interface EligibleParty
copyWithoutInternalAcl
in interface Resource
copyWithoutInternalAcl
in class ActorImpl
_name
- copy name. Usually created as an extension of _parent name._acs
- main ACS of the copy to create. May not be the ACS of this instance._parent
- DirectoryImpl which belongs to _acs and will have the copy.
May be null._toRegisterInManager
- false if this method must not register
the instance in the ACS.
CreateError
- of the constructor with the same parameters,
or if _parent ACS is not _acs, or addAclEntry() exceptions.protected ActorMySQLImpl copyOwnVariables(ActorMySQLImpl _result, boolean _withoutInternalAcl) throws CreateError
_result
- ActorMySQLImpl to update with this instance variables copies_withoutInternalAcl
- true if the internal aclEntries
- that is with a resource having the same ACS - must not be copied
CreateError
protected void finalizeFromDeserialization()
finalizeFromDeserialization
in class ActorImpl
protected void setEorL_TargetInheritedAclEntries(java.util.ArrayList<AclEntry> _l_acl)
_l_acl
- list of AclEntries. May be empty, but never null.DirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
protected void setM_TargetInheritedACLRights(java.util.List<AclEntry> _l_acl)
_l_acl
- current list of inherited AclEntries.
May be empty, but never null.DirectoryMySQLImpl.addAclEntry(ARoad0.gBaseInterface.ImmutableACS, ARoad0.gBaseInterface.ImmutableEligibleParty, ARoad0.gBaseInterface.StringRight[], java.lang.Boolean, ARoad0.gBaseInterface.ImmutableGroupID)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |