|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface DirectoryMySQL
This interface is responsible for modeling a MySQL Directory to manage the inherited AclEntries in the Directory children.
To implement the MySQL rights selection algorithm, the inherited AclEntries feature allows to put in each resource, the rights of its direct and indirect parents. For instance, a column inherits the AclEntries from its table and from its base. The core access path algorithms, as usual, search if a given account has some AclEntries to the column, for instance, and what are the rights. The updatings of the inherited AclEntries in the MySQL resource is the responsibility of the resource parent. The core Access Road functions do not include the management of the inherited AclEntries. This is the first reason to define a MySQL AcsAddon. These rights are managed in the class DirectoryMySQLImpl. BasesSetMySQL is not a DirectoryMySQL nor a ResourceMySQL. Note: PrivilegeForLinks has not been choosen in place of AclEntry to simulate the MySQL privilege from an account to a resource. The main justification is that a conditional AclEntry allows the Access Road user to see and edit more easily the rights for a given couple (account, host).
Method Summary | |
---|---|
java.util.Map<ImmutableName,StringRight[]> |
getM_GlobalTargetACLRights()
Gets the map of the global rights from the root 'MySQL server'. |
Methods inherited from interface ARoad0.gBaseInterface.Directory |
---|
resetInheritedAclEntryRightsOfChildren, resetInheritedPrivilegeRightsOfChildren, setEnforceChildGID |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableDirectory |
---|
getEnforceChildGID, getEorL_Children |
Methods inherited from interface ARoad0.AcsAddon.Accbee.MySQL.gBaseInterface.ResourceMySQL |
---|
addInheritedAclEntry, getM_TargetInheritedACLRights, removeAclEntryWithoutFiring, removeInheritedAclEntry, resetInheritedAclEntryRights |
Methods inherited from interface ARoad0.gBaseInterface.Resource |
---|
addAclEntry, copyWithoutInternalAcl, removeAclEntry, resetInheritedPrivilegeRights, selectInheritedPrivilege, setEorGroupID, setEorUserID, setL_groupRights, setL_ownerRights, setL_rootRights, setResourceType |
Methods inherited from interface ARoad0.gBaseInterface.Basic |
---|
finalizeForUser, setComment |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableBasic |
---|
getComment, getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getImpliedViews, getIS_Name, getL_AcsOfSoftReferences, getL_SoftAlias, getPropertyChangeListeners, getSerialVersionUID, getVirtualFolders |
Methods inherited from interface ARoad0.gBaseInterface.Copyable |
---|
copy |
Methods inherited from interface ARoad0.gBaseInterface.PrivilegeTarget |
---|
addEorPrivilegeForTypeToTarget, removeEorPrivilegeToTarget |
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilegeTarget |
---|
getEorImmutableL_TargetInheritedLinkedPrivileges, getEorL_TargetPrivilegeForLinks, getEorL_TargetPrivilegeForTypes, getEorL_TargetPrivileges, getM_TargetInheritedLinkedPRIRights, getType |
Methods inherited from interface ARoad0.gBaseInterface.ImmutableTarget |
---|
getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getL_AcsOfSoftReferences, getL_SoftAlias |
Methods inherited from interface ARoad0.gBaseInterface.ACSObject |
---|
getAcsName, getEorACS |
Methods inherited from interface ARoad0.gBaseInterface.BaseObject |
---|
equals, getFullName, getName, getNickName, hashCode |
Methods inherited from interface ARoad0.gBaseInterface.ACSObjectAddon |
---|
getAddonInnerPropertiesToListen |
Method Detail |
---|
java.util.Map<ImmutableName,StringRight[]> getM_GlobalTargetACLRights()
The global rights are necessary for the gWork classes, and the first user is NodeRightsMySQLImpl.getConnectionPair(). To have some access rights on a MySQL Resource, a pair (user, host) has to match on the root 'MySQL Server' a pair (user, host) or a pair (user, accounts-for-hosts group) which has at least an USAGE right. The FIRST matching pair in the 'MySQL server' list becomes the connection pair. It is used to get the rights for the initial pair (user, host) at each parent level. If the connection pair has only an USAGE right on the root and if, for a given Resource, the connection pair has no other inherited ACL on the target, then no right is granted.
Into the global ACL rights map, the map key may have varied forms, where the parent order is always at the end. The parent order tells the distance from the target to the parent which delivers the referenced rights. For instance, the direct parent of a resource has the string '1'. The direct parent of this parent has the string '2' as parent order, and so on. The two key forms are listed hereinafter, where the parent order is always 0:
- (user name @ host name last component) :: parent order, for instance 'one :: mysql :: jerry@localhost :: 0',
-
'
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |