ARoad0.AcsAddon.Accbee.MySQL.gBaseInterface
Interface DirectoryMySQL

All Superinterfaces:
ACSObject, ACSObjectAddon, BaseBeanManager, BaseObject, Basic, BoundBean, java.lang.Cloneable, java.lang.Comparable, Copyable, Directory, FinalizedObject, FinalizedObjectForUser, ImmutableBasic, ImmutableDirectory, ImmutableLeaf, ImmutableNode, ImmutablePrivilegeTarget, ImmutableResource, ImmutableTarget, Leaf, Node, PrivilegeTarget, PrivilegeUser, Resource, ResourceMySQL
All Known Implementing Classes:
DirectoryMySQLImpl

public interface DirectoryMySQL
extends Directory, ResourceMySQL

This interface is responsible for modeling a MySQL Directory to manage the inherited AclEntries in the Directory children.

To implement the MySQL rights selection algorithm, the inherited AclEntries feature allows to put in each resource, the rights of its direct and indirect parents. For instance, a column inherits the AclEntries from its table and from its base. The core access path algorithms, as usual, search if a given account has some AclEntries to the column, for instance, and what are the rights. The updatings of the inherited AclEntries in the MySQL resource is the responsibility of the resource parent. The core Access Road functions do not include the management of the inherited AclEntries. This is the first reason to define a MySQL AcsAddon. These rights are managed in the class DirectoryMySQLImpl. BasesSetMySQL is not a DirectoryMySQL nor a ResourceMySQL. Note: PrivilegeForLinks has not been choosen in place of AclEntry to simulate the MySQL privilege from an account to a resource. The main justification is that a conditional AclEntry allows the Access Road user to see and edit more easily the rights for a given couple (account, host).


Method Summary
 java.util.Map<ImmutableName,StringRight[]> getM_GlobalTargetACLRights()
          Gets the map of the global rights from the root 'MySQL server'.
 
Methods inherited from interface ARoad0.gBaseInterface.Directory
resetInheritedAclEntryRightsOfChildren, resetInheritedPrivilegeRightsOfChildren, setEnforceChildGID
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableDirectory
getEnforceChildGID, getEorL_Children
 
Methods inherited from interface ARoad0.AcsAddon.Accbee.MySQL.gBaseInterface.ResourceMySQL
addInheritedAclEntry, getM_TargetInheritedACLRights, removeAclEntryWithoutFiring, removeInheritedAclEntry, resetInheritedAclEntryRights
 
Methods inherited from interface ARoad0.gBaseInterface.Resource
addAclEntry, copyWithoutInternalAcl, removeAclEntry, resetInheritedPrivilegeRights, selectInheritedPrivilege, setEorGroupID, setEorUserID, setL_groupRights, setL_ownerRights, setL_rootRights, setResourceType
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableResource
containsAclEntryToEP, getActorActivated, getAGOAccessFromTheParentAccount, getAGOAccessFromTheParentGroup, getEorGroupID, getEorImmutableL_TargetInheritedAclEntries, getEorL_EPthroughAclEntry, getEorUserID, getL_aclEntry, getL_AcsControllers, getL_groupRights, getL_inheritedGroupRights, getL_inheritedOwnerRights, getL_ownerRights, getL_rootRights, getM_ConstrainedChildACS, getResourceType, hasTheAccountAndGroupOfParent, selectInheritedAclEntry
 
Methods inherited from interface ARoad0.gBaseInterface.Basic
finalizeForUser, setComment
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableBasic
getComment, getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getImpliedViews, getIS_Name, getL_AcsOfSoftReferences, getL_SoftAlias, getPropertyChangeListeners, getSerialVersionUID, getVirtualFolders
 
Methods inherited from interface ARoad0.gBaseInterface.Copyable
copy
 
Methods inherited from interface ARoad0.gBaseInterface.PrivilegeTarget
addEorPrivilegeForTypeToTarget, removeEorPrivilegeToTarget
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilegeTarget
getEorImmutableL_TargetInheritedLinkedPrivileges, getEorL_TargetPrivilegeForLinks, getEorL_TargetPrivilegeForTypes, getEorL_TargetPrivileges, getM_TargetInheritedLinkedPRIRights, getType
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableTarget
getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getL_AcsOfSoftReferences, getL_SoftAlias
 
Methods inherited from interface ARoad0.gBaseInterface.ACSObject
getAcsName, getEorACS
 
Methods inherited from interface ARoad0.gBaseInterface.BaseObject
equals, getFullName, getName, getNickName, hashCode
 
Methods inherited from interface ARoad0.gBaseInterface.ACSObjectAddon
getAddonInnerPropertiesToListen
 

Method Detail

getM_GlobalTargetACLRights

java.util.Map<ImmutableName,StringRight[]> getM_GlobalTargetACLRights()
Gets the map of the global rights from the root 'MySQL server'. The map has lists of rights as values, and strongly contrained Name keys. The rights may be from a real ACL or from a virtual ACL. The AclEntries list is used to produce some processed rights, as virtual ACL into the map. Only the real ACL are displayed by the beamer, as conditional or non-conditional ACL.

The global rights are necessary for the gWork classes, and the first user is NodeRightsMySQLImpl.getConnectionPair(). To have some access rights on a MySQL Resource, a pair (user, host) has to match on the root 'MySQL Server' a pair (user, host) or a pair (user, accounts-for-hosts group) which has at least an USAGE right. The FIRST matching pair in the 'MySQL server' list becomes the connection pair. It is used to get the rights for the initial pair (user, host) at each parent level. If the connection pair has only an USAGE right on the root and if, for a given Resource, the connection pair has no other inherited ACL on the target, then no right is granted.

Into the global ACL rights map, the map key may have varied forms, where the parent order is always at the end. The parent order tells the distance from the target to the parent which delivers the referenced rights. For instance, the direct parent of a resource has the string '1'. The direct parent of this parent has the string '2' as parent order, and so on. The two key forms are listed hereinafter, where the parent order is always 0:

- (user name @ host name last component) :: parent order, for instance 'one :: mysql :: jerry@localhost :: 0',

- :: (user name @ accounts-for-hosts group name last component) :: parent order, for instance ':: one :: mysql :: jerry@192.168.1.% :: 0',

'' is a generic tag that means 'processed rights', to tell the key and its rights are not get from the processing of a real ACL. A key has exactly one origin, which is one real ACL. The value in a rights map is always a non-null StringRight array.

Returns:
the map of global rights from the root direct AclEntries. This is a direct reference without protection, to be fast. May be empty but never null.