public OSecurity newSecurity() { return new OSecurityShared(); } }
@Override public OIdentifiable allowUser(final ODocument iDocument, final String iAllowFieldName, final String iUserName) { final ORID user = getUserRID(iUserName); if (user == null) throw new IllegalArgumentException("User '" + iUserName + "' not found"); return allowIdentity(iDocument, iAllowFieldName, user); }
public ORole createRole(final String iRoleName, final ORole.ALLOW_MODES iAllowMode) { return createRole(iRoleName, null, iAllowMode); }
@Override public OIdentifiable allowRole(final ODocument iDocument, final String iAllowFieldName, final String iRoleName) { final ORID role = getRoleRID(iRoleName); if (role == null) throw new IllegalArgumentException("Role '" + iRoleName + "' not found"); return allowIdentity(iDocument, iAllowFieldName, role); }
@Override public OIdentifiable disallowUser(final ODocument iDocument, final String iAllowFieldName, final String iUserName) { final ORID user = getUserRID(iUserName); if (user == null) throw new IllegalArgumentException("User '" + iUserName + "' not found"); return disallowIdentity(iDocument, iAllowFieldName, user); }
final ODatabaseDocument database = getDatabase(); identityClass = database.getMetadata().getSchema().createAbstractClass(OIdentity.CLASS_NAME); OClass roleClass = createOrUpdateORoleClass(database, identityClass); createOrUpdateOUserClass(database, identityClass, roleClass); ORole adminRole = getRole(ORole.ADMIN); if (adminRole == null) { adminRole = createRole(ORole.ADMIN, ORole.ALLOW_MODES.ALLOW_ALL_BUT); adminRole.addRule(ORule.ResourceGeneric.BYPASS_RESTRICTED, null, ORole.PERMISSION_ALL).save(); OUser adminUser = getUser(OUser.ADMIN); boolean createDefUsers = getDatabase().getStorage().getConfiguration().getContextConfiguration() .getValueAsBoolean(OGlobalConfiguration.CREATE_DEFAULT_USERS); adminUser = createUser(OUser.ADMIN, OUser.ADMIN, adminRole); createOrUpdateORestrictedClass(database);
public OUser create() { if (!getDatabase().getMetadata().getSchema().getClasses().isEmpty()) return null; final OUser adminUser = createMetadata(); final ORole readerRole = createRole("reader", ORole.ALLOW_MODES.DENY_ALL_BUT); readerRole.addRule(ORule.ResourceGeneric.DATABASE, null, ORole.PERMISSION_READ); readerRole.addRule(ORule.ResourceGeneric.SCHEMA, null, ORole.PERMISSION_READ); boolean createDefUsers = getDatabase().getStorage().getConfiguration().getContextConfiguration() .getValueAsBoolean(OGlobalConfiguration.CREATE_DEFAULT_USERS); createUser("reader", "reader", new String[] { readerRole.getName() }); final ORole writerRole = createRole("writer", ORole.ALLOW_MODES.DENY_ALL_BUT); writerRole.addRule(ORule.ResourceGeneric.DATABASE, null, ORole.PERMISSION_READ); writerRole createUser("writer", "writer", new String[] { writerRole.getName() });
@Override public OIdentifiable disallowRole(final ODocument iDocument, final String iAllowFieldName, final String iRoleName) { final ORID role = getRoleRID(iRoleName); if (role == null) throw new IllegalArgumentException("Role '" + iRoleName + "' not found"); return disallowIdentity(iDocument, iAllowFieldName, role); }
user = super.authenticate(iUsername, iUserPassword);
@Override public OIdentifiable allowRole(final ODocument iDocument, final ORestrictedOperation iOperation, final String iRoleName) { final ORID role = getRoleRID(iRoleName); if (role == null) throw new IllegalArgumentException("Role '" + iRoleName + "' not found"); return allowIdentity(iDocument, iOperation.getFieldName(), role); }
@Override public OIdentifiable denyRole(final ODocument iDocument, final ORestrictedOperation iOperation, final String iRoleName) { final ORID role = getRoleRID(iRoleName); if (role == null) throw new IllegalArgumentException("Role '" + iRoleName + "' not found"); return disallowIdentity(iDocument, iOperation.getFieldName(), role); }
@Override public OIdentifiable denyUser(final ODocument iDocument, final ORestrictedOperation iOperation, final String iUserName) { final ORID user = getUserRID(iUserName); if (user == null) throw new IllegalArgumentException("User '" + iUserName + "' not found"); return disallowIdentity(iDocument, iOperation.getFieldName(), user); }
@Override public OIdentifiable allowUser(final ODocument iDocument, final ORestrictedOperation iOperation, final String iUserName) { final ORID user = getUserRID(iUserName); if (user == null) throw new IllegalArgumentException("User '" + iUserName + "' not found"); return allowIdentity(iDocument, iOperation.getFieldName(), user); }