ome.security.basic

Class BasicSecuritySystemReadOnly

java.lang.Object

ome.security.basic.BasicSecuritySystem

ome.security.basic.BasicSecuritySystemReadOnly

All Implemented Interfaces:

java.util.EventListener, SecuritySystem, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.context.ApplicationListener<EventLogMessage>

public class BasicSecuritySystemReadOnly
extends BasicSecuritySystem

Provides a group context check that does not rely on SQL to bypass interception by Hibernate. This read-only variant of the service queries group sudo annotations from the session provider instead of the database.

Since:

5.5.7

Field Summary

Fields inherited from class ome.security.basic.BasicSecuritySystem

aclVoter, cd, ctx, eventProvider, filters, interceptor, policyService, roles, sessionManager, sessionProvider, sf, store, sysTypes, tokenHolder

Constructor Summary

Constructors

Constructor and Description
BasicSecuritySystemReadOnly(OmeroInterceptor interceptor, SystemTypes sysTypes, CurrentDetails cd, SessionManager sessionManager, SessionProvider sessionProvider, EventProvider eventProvider, ome.system.Roles roles, ome.system.ServiceFactory sf, TokenHolder tokenHolder, java.util.List<SecurityFilter> filters, PolicyService policyService, ACLVoter aclVoter)

Method Summary

Modifier and Type	Method and Description
protected boolean	isGroupContextPermitted(long sessionId, long groupId) Check the given group context.

Methods inherited from class ome.security.basic.BasicSecuritySystem

addLog, checkManagedDetails, checkReady, checkRestriction, clearLogs, copyToken, disable, disableReadFilter, doAction, enable, enableReadFilter, getEffectiveUID, getEventContext, getEventContext, getLogs, getSecurityRoles, hasPrivilegedToken, invalidateEventContext, isDisabled, isGraphCritical, isGroupContextPermitted, isOwnerOrSupervisor, isReady, isSystemType, loadEventContext, loadEventContext, login, logout, newTransientDetails, onApplicationEvent, runAsAdmin, runAsAdmin, selfConfigure, setApplicationContext, updateReadFilter

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BasicSecuritySystemReadOnly

public BasicSecuritySystemReadOnly(OmeroInterceptor interceptor,
                                   SystemTypes sysTypes,
                                   CurrentDetails cd,
                                   SessionManager sessionManager,
                                   SessionProvider sessionProvider,
                                   EventProvider eventProvider,
                                   ome.system.Roles roles,
                                   ome.system.ServiceFactory sf,
                                   TokenHolder tokenHolder,
                                   java.util.List<SecurityFilter> filters,
                                   PolicyService policyService,
                                   ACLVoter aclVoter)

Method Detail

isGroupContextPermitted

protected boolean isGroupContextPermitted(long sessionId,
                                          long groupId)

Description copied from class: BasicSecuritySystem

Check the given group context.

Overrides:

isGroupContextPermitted in class BasicSecuritySystem

Parameters:

sessionId - a session ID

groupId - a group ID

Returns:

if the group context is permitted for the given session