Package ome.security.basic

Class OneGroupSecurityFilter

  • All Implemented Interfaces:
    SecurityFilter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.FactoryBean<org.hibernate.engine.FilterDefinition>, org.springframework.beans.factory.InitializingBean
    public class OneGroupSecurityFilter
extends AbstractSecurityFilter
    overrides FilterDefinitionFactoryBean in order to construct our security filter in code and not in XML. This allows us to make use of the knowledge within Permissions With the addition of shares in 4.0, it is necessary to remove the security filter if a share is active and allow loading to throw the necessary exceptions.
    Since:
    3.0
    See Also:
    ticket117, ticket1154

    • Constructor Detail

      • OneGroupSecurityFilter

        public OneGroupSecurityFilter()
        Default constructor which calls all the necessary setters for this FactoryBean. Also calls FilterDefinitionFactoryBean.setDefaultFilterCondition(String). This query clause must be kept in sync with passesFilter(Session, Details, EventContext).
        See Also:
        passesFilter(Session, Details, EventContext), FilterDefinitionFactoryBean.setFilterName(String), FilterDefinitionFactoryBean.setParameterTypes(java.util.Map), FilterDefinitionFactoryBean.setDefaultFilterCondition(String)

      • OneGroupSecurityFilter

        public OneGroupSecurityFilter​(ome.system.Roles roles)

    • Method Detail

      • myFilterCondition

        protected java.lang.String myFilterCondition()

      • getDefaultCondition

        public java.lang.String getDefaultCondition()
        Description copied from interface: SecurityFilter
        Return the string to be used as the condition.

      • getParameterTypes

        public java.util.Map<java.lang.String,​java.lang.String> getParameterTypes()
        Description copied from interface: SecurityFilter
        Return a mapping of the hibernate types for each of the parameters that the condition takes.

      • passesFilter

        public boolean passesFilter​(org.hibernate.Session session,
                            ome.model.internal.Details d,
                            ome.system.EventContext c)
        tests that the Details argument passes the security test that this filter defines. The two must be kept in sync. This will be used mostly by the OmeroInterceptor.onLoad(Object, java.io.Serializable, Object[], String[], org.hibernate.type.Type[]) method.
        Parameters:
        d - Details instance. If null (or if its Permissions are null all rights will be assumed.
        Returns:
        true if the object to which this

      • enable

        public void enable​(org.hibernate.Session sess,
                   ome.system.EventContext ec)
        Description copied from interface: SecurityFilter
        Enables this filter with the settings from this filter. The intent is that after this call, no Hibernate queries will return any objects that would fail a call to SecurityFilter.passesFilter(Session, Details, EventContext).
        Parameters:
        sess - Non-null.
        ec - Non-null.