Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.sandev.TaskHeap.UserLookup
Class AuthFilterTaskHeap

java.lang.Object
  extended by org.sandev.basics.util.AuthFilterBase
      extended by org.sandev.TaskHeap.UserLookup.AuthFilterTaskHeap
All Implemented Interfaces:
org.sandev.basics.util.AuthFilter
public class AuthFilterTaskHeap
extends org.sandev.basics.util.AuthFilterBase
implements org.sandev.basics.util.AuthFilter

An implementation of the AuthFilter interface as used for the TaskHeap application. A reader heap association has read-only access to all work except for internal plans, and read-only acces to all supporting data definitions except for resource allocationPercentages.

Field Summary
protected  org.sandev.basics.util.IDCache cacheRef
          A reference to the IDCache we are using.
 
Fields inherited from class org.sandev.basics.util.AuthFilterBase
ACCTYPE_CLASS, ACCTYPE_FIELD, ACCTYPE_FIELDVAL, ACCTYPE_INSTANCE
 
Fields inherited from interface org.sandev.basics.util.AuthFilter
AUTH_ARRAYACCESS, AUTH_ARRAYADD, AUTH_ARRAYDELETE, AUTH_ARRAYMOVE, AUTH_ARRAYNEW, AUTH_NOACCESS, AUTH_READONLY, AUTH_READONLYNODISP, AUTH_UNRESTRICTED, AUTH_UNRESTRICTEDNODISP, AUTH_UNRESTRICTEDREADONLY, AUTH_VALHIDDEN
 
Constructor Summary
AuthFilterTaskHeap()
           
 
Method Summary
 int accAccount(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for Account access.
 int accDataImportExport(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for DataImportExport access.
 int accDataManagement(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for DataManagement access.
protected  int accessForAssociation(HeapAssociation assoc)
           
protected  int accessForCurrAssoc(org.sandev.basics.util.AuthUser user)
          Return the access level this user has to the identified heap.
protected  int accessForHeap(org.sandev.basics.util.AuthUser user, long heapID)
          Return the access level this user has to the identified heap.
 int accExternalPlan(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for ExternalPlan access.
 int accHeapAssociation(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for HeapAssociation access.
 int accHeapAttributes(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for HeapAttributes access.
 int accPlan(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for Plan access.
 int accPlanComponent(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for PlanComponent access.
 int accPlanComponentReport(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for PlanComponentReport access.
 int accRole(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for Role access.
 int accSystemStatus(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for SystemStatus access.
 int accTask(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for Task access.
 int accTaskPhase(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for TaskPhase access.
 int accTaskType(int accType, org.sandev.basics.util.AuthUser user, java.lang.String msgClass, org.sandev.basics.structs.SandMessage msg, java.lang.String fieldName)
          Return the level of authorization for TaskType access.
protected  org.sandev.basics.structs.SandPersistMessage cacheRetrieve(long uniqueID, java.lang.String source)
          Return the specified instance.
protected  void debug(java.lang.String text)
          Log trace level and general information about what the AuthFilter is doing.
 HeapAssociation findAssoc(org.sandev.basics.util.AuthUser user, long heapID)
          Return the HeapAssociation the user has for the given heap, or null if not found.
protected  long[] getAccessibleHeaps(org.sandev.basics.util.AuthUser user)
          Return an array of the heaps the given user has at least read access to.
static long getAdminID()
          The uniqueID of the site administrator account who is authorized for all messages.
protected  org.sandev.basics.util.IDCache getIDCache()
          Initialize our IDCache reference if needed and return it.
static long getPublicUserID()
          The uniqueID of the demo user everyone initially logs in as.
static long getSysStatID()
          The uniqueID of the singleton SystemStatus instance used to control update access.
 boolean hasAdminAssoc(org.sandev.basics.util.AuthUser user, long heapID)
          Return true if the given user has admin access to the identified heap, false otherwise.
 boolean hasEditAssoc(org.sandev.basics.util.AuthUser user, long heapID)
          Return true if the given user has admin access to the identified heap, false otherwise.
 boolean hasReadAssoc(org.sandev.basics.util.AuthUser user, long heapID)
          Return true if the given user has read level or better access to the identified heap, false otherwise.
 boolean isAdminRestrictedClass(java.lang.String className)
          If a class is restricted even for an admin user, then return true for that class name to authorize manually.
 boolean isAdminUser(long id)
           
 boolean isCompletelyUnrestrictedClass(java.lang.String className)
          Return true if the given class is completely unrestricted in terms of authorization.
 boolean isCoWorker(org.sandev.basics.util.AuthUser user, long accID)
          Return true if the given user has access to the given account via heap association.
static boolean isCurrentHeapAdmin(org.sandev.basics.util.AuthUser user)
          Return true if the given user is admin for their currently selected heap, false otherwise.
protected  boolean isLoginMessageClass(java.lang.String className)
          Return true if the given message class name is required for login processing and therefore must be allowed for all users.
protected  boolean isSingletonInstance(org.sandev.basics.structs.SandUpdateMessage sum)
          Return true if the given message is an update of a singleton class that should not be deleted or have additional instances created, even by an admin.
 org.sandev.basics.structs.SandAttrVal[] matchExternalPlan(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to an accessible heap.
 org.sandev.basics.structs.SandAttrVal[] matchHeapAssociation(org.sandev.basics.util.AuthUser authUser, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to their account, or to a uniqueID, email, and unnassigned account.
 org.sandev.basics.structs.SandAttrVal[] matchHeapAttributes(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Heaps are accessible via a HeapAssociation which specifies the uniqueID.
 org.sandev.basics.structs.SandAttrVal[] matchPlan(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to an accessible heap.
 org.sandev.basics.structs.SandAttrVal[] matchPlanComponent(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to an accessible heap.
 org.sandev.basics.structs.SandAttrVal[] matchRole(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to the current heap.
 org.sandev.basics.structs.SandAttrVal[] matchTask(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to current heap.
 org.sandev.basics.structs.SandAttrVal[] matchTaskPhase(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to current heap or global.
 org.sandev.basics.structs.SandAttrVal[] matchTaskType(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches)
          Restrict to current heap or global.
 int tokenAccess(org.sandev.basics.util.AuthUser user, java.lang.String token)
          Only have Account and About screens until logged in.
protected  org.sandev.basics.structs.SandAttrVal[] verifyHeapAttrMatch(org.sandev.basics.util.AuthUser user, org.sandev.basics.structs.SandAttrVal[] givenMatches, java.lang.String heapAttr)
          To keep things simple, we are assuming that the givenMatches will be restricting to a single heap value or zero.
protected  void warn(java.lang.String text)
          Log the given problem text for development reference.
 
Methods inherited from class org.sandev.basics.util.AuthFilterBase
accAggregateUpdate, accessType, addMatch, checkAccess, debugDumpMatches, generatedFieldAccess, getBaseMsgClass, getMatchValue, getRestrictions, getSpecifiedUniqueIDs, getUserDump, hasMatch, hasSingleValueMatch, isClassNameMatch, isGeneratedField, matchRestrictions, messageClassAccess, messageFieldAccess, messageFieldValueAccess, messageInstanceAccess, shortenClassName, specifiedUniqueID, uniqueIDSpecified, verifyMatch
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.sandev.basics.util.AuthFilter
matchRestrictions, messageClassAccess, messageFieldAccess, messageFieldValueAccess, messageInstanceAccess
 

Field Detail

cacheRef

protected org.sandev.basics.util.IDCache cacheRef
A reference to the IDCache we are using. Saves looking it up every time. Initialized on first access.

Constructor Detail

AuthFilterTaskHeap

public AuthFilterTaskHeap()
Method Detail

getPublicUserID

public static final long getPublicUserID()
The uniqueID of the demo user everyone initially logs in as.

getAdminID

public static final long getAdminID()
The uniqueID of the site administrator account who is authorized for all messages. As defined in the initial data;

getSysStatID

public static final long getSysStatID()
The uniqueID of the singleton SystemStatus instance used to control update access.

getIDCache

protected org.sandev.basics.util.IDCache getIDCache()
Initialize our IDCache reference if needed and return it.

cacheRetrieve

protected org.sandev.basics.structs.SandPersistMessage cacheRetrieve(long uniqueID,
                                                                     java.lang.String source)
Return the specified instance. Complain if not found, since we were depending on finding the instance to authorize.

isAdminUser

public boolean isAdminUser(long id)
Specified by:
isAdminUser in class org.sandev.basics.util.AuthFilterBase

isLoginMessageClass

protected boolean isLoginMessageClass(java.lang.String className)
Return true if the given message class name is required for login processing and therefore must be allowed for all users.

Specified by:
isLoginMessageClass in class org.sandev.basics.util.AuthFilterBase

isSingletonInstance

protected boolean isSingletonInstance(org.sandev.basics.structs.SandUpdateMessage sum)
Return true if the given message is an update of a singleton class that should not be deleted or have additional instances created, even by an admin. A typical example is the system status control record, but this can be anything. Note that the given update message may or may not contain the actual singleton instance.

Specified by:
isSingletonInstance in class org.sandev.basics.util.AuthFilterBase

debug

protected void debug(java.lang.String text)
Log trace level and general information about what the AuthFilter is doing. For normal operations, it is recommended that the implementation of this method not actually produce output since the trace information can be quite verbose. However it may be useful for development to switch this on occasionally.

Specified by:
debug in class org.sandev.basics.util.AuthFilterBase

warn

protected void warn(java.lang.String text)
Log the given problem text for development reference. This is used for problems that don't warrant an exception being thrown, but that should probably be looked into. Ultimately we should have singleton access to a Logger, for now this is just println.

Specified by:
warn in class org.sandev.basics.util.AuthFilterBase

tokenAccess

public int tokenAccess(org.sandev.basics.util.AuthUser user,
                       java.lang.String token)
                throws org.sandev.basics.structs.SandException
Only have Account and About screens until logged in.

Specified by:
tokenAccess in interface org.sandev.basics.util.AuthFilter
Overrides:
tokenAccess in class org.sandev.basics.util.AuthFilterBase
Throws:
org.sandev.basics.structs.SandException

isCompletelyUnrestrictedClass

public boolean isCompletelyUnrestrictedClass(java.lang.String className)
Return true if the given class is completely unrestricted in terms of authorization.

Overrides:
isCompletelyUnrestrictedClass in class org.sandev.basics.util.AuthFilterBase

isAdminRestrictedClass

public boolean isAdminRestrictedClass(java.lang.String className)
If a class is restricted even for an admin user, then return true for that class name to authorize manually. This method is primarily useful for restricting display classes like reports.

Overrides:
isAdminRestrictedClass in class org.sandev.basics.util.AuthFilterBase

accAccount

public int accAccount(int accType,
                      org.sandev.basics.util.AuthUser user,
                      java.lang.String msgClass,
                      org.sandev.basics.structs.SandMessage msg,
                      java.lang.String fieldName)
               throws org.sandev.basics.structs.SandException
Return the level of authorization for Account access.

Throws:
org.sandev.basics.structs.SandException

accSystemStatus

public int accSystemStatus(int accType,
                           org.sandev.basics.util.AuthUser user,
                           java.lang.String msgClass,
                           org.sandev.basics.structs.SandMessage msg,
                           java.lang.String fieldName)
                    throws org.sandev.basics.structs.SandException
Return the level of authorization for SystemStatus access. If the user was the admin, then they were already allowed to go ahead with whatever they were doing, so all we do here is return READONLY.

Throws:
org.sandev.basics.structs.SandException

accDataImportExport

public int accDataImportExport(int accType,
                               org.sandev.basics.util.AuthUser user,
                               java.lang.String msgClass,
                               org.sandev.basics.structs.SandMessage msg,
                               java.lang.String fieldName)
                        throws org.sandev.basics.structs.SandException
Return the level of authorization for DataImportExport access. Users need this to be able to export their heap data to file, but import is limited only to the admin so we restrict that here. Tutorial restoration imports are allowed as a special case since it's not a big deal to erase and rebuild the tutorial.

Throws:
org.sandev.basics.structs.SandException

accDataManagement

public int accDataManagement(int accType,
                             org.sandev.basics.util.AuthUser user,
                             java.lang.String msgClass,
                             org.sandev.basics.structs.SandMessage msg,
                             java.lang.String fieldName)
                      throws org.sandev.basics.structs.SandException
Return the level of authorization for DataManagement access. This is a summary display singleton that is never modified but can be read by anyone. The fields correspond to actions, some of which are restricted to the site admin only.

Throws:
org.sandev.basics.structs.SandException

accHeapAssociation

public int accHeapAssociation(int accType,
                              org.sandev.basics.util.AuthUser user,
                              java.lang.String msgClass,
                              org.sandev.basics.structs.SandMessage msg,
                              java.lang.String fieldName)
                       throws org.sandev.basics.structs.SandException
Return the level of authorization for HeapAssociation access. A HeapAssociation is never created directly by a user except for a heap they already have admin access to. When they first create a new heap, the update processing builds the bootstrap admin access for them.

Throws:
org.sandev.basics.structs.SandException

matchHeapAssociation

public org.sandev.basics.structs.SandAttrVal[] matchHeapAssociation(org.sandev.basics.util.AuthUser authUser,
                                                                    org.sandev.basics.structs.SandAttrVal[] givenMatches)
Restrict to their account, or to a uniqueID, email, and unnassigned account.

accRole

public int accRole(int accType,
                   org.sandev.basics.util.AuthUser user,
                   java.lang.String msgClass,
                   org.sandev.basics.structs.SandMessage msg,
                   java.lang.String fieldName)
            throws org.sandev.basics.structs.SandException
Return the level of authorization for Role access. Roles are restricted to a heap the user has access to, and only admins may edit them.

Throws:
org.sandev.basics.structs.SandException

matchRole

public org.sandev.basics.structs.SandAttrVal[] matchRole(org.sandev.basics.util.AuthUser user,
                                                         org.sandev.basics.structs.SandAttrVal[] givenMatches)
Restrict to the current heap.

accHeapAttributes

public int accHeapAttributes(int accType,
                             org.sandev.basics.util.AuthUser user,
                             java.lang.String msgClass,
                             org.sandev.basics.structs.SandMessage msg,
                             java.lang.String fieldName)
                      throws org.sandev.basics.structs.SandException
Return the level of authorization for HeapAttributes access. The HeapAttributes may only be modified by a heap admin.

Throws:
org.sandev.basics.structs.SandException

matchHeapAttributes

public org.sandev.basics.structs.SandAttrVal[] matchHeapAttributes(org.sandev.basics.util.AuthUser user,
                                                                   org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                            throws org.sandev.basics.util.AuthorizationException
Heaps are accessible via a HeapAssociation which specifies the uniqueID. Open queries restrict to the current account owner.

Throws:
org.sandev.basics.util.AuthorizationException

accPlanComponent

public int accPlanComponent(int accType,
                            org.sandev.basics.util.AuthUser user,
                            java.lang.String msgClass,
                            org.sandev.basics.structs.SandMessage msg,
                            java.lang.String fieldName)
                     throws org.sandev.basics.structs.SandException
Return the level of authorization for PlanComponent access.

Throws:
org.sandev.basics.structs.SandException

matchPlanComponent

public org.sandev.basics.structs.SandAttrVal[] matchPlanComponent(org.sandev.basics.util.AuthUser user,
                                                                  org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                           throws org.sandev.basics.util.AuthorizationException
Restrict to an accessible heap.

Throws:
org.sandev.basics.util.AuthorizationException

accExternalPlan

public int accExternalPlan(int accType,
                           org.sandev.basics.util.AuthUser user,
                           java.lang.String msgClass,
                           org.sandev.basics.structs.SandMessage msg,
                           java.lang.String fieldName)
                    throws org.sandev.basics.structs.SandException
Return the level of authorization for ExternalPlan access.

Throws:
org.sandev.basics.structs.SandException

matchExternalPlan

public org.sandev.basics.structs.SandAttrVal[] matchExternalPlan(org.sandev.basics.util.AuthUser user,
                                                                 org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                          throws org.sandev.basics.util.AuthorizationException
Restrict to an accessible heap.

Throws:
org.sandev.basics.util.AuthorizationException

accPlan

public int accPlan(int accType,
                   org.sandev.basics.util.AuthUser user,
                   java.lang.String msgClass,
                   org.sandev.basics.structs.SandMessage msg,
                   java.lang.String fieldName)
            throws org.sandev.basics.structs.SandException
Return the level of authorization for Plan access.

Throws:
org.sandev.basics.structs.SandException

matchPlan

public org.sandev.basics.structs.SandAttrVal[] matchPlan(org.sandev.basics.util.AuthUser user,
                                                         org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                  throws org.sandev.basics.util.AuthorizationException
Restrict to an accessible heap. Readers are not allowed access to hidden plans, but these are filtered out afterwards. This is mostly to reduce the query complexity up front when potentially querying across several heaps. Most heaps have few hidden plans, and this restriction was more legacy compatibility than security. Orginally the restriction was just for demonstration purposes.

Throws:
org.sandev.basics.util.AuthorizationException

accTask

public int accTask(int accType,
                   org.sandev.basics.util.AuthUser user,
                   java.lang.String msgClass,
                   org.sandev.basics.structs.SandMessage msg,
                   java.lang.String fieldName)
            throws org.sandev.basics.structs.SandException
Return the level of authorization for Task access.

Throws:
org.sandev.basics.structs.SandException

matchTask

public org.sandev.basics.structs.SandAttrVal[] matchTask(org.sandev.basics.util.AuthUser user,
                                                         org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                  throws org.sandev.basics.util.AuthorizationException
Restrict to current heap.

Throws:
org.sandev.basics.util.AuthorizationException

accTaskPhase

public int accTaskPhase(int accType,
                        org.sandev.basics.util.AuthUser user,
                        java.lang.String msgClass,
                        org.sandev.basics.structs.SandMessage msg,
                        java.lang.String fieldName)
                 throws org.sandev.basics.structs.SandException
Return the level of authorization for TaskPhase access.

Throws:
org.sandev.basics.structs.SandException

matchTaskPhase

public org.sandev.basics.structs.SandAttrVal[] matchTaskPhase(org.sandev.basics.util.AuthUser user,
                                                              org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                       throws org.sandev.basics.util.AuthorizationException
Restrict to current heap or global.

Throws:
org.sandev.basics.util.AuthorizationException

accTaskType

public int accTaskType(int accType,
                       org.sandev.basics.util.AuthUser user,
                       java.lang.String msgClass,
                       org.sandev.basics.structs.SandMessage msg,
                       java.lang.String fieldName)
                throws org.sandev.basics.structs.SandException
Return the level of authorization for TaskType access.

Throws:
org.sandev.basics.structs.SandException

matchTaskType

public org.sandev.basics.structs.SandAttrVal[] matchTaskType(org.sandev.basics.util.AuthUser user,
                                                             org.sandev.basics.structs.SandAttrVal[] givenMatches)
                                                      throws org.sandev.basics.util.AuthorizationException
Restrict to current heap or global.

Throws:
org.sandev.basics.util.AuthorizationException

accPlanComponentReport

public int accPlanComponentReport(int accType,
                                  org.sandev.basics.util.AuthUser user,
                                  java.lang.String msgClass,
                                  org.sandev.basics.structs.SandMessage msg,
                                  java.lang.String fieldName)
                           throws org.sandev.basics.structs.SandException
Return the level of authorization for PlanComponentReport access.

Throws:
org.sandev.basics.structs.SandException

findAssoc

public HeapAssociation findAssoc(org.sandev.basics.util.AuthUser user,
                                 long heapID)
Return the HeapAssociation the user has for the given heap, or null if not found.

hasAdminAssoc

public boolean hasAdminAssoc(org.sandev.basics.util.AuthUser user,
                             long heapID)
Return true if the given user has admin access to the identified heap, false otherwise.

hasEditAssoc

public boolean hasEditAssoc(org.sandev.basics.util.AuthUser user,
                            long heapID)
Return true if the given user has admin access to the identified heap, false otherwise.

hasReadAssoc

public boolean hasReadAssoc(org.sandev.basics.util.AuthUser user,
                            long heapID)
Return true if the given user has read level or better access to the identified heap, false otherwise.

isCurrentHeapAdmin

public static boolean isCurrentHeapAdmin(org.sandev.basics.util.AuthUser user)
Return true if the given user is admin for their currently selected heap, false otherwise.

isCoWorker

public boolean isCoWorker(org.sandev.basics.util.AuthUser user,
                          long accID)
Return true if the given user has access to the given account via heap association. In other words return true if they are working with this person. The associations are cached when we retrieve the heap.

accessForHeap

protected int accessForHeap(org.sandev.basics.util.AuthUser user,
                            long heapID)
Return the access level this user has to the identified heap.

accessForCurrAssoc

protected int accessForCurrAssoc(org.sandev.basics.util.AuthUser user)
Return the access level this user has to the identified heap.

accessForAssociation

protected int accessForAssociation(HeapAssociation assoc)

getAccessibleHeaps

protected long[] getAccessibleHeaps(org.sandev.basics.util.AuthUser user)
Return an array of the heaps the given user has at least read access to.

verifyHeapAttrMatch

protected org.sandev.basics.structs.SandAttrVal[] verifyHeapAttrMatch(org.sandev.basics.util.AuthUser user,
                                                                      org.sandev.basics.structs.SandAttrVal[] givenMatches,
                                                                      java.lang.String heapAttr)
                                                               throws org.sandev.basics.util.AuthorizationException
To keep things simple, we are assuming that the givenMatches will be restricting to a single heap value or zero. Anything other than that throws.

Throws:
org.sandev.basics.util.AuthorizationException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD