Package com.qfs.security

Interface IBranchPermissionsManager

  • All Known Implementing Classes:
    BranchPermissionsManager, CachedBranchPermissionsManager, ContentServiceBranchPermissionsManager
    public interface IBranchPermissionsManager
    A service which keeps track of branch permissions: owner and reader rights.

    In the context of what-if scenarios, ActivePivot may be configured to only allow a subset of users to create branches, edit or simply read the content of the datastore on specific branches. This applies to ReST calls (for create-write-read permissions) and MDX queries (for read permissions).

    Author:
    ActiveViam

    • Method Detail

      • canCreateBranch

        boolean canCreateBranch​(Set<String> userNameAndRoles)
        Given their username and their roles, returns true if the current user can create a branch, false otherwise.
        Parameters:
        userNameAndRoles - the current user's set of roles/name
        Returns:
        true if the current user can create a branch, false otherwise

      • canEditBranch

        default boolean canEditBranch​(Set<String> userNameAndRoles,
                              String branchName)
        Given their username and their roles, returns true if the current user can edit the given branch, false otherwise.
        Parameters:
        userNameAndRoles - the current user's set of roles/name
        branchName - the branch the user wants to edit
        Returns:
        true if the current user can edit the branch, false otherwise

      • canReadBranch

        default boolean canReadBranch​(Set<String> userNameAndRoles,
                              String branchName)
        Given their username and their roles, returns true if the current user can read the given branch, false otherwise. A user with write access has, by default, read access as well.
        Parameters:
        userNameAndRoles - the current user's set of roles/name
        branchName - the branch the user wants to read
        Returns:
        true if the current user can read the branch, false otherwise

      • canDeleteBranch

        default boolean canDeleteBranch​(Set<String> userNameAndRoles,
                                String branchName)
        Given their username and their roles, returns true if the current user can delete the given branch, false otherwise.
        Parameters:
        userNameAndRoles - the current user's set of roles/name
        branchName - the branch the user wants to delete
        Returns:
        true if the current user can delete the branch, false otherwise

      • removeBranchPermissions

        void removeBranchPermissions​(String branchName)
        Removes the branch's permissions from the service. The default permissions for this manager will become the new permissions of this branch.
        Parameters:
        branchName - the name of the branch which will be removed

      • getBranchPermissions

        IBranchPermissions getBranchPermissions​(String branchName)
        Gets the permissions of a specific branch.
        Parameters:
        branchName - the name of the branch of which we want to know the permissions
        Returns:
        the permissions for this branch

      • getOwnedBranches

        Set<String> getOwnedBranches​(Set<String> userRoles)
        Gets the set of branches (registered in this service) that the user with the given roles own.
        Parameters:
        userRoles - the given user's authorized roles
        Returns:
        the set of branches (registered in this service) that the user with the given roles owns

      • getReadableBranches

        Set<String> getReadableBranches​(Set<String> userRoles)
        Gets the set of branches (registered in this service) that the given roles can read.
        Parameters:
        userRoles - the given user's authorized roles
        Returns:
        the set of branches (registered in this service) that the given user can read

      • setBranchPermissions

        void setBranchPermissions​(String branchName,
                          IBranchPermissions permissions)
        Sets the permissions of a specific branch.
        Parameters:
        branchName - the name of the branch of which we want to edit the permissions
        permissions - the updated permissions for this branch

      • registerBranchPermissionsListener

        void registerBranchPermissionsListener​(IBranchPermissionsListener branchPermissionsListener)
        Registers a listener for the permissions of a set of branches.
        Parameters:
        branchPermissionsListener - the listener which should be registered

      • unregisterBranchPermissionsListener

        void unregisterBranchPermissionsListener​(IBranchPermissionsListener branchPermissionsListener)
        Unregisters a listener for the permissions of a set of branches.
        Parameters:
        branchPermissionsListener - the listener which should be unregistered