Interface OpenMetadataElementSecurity
- All Known Implementing Classes:
OpenMetadataAccessSecurityConnector,OpenMetadataServerSecurityVerifier
public interface OpenMetadataElementSecurity
Provides the API for a security connector that implements security rules based on the elements being accessed.
-
Method Summary
Modifier and TypeMethodDescriptionselectConnection(String userId, EntityDetail assetEntity, List<EntityDetail> connectionEntities, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Use the security connector to make a choice on which connection to supply to the requesting user.voidvalidateUserForAnchorAddFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the anchor or member element.voidvalidateUserForAnchorAttach(String userId, EntityDetail anchorEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elementsvoidvalidateUserForAnchorClassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to add or update a classification on this anchor or member element.voidvalidateUserForAnchorDeclassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to remove a classification from this anchor or member elementvoidvalidateUserForAnchorDeleteFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the anchor or member element.voidvalidateUserForAnchorDetach(String userId, EntityDetail anchorEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elementsvoidvalidateUserForAnchorMemberAdd(String userId, EntityDetail anchorEntity, EntityDetail newMemberEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForAnchorMemberCreate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to create new elements as members of an anchor.voidvalidateUserForAnchorMemberDelete(String userId, EntityDetail anchorEntity, EntityDetail obsoleteEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to delete an element and all of its contents.voidvalidateUserForAnchorMemberRead(String userId, EntityDetail anchorEntity, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have read access to a specific element and its contents.voidvalidateUserForAnchorMemberStatusUpdate(String userId, EntityDetail anchorEntity, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the instance status of an element.voidvalidateUserForAnchorMemberUpdate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update elements attached directly to an anchor element, such as glossary terms and assets attached to an element.voidvalidateUserForElementAddFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForElementAttach(String userId, EntityDetail startingEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elements to this elementvoidvalidateUserForElementClassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to add or update a classification on this element.voidvalidateUserForElementCreate(String userId, String entityTypeGUID, String entityTypeName, InstanceProperties newProperties, List<Classification> classifications, InstanceStatus instanceStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to create an element.voidvalidateUserForElementDeclassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to remove a classification from this elementvoidvalidateUserForElementDelete(String userId, EntityDetail entity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to delete an element and all of its contents.voidvalidateUserForElementDeleteFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForElementDetach(String userId, EntityDetail startingEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elements to this elementvoidvalidateUserForElementDetailUpdate(String userId, EntityDetail originalEntity, InstanceProperties newEntityProperties, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the properties of an element.voidvalidateUserForElementRead(String userId, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have read access to a specific element and its contents.voidvalidateUserForElementStatusUpdate(String userId, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the properties of an element.
-
Method Details
-
validateUserForElementCreate
void validateUserForElementCreate(String userId, String entityTypeGUID, String entityTypeName, InstanceProperties newProperties, List<Classification> classifications, InstanceStatus instanceStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create an element.- Parameters:
userId- identifier of userentityTypeGUID- unique identifier of the type of entity to createentityTypeName- unique name of the type of entity to createnewProperties- properties for new entityclassifications- classifications for new entityinstanceStatus- status for new entityrepositoryHelper- manipulates repository service objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementRead
void validateUserForElementRead(String userId, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific element and its contents.- Parameters:
userId- calling userrequestedEntity- entity requested by the callerrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the parameters is null or invalid.PropertyServerException- a problem retrieving information from the property server(s).UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision
-
validateUserForElementDetailUpdate
void validateUserForElementDetailUpdate(String userId, EntityDetail originalEntity, InstanceProperties newEntityProperties, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the properties of an element.- Parameters:
userId- identifier of useroriginalEntity- original entity detailsnewEntityProperties- new propertiesrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementStatusUpdate
void validateUserForElementStatusUpdate(String userId, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the properties of an element.- Parameters:
userId- identifier of useroriginalEntity- original entity detailsnewStatus- new value for statusrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementAttach
void validateUserForElementAttach(String userId, EntityDetail startingEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements to this element- Parameters:
userId- identifier of userstartingEntity- end 1 detailsattachingEntity- end 1 detailsrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementDetach
void validateUserForElementDetach(String userId, EntityDetail startingEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements to this element- Parameters:
userId- identifier of userstartingEntity- end 1 detailsdetachingEntity- end 2 detailsrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementAddFeedback
void validateUserForElementAddFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.- Parameters:
userId- identifier of useroriginalEntity- original entity detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementDeleteFeedback
void validateUserForElementDeleteFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the element.- Parameters:
userId- identifier of useroriginalEntity- original entity detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementClassify
void validateUserForElementClassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to add or update a classification on this element.- Parameters:
userId- identifier of useroriginalEntity- original entity detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementDeclassify
void validateUserForElementDeclassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to remove a classification from this element- Parameters:
userId- identifier of useroriginalEntity- original entity detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForElementDelete
void validateUserForElementDelete(String userId, EntityDetail entity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an element and all of its contents.- Parameters:
userId- identifier of userentity- original element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberAdd
void validateUserForAnchorMemberAdd(String userId, EntityDetail anchorEntity, EntityDetail newMemberEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.- Parameters:
userId- identifier of useranchorEntity- anchor detailsnewMemberEntity- feedback elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberRead
void validateUserForAnchorMemberRead(String userId, EntityDetail anchorEntity, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific element and its contents.- Parameters:
userId- calling useranchorEntity- entity for the anchor (if extracted - may be null)requestedEntity- entity requested by the callerrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to issue this requestPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberCreate
void validateUserForAnchorMemberCreate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create new elements as members of an anchor.- Parameters:
userId- identifier of useranchorEntity- anchor detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberUpdate
void validateUserForAnchorMemberUpdate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update elements attached directly to an anchor element, such as glossary terms and assets attached to an element. These updates could be to their properties, classifications, and relationships.- Parameters:
userId- identifier of useranchorEntity- anchor detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberStatusUpdate
void validateUserForAnchorMemberStatusUpdate(String userId, EntityDetail anchorEntity, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the instance status of an element.- Parameters:
userId- identifier of useranchorEntity- anchor detailsoriginalEntity- entity being updatednewStatus- new value for statusrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorAttach
void validateUserForAnchorAttach(String userId, EntityDetail anchorEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements- Parameters:
userId- identifier of useranchorEntity- anchor detailsattachingEntity- new elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorDetach
void validateUserForAnchorDetach(String userId, EntityDetail anchorEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements- Parameters:
userId- identifier of useranchorEntity- anchor detailsdetachingEntity- obsolete elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorAddFeedback
void validateUserForAnchorAddFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the anchor or member element.- Parameters:
userId- identifier of useranchorEntity- anchor detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorDeleteFeedback
void validateUserForAnchorDeleteFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the anchor or member element.- Parameters:
userId- identifier of useranchorEntity- anchor detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorClassify
void validateUserForAnchorClassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to add or update a classification on this anchor or member element.- Parameters:
userId- identifier of useranchorEntity- anchor detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorDeclassify
void validateUserForAnchorDeclassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to remove a classification from this anchor or member element- Parameters:
userId- identifier of useranchorEntity- anchor detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
validateUserForAnchorMemberDelete
void validateUserForAnchorMemberDelete(String userId, EntityDetail anchorEntity, EntityDetail obsoleteEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an element and all of its contents.- Parameters:
userId- identifier of userobsoleteEntity- original element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
UserNotAuthorizedException- the user is not authorized to change this elementPropertyServerException- unable to retrieve necessary information to make the decisionInvalidParameterException
-
selectConnection
EntityDetail selectConnection(String userId, EntityDetail assetEntity, List<EntityDetail> connectionEntities, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Use the security connector to make a choice on which connection to supply to the requesting user.- Parameters:
userId- calling userIdassetEntity- associated asset - may be nullconnectionEntities- list of retrieved connectionsrepositoryHelper- for working with OMRS objectsserviceName- calling servicemethodName- calling method- Returns:
- single connection entity, or null
- Throws:
InvalidParameterException- none of the connections are visible to the userUserNotAuthorizedException- the user is not authorized to use any of the connectionsPropertyServerException- unable to retrieve necessary information to make the decision
-