Package org.odpi.openmetadata.metadatasecurity

Interface OpenMetadataElementSecurity

All Known Implementing Classes:
OpenMetadataAccessSecurityConnector, OpenMetadataServerSecurityVerifier
public interface OpenMetadataElementSecurity
Provides the API for a security connector that implements security rules based on the elements being accessed.

  • Method Details

    • validateUserForElementCreate

      void validateUserForElementCreate(String userId, String entityTypeGUID, String entityTypeName, InstanceProperties newProperties, List<Classification> classifications, InstanceStatus instanceStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException
      Tests for whether a specific user should have the right to create an element.
      Parameters:
      userId - identifier of user
      entityTypeGUID - unique identifier of the type of entity to create
      entityTypeName - unique name of the type of entity to create
      newProperties - properties for new entity
      classifications - classifications for new entity
      instanceStatus - status for new entity
      repositoryHelper - manipulates repository service objects
      serviceName - calling service
      methodName - calling method
      Throws:
      InvalidParameterException - one of the parameters is null or invalid.
      PropertyServerException - there is a problem retrieving information from the property server(s).
      UserNotAuthorizedException - the requesting user is not authorized to issue this request.

    • validateUserForElementRead

      void validateUserForElementRead(String userId, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException
      Tests for whether a specific user should have read access to a specific element and its contents.
      Parameters:
      userId - calling user
      requestedEntity - entity requested by the caller
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      InvalidParameterException - one of the parameters is null or invalid.
      PropertyServerException - there is a problem retrieving information from the property server(s).
      UserNotAuthorizedException - the requesting user is not authorized to issue this request.

    • validateUserForElementDetailUpdate

      void validateUserForElementDetailUpdate(String userId, EntityDetail originalEntity, InstanceProperties newEntityProperties, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update the properties of an element.
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      newEntityProperties - new properties
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementStatusUpdate

      void validateUserForElementStatusUpdate(String userId, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update the properties of an element.
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      newStatus - new value for status
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementAttach

      void validateUserForElementAttach(String userId, EntityDetail startingEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to link unanchored elements to this element
      Parameters:
      userId - identifier of user
      startingEntity - end 1 details
      attachingEntity - end 1 details
      relationshipName - name of the relationship
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementDetach

      void validateUserForElementDetach(String userId, EntityDetail startingEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to link unanchored elements to this element
      Parameters:
      userId - identifier of user
      startingEntity - end 1 details
      detachingEntity - end 2 details
      relationshipName - name of the relationship
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementAddFeedback

      void validateUserForElementAddFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      feedbackEntity - feedback element
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementDeleteFeedback

      void validateUserForElementDeleteFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the element.
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      feedbackEntity - feedback element
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementClassify

      void validateUserForElementClassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to add or update a classification on this element.
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      classificationName - name of the classification
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementDeclassify

      void validateUserForElementDeclassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to remove a classification from this element
      Parameters:
      userId - identifier of user
      originalEntity - original entity details
      classificationName - name of the classification
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForElementDelete

      void validateUserForElementDelete(String userId, EntityDetail entity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete an element and all of its contents.
      Parameters:
      userId - identifier of user
      entity - original element details
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorMemberAdd

      void validateUserForAnchorMemberAdd(String userId, EntityDetail anchorEntity, EntityDetail newMemberEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      newMemberEntity - feedback element
      relationshipName - name of the relationship
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorMemberRead

      void validateUserForAnchorMemberRead(String userId, EntityDetail anchorEntity, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific element and its contents.
      Parameters:
      userId - calling user
      anchorEntity - entity for the anchor (if extracted - may be null)
      requestedEntity - entity requested by the caller
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - user not authorized to issue this request

    • validateUserForAnchorMemberUpdate

      void validateUserForAnchorMemberUpdate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update elements attached directly to an anchor such as glossary terms and categories attached to an element. These updates could be to their properties, classifications and relationships.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorMemberStatusUpdate

      void validateUserForAnchorMemberStatusUpdate(String userId, EntityDetail anchorEntity, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update the instance status of an element.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      originalEntity - entity being updated
      newStatus - new value for status
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorAttach

      void validateUserForAnchorAttach(String userId, EntityDetail anchorEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to link unanchored elements
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      attachingEntity - new element
      relationshipName - name of the relationship
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorDetach

      void validateUserForAnchorDetach(String userId, EntityDetail anchorEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to link unanchored elements
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      detachingEntity - obsolete element
      relationshipName - name of the relationship
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorAddFeedback

      void validateUserForAnchorAddFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the anchor or member element.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      feedbackEntity - feedback element
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorDeleteFeedback

      void validateUserForAnchorDeleteFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the anchor or member element.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      feedbackEntity - feedback element
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorClassify

      void validateUserForAnchorClassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to add or update a classification on this anchor or member element.
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      classificationName - name of the classification
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorDeclassify

      void validateUserForAnchorDeclassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to remove a classification from this anchor or member element
      Parameters:
      userId - identifier of user
      anchorEntity - anchor details
      classificationName - name of the classification
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • validateUserForAnchorMemberDelete

      void validateUserForAnchorMemberDelete(String userId, EntityDetail anchorEntity, EntityDetail obsoleteEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete an element and all of its contents.
      Parameters:
      userId - identifier of user
      obsoleteEntity - original element details
      repositoryHelper - helper for OMRS objects
      serviceName - calling service
      methodName - calling method
      Throws:
      UserNotAuthorizedException - the user is not authorized to change this element

    • selectConnection

      EntityDetail selectConnection(String userId, EntityDetail assetEntity, List<EntityDetail> connectionEntities, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException
      Use the security connector to make a choice on which connection to supply to the requesting user.
      Parameters:
      userId - calling userId
      assetEntity - associated asset - may be null
      connectionEntities - list of retrieved connections
      repositoryHelper - for working with OMRS objects
      serviceName - calling service
      methodName - calling method
      Returns:
      single connection entity, or null
      Throws:
      UserNotAuthorizedException - the user is not able to use any of the connections