Interface OpenMetadataRepositorySecurity
- All Known Implementing Classes:
OMRSMetadataDefaultRepositorySecurity
,OpenMetadataAccessSecurityConnector
,OpenMetadataServerSecurityVerifier
public interface OpenMetadataRepositorySecurity
OpenMetadataRepositorySecurity defines security checks for accessing and maintaining open metadata types
and instances in the local repository.
An instance is an entity or a relationship. There is also a special method for changing classifications
added to an entity.
-
Method Summary
Modifier and TypeMethodDescriptionboolean
validateEntityReferenceCopySave
(String userId, EntityDetail instance) Tests for whether a reference copy should be saved to the repository.boolean
validateRelationshipReferenceCopySave
(String userId, Relationship instance) Tests for whether a reference copy should be saved to the repository.void
validateUserForEntityClassificationAdd
(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.void
validateUserForEntityClassificationDelete
(String userId, String metadataCollectionName, EntitySummary instance, String classificationName) Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.void
validateUserForEntityClassificationUpdate
(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) Tests for whether a specific user should have the right to update a classification for an entity instance within a repository.void
validateUserForEntityCreate
(String userId, String metadataCollectionName, String entityTypeGUID, InstanceProperties initialProperties, List<Classification> initialClassifications, InstanceStatus initialStatus) Tests for whether a specific user should have the right to create an instance within a repository.void
validateUserForEntityDelete
(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have the right to delete an instance within a repository.void
validateUserForEntityProxyRead
(String userId, String metadataCollectionName, EntityProxy instance) Tests for whether a specific user should have read access to a specific instance within a repository.validateUserForEntityRead
(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have read access to a specific instance within a repository.void
validateUserForEntityReHoming
(String userId, String metadataCollectionName, EntityDetail instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) Tests for whether a specific user should have the right to change the home of an instance within a repository.void
validateUserForEntityReIdentification
(String userId, String metadataCollectionName, EntityDetail instance, String newGUID) Tests for whether a specific user should have the right to change the guid on an instance within a repository.void
validateUserForEntityRestore
(String userId, String metadataCollectionName, String deletedEntityGUID) Tests for whether a specific user should have the right to restore an instance within a repository.void
validateUserForEntityReTyping
(String userId, String metadataCollectionName, EntityDetail instance, TypeDefSummary newTypeDefSummary) Tests for whether a specific user should have the right to change an instance's type within a repository.void
validateUserForEntitySummaryRead
(String userId, String metadataCollectionName, EntitySummary instance) Tests for whether a specific user should have read access to a specific instance within a repository.void
validateUserForEntityUpdate
(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have the right to update an instance within a repository.void
validateUserForRelationshipCreate
(String userId, String metadataCollectionName, String relationshipTypeGUID, InstanceProperties initialProperties, EntitySummary entityOneSummary, EntitySummary entityTwoSummary, InstanceStatus initialStatus) Tests for whether a specific user should have the right to create an instance within a repository.void
validateUserForRelationshipDelete
(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have the right to delete an instance within a repository.validateUserForRelationshipRead
(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have read access to a specific instance within a repository.void
validateUserForRelationshipReHoming
(String userId, String metadataCollectionName, Relationship instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) Tests for whether a specific user should have the right to change the home of an instance within a repository.void
validateUserForRelationshipReIdentification
(String userId, String metadataCollectionName, Relationship instance, String newGUID) Tests for whether a specific user should have the right to change the guid on an instance within a repository.void
validateUserForRelationshipRestore
(String userId, String metadataCollectionName, String deletedRelationshipGUID) Tests for whether a specific user should have the right to restore an instance within a repository.void
validateUserForRelationshipReTyping
(String userId, String metadataCollectionName, Relationship instance, TypeDefSummary newTypeDefSummary) Tests for whether a specific user should have the right to change an instance's type within a repository.void
validateUserForRelationshipUpdate
(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have the right to update an instance within a repository.void
validateUserForTypeCreate
(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have the right to create a type within a repository.void
validateUserForTypeCreate
(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have the right to create a type within a repository.void
validateUserForTypeDelete
(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have the right to delete a type within a repository.void
validateUserForTypeDelete
(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have the right to delete a type within a repository.void
validateUserForTypeRead
(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have read access to a specific type within a repository.void
validateUserForTypeRead
(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have read access to a specific type within a repository.void
validateUserForTypeReIdentify
(String userId, String metadataCollectionName, AttributeTypeDef originalAttributeTypeDef, String newTypeDefGUID, String newTypeDefName) Tests for whether a specific user should have the right to change the identifiers for a type within a repository.void
validateUserForTypeReIdentify
(String userId, String metadataCollectionName, TypeDef originalTypeDef, String newTypeDefGUID, String newTypeDefName) Tests for whether a specific user should have the right to change the identifiers for a type within a repository.void
validateUserForTypeUpdate
(String userId, String metadataCollectionName, TypeDef typeDef, TypeDefPatch patch) Tests for whether a specific user should have the right to update a type within a repository.
-
Method Details
-
validateUserForTypeCreate
void validateUserForTypeCreate(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException Tests for whether a specific user should have the right to create a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiontypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeCreate
void validateUserForTypeCreate(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException Tests for whether a specific user should have the right to create a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionattributeTypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeRead
void validateUserForTypeRead(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiontypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve types
-
validateUserForTypeRead
void validateUserForTypeRead(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionattributeTypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve types
-
validateUserForTypeUpdate
void validateUserForTypeUpdate(String userId, String metadataCollectionName, TypeDef typeDef, TypeDefPatch patch) throws UserNotAuthorizedException Tests for whether a specific user should have the right to update a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiontypeDef
- current type detailspatch
- proposed changes to type- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeDelete
void validateUserForTypeDelete(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException Tests for whether a specific user should have the right to delete a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiontypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeDelete
void validateUserForTypeDelete(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException Tests for whether a specific user should have the right to delete a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionattributeTypeDef
- type details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeReIdentify
void validateUserForTypeReIdentify(String userId, String metadataCollectionName, TypeDef originalTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the identifiers for a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionoriginalTypeDef
- type detailsnewTypeDefGUID
- the new identifier for the type.newTypeDefName
- new name for this type.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForTypeReIdentify
void validateUserForTypeReIdentify(String userId, String metadataCollectionName, AttributeTypeDef originalAttributeTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the identifiers for a type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionoriginalAttributeTypeDef
- type detailsnewTypeDefGUID
- the new identifier for the type.newTypeDefName
- new name for this type.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain types
-
validateUserForEntityCreate
void validateUserForEntityCreate(String userId, String metadataCollectionName, String entityTypeGUID, InstanceProperties initialProperties, List<Classification> initialClassifications, InstanceStatus initialStatus) throws UserNotAuthorizedException Tests for whether a specific user should have the right to create an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionentityTypeGUID
- unique identifier (guid) for the new entity's type.initialProperties
- initial list of properties for the new entity null means no properties.initialClassifications
- initial list of classifications for the new entity null means no classifications.initialStatus
- initial status typically DRAFT, PREPARED or ACTIVE.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityRead
EntityDetail validateUserForEntityRead(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Returns:
- entity to return (maybe altered by the connector)
- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve instances
-
validateUserForEntitySummaryRead
void validateUserForEntitySummaryRead(String userId, String metadataCollectionName, EntitySummary instance) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve instances
-
validateUserForEntityProxyRead
void validateUserForEntityProxyRead(String userId, String metadataCollectionName, EntityProxy instance) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve instances
-
validateUserForEntityUpdate
void validateUserForEntityUpdate(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException Tests for whether a specific user should have the right to update an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityClassificationAdd
void validateUserForEntityClassificationAdd(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsclassificationName
- String name for the classification.properties
- list of properties for the classification.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityClassificationUpdate
void validateUserForEntityClassificationUpdate(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException Tests for whether a specific user should have the right to update a classification for an entity instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsclassificationName
- String name for the classification.properties
- list of properties for the classification.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityClassificationDelete
void validateUserForEntityClassificationDelete(String userId, String metadataCollectionName, EntitySummary instance, String classificationName) throws UserNotAuthorizedException Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsclassificationName
- String name for the classification.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityDelete
void validateUserForEntityDelete(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException Tests for whether a specific user should have the right to delete an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityRestore
void validateUserForEntityRestore(String userId, String metadataCollectionName, String deletedEntityGUID) throws UserNotAuthorizedException Tests for whether a specific user should have the right to restore an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiondeletedEntityGUID
- String unique identifier (guid) for the entity.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityReIdentification
void validateUserForEntityReIdentification(String userId, String metadataCollectionName, EntityDetail instance, String newGUID) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the guid on an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewGUID
- the new guid for the instance.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityReTyping
void validateUserForEntityReTyping(String userId, String metadataCollectionName, EntityDetail instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change an instance's type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewTypeDefSummary
- details of this instance's new TypeDef.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForEntityReHoming
void validateUserForEntityReHoming(String userId, String metadataCollectionName, EntityDetail instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the home of an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewHomeMetadataCollectionId
- unique identifier for the new home metadata collection/repository.newHomeMetadataCollectionName
- display name for the new home metadata collection/repository.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipCreate
void validateUserForRelationshipCreate(String userId, String metadataCollectionName, String relationshipTypeGUID, InstanceProperties initialProperties, EntitySummary entityOneSummary, EntitySummary entityTwoSummary, InstanceStatus initialStatus) throws UserNotAuthorizedException Tests for whether a specific user should have the right to create an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectionrelationshipTypeGUID
- unique identifier (guid) for the new relationship's type.initialProperties
- initial list of properties for the new entity null means no properties.entityOneSummary
- the unique identifier of one of the entities that the relationship is connecting together.entityTwoSummary
- the unique identifier of the other entity that the relationship is connecting together.initialStatus
- initial status typically DRAFT, PREPARED or ACTIVE.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipRead
Relationship validateUserForRelationshipRead(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException Tests for whether a specific user should have read access to a specific instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Returns:
- relationship to return (maybe altered by the connector)
- Throws:
UserNotAuthorizedException
- the user is not authorized to retrieve instances
-
validateUserForRelationshipUpdate
void validateUserForRelationshipUpdate(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException Tests for whether a specific user should have the right to update an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipDelete
void validateUserForRelationshipDelete(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException Tests for whether a specific user should have the right to delete an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance details- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipRestore
void validateUserForRelationshipRestore(String userId, String metadataCollectionName, String deletedRelationshipGUID) throws UserNotAuthorizedException Tests for whether a specific user should have the right to restore an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectiondeletedRelationshipGUID
- String unique identifier (guid) for the relationship.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipReIdentification
void validateUserForRelationshipReIdentification(String userId, String metadataCollectionName, Relationship instance, String newGUID) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the guid on an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewGUID
- the new guid for the instance.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipReTyping
void validateUserForRelationshipReTyping(String userId, String metadataCollectionName, Relationship instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change an instance's type within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewTypeDefSummary
- details of this instance's new TypeDef.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateUserForRelationshipReHoming
void validateUserForRelationshipReHoming(String userId, String metadataCollectionName, Relationship instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException Tests for whether a specific user should have the right to change the home of an instance within a repository.- Parameters:
userId
- identifier of usermetadataCollectionName
- configurable name of the metadata collectioninstance
- instance detailsnewHomeMetadataCollectionId
- unique identifier for the new home metadata collection/repository.newHomeMetadataCollectionName
- display name for the new home metadata collection/repository.- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateEntityReferenceCopySave
boolean validateEntityReferenceCopySave(String userId, EntityDetail instance) throws UserNotAuthorizedException Tests for whether a reference copy should be saved to the repository.- Parameters:
userId
- identifier of userinstance
- instance details- Returns:
- flag indicating whether the reference copy should be saved
- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-
validateRelationshipReferenceCopySave
boolean validateRelationshipReferenceCopySave(String userId, Relationship instance) throws UserNotAuthorizedException Tests for whether a reference copy should be saved to the repository.- Parameters:
userId
- identifier of userinstance
- instance details- Returns:
- flag indicating whether the reference copy should be saved
- Throws:
UserNotAuthorizedException
- the user is not authorized to maintain instances
-