Package org.odpi.openmetadata.metadatasecurity

Interface OpenMetadataUserSecurity

All Known Implementing Classes:

OpenMetadataAccessSecurityConnector

public interface OpenMetadataUserSecurity

This interface is used to authenticate a user and return the properties known about them that can be included in the resulting JWT token.

Method Summary

Modifier and Type	Method	Description
void	deleteSecurityAccessControl(String securityAccessControl)	Delete information about a specific security access control.
void	deleteUserAccount(String userId)	Delete information about a specific user.
List<String>	getDefaultZonesForUser(List<String> initialZones, String typeName, String serviceName, String userId)	Determine the appropriate setting for the default zones depending on the user and the default zones set up for the service.
List<String>	getPublishZonesForUser(List<String> currentZones, String typeName, String serviceName, String userId)	Determine the appropriate setting for the zones depending on the user and the current zones set up for the element.
OpenMetadataSecurityAccessControl	getSecurityAccessControl(String controlName)	Retrieve information about a specific security access control.
OpenMetadataUserAccount	getUserAccount(String userId)	Retrieve information about a specific user
List<String>	getUserList(UserAccountStatus userAccountStatus, UserAccountType userAccountType)	Return the list of defined users.
void	setSecurityAccessControl(OpenMetadataSecurityAccessControl securityAccessControl)	Create/update information about a specific security access control.
void	setUserAccount(OpenMetadataUserAccount userAccount)	Create/update information about a specific user.

Method Details

getUserList

List<String> getUserList(UserAccountStatus userAccountStatus,
 UserAccountType userAccountType)
                  throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Return the list of defined users.

Parameters:

userAccountStatus - status of the user - or null for any status

userAccountType - type of user - or null for any type

Returns:

list of userIds

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getUserAccount

OpenMetadataUserAccount getUserAccount(String userId)
                                throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Retrieve information about a specific user

Parameters:

userId - calling user

Returns:

security properties about the user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

setUserAccount

void setUserAccount(OpenMetadataUserAccount userAccount)
             throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Create/update information about a specific user. This is used to update user details and reset the password.

Parameters:

userAccount - security properties about the user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

deleteUserAccount

void deleteUserAccount(String userId)
                throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Delete information about a specific user.

Parameters:

userId - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getSecurityAccessControl

OpenMetadataSecurityAccessControl getSecurityAccessControl(String controlName)
                                                    throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Retrieve information about a specific security access control.

Parameters:

controlName - calling user

Returns:

security access control

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

setSecurityAccessControl

void setSecurityAccessControl(OpenMetadataSecurityAccessControl securityAccessControl)
                       throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Create/update information about a specific security access control.

Parameters:

securityAccessControl - control properties

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

deleteSecurityAccessControl

void deleteSecurityAccessControl(String securityAccessControl)
                          throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Delete information about a specific security access control.

Parameters:

securityAccessControl - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getDefaultZonesForUser

List<String> getDefaultZonesForUser(List<String> initialZones,
 String typeName,
 String serviceName,
 String userId)
                             throws InvalidParameterException,
PropertyServerException,
UserNotAuthorizedException

Determine the appropriate setting for the default zones depending on the user and the default zones set up for the service. This is called whenever an element is created.

Parameters:

initialZones - default setting of the default zones from the caller's create request.

typeName - type of the element

serviceName - name of the called service

userId - name of the user

Returns:

list of default zones for the user

Throws:

InvalidParameterException - one of the parameter values is invalid

PropertyServerException - a problem calculating the zones

UserNotAuthorizedException - unknown user

getPublishZonesForUser

List<String> getPublishZonesForUser(List<String> currentZones,
 String typeName,
 String serviceName,
 String userId)
                             throws InvalidParameterException,
PropertyServerException,
UserNotAuthorizedException

Determine the appropriate setting for the zones depending on the user and the current zones set up for the element. This is called whenever an element is published.

Parameters:

currentZones - default setting of the published zones

typeName - type of the element

serviceName - name of the called service

userId - name of the user

Returns:

list of published zones for the user

Throws:

InvalidParameterException - one of the parameter values is invalid

PropertyServerException - a problem calculating the zones

UserNotAuthorizedException - unknown user