Class OpenMetadataAccessSecurityConnector
java.lang.Object
org.odpi.openmetadata.frameworks.connectors.Connector
org.odpi.openmetadata.frameworks.connectors.ConnectorBase
org.odpi.openmetadata.metadatasecurity.connectors.OpenMetadataSecurityConnector
org.odpi.openmetadata.metadatasecurity.accessconnector.OpenMetadataAccessSecurityConnector
- All Implemented Interfaces:
AuditLoggingComponent,SecureConnectorExtension,VirtualConnectorExtension,OpenMetadataElementSecurity,OpenMetadataPlatformSecurity,OpenMetadataRepositorySecurity,OpenMetadataServerSecurity,OpenMetadataServiceSecurity,OpenMetadataUserSecurity
public class OpenMetadataAccessSecurityConnector
extends OpenMetadataSecurityConnector
implements OpenMetadataPlatformSecurity, OpenMetadataRepositorySecurity, OpenMetadataServerSecurity, OpenMetadataServiceSecurity, OpenMetadataElementSecurity, OpenMetadataUserSecurity
OpenMetadataAccessSecurityConnector provides a specific security connector for Egeria's runtime
users that overrides the default behavior of the default open metadata security connectors that does
not allow any access to anything. It provides a demonstration of how to implement a security connector that uses
an external secrets store.
-
Nested Class Summary
Nested classes/interfaces inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
ConnectorBase.ProtectedConnection -
Field Summary
Fields inherited from class org.odpi.openmetadata.metadatasecurity.connectors.OpenMetadataSecurityConnector
connectorName, localServerUserId, platformName, serverName, unknownTypeNameFields inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
auditLog, connectionBean, connectorInstanceId, embeddedConnectors, messageFormatter, secretsStoreConnectorMap -
Constructor Summary
ConstructorsConstructorDescriptionConstructor sets up the security policies -
Method Summary
Modifier and TypeMethodDescriptionvoiddeleteUserAccount(String userId) Delete information about a specific user.getAssociatedSecurityListForZone(String zoneName, AccessOperation operation) Returns the list of security lists associated with the zone and operation.getDefaultZonesForUser(List<String> initialZones, String typeName, String serviceName, String userId) Determine the appropriate setting for the default zones depending on the user and the default zones set up for the service.getPublishZonesForUser(List<String> currentZones, String typeName, String serviceName, String userId) Determine the appropriate setting for the default zones depending on the user and the default publish zones set up for the service.getUserAccount(String userId) Retrieve information about a specific user.getWithdrawZonesForUser(List<String> currentZones, String typeName, String serviceName, String userId) Determine the appropriate setting for the zones depending on the user and the current zones set up for the element.selectConnection(String userId, EntityDetail assetEntity, List<EntityDetail> connectionEntities, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Use the security connector to make a choice on which connection to supply to the requesting user.voidsetUserAccount(OpenMetadataUserAccount userAccount) Update/create information about a specific user.voidstart()Indicates that the connector is completely configured and can begin processing.booleanvalidateEntityReferenceCopySave(String userId, EntityDetail instance) Tests for whether a reference copy should be saved to the repository.booleanvalidateRelationshipReferenceCopySave(String userId, Relationship instance) Tests for whether a reference copy should be saved to the repository.voidCheck that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.voidCheck that the calling user is authorized to issue operator requests to the OMAG Server Platform.voidvalidateUserAsServerAdmin(String userId) Check that the calling user is authorized to update the configuration for a server.voidCheck that the calling user is authorized to issue operator requests to the OMAG Server.voidvalidateUserAsServerOperator(String userId) Check that the calling user is authorized to issue operator requests to the OMAG Server.voidvalidateUserForAnchorAddFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the anchor or member element.voidvalidateUserForAnchorAttach(String userId, EntityDetail anchorEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elementsvoidvalidateUserForAnchorClassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to add or update a classification on this anchor or member element.voidvalidateUserForAnchorDeclassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to remove a classification from this anchor or member elementvoidvalidateUserForAnchorDeleteFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the anchor or member element.voidvalidateUserForAnchorDetach(String userId, EntityDetail anchorEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elementsvoidvalidateUserForAnchorMemberAdd(String userId, EntityDetail anchorEntity, EntityDetail newMemberEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForAnchorMemberCreate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to create new elements as members of an anchor.voidvalidateUserForAnchorMemberDelete(String userId, EntityDetail anchorEntity, EntityDetail obsoleteEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to delete an element and all of its contents.voidvalidateUserForAnchorMemberRead(String userId, EntityDetail anchorEntity, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have read access to a specific element and its contents.voidvalidateUserForAnchorMemberStatusUpdate(String userId, EntityDetail anchorEntity, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the instance status of an element.voidvalidateUserForAnchorMemberUpdate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update elements attached directly to an anchor.voidvalidateUserForElementAddFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForElementAttach(String userId, EntityDetail startingEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elements to this elementvoidvalidateUserForElementClassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to add or update a classification on this element.voidvalidateUserForElementCreate(String userId, String entityTypeGUID, String entityTypeName, InstanceProperties newProperties, List<Classification> classifications, InstanceStatus instanceStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to create an element.voidvalidateUserForElementDeclassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to remove a classification from this elementvoidvalidateUserForElementDelete(String userId, EntityDetail entity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to delete an element and all of its contents.voidvalidateUserForElementDeleteFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the element.voidvalidateUserForElementDetach(String userId, EntityDetail startingEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to link unanchored elements to this elementvoidvalidateUserForElementDetailUpdate(String userId, EntityDetail originalEntity, InstanceProperties newEntityProperties, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the properties of an element.voidvalidateUserForElementRead(String userId, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have read access to a specific element and its contents.voidvalidateUserForElementStatusUpdate(String userId, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Tests for whether a specific user should have the right to update the properties of an element.voidvalidateUserForEntityClassificationAdd(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.voidvalidateUserForEntityClassificationDelete(String userId, String metadataCollectionName, EntitySummary instance, String classificationName) Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.voidvalidateUserForEntityClassificationUpdate(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) Tests for whether a specific user should have the right to update the classification for an entity instance within a repository.voidvalidateUserForEntityCreate(String userId, String metadataCollectionName, String entityTypeGUID, InstanceProperties initialProperties, List<Classification> initialClassifications, InstanceStatus initialStatus) Tests for whether a specific user should have the right to create an instance within a repository.voidvalidateUserForEntityDelete(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have the right to delete an instance within a repository.voidvalidateUserForEntityProxyRead(String userId, String metadataCollectionName, EntityProxy instance) Tests for whether a specific user should have read access to a specific instance within a repository.validateUserForEntityRead(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have read access to a specific instance within a repository.voidvalidateUserForEntityReHoming(String userId, String metadataCollectionName, EntityDetail instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) Tests for whether a specific user should have the right to change the home of an instance within a repository.voidvalidateUserForEntityReIdentification(String userId, String metadataCollectionName, EntityDetail instance, String newGUID) Tests for whether a specific user should have the right to change the guid on an instance within a repository.voidvalidateUserForEntityRestore(String userId, String metadataCollectionName, String deletedEntityGUID) Tests for whether a specific user should have the right to restore an instance within a repository.voidvalidateUserForEntityReTyping(String userId, String metadataCollectionName, EntityDetail instance, TypeDefSummary newTypeDefSummary) Tests for whether a specific user should have the right to change the type name of an instance within a repository.voidvalidateUserForEntitySummaryRead(String userId, String metadataCollectionName, EntitySummary instance) Tests for whether a specific user should have read access to a specific instance within a repository.voidvalidateUserForEntityUpdate(String userId, String metadataCollectionName, EntityDetail instance) Tests for whether a specific user should have the right to update an instance within a repository.voidvalidateUserForNewServer(String userId) Check that the calling user is authorized to create new servers.voidvalidateUserForRelationshipCreate(String userId, String metadataCollectionName, String relationshipTypeGUID, InstanceProperties initialProperties, EntitySummary entityOneSummary, EntitySummary entityTwoSummary, InstanceStatus initialStatus) Tests for whether a specific user should have the right to create an instance within a repository.voidvalidateUserForRelationshipDelete(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have the right to delete an instance within a repository.validateUserForRelationshipRead(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have read access to a specific instance within a repository.voidvalidateUserForRelationshipReHoming(String userId, String metadataCollectionName, Relationship instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) Tests for whether a specific user should have the right to change the home of a instance within a repository.voidvalidateUserForRelationshipReIdentification(String userId, String metadataCollectionName, Relationship instance, String newGUID) Tests for whether a specific user should have the right to change the guid on an instance within a repository.voidvalidateUserForRelationshipRestore(String userId, String metadataCollectionName, String deletedRelationshipGUID) Tests for whether a specific user should have the right to restore an instance within a repository.voidvalidateUserForRelationshipReTyping(String userId, String metadataCollectionName, Relationship instance, TypeDefSummary newTypeDefSummary) Tests for whether a specific user should have the right to change the type name of an instance within a repository.voidvalidateUserForRelationshipUpdate(String userId, String metadataCollectionName, Relationship instance) Tests for whether a specific user should have the right to update an instance within a repository.voidvalidateUserForServer(String userId) Check that the calling user is authorized to issue a (any) request to the OMAG Server Platform.voidvalidateUserForService(String userId, String serviceName) Check that the calling user is authorized to issue this request.voidvalidateUserForServiceOperation(String userId, String serviceName, String serviceOperationName) Check that the calling user is authorized to issue this specific request.voidvalidateUserForTypeCreate(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have the right to create a type within a repository.voidvalidateUserForTypeCreate(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have the right to create a type within a repository.voidvalidateUserForTypeDelete(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have the right to delete a type within a repository.voidvalidateUserForTypeDelete(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have the right to delete a type within a repository.voidvalidateUserForTypeRead(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) Tests for whether a specific user should have read access to a specific type within a repository.voidvalidateUserForTypeRead(String userId, String metadataCollectionName, TypeDef typeDef) Tests for whether a specific user should have read access to a specific type within a repository.voidvalidateUserForTypeReIdentify(String userId, String metadataCollectionName, AttributeTypeDef originalAttributeTypeDef, String newTypeDefGUID, String newTypeDefName) Tests for whether a specific user should have the right to change the identifiers for a type within a repository.voidvalidateUserForTypeReIdentify(String userId, String metadataCollectionName, TypeDef originalTypeDef, String newTypeDefGUID, String newTypeDefName) Tests for whether a specific user should have the right to change the identifiers for a type within a repository.voidvalidateUserForTypeUpdate(String userId, String metadataCollectionName, TypeDef typeDef, TypeDefPatch patch) Tests for whether a specific user should have the right to update a typeDef within a repository.protected booleanvalidateUserInGroup(String userId, SecurityAccessControl securityAccessControl, boolean isUserOwner, List<String> maintainers, String accessOperation) This method does the lookup of the user and group in the secrets store.protected voidvalidateZoneAccess(String userId, String entityGUID, String entityTypeName, List<Classification> classifications, AccessOperation operation, List<String> maintainers, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) Determine whether the user is permitted to perform the desired operation based on the element's zones.Methods inherited from class org.odpi.openmetadata.metadatasecurity.connectors.OpenMetadataSecurityConnector
disconnect, getConnectorComponentDescription, logConnectorDisconnecting, logConnectorStarting, printZoneList, setAuditLog, setLocalServerUserId, setPlatformName, setServerName, throwMissingAnchor, throwUnauthorizedAddFeedback, throwUnauthorizedAnchorAccess, throwUnauthorizedElementAccess, throwUnauthorizedInstanceAccess, throwUnauthorizedInstanceChange, throwUnauthorizedInstanceCreate, throwUnauthorizedPlatformAccess, throwUnauthorizedServerAccess, throwUnauthorizedServiceAccess, throwUnauthorizedTypeAccess, throwUnauthorizedTypeChange, throwUnauthorizedZoneChange, throwUnknownUserMethods inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
combineConfigurationProperties, disconnectConnectors, equals, fromCamelToCanonicalCase, fromCanonicalToCamelCase, fromCanonicalToKebabCase, fromCanonicalToSnakeCase, fromKebabToCanonicalCase, fromSnakeToCanonicalCase, getArrayConfigurationProperty, getArrayConfigurationProperty, getArrayConfigurationProperty, getBooleanConfigurationProperty, getConnection, getConnectorInstanceId, getDateConfigurationProperty, getIntConfigurationProperty, getLongConfigurationProperty, getSecretsCollectionName, getSecretsLocation, getSecretsProvider, getStringConfigurationProperty, getStringConfigurationProperty, getSuppliedPlaceholderProperties, hashCode, initialize, initializeEmbeddedConnectors, initializeSecretsStoreConnector, isActive, logExceptionRecord, logRecord, logRecord, throwMissingConfigurationProperty, throwMissingEndpointAddress, throwMissingResource, throwNoAsset, throwWrongTypeOfAsset, throwWrongTypeOfResource, throwWrongTypeOfRootSchema, toStringMethods inherited from class org.odpi.openmetadata.frameworks.connectors.Connector
clearStatisticProperty, clearStatisticTimestamp, getConnectorStatistics, getStatisticCounter, getStatisticProperty, getStatisticTimestamp, incrementStatisticCounter, initializeStatisticCounter, refreshStatistics, setStatisticProperty, setStatisticTimestampMethods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, waitMethods inherited from interface org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
setPlatformName
-
Constructor Details
-
OpenMetadataAccessSecurityConnector
public OpenMetadataAccessSecurityConnector()Constructor sets up the security policies
-
-
Method Details
-
start
Indicates that the connector is completely configured and can begin processing.- Overrides:
startin classOpenMetadataSecurityConnector- Throws:
ConnectorCheckedException- the connector detected a problem.UserNotAuthorizedException- the connector was disconnected before/during start
-
getUserAccount
public OpenMetadataUserAccount getUserAccount(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Retrieve information about a specific user. This is used during a user's request for a token- Specified by:
getUserAccountin interfaceOpenMetadataUserSecurity- Parameters:
userId- calling user- Returns:
- security properties about the user
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
setUserAccount
Update/create information about a specific user. This is used to update user details nd reset the password.- Specified by:
setUserAccountin interfaceOpenMetadataUserSecurity- Parameters:
userAccount- security properties about the user- Throws:
UserNotAuthorizedException- user not recognized
-
deleteUserAccount
Delete information about a specific user.- Specified by:
deleteUserAccountin interfaceOpenMetadataUserSecurity- Parameters:
userId- calling user- Throws:
UserNotAuthorizedException- user not recognized
-
validateUserInGroup
protected boolean validateUserInGroup(String userId, SecurityAccessControl securityAccessControl, boolean isUserOwner, List<String> maintainers, String accessOperation) throws InvalidParameterException, PropertyServerException, UserNotAuthorizedException This method does the lookup of the user and group in the secrets store.- Parameters:
userId- calling usersecurityAccessControl- controlaccessOperation- operationisUserOwner- is the user the owner of the element?maintainers- list of maintainers- Returns:
- boolean indicating that they are not members of the group
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForNewServer
public void validateUserForNewServer(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to create new servers.- Specified by:
validateUserForNewServerin interfaceOpenMetadataPlatformSecurity- Overrides:
validateUserForNewServerin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserAsOperatorForPlatform
public void validateUserAsOperatorForPlatform(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.- Specified by:
validateUserAsOperatorForPlatformin interfaceOpenMetadataPlatformSecurity- Overrides:
validateUserAsOperatorForPlatformin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserAsInvestigatorForPlatform
public void validateUserAsInvestigatorForPlatform(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.- Specified by:
validateUserAsInvestigatorForPlatformin interfaceOpenMetadataPlatformSecurity- Overrides:
validateUserAsInvestigatorForPlatformin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForServer
public void validateUserForServer(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue a (any) request to the OMAG Server Platform.- Specified by:
validateUserForServerin interfaceOpenMetadataServerSecurity- Overrides:
validateUserForServerin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserAsServerAdmin
public void validateUserAsServerAdmin(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to update the configuration for a server.- Specified by:
validateUserAsServerAdminin interfaceOpenMetadataServerSecurity- Overrides:
validateUserAsServerAdminin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserAsServerOperator
public void validateUserAsServerOperator(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue operator requests to the OMAG Server.- Specified by:
validateUserAsServerOperatorin interfaceOpenMetadataServerSecurity- Overrides:
validateUserAsServerOperatorin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserAsServerInvestigator
public void validateUserAsServerInvestigator(String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue operator requests to the OMAG Server.- Specified by:
validateUserAsServerInvestigatorin interfaceOpenMetadataServerSecurity- Overrides:
validateUserAsServerInvestigatorin classOpenMetadataSecurityConnector- Parameters:
userId- calling user- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForService
public void validateUserForService(String userId, String serviceName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue this request.- Specified by:
validateUserForServicein interfaceOpenMetadataServiceSecurity- Overrides:
validateUserForServicein classOpenMetadataSecurityConnector- Parameters:
userId- calling userserviceName- name of called service- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForServiceOperation
public void validateUserForServiceOperation(String userId, String serviceName, String serviceOperationName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Check that the calling user is authorized to issue this specific request.- Specified by:
validateUserForServiceOperationin interfaceOpenMetadataServiceSecurity- Overrides:
validateUserForServiceOperationin classOpenMetadataSecurityConnector- Parameters:
userId- calling userserviceName- name of called serviceserviceOperationName- name of called operation- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
getAssociatedSecurityListForZone
Returns the list of security lists associated with the zone and operation. If none are found, there is no restriction on the use of the zone.- Parameters:
zoneName- name of the zoneoperation- operation to check- Returns:
- list of security groups
-
getDefaultZonesForUser
public List<String> getDefaultZonesForUser(List<String> initialZones, String typeName, String serviceName, String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Determine the appropriate setting for the default zones depending on the user and the default zones set up for the service. This is called whenever an element is created.- Specified by:
getDefaultZonesForUserin interfaceOpenMetadataUserSecurity- Overrides:
getDefaultZonesForUserin classOpenMetadataSecurityConnector- Parameters:
initialZones- default setting of the default zonestypeName- type of the elementserviceName- name of the called serviceuserId- name of the user- Returns:
- list of default zones for the user
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
getPublishZonesForUser
public List<String> getPublishZonesForUser(List<String> currentZones, String typeName, String serviceName, String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Determine the appropriate setting for the default zones depending on the user and the default publish zones set up for the service. This is called whenever an element is published.- Specified by:
getPublishZonesForUserin interfaceOpenMetadataUserSecurity- Overrides:
getPublishZonesForUserin classOpenMetadataSecurityConnector- Parameters:
currentZones- default setting of the published zonestypeName- type of the elementserviceName- name of the called serviceuserId- name of the user- Returns:
- list of published zones for the user
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
getWithdrawZonesForUser
public List<String> getWithdrawZonesForUser(List<String> currentZones, String typeName, String serviceName, String userId) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Determine the appropriate setting for the zones depending on the user and the current zones set up for the element. This is called whenever an element is withdrawn.- Specified by:
getWithdrawZonesForUserin interfaceOpenMetadataUserSecurity- Overrides:
getWithdrawZonesForUserin classOpenMetadataSecurityConnector- Parameters:
currentZones- default setting of the default zonestypeName- type of the elementserviceName- name of the called serviceuserId- name of the user- Returns:
- list of published zones for the user
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateZoneAccess
protected void validateZoneAccess(String userId, String entityGUID, String entityTypeName, List<Classification> classifications, AccessOperation operation, List<String> maintainers, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Determine whether the user is permitted to perform the desired operation based on the element's zones.- Parameters:
userId- identifier of userentityGUID- unique identifier of entityentityTypeName- open metadata type nameclassifications- list of classifications from entityoperation- operation that they wish to performmaintainers- list of maintainers of the entityrepositoryHelper- manipulates repository service objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementCreate
public void validateUserForElementCreate(String userId, String entityTypeGUID, String entityTypeName, InstanceProperties newProperties, List<Classification> classifications, InstanceStatus instanceStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create an element.- Specified by:
validateUserForElementCreatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of userentityTypeGUID- unique identifier of the type of entity to createentityTypeName- unique name of the type of entity to createnewProperties- properties for new entityclassifications- classifications for new entityinstanceStatus- status for new entityrepositoryHelper- manipulates repository service objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementRead
public void validateUserForElementRead(String userId, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific element and its contents.- Specified by:
validateUserForElementReadin interfaceOpenMetadataElementSecurity- Parameters:
userId- calling userrequestedEntity- entity requested by the callerrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberRead
public void validateUserForAnchorMemberRead(String userId, EntityDetail anchorEntity, EntityDetail requestedEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific element and its contents.- Specified by:
validateUserForAnchorMemberReadin interfaceOpenMetadataElementSecurity- Parameters:
userId- calling useranchorEntity- entity for the anchor (if extracted - may be null)requestedEntity- entity requested by the callerrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementDetailUpdate
public void validateUserForElementDetailUpdate(String userId, EntityDetail originalEntity, InstanceProperties newEntityProperties, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the properties of an element.- Specified by:
validateUserForElementDetailUpdatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsnewEntityProperties- new propertiesrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementStatusUpdate
public void validateUserForElementStatusUpdate(String userId, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the properties of an element.- Specified by:
validateUserForElementStatusUpdatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsnewStatus- new value for statusrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementAttach
public void validateUserForElementAttach(String userId, EntityDetail startingEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements to this element- Specified by:
validateUserForElementAttachin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of userstartingEntity- end 1 detailsattachingEntity- end 1 detailsrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementDetach
public void validateUserForElementDetach(String userId, EntityDetail startingEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements to this element- Specified by:
validateUserForElementDetachin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of userstartingEntity- end 1 detailsdetachingEntity- end 2 detailsrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementAddFeedback
public void validateUserForElementAddFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.- Specified by:
validateUserForElementAddFeedbackin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementDeleteFeedback
public void validateUserForElementDeleteFeedback(String userId, EntityDetail originalEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the element.- Specified by:
validateUserForElementDeleteFeedbackin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementClassify
public void validateUserForElementClassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to add or update a classification on this element.- Specified by:
validateUserForElementClassifyin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementDeclassify
public void validateUserForElementDeclassify(String userId, EntityDetail originalEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to remove a classification from this element- Specified by:
validateUserForElementDeclassifyin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useroriginalEntity- original entity detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberCreate
public void validateUserForAnchorMemberCreate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create new elements as members of an anchor.- Specified by:
validateUserForAnchorMemberCreatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberUpdate
public void validateUserForAnchorMemberUpdate(String userId, EntityDetail anchorEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update elements attached directly to an anchor. These updates could be to their properties, classifications, and relationships.- Specified by:
validateUserForAnchorMemberUpdatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberStatusUpdate
public void validateUserForAnchorMemberStatusUpdate(String userId, EntityDetail anchorEntity, EntityDetail originalEntity, InstanceStatus newStatus, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the instance status of an element.- Specified by:
validateUserForAnchorMemberStatusUpdatein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling methodoriginalEntity- entity being updatednewStatus- new value for status- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorAttach
public void validateUserForAnchorAttach(String userId, EntityDetail anchorEntity, EntityDetail attachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements- Specified by:
validateUserForAnchorAttachin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsattachingEntity- new elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorDetach
public void validateUserForAnchorDetach(String userId, EntityDetail anchorEntity, EntityDetail detachingEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to link unanchored elements- Specified by:
validateUserForAnchorDetachin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsdetachingEntity- obsolete elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorAddFeedback
public void validateUserForAnchorAddFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the anchor or member element.- Specified by:
validateUserForAnchorAddFeedbackin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorDeleteFeedback
public void validateUserForAnchorDeleteFeedback(String userId, EntityDetail anchorEntity, EntityDetail feedbackEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to detach feedback - such as comments, ratings, tags and likes, to the anchor or member element.- Specified by:
validateUserForAnchorDeleteFeedbackin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsfeedbackEntity- feedback elementrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorClassify
public void validateUserForAnchorClassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to add or update a classification on this anchor or member element.- Specified by:
validateUserForAnchorClassifyin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorDeclassify
public void validateUserForAnchorDeclassify(String userId, EntityDetail anchorEntity, String classificationName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to remove a classification from this anchor or member element- Specified by:
validateUserForAnchorDeclassifyin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsclassificationName- name of the classificationrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberDelete
public void validateUserForAnchorMemberDelete(String userId, EntityDetail anchorEntity, EntityDetail obsoleteEntity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an element and all of its contents.- Specified by:
validateUserForAnchorMemberDeletein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of userobsoleteEntity- original element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForElementDelete
public void validateUserForElementDelete(String userId, EntityDetail entity, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an element and all of its contents.- Specified by:
validateUserForElementDeletein interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of userentity- original element detailsrepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForAnchorMemberAdd
public void validateUserForAnchorMemberAdd(String userId, EntityDetail anchorEntity, EntityDetail newMemberEntity, String relationshipName, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to attach feedback - such as comments, ratings, tags and likes, to the element.- Specified by:
validateUserForAnchorMemberAddin interfaceOpenMetadataElementSecurity- Parameters:
userId- identifier of useranchorEntity- anchor detailsnewMemberEntity- feedback elementrelationshipName- name of the relationshiprepositoryHelper- helper for OMRS objectsserviceName- calling servicemethodName- calling method- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
selectConnection
public EntityDetail selectConnection(String userId, EntityDetail assetEntity, List<EntityDetail> connectionEntities, OMRSRepositoryHelper repositoryHelper, String serviceName, String methodName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Use the security connector to make a choice on which connection to supply to the requesting user.- Specified by:
selectConnectionin interfaceOpenMetadataElementSecurity- Parameters:
userId- calling userIdassetEntity- associated asset - may be nullconnectionEntities- list of retrieved connectionsrepositoryHelper- for working with OMRS objectsserviceName- calling servicemethodName- calling method- Returns:
- single connection entity, or null
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeCreate
public void validateUserForTypeCreate(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create a type within a repository.- Specified by:
validateUserForTypeCreatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeCreatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiontypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeCreate
public void validateUserForTypeCreate(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create a type within a repository.- Specified by:
validateUserForTypeCreatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeCreatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionattributeTypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeRead
public void validateUserForTypeRead(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific type within a repository.- Specified by:
validateUserForTypeReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiontypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeRead
public void validateUserForTypeRead(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific type within a repository.- Specified by:
validateUserForTypeReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionattributeTypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeUpdate
public void validateUserForTypeUpdate(String userId, String metadataCollectionName, TypeDef typeDef, TypeDefPatch patch) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update a typeDef within a repository.- Specified by:
validateUserForTypeUpdatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeUpdatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiontypeDef- current typeDef detailspatch- proposed changes to type- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeDelete
public void validateUserForTypeDelete(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete a type within a repository.- Specified by:
validateUserForTypeDeletein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeDeletein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiontypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeDelete
public void validateUserForTypeDelete(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete a type within a repository.- Specified by:
validateUserForTypeDeletein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeDeletein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionattributeTypeDef- type details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeReIdentify
public void validateUserForTypeReIdentify(String userId, String metadataCollectionName, TypeDef originalTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the identifiers for a type within a repository.- Specified by:
validateUserForTypeReIdentifyin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeReIdentifyin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionoriginalTypeDef- type detailsnewTypeDefGUID- the new identifier for the type.newTypeDefName- new name for this type.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForTypeReIdentify
public void validateUserForTypeReIdentify(String userId, String metadataCollectionName, AttributeTypeDef originalAttributeTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the identifiers for a type within a repository.- Specified by:
validateUserForTypeReIdentifyin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForTypeReIdentifyin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionoriginalAttributeTypeDef- type detailsnewTypeDefGUID- the new identifier for the type.newTypeDefName- new name for this type.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityCreate
public void validateUserForEntityCreate(String userId, String metadataCollectionName, String entityTypeGUID, InstanceProperties initialProperties, List<Classification> initialClassifications, InstanceStatus initialStatus) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create an instance within a repository.- Specified by:
validateUserForEntityCreatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityCreatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionentityTypeGUID- unique identifier (guid) for the new entity's type.initialProperties- initial list of properties for the new entity null means no properties.initialClassifications- initial list of classifications for the new entity null means no classifications.initialStatus- initial status typically DRAFT, PREPARED or ACTIVE.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityRead
public EntityDetail validateUserForEntityRead(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific instance within a repository.- Specified by:
validateUserForEntityReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Returns:
- entity to return (maybe altered by the connector)
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntitySummaryRead
public void validateUserForEntitySummaryRead(String userId, String metadataCollectionName, EntitySummary instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific instance within a repository.- Specified by:
validateUserForEntitySummaryReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntitySummaryReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityProxyRead
public void validateUserForEntityProxyRead(String userId, String metadataCollectionName, EntityProxy instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific instance within a repository.- Specified by:
validateUserForEntityProxyReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityProxyReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityUpdate
public void validateUserForEntityUpdate(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update an instance within a repository.- Specified by:
validateUserForEntityUpdatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityUpdatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityClassificationAdd
public void validateUserForEntityClassificationAdd(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.- Specified by:
validateUserForEntityClassificationAddin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityClassificationAddin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsclassificationName- String name for the classification.properties- list of properties for the classification.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityClassificationUpdate
public void validateUserForEntityClassificationUpdate(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update the classification for an entity instance within a repository.- Specified by:
validateUserForEntityClassificationUpdatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityClassificationUpdatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsclassificationName- String name for the classification.properties- list of properties for the classification.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityClassificationDelete
public void validateUserForEntityClassificationDelete(String userId, String metadataCollectionName, EntitySummary instance, String classificationName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.- Specified by:
validateUserForEntityClassificationDeletein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityClassificationDeletein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsclassificationName- String name for the classification.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityDelete
public void validateUserForEntityDelete(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an instance within a repository.- Specified by:
validateUserForEntityDeletein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityDeletein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityRestore
public void validateUserForEntityRestore(String userId, String metadataCollectionName, String deletedEntityGUID) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to restore an instance within a repository.- Specified by:
validateUserForEntityRestorein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityRestorein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiondeletedEntityGUID- String unique identifier (guid) for the entity.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityReIdentification
public void validateUserForEntityReIdentification(String userId, String metadataCollectionName, EntityDetail instance, String newGUID) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the guid on an instance within a repository.- Specified by:
validateUserForEntityReIdentificationin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityReIdentificationin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewGUID- the new guid for the instance.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityReTyping
public void validateUserForEntityReTyping(String userId, String metadataCollectionName, EntityDetail instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the type name of an instance within a repository.- Specified by:
validateUserForEntityReTypingin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityReTypingin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewTypeDefSummary- details of this instance's new TypeDef.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForEntityReHoming
public void validateUserForEntityReHoming(String userId, String metadataCollectionName, EntityDetail instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the home of an instance within a repository.- Specified by:
validateUserForEntityReHomingin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForEntityReHomingin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewHomeMetadataCollectionId- unique identifier for the new home metadata collection/repository.newHomeMetadataCollectionName- display name for the new home metadata collection/repository.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipCreate
public void validateUserForRelationshipCreate(String userId, String metadataCollectionName, String relationshipTypeGUID, InstanceProperties initialProperties, EntitySummary entityOneSummary, EntitySummary entityTwoSummary, InstanceStatus initialStatus) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to create an instance within a repository.- Specified by:
validateUserForRelationshipCreatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipCreatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectionrelationshipTypeGUID- unique identifier (guid) for the new relationship's type.initialProperties- initial list of properties for the new entity null means no properties.entityOneSummary- the unique identifier of one of the entities that the relationship is connecting together.entityTwoSummary- the unique identifier of the other entity that the relationship is connecting together.initialStatus- initial status typically DRAFT, PREPARED or ACTIVE.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipRead
public Relationship validateUserForRelationshipRead(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have read access to a specific instance within a repository.- Specified by:
validateUserForRelationshipReadin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipReadin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Returns:
- relationship to return (maybe altered by the connector)
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipUpdate
public void validateUserForRelationshipUpdate(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to update an instance within a repository.- Specified by:
validateUserForRelationshipUpdatein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipUpdatein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipDelete
public void validateUserForRelationshipDelete(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to delete an instance within a repository.- Specified by:
validateUserForRelationshipDeletein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipDeletein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance details- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipRestore
public void validateUserForRelationshipRestore(String userId, String metadataCollectionName, String deletedRelationshipGUID) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to restore an instance within a repository.- Specified by:
validateUserForRelationshipRestorein interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipRestorein classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectiondeletedRelationshipGUID- String unique identifier (guid) for the relationship.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipReIdentification
public void validateUserForRelationshipReIdentification(String userId, String metadataCollectionName, Relationship instance, String newGUID) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the guid on an instance within a repository.- Specified by:
validateUserForRelationshipReIdentificationin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipReIdentificationin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewGUID- the new guid for the instance.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipReTyping
public void validateUserForRelationshipReTyping(String userId, String metadataCollectionName, Relationship instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the type name of an instance within a repository.- Specified by:
validateUserForRelationshipReTypingin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipReTypingin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewTypeDefSummary- details of this instance's new TypeDef.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateUserForRelationshipReHoming
public void validateUserForRelationshipReHoming(String userId, String metadataCollectionName, Relationship instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a specific user should have the right to change the home of a instance within a repository.- Specified by:
validateUserForRelationshipReHomingin interfaceOpenMetadataRepositorySecurity- Overrides:
validateUserForRelationshipReHomingin classOpenMetadataSecurityConnector- Parameters:
userId- identifier of usermetadataCollectionName- configurable name of the metadata collectioninstance- instance detailsnewHomeMetadataCollectionId- unique identifier for the new home metadata collection/repository.newHomeMetadataCollectionName- display name for the new home metadata collection/repository.- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateEntityReferenceCopySave
public boolean validateEntityReferenceCopySave(String userId, EntityDetail instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a reference copy should be saved to the repository.- Specified by:
validateEntityReferenceCopySavein interfaceOpenMetadataRepositorySecurity- Parameters:
userId- identifier of userinstance- instance details- Returns:
- flag indicating whether the reference copy should be saved
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-
validateRelationshipReferenceCopySave
public boolean validateRelationshipReferenceCopySave(String userId, Relationship instance) throws UserNotAuthorizedException, InvalidParameterException, PropertyServerException Tests for whether a reference copy should be saved to the repository.- Specified by:
validateRelationshipReferenceCopySavein interfaceOpenMetadataRepositorySecurity- Parameters:
userId- identifier of userinstance- instance details- Returns:
- flag indicating whether the reference copy should be saved
- Throws:
InvalidParameterException- one of the elements is invisible to the requesting user.UserNotAuthorizedException- the requesting user is not authorized to issue this request.PropertyServerException- unable to retrieve necessary information to make the decision.
-