Package org.odpi.openmetadata.metadatasecurity.server

Class OpenMetadataPlatformSecurityVerifier

java.lang.Object

org.odpi.openmetadata.metadatasecurity.server.OpenMetadataPlatformSecurityVerifier

public class OpenMetadataPlatformSecurityVerifier
extends Object

OpenMetadataPlatformSecurityVerifier provides the plug-in point for the open metadata platform connector

Constructor Summary

Constructors

Constructor	Description
OpenMetadataPlatformSecurityVerifier()

Method Summary

Modifier and Type	Method	Description
static void	clearPlatformSecurityConnection(String userId, String delegatingUserId)	Clear the connection object for the configuration store.
static void	deleteSecurityAccessControl(String userId, String delegatingUserId, String controlName)	Delete information about a specific user.
static void	deleteUserAccount(String userId, String delegatingUserId, String accountUserId)	Delete information about a specific user.
static OpenMetadataUserAccount	getLogonUser(String accountUserId)	Return information about a user requesting a bearer token
static Connection	getPlatformSecurityConnection(String userId, String delegatingUserId)	Return the connection object for the configuration store.
static OpenMetadataSecurityAccessControl	getSecurityAccessControl(String userId, String delegatingUserId, String controlName)	Return information about a security access control.
static OpenMetadataUserAccount	getUserAccount(String userId, String delegatingUserId, String accountUserId)	Return information about a user.
static void	setPlatformSecurityConnection(String userId, String delegatingUserId, String serverPlatformURL, Connection connection)	Override the default location of the configuration documents.
static void	setSecurityAccessControl(String userId, String delegatingUserId, OpenMetadataSecurityAccessControl securityAccessControl)	Update information about a specific security access control.
static void	updateLoginUserAccount(OpenMetadataUserAccount userAccount)	Update information about a specific user.
static void	updateUserAccount(String userId, String delegatingUserId, OpenMetadataUserAccount userAccount)	Update information about a specific user.
static void	validateUserAsInvestigatorForPlatform(String userId)	Check that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.
static void	validateUserAsOperatorForPlatform(String userId)	Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
static void	validateUserForNewServer(String userId)	Check that the calling user is authorized to create new servers.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OpenMetadataPlatformSecurityVerifier

public OpenMetadataPlatformSecurityVerifier()

Method Details

setPlatformSecurityConnection

public static void setPlatformSecurityConnection(String userId,
 String delegatingUserId,
 String serverPlatformURL,
 Connection connection)
                                          throws InvalidParameterException,
UserNotAuthorizedException,
PropertyServerException

Override the default location of the configuration documents.

Parameters:

userId - calling user.

delegatingUserId - external userId making request

serverPlatformURL - URL Root of the server platform.

connection - connection used to create and configure the connector that interacts with the real store.

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getPlatformSecurityConnection

public static Connection getPlatformSecurityConnection(String userId,
 String delegatingUserId)
                                                throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Return the connection object for the configuration store. Null is returned if the server should use the default store.

Parameters:

userId - calling user

delegatingUserId - external userId making request

Returns:

connection response

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

clearPlatformSecurityConnection

public static void clearPlatformSecurityConnection(String userId,
 String delegatingUserId)
                                            throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Clear the connection object for the configuration store. Null is returned if the server should use the default store.

Parameters:

userId - calling user

delegatingUserId - external userId making request

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getLogonUser

public static OpenMetadataUserAccount getLogonUser(String accountUserId)

Return information about a user requesting a bearer token

Parameters:

accountUserId - calling user

Returns:

known details of the user

getUserAccount

public static OpenMetadataUserAccount getUserAccount(String userId,
 String delegatingUserId,
 String accountUserId)
                                              throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Return information about a user.

Parameters:

userId - calling user

delegatingUserId - external userId making request

accountUserId - security access control identifier

Returns:

known details of the user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

updateLoginUserAccount

public static void updateLoginUserAccount(OpenMetadataUserAccount userAccount)

Update information about a specific user. This is used to update user details nd reset the password.

Parameters:

userAccount - security properties about the user

updateUserAccount

public static void updateUserAccount(String userId,
 String delegatingUserId,
 OpenMetadataUserAccount userAccount)
                              throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Update information about a specific user. This is used to update user details and reset the password.

Parameters:

userId - calling user

delegatingUserId - external userId making request

userAccount - security properties about the user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

deleteUserAccount

public static void deleteUserAccount(String userId,
 String delegatingUserId,
 String accountUserId)
                              throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Delete information about a specific user.

Parameters:

userId - calling user

delegatingUserId - external userId making request

accountUserId - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

getSecurityAccessControl

public static OpenMetadataSecurityAccessControl getSecurityAccessControl(String userId,
 String delegatingUserId,
 String controlName)
                                                                  throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Return information about a security access control.

Parameters:

userId - calling user

delegatingUserId - external userId making request

controlName - security access control identifier

Returns:

known details of the user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

setSecurityAccessControl

public static void setSecurityAccessControl(String userId,
 String delegatingUserId,
 OpenMetadataSecurityAccessControl securityAccessControl)
                                     throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Update information about a specific security access control.

Parameters:

userId - calling user

delegatingUserId - external userId making request

securityAccessControl - security properties about the control

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

deleteSecurityAccessControl

public static void deleteSecurityAccessControl(String userId,
 String delegatingUserId,
 String controlName)
                                        throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Delete information about a specific user.

Parameters:

userId - calling user

delegatingUserId - external userId making request

controlName - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

validateUserForNewServer

public static void validateUserForNewServer(String userId)
                                     throws UserNotAuthorizedException,
PropertyServerException,
InvalidParameterException

Check that the calling user is authorized to create new servers.

Parameters:

userId - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

validateUserAsOperatorForPlatform

public static void validateUserAsOperatorForPlatform(String userId)
                                              throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.

Parameters:

userId - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.

validateUserAsInvestigatorForPlatform

public static void validateUserAsInvestigatorForPlatform(String userId)
                                                  throws UserNotAuthorizedException,
InvalidParameterException,
PropertyServerException

Check that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.

Parameters:

userId - calling user

Throws:

InvalidParameterException - one of the elements is invisible to the requesting user.

UserNotAuthorizedException - the requesting user is not authorized to issue this request.

PropertyServerException - unable to retrieve necessary information to make the decision.