Package org.odpi.openmetadata.repositoryservices.connectors.stores.metadatacollectionstore

Interface OpenMetadataRepositorySecurity

All Known Implementing Classes:
CocoPharmaServerSecurityConnector, OMRSMetadataDefaultRepositorySecurity, OpenMetadataServerSecurityVerifier
public interface OpenMetadataRepositorySecurity
OpenMetadataRepositorySecurity defines security checks for accessing and maintaining open metadata types and instances in the local repository. An instance is an entity or a relationship. There is also a special method for changing classifications added to an entity.

  • Method Details

    • validateUserForTypeCreate

      void validateUserForTypeCreate(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to create a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      typeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeCreate

      void validateUserForTypeCreate(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to create a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      attributeTypeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeRead

      void validateUserForTypeRead(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      typeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve types

    • validateUserForTypeRead

      void validateUserForTypeRead(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      attributeTypeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve types

    • validateUserForTypeUpdate

      void validateUserForTypeUpdate(String userId, String metadataCollectionName, TypeDef typeDef, TypeDefPatch patch) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      typeDef - current type details
      patch - proposed changes to type
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeDelete

      void validateUserForTypeDelete(String userId, String metadataCollectionName, TypeDef typeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      typeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeDelete

      void validateUserForTypeDelete(String userId, String metadataCollectionName, AttributeTypeDef attributeTypeDef) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      attributeTypeDef - type details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeReIdentify

      void validateUserForTypeReIdentify(String userId, String metadataCollectionName, TypeDef originalTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the identifiers for a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      originalTypeDef - type details
      newTypeDefGUID - the new identifier for the type.
      newTypeDefName - new name for this type.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForTypeReIdentify

      void validateUserForTypeReIdentify(String userId, String metadataCollectionName, AttributeTypeDef originalAttributeTypeDef, String newTypeDefGUID, String newTypeDefName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the identifiers for a type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      originalAttributeTypeDef - type details
      newTypeDefGUID - the new identifier for the type.
      newTypeDefName - new name for this type.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain types

    • validateUserForEntityCreate

      void validateUserForEntityCreate(String userId, String metadataCollectionName, String entityTypeGUID, InstanceProperties initialProperties, List<Classification> initialClassifications, InstanceStatus initialStatus) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to create an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      entityTypeGUID - unique identifier (guid) for the new entity's type.
      initialProperties - initial list of properties for the new entity null means no properties.
      initialClassifications - initial list of classifications for the new entity null means no classifications.
      initialStatus - initial status typically DRAFT, PREPARED or ACTIVE.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityRead

      EntityDetail validateUserForEntityRead(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Returns:
      entity to return (maybe altered by the connector)
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve instances

    • validateUserForEntitySummaryRead

      void validateUserForEntitySummaryRead(String userId, String metadataCollectionName, EntitySummary instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve instances

    • validateUserForEntityProxyRead

      void validateUserForEntityProxyRead(String userId, String metadataCollectionName, EntityProxy instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve instances

    • validateUserForEntityUpdate

      void validateUserForEntityUpdate(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityClassificationAdd

      void validateUserForEntityClassificationAdd(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      classificationName - String name for the classification.
      properties - list of properties for the classification.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityClassificationUpdate

      void validateUserForEntityClassificationUpdate(String userId, String metadataCollectionName, EntitySummary instance, String classificationName, InstanceProperties properties) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update a classification for an entity instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      classificationName - String name for the classification.
      properties - list of properties for the classification.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityClassificationDelete

      void validateUserForEntityClassificationDelete(String userId, String metadataCollectionName, EntitySummary instance, String classificationName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      classificationName - String name for the classification.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityDelete

      void validateUserForEntityDelete(String userId, String metadataCollectionName, EntityDetail instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityRestore

      void validateUserForEntityRestore(String userId, String metadataCollectionName, String deletedEntityGUID) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to restore an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      deletedEntityGUID - String unique identifier (guid) for the entity.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityReIdentification

      void validateUserForEntityReIdentification(String userId, String metadataCollectionName, EntityDetail instance, String newGUID) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the guid on an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newGUID - the new guid for the instance.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityReTyping

      void validateUserForEntityReTyping(String userId, String metadataCollectionName, EntityDetail instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change an instance's type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newTypeDefSummary - details of this instance's new TypeDef.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForEntityReHoming

      void validateUserForEntityReHoming(String userId, String metadataCollectionName, EntityDetail instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the home of an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newHomeMetadataCollectionId - unique identifier for the new home metadata collection/repository.
      newHomeMetadataCollectionName - display name for the new home metadata collection/repository.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipCreate

      void validateUserForRelationshipCreate(String userId, String metadataCollectionName, String relationshipTypeGUID, InstanceProperties initialProperties, EntitySummary entityOneSummary, EntitySummary entityTwoSummary, InstanceStatus initialStatus) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to create an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      relationshipTypeGUID - unique identifier (guid) for the new relationship's type.
      initialProperties - initial list of properties for the new entity null means no properties.
      entityOneSummary - the unique identifier of one of the entities that the relationship is connecting together.
      entityTwoSummary - the unique identifier of the other entity that the relationship is connecting together.
      initialStatus - initial status typically DRAFT, PREPARED or ACTIVE.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipRead

      Relationship validateUserForRelationshipRead(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have read access to a specific instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Returns:
      relationship to return (maybe altered by the connector)
      Throws:
      UserNotAuthorizedException - the user is not authorized to retrieve instances

    • validateUserForRelationshipUpdate

      void validateUserForRelationshipUpdate(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to update an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipDelete

      void validateUserForRelationshipDelete(String userId, String metadataCollectionName, Relationship instance) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to delete an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipRestore

      void validateUserForRelationshipRestore(String userId, String metadataCollectionName, String deletedRelationshipGUID) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to restore an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      deletedRelationshipGUID - String unique identifier (guid) for the relationship.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipReIdentification

      void validateUserForRelationshipReIdentification(String userId, String metadataCollectionName, Relationship instance, String newGUID) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the guid on an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newGUID - the new guid for the instance.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipReTyping

      void validateUserForRelationshipReTyping(String userId, String metadataCollectionName, Relationship instance, TypeDefSummary newTypeDefSummary) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change an instance's type within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newTypeDefSummary - details of this instance's new TypeDef.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateUserForRelationshipReHoming

      void validateUserForRelationshipReHoming(String userId, String metadataCollectionName, Relationship instance, String newHomeMetadataCollectionId, String newHomeMetadataCollectionName) throws UserNotAuthorizedException
      Tests for whether a specific user should have the right to change the home of an instance within a repository.
      Parameters:
      userId - identifier of user
      metadataCollectionName - configurable name of the metadata collection
      instance - instance details
      newHomeMetadataCollectionId - unique identifier for the new home metadata collection/repository.
      newHomeMetadataCollectionName - display name for the new home metadata collection/repository.
      Throws:
      UserNotAuthorizedException - the user is not authorized to maintain instances

    • validateEntityReferenceCopySave

      boolean validateEntityReferenceCopySave(EntityDetail instance)
      Tests for whether a reference copy should be saved to the repository.
      Parameters:
      instance - instance details
      Returns:
      flag indicating whether the reference copy should be saved

    • validateRelationshipReferenceCopySave

      boolean validateRelationshipReferenceCopySave(Relationship instance)
      Tests for whether a reference copy should be saved to the repository.
      Parameters:
      instance - instance details
      Returns:
      flag indicating whether the reference copy should be saved