com.waveset.object
Interface LighthouseContext

All Superinterfaces:
ObjectSource

public interface LighthouseContext
extends ObjectSource

An interface for an object that provides fundamental services to Lighthouse components. These services include a persistent store (Repository), an object cache (ObjectCache), authorization (AccessPolicy), and logging.


Field Summary
static java.lang.String code_id
           
static java.lang.String COMP_ACCESS_POLICY
           
static java.lang.String COMP_AUTH_CACHE
           
static java.lang.String COMP_LOGIN_CONFIG_INFO
           
static java.lang.String COMP_PROVISIONER
           
static java.lang.String COMP_RECONCILER
           
static java.lang.String COMP_REPOSITORY
           
static java.lang.String COMP_SUBJECT_AUTH_CACHE
           
static java.lang.String COMP_TASK_MANAGER
           
static java.lang.String COMP_WORKFLOW
           
static java.lang.String OP_CACHE
          Requests that the list returned by listResourceObjects or getResourceObjects should be cached for later use.
static java.lang.String OP_CACHE_OBJECT_TYPE
           
static java.lang.String OP_CACHE_RESOURCE_ID
           
static java.lang.String OP_CACHE_SUBJECT
          These symbols are frequently referenced when working with the caches, is the only reason they appear here.
static java.lang.String OP_CACHE_TEMPLATE_PARAMETERS
           
static java.lang.String OP_CACHE_TIMEOUT
          Used in combination with the OP_CACHE_LIST option, it specifies the number of milliseonds the list should be cached.
static java.lang.String OP_CLEAR_CACHE
          Used with the listresourceObjects or getResourceObjects to request that any caches related to the request be cleared before calcualting the result.
 
Fields inherited from interface com.waveset.object.ObjectSource
HIGH_VALUES, OP_ALLOW_NOT_FOUND, OP_ATTRIBUTES, OP_BLOCK_SIZE, OP_BUFFERED, OP_CONDITIONS, OP_END_BEFORE, OP_FAST, OP_FILTER, OP_FORCE, OP_INTERNAL_CURRENT_PO, OP_KEEP_LOCK, OP_MAX_ROWS, OP_NO_CACHE, OP_NO_RULE_DRIVEN_MEMBERS, OP_ONLY_NAMES, OP_ORDER_BY, OP_START_AFTER, OP_SUBJECT, OP_SUBTYPES, OP_UNFILTERED_MAX_ROWS, OP_USER
 
Method Summary
 java.lang.Object callResourceMethod(java.lang.String resourceId, java.lang.String methodName, java.util.Map args)
          Call a resource adapter specific method.
 void checkPermission(PersistentObject obj, com.waveset.object.Right right)
          Check permissions for the curent subject against the given object and right.
 void checkPermission(com.waveset.object.Type type, com.waveset.object.Right right)
          Check permissions for the current subject, against the given type and right.
 void checkPermissionToAnyAuthTypeSubType(com.waveset.object.Type type, com.waveset.object.Right right)
          Check permissions for the given subject, against the given type or any of its authtype subtypes and right.
 void checkReferencePermissions(PersistentObject obj)
          Check connect/disconnect permissions to objects referenced by another object.
 void clearResourceObjectGetCache(java.util.Map options)
          Clear specified resource object lists from the cache
 void clearResourceObjectGetCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resourceId)
          Clear all resource object lists from the cache for all users including default
 void clearResourceObjectListCache(java.util.Map options)
          Clear specified resource object lists from the cache
 void clearResourceObjectListCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resourceId)
          Clear all resource object lists from the cache for all users including default
 java.lang.Object extendedOperation(java.lang.String op, java.util.Map arguments)
          This provides a way to expose arbitrary methods that aren't part of the interface.
 LighthouseContext getAuthenticatedContext(com.waveset.object.IDMXUser user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with an IDMXUser
 LighthouseContext getAuthenticatedContext(java.lang.String user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of the named user.
 LighthouseContext getAuthenticatedContext(Subject subject)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a Subject.
 LighthouseContext getAuthenticatedContext(WSUser user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a WSUser
 java.lang.Object getComponent(java.lang.String name)
          Return a handle to another system component identified by name.
 ObjectGroup[] getControlledObjectGroups(Subject subject, java.util.Map options)
          Get Controlled Object Groups for a Subject
 GenericObject getResourceObject(java.lang.String resourceId, java.lang.String objectType, java.lang.String objectId, java.util.Map options)
          Return the requested object given the resource, object type and object id.
 java.util.List getResourceObjects(java.lang.String objectType, java.lang.String resourceId, java.util.Map options)
          Return a List of GenericObjects representing objects in a resource.
 Subject getSubject()
          Returns the Subject for an authenticated context.
 ObjectGroup[] getTopControlledObjectGroups(Subject subject)
          Get Top Controlled Object Groups for a Subject
 ObjectGroup[] getTopControlledObjectGroups(Subject subject, java.util.Map options)
          Get Top Controlled Object Groups for a Subject
 java.lang.String getUser()
          Returns the effective user name for an authenticated context.
 java.util.List listResourceObjects(java.lang.String objectType, java.util.List resourceList, java.util.Map options)
          Return a List of object names of a given type and a list of resources
 java.util.List listResourceObjects(java.lang.String objectType, java.lang.String resourceId, java.util.Map options)
          Return a List of object names of a given type on a resource.
 void log(com.waveset.object.AuditEvent e)
          Log an event fully specified with an AuditEvent object.
 void logFailure(PersistentObject obj, java.lang.String action, java.lang.String reason)
          Log a failure event for an object.
 void logFailure(java.lang.String objectName, java.lang.String objectType, java.lang.String action, java.lang.String reason)
          Log a failure event with an object name and type mask.
 void logResultErrors(PersistentObject obj, java.lang.String action, WavesetResult result)
          Log any errors found within a WavesetResult.
 void logSuccess(PersistentObject obj, java.lang.String action)
          Log a success event for an object.
 void logSuccess(PersistentObject obj, java.lang.String action, java.util.Map oldValues, java.util.Map newValues)
          Log a success event for an object, include new and old values that will be stored in the blob of the audit table.
 com.waveset.object.TaskInstance runTask(com.waveset.object.TaskTemplate tt)
          Launch a task defined by a task template.
 void setSubject(Subject subject)
          Change the effective user for logical locking.
 void setUser(java.lang.String name)
          Change the effective user for logical locking.
 boolean subjectControlsObjectGroup(java.util.List objectgroups)
          This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false.
 boolean subjectHasRight(java.lang.String type, com.waveset.object.Right right)
          This method will return true if the subject has the specified right to the specified type.
 boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type, com.waveset.object.Right right)
          This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes.
 boolean subjectIsAssignedAdminGroups(java.util.List admingroups)
          This method will return true if the current subject has the specified capabilities; otherwise, returns false.
 boolean testPermission(PersistentObject obj, com.waveset.object.Right right)
          Test permissions without throwing an exception.
 boolean testPermission(com.waveset.object.Type type, java.lang.String id, com.waveset.object.Right right)
          Test permissions without throwing an exception.
 
Methods inherited from interface com.waveset.object.ObjectSource
breakLock, checkinObject, checkinView, checkoutObject, checkoutView, commitView, countObjects, createView, deleteObject, deleteObjects, deleteView, getCache, getForm, getLock, getObject, getObject, getObjectIfExists, getObjectIfExists, getObjects, getSystemConfiguration, getView, listObjects, lockObject, refreshView, renameObject, unlockObject, unlockView
 

Field Detail

code_id

static final java.lang.String code_id
See Also:
Constant Field Values

COMP_ACCESS_POLICY

static final java.lang.String COMP_ACCESS_POLICY
See Also:
Constant Field Values

COMP_AUTH_CACHE

static final java.lang.String COMP_AUTH_CACHE
See Also:
Constant Field Values

COMP_LOGIN_CONFIG_INFO

static final java.lang.String COMP_LOGIN_CONFIG_INFO
See Also:
Constant Field Values

COMP_PROVISIONER

static final java.lang.String COMP_PROVISIONER
See Also:
Constant Field Values

COMP_RECONCILER

static final java.lang.String COMP_RECONCILER
See Also:
Constant Field Values

COMP_REPOSITORY

static final java.lang.String COMP_REPOSITORY
See Also:
Constant Field Values

COMP_SUBJECT_AUTH_CACHE

static final java.lang.String COMP_SUBJECT_AUTH_CACHE
See Also:
Constant Field Values

COMP_TASK_MANAGER

static final java.lang.String COMP_TASK_MANAGER
See Also:
Constant Field Values

COMP_WORKFLOW

static final java.lang.String COMP_WORKFLOW
See Also:
Constant Field Values

OP_CACHE

static final java.lang.String OP_CACHE
Requests that the list returned by listResourceObjects or getResourceObjects should be cached for later use. This may improve performance if the list is large and accessed frequently.

See Also:
Constant Field Values

OP_CACHE_OBJECT_TYPE

static final java.lang.String OP_CACHE_OBJECT_TYPE
See Also:
Constant Field Values

OP_CACHE_RESOURCE_ID

static final java.lang.String OP_CACHE_RESOURCE_ID
See Also:
Constant Field Values

OP_CACHE_SUBJECT

static final java.lang.String OP_CACHE_SUBJECT
These symbols are frequently referenced when working with the caches, is the only reason they appear here.

See Also:
Constant Field Values

OP_CACHE_TEMPLATE_PARAMETERS

static final java.lang.String OP_CACHE_TEMPLATE_PARAMETERS
See Also:
Constant Field Values

OP_CACHE_TIMEOUT

static final java.lang.String OP_CACHE_TIMEOUT
Used in combination with the OP_CACHE_LIST option, it specifies the number of milliseonds the list should be cached. If this is not specified the list will remain in the cache until explicitly removed with the OP_CLEAR_CACHE option.

See Also:
Constant Field Values

OP_CLEAR_CACHE

static final java.lang.String OP_CLEAR_CACHE
Used with the listresourceObjects or getResourceObjects to request that any caches related to the request be cleared before calcualting the result.

See Also:
Constant Field Values
Method Detail

callResourceMethod

java.lang.Object callResourceMethod(java.lang.String resourceId,
                                    java.lang.String methodName,
                                    java.util.Map args)
                                    throws com.waveset.util.WavesetException
Call a resource adapter specific method. The method names, arguments, and return values are all resource specific.

Throws:
com.waveset.util.WavesetException

checkPermission

void checkPermission(PersistentObject obj,
                     com.waveset.object.Right right)
                     throws com.waveset.util.WSAuthorizationException,
                            com.waveset.util.WavesetException
Check permissions for the curent subject against the given object and right.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException

checkPermission

void checkPermission(com.waveset.object.Type type,
                     com.waveset.object.Right right)
                     throws com.waveset.util.WSAuthorizationException,
                            com.waveset.util.WavesetException
Check permissions for the current subject, against the given type and right.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException

checkPermissionToAnyAuthTypeSubType

void checkPermissionToAnyAuthTypeSubType(com.waveset.object.Type type,
                                         com.waveset.object.Right right)
                                         throws com.waveset.util.WSAuthorizationException,
                                                com.waveset.util.WavesetException
Check permissions for the given subject, against the given type or any of its authtype subtypes and right.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException

checkReferencePermissions

void checkReferencePermissions(PersistentObject obj)
                               throws com.waveset.util.WSAuthorizationException,
                                      com.waveset.util.WavesetException
Check connect/disconnect permissions to objects referenced by another object.

We might be able to assume this is done by checkinObject, but then we would want this disabled by default in most of the context implemetations.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException

clearResourceObjectGetCache

void clearResourceObjectGetCache(java.util.Map options)
                                 throws com.waveset.util.WavesetException
Clear specified resource object lists from the cache

Throws:
com.waveset.util.WavesetException

clearResourceObjectGetCache

void clearResourceObjectGetCache(java.lang.String subjectName,
                                 java.lang.String objectType,
                                 java.lang.String resourceId)
                                 throws com.waveset.util.WavesetException
Clear all resource object lists from the cache for all users including default

Throws:
com.waveset.util.WavesetException

clearResourceObjectListCache

void clearResourceObjectListCache(java.util.Map options)
                                  throws com.waveset.util.WavesetException
Clear specified resource object lists from the cache

Throws:
com.waveset.util.WavesetException

clearResourceObjectListCache

void clearResourceObjectListCache(java.lang.String subjectName,
                                  java.lang.String objectType,
                                  java.lang.String resourceId)
                                  throws com.waveset.util.WavesetException
Clear all resource object lists from the cache for all users including default

Throws:
com.waveset.util.WavesetException

extendedOperation

java.lang.Object extendedOperation(java.lang.String op,
                                   java.util.Map arguments)
                                   throws com.waveset.util.WavesetException
This provides a way to expose arbitrary methods that aren't part of the interface. It is intended primarily to assist the migration of older code to use the LighthouseContext interface where it may need to call things that aren't in the interface, and we don't yet know the best way to expose them. // // This should be avoided if at all possible. As soon as you find // something that needs to be exposed here, call a meeting to figure // out why this is is necessary, if there's another way, and if not // how to cleanly expose it through this interface.

Throws:
com.waveset.util.WavesetException

getAuthenticatedContext

LighthouseContext getAuthenticatedContext(com.waveset.object.IDMXUser user)
                                          throws com.waveset.util.WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with an IDMXUser

Throws:
com.waveset.util.WavesetException

getAuthenticatedContext

LighthouseContext getAuthenticatedContext(java.lang.String user)
                                          throws com.waveset.util.WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of the named user. An authenticated context does not need to pass the OP_USER option to methods such as checkinObject.

Throws:
com.waveset.util.WavesetException

getAuthenticatedContext

LighthouseContext getAuthenticatedContext(Subject subject)
                                          throws com.waveset.util.WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a Subject.

Throws:
com.waveset.util.WavesetException

getAuthenticatedContext

LighthouseContext getAuthenticatedContext(WSUser user)
                                          throws com.waveset.util.WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a WSUser

Throws:
com.waveset.util.WavesetException

getComponent

java.lang.Object getComponent(java.lang.String name)
Return a handle to another system component identified by name. The context is not required to provide every component. The purpose of this method is primarily to eliminate compile time dependencies on internal server components so this interface may be used in many contexts.


getControlledObjectGroups

ObjectGroup[] getControlledObjectGroups(Subject subject,
                                        java.util.Map options)
                                        throws com.waveset.util.WavesetException
Get Controlled Object Groups for a Subject

Returns the set of 0 or more object groups controlled by the specified principal. Opposite to this method returns directly controlled object groups.

Options supported include:

- "grantedPermissions" => list of Permissions the subject must have in a given controlled object for it to be returned. For example, if the permissions specified were: [new Permission(Type.USER, Right.VIEW)] then only object groups controlled by the subject where they have been granted at least view rights to users would be returned.

Throws:
com.waveset.util.WavesetException

getResourceObject

GenericObject getResourceObject(java.lang.String resourceId,
                                java.lang.String objectType,
                                java.lang.String objectId,
                                java.util.Map options)
                                throws com.waveset.util.WavesetException
Return the requested object given the resource, object type and object id.

Throws:
com.waveset.util.WavesetException

getResourceObjects

java.util.List getResourceObjects(java.lang.String objectType,
                                  java.lang.String resourceId,
                                  java.util.Map options)
                                  throws com.waveset.util.WavesetException
Return a List of GenericObjects representing objects in a resource.

Throws:
com.waveset.util.WavesetException

getSubject

Subject getSubject()
Returns the Subject for an authenticated context. Returns null for an anonymous context, or if the context was created with only the user name rather than a full subject.


getTopControlledObjectGroups

ObjectGroup[] getTopControlledObjectGroups(Subject subject)
                                           throws com.waveset.util.WavesetException
Get Top Controlled Object Groups for a Subject

Returns the set of 0 or more object groups controlled by the specified principal, each of which has no object group parent that is also controlled by the principal.

Throws:
com.waveset.util.WavesetException

getTopControlledObjectGroups

ObjectGroup[] getTopControlledObjectGroups(Subject subject,
                                           java.util.Map options)
                                           throws com.waveset.util.WavesetException
Get Top Controlled Object Groups for a Subject

Returns the set of 0 or more object groups controlled by the specified principal, each of which has no object group parent that is also controlled by the principal.

Options supported include:

- "grantedPermissions" => list of Permissions the subject must have in a given controlled object for it to be returned. For example, if the permissions specified were: [new Permission(Type.USER, Right.VIEW)] then only the top object groups controlled by the subject where they have been granted at least view rights to users would be returned.

Throws:
com.waveset.util.WavesetException

getUser

java.lang.String getUser()
Returns the effective user name for an authenticated context. Returns null for an anonymous context.


listResourceObjects

java.util.List listResourceObjects(java.lang.String objectType,
                                   java.util.List resourceList,
                                   java.util.Map options)
                                   throws com.waveset.util.WavesetException
Return a List of object names of a given type and a list of resources

Throws:
com.waveset.util.WavesetException

listResourceObjects

java.util.List listResourceObjects(java.lang.String objectType,
                                   java.lang.String resourceId,
                                   java.util.Map options)
                                   throws com.waveset.util.WavesetException
Return a List of object names of a given type on a resource.

Throws:
com.waveset.util.WavesetException

log

void log(com.waveset.object.AuditEvent e)
         throws com.waveset.util.WavesetException
Log an event fully specified with an AuditEvent object.

Throws:
com.waveset.util.WavesetException

logFailure

void logFailure(PersistentObject obj,
                java.lang.String action,
                java.lang.String reason)
                throws com.waveset.util.WavesetException
Log a failure event for an object.

Throws:
com.waveset.util.WavesetException

logFailure

void logFailure(java.lang.String objectName,
                java.lang.String objectType,
                java.lang.String action,
                java.lang.String reason)
                throws com.waveset.util.WavesetException
Log a failure event with an object name and type mask.

Throws:
com.waveset.util.WavesetException

logResultErrors

void logResultErrors(PersistentObject obj,
                     java.lang.String action,
                     WavesetResult result)
                     throws com.waveset.util.WavesetException
Log any errors found within a WavesetResult.

Throws:
com.waveset.util.WavesetException

logSuccess

void logSuccess(PersistentObject obj,
                java.lang.String action)
                throws com.waveset.util.WavesetException
Log a success event for an object.

Throws:
com.waveset.util.WavesetException

logSuccess

void logSuccess(PersistentObject obj,
                java.lang.String action,
                java.util.Map oldValues,
                java.util.Map newValues)
                throws com.waveset.util.WavesetException
Log a success event for an object, include new and old values that will be stored in the blob of the audit table.

Throws:
com.waveset.util.WavesetException

runTask

com.waveset.object.TaskInstance runTask(com.waveset.object.TaskTemplate tt)
                                        throws com.waveset.util.WavesetException
Launch a task defined by a task template.

Throws:
com.waveset.util.WavesetException

setSubject

void setSubject(Subject subject)
                throws com.waveset.util.WavesetException
Change the effective user for logical locking. This should only be called if you know this is a private context that won't be shared by another thread. Here the user is specified by Subject.

Throws:
com.waveset.util.WavesetException

setUser

void setUser(java.lang.String name)
             throws com.waveset.util.WavesetException
Change the effective user for logical locking. This should only be called if you know this is a private context that won't be shared by another thread. Here the user is specified by name.

Throws:
com.waveset.util.WavesetException

subjectControlsObjectGroup

boolean subjectControlsObjectGroup(java.util.List objectgroups)
                                   throws com.waveset.util.WavesetException
This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false. The supported list of organizations include those returned by listing all objects of type ObjectGroup

Throws:
com.waveset.util.WavesetException

subjectHasRight

boolean subjectHasRight(java.lang.String type,
                        com.waveset.object.Right right)
                        throws com.waveset.util.WavesetException
This method will return true if the subject has the specified right to the specified type. It does not imply that the subject has the specified right to all objects of the specified type, since a given object may or may not be in the subject's scope of control or if it is the subject may not have the specified right to the object in that scope. Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type.

Throws:
com.waveset.util.WavesetException

subjectHasRightToAnyAuthTypeSubType

boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type,
                                            com.waveset.object.Right right)
                                            throws com.waveset.util.WavesetException
This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes. It does not imply that the subject has the specified right to all objects of the specified type or any of its authtype subtypes, since a given object may or may not be in the subject's scope of control or if it is the subject may not have the specified right to the object in that scope.

Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type or any of its authtype subtypes. For example, this method is called by the UI to determine if the current subject should be able to view a given page or not. If the subject has the specified right to the specified type or one of the type's authtype subtypes, then they can view the page.

Throws:
com.waveset.util.WavesetException

subjectIsAssignedAdminGroups

boolean subjectIsAssignedAdminGroups(java.util.List admingroups)
                                     throws com.waveset.util.WavesetException
This method will return true if the current subject has the specified capabilities; otherwise, returns false. The supported list of capabilities include those returned by listing all objects of type AdminGroup (e.g. "Account Administrator")

Throws:
com.waveset.util.WavesetException

testPermission

boolean testPermission(PersistentObject obj,
                       com.waveset.object.Right right)
                       throws com.waveset.util.WSAuthorizationException,
                              com.waveset.util.WavesetException
Test permissions without throwing an exception.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException

testPermission

boolean testPermission(com.waveset.object.Type type,
                       java.lang.String id,
                       com.waveset.object.Right right)
                       throws com.waveset.util.WSAuthorizationException,
                              com.waveset.util.WavesetException
Test permissions without throwing an exception.

Throws:
com.waveset.util.WSAuthorizationException
com.waveset.util.WavesetException