Package com.illumon.iris.db.v2.permissions

Class AclHelper

java.lang.Object

com.illumon.iris.db.v2.permissions.AclHelper

public final class AclHelper
extends Object

This purely static class centralizes the logic around table row/column ACL application.

Constructor Summary

Constructors

Constructor	Description
AclHelper()

Method Summary

Modifier and Type	Method	Description
static Table	applyAcls(com.fishlib.auth.UserContext userContext, Table table, String name, IrisGroupProvider groupProvider, String owner, Supplier<String[]> adminGroupSupplier)	Apply both Row and Column ACLs to the specified table.
static Table	applyUserPermissions(Database database, String namespace, String tableName, Table table, boolean refreshing, PermissionFilterProvider permissionFilterProvider)	Apply system-level table ACLs (both row and column based) to the specified table.
static boolean	hasTableAcls(Table table)	Check if the specified table has ACLs at the table level.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AclHelper

public AclHelper()

Method Details

applyUserPermissions

public static Table applyUserPermissions(Database database, String namespace, String tableName, Table table, boolean refreshing, PermissionFilterProvider permissionFilterProvider)

Apply system-level table ACLs (both row and column based) to the specified table.

Parameters:

database - the database for the table

namespace - the namespace of the table

tableName - the name of the table

table - the table to apply ACLs to

refreshing - if the table is refreshing

permissionFilterProvider - a permission filter provider for the system's configured ACL store

Returns:

the input table with ACLs applied

Throws:

TableAccessException - if the table may not be accessed.

hasTableAcls

public static boolean hasTableAcls(Table table)

Check if the specified table has ACLs at the table level.

Parameters:

table - the table to check for ACLs

Returns:

if the table has ACLs

applyAcls

public static Table applyAcls(com.fishlib.auth.UserContext userContext, Table table, String name, IrisGroupProvider groupProvider, String owner, Supplier<String[]> adminGroupSupplier) throws TableAccessException

Apply both Row and Column ACLs to the specified table.

Parameters:

userContext - the user trying to access the table

table - the table

name - the name of the table (if any)

groupProvider - the source of group information

owner - the owner of the source

adminGroupSupplier - a supplier to find admin groups

Returns:

the table with ACLs applied, or the original table if there were no ACLs.

Throws:

TableAccessException - if the user may not access the table.