DataRolePolicyDecider (Teiid 13.1.0 API)

java.lang.Object
- org.teiid.dqp.internal.process.DataRolePolicyDecider

All Implemented Interfaces:: PolicyDecider

public class DataRolePolicyDecider
extends Object
implements PolicyDecider

Constructor Summary

Constructors
Constructor and Description

DataRolePolicyDecider()

Constructors
Constructor and Description
`DataRolePolicyDecider()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Set<AbstractMetadataRecord>`	`getInaccessibleResources(DataPolicy.PermissionType action, Set<AbstractMetadataRecord> resources, DataPolicy.Context context, CommandContext commandContext)` Returns the set of resources not allowed to be accessed by the current user.
`DataPolicy.ResourceType`	`getResourceType(AbstractMetadataRecord record)`
`boolean`	`hasRole(String roleName, CommandContext context)` Called by the system hasRole function to determine role membership.
`boolean`	`isLanguageAllowed(String language, CommandContext commandContext)` Returns true if the given language is allowed
`boolean`	`isTempAccessible(DataPolicy.PermissionType action, AbstractMetadataRecord resource, DataPolicy.Context context, CommandContext commandContext)` Checks if the temp table are accessible.
`void`	`setAllowCreateTemporaryTablesByDefault(boolean allowCreateTemporaryTablesByDefault)`
`void`	`setAllowFunctionCallsByDefault(boolean allowFunctionCallsDefault)`
`boolean`	`validateCommand(CommandContext commandContext)` Determines if an authorization check should proceed

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - DataRolePolicyDecider
```
public DataRolePolicyDecider()
```
- Method Detail
  - getInaccessibleResources
```
public Set<AbstractMetadataRecord> getInaccessibleResources(DataPolicy.PermissionType action,
                                                            Set<AbstractMetadataRecord> resources,
                                                            DataPolicy.Context context,
                                                            CommandContext commandContext)
```
    Description copied from interface: PolicyDecider
    
    Returns the set of resources not allowed to be accessed by the current user.
    
    Specified by:
    
    getInaccessibleResources in interface PolicyDecider
    
    Parameters:
    
    action - if context is METADATA, then action execute means a procedure or function, and read some other resource
    
    context - in which the action is performed. For example you can have a context of DataPolicy.Context.UPDATE for a DataPolicy.PermissionType.READ for columns used in an UPDATE condition.
    
    Returns:
    
    the set of inaccessible resources, never null
  - isLanguageAllowed
```
public boolean isLanguageAllowed(String language,
                                 CommandContext commandContext)
```
    Description copied from interface: PolicyDecider
    
    Returns true if the given language is allowed
    
    Specified by:
    
    isLanguageAllowed in interface PolicyDecider
    
    Returns:
  - hasRole
```
public boolean hasRole(String roleName,
                       CommandContext context)
```
    Description copied from interface: PolicyDecider
    
    Called by the system hasRole function to determine role membership.
    
    Specified by:
    
    hasRole in interface PolicyDecider
    
    Returns:
    
    true if the user has the given role name, otherwise false
  - isTempAccessible
```
public boolean isTempAccessible(DataPolicy.PermissionType action,
                                AbstractMetadataRecord resource,
                                DataPolicy.Context context,
                                CommandContext commandContext)
```
    Description copied from interface: PolicyDecider
    
    Checks if the temp table are accessible. Typically as long as temp tables can be created, all operations are allowed.
    
    Specified by:
    
    isTempAccessible in interface PolicyDecider
    
    resource - will be null for general temp access
    
    context - in which the action is performed. For example you can have a context of DataPolicy.Context.UPDATE for a DataPolicy.PermissionType.READ for columns used in an UPDATE condition.
    
    Returns:
    
    true if the access is allowed, otherwise false
  - setAllowCreateTemporaryTablesByDefault
```
public void setAllowCreateTemporaryTablesByDefault(boolean allowCreateTemporaryTablesByDefault)
```
  - setAllowFunctionCallsByDefault
```
public void setAllowFunctionCallsByDefault(boolean allowFunctionCallsDefault)
```
  - validateCommand
```
public boolean validateCommand(CommandContext commandContext)
```
    Description copied from interface: PolicyDecider
    
    Determines if an authorization check should proceed
    
    Specified by:
    
    validateCommand in interface PolicyDecider
    
    Returns:
  - getResourceType
```
public DataPolicy.ResourceType getResourceType(AbstractMetadataRecord record)
```

Class DataRolePolicyDecider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

DataRolePolicyDecider

Method Detail

getInaccessibleResources

isLanguageAllowed

hasRole

isTempAccessible

setAllowCreateTemporaryTablesByDefault

setAllowFunctionCallsByDefault

validateCommand

getResourceType