Package org.teiid.dqp.internal.process

Interface AuthorizationValidator

All Known Implementing Classes:

DefaultAuthorizationValidator

public interface AuthorizationValidator

Defines a validator that checks for proper authorization.

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	AuthorizationValidator.CommandType

Method Summary

Modifier and Type	Method	Description
boolean	hasRole(String roleName, CommandContext commandContext)	Uses the context or other information to determine if the current user has the given role name.
boolean	isAccessible(AbstractMetadataRecord record, CommandContext commandContext)	Determines if the metadata record is accessible in system queries
boolean	validate(String[] originalSql, Command command, QueryMetadataInterface metadata, CommandContext commandContext, AuthorizationValidator.CommandType commandType)	Validates the given command.

Method Detail

validate

boolean validate(String[] originalSql,
                 Command command,
                 QueryMetadataInterface metadata,
                 CommandContext commandContext,
                 AuthorizationValidator.CommandType commandType)
          throws QueryValidatorException,
                 TeiidComponentException

Validates the given command. If the command is not a AuthorizationValidator.CommandType.USER command, the command object should not be modified. Any modification must be fully resolved using the associated QueryMetadataInterface. Returning true for a AuthorizationValidator.CommandType.PREPARED or AuthorizationValidator.CommandType.CACHED commands means that the matching prepared plan or cache entry will not be used.

Parameters:

originalSql - array of commands will typically contain only a single string, but may have multiple for batched updates.

command - the parsed and resolved command.

metadata -

commandContext -

commandType -

Returns:

true if the USER command was modified, or if the non-USER command should be modified.

Throws:

QueryValidatorException

TeiidComponentException

hasRole

boolean hasRole(String roleName,
                CommandContext commandContext)

Uses the context or other information to determine if the current user has the given role name.

Parameters:

roleName -

commandContext -

Returns:

true if the current user has the given role

isAccessible

boolean isAccessible(AbstractMetadataRecord record,
                     CommandContext commandContext)

Determines if the metadata record is accessible in system queries

Parameters:

record -

commandContext -

Returns: