com.waveset.object
Interface LighthouseContext

All Superinterfaces:
ObjectSource
All Known Subinterfaces:
com.sun.idm.idmx.api.IDMXContext, Session
All Known Implementing Classes:
AbstractLighthouseContext, AbstractSession, com.waveset.server.InternalSession, LighthouseContextWrapper, LocalSession

public interface LighthouseContext
extends ObjectSource

An interface for an object that provides fundamental services to Lighthouse components. These services include a persistent store (Repository), an object cache (ObjectCache), authorization (AccessPolicy), and logging.


Field Summary
static java.lang.String COMP_ACCESS_POLICY
           
static java.lang.String COMP_AUTH_CACHE
           
static java.lang.String COMP_LOGIN_CONFIG_INFO
           
static java.lang.String COMP_PROVISIONER
           
static java.lang.String COMP_RECONCILER
           
static java.lang.String COMP_REPOSITORY
           
static java.lang.String COMP_SUBJECT_AUTH_CACHE
           
static java.lang.String COMP_TASK_MANAGER
           
static java.lang.String COMP_WORKFLOW
           
static java.lang.String OP_CACHE
          Requests that the list returned by listResourceObjects or getResourceObjects should be cached for later use.
static java.lang.String OP_CACHE_TIMEOUT
          Used in combination with the OP_CACHE_LIST option, it specifies the number of milliseonds the list should be cached.
static java.lang.String OP_CLEAR_CACHE
          Used with the listresourceObjects or getResourceObjects to request that any caches related to the request be cleared before calcualting the result.
static java.lang.String OP_NO_RESULT
          Used in conjunction with the OP_CLEAR_CACHE option to request that no results be returned.
 
Fields inherited from interface com.waveset.object.ObjectSource
HIGH_VALUES, OP_ALLOW_NOT_FOUND, OP_ATTRIBUTES, OP_BLOCK_SIZE, OP_BUFFERED, OP_CONDITIONS, OP_END_BEFORE, OP_FAST, OP_FILTER, OP_FORCE, OP_KEEP_LOCK, OP_MAX_ROWS, OP_NO_CACHE, OP_NO_RULE_DRIVEN_MEMBERS, OP_ONLY_NAMES, OP_ORDER_BY, OP_START_AFTER, OP_SUBJECT, OP_SUBTYPES, OP_USER
 
Method Summary
 java.lang.Object callResourceMethod(java.lang.String resourceId, java.lang.String methodName, java.util.Map args)
          Call a resource adapter specific method.
 void checkPermission(PersistentObject obj, Right right)
          Check permissions for the curent subject against the given object and right.
 void checkPermission(Type type, Right right)
          Check permissions for the current subject, against the given type and right.
 void checkPermissionToAnyAuthTypeSubType(Type type, Right right)
          Check permissions for the given subject, against the given type or any of its authtype subtypes and right.
 void checkReferencePermissions(PersistentObject obj)
          Check connect/disconnect permissions to objects referenced by another object.
 void clearResourceObjectGetCache(java.util.Map options)
          Clear specified resource object lists from the cache
 void clearResourceObjectGetCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resourceId)
          Clear all resource object lists from the cache for all users including default
 void clearResourceObjectListCache(java.util.Map options)
          Clear specified resource object lists from the cache
 void clearResourceObjectListCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resourceId)
          Clear all resource object lists from the cache for all users including default
 java.lang.Object extendedOperation(java.lang.String op, java.util.Map arguments)
          This provides a way to expose arbitrary methods that aren't part of the interface.
 LighthouseContext getAuthenticatedContext(IDMXUser user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with an IDMXUser
 LighthouseContext getAuthenticatedContext(java.lang.String user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of the named user.
 LighthouseContext getAuthenticatedContext(Subject subject)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a Subject.
 LighthouseContext getAuthenticatedContext(WSUser user)
          Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a WSUser
 java.lang.Object getComponent(java.lang.String name)
          Return a handle to another system component identified by name.
 GenericObject getResourceObject(java.lang.String resourceId, java.lang.String objectType, java.lang.String objectId, java.util.Map options)
          Return the requested object given the resource, object type and object id.
 java.util.List getResourceObjects(java.lang.String objectType, java.lang.String resourceId, java.util.Map options)
          Return a List of GenericObjects representing objects in a resource.
 Subject getSubject()
          Returns the Subject for an authenticated context.
 ObjectGroup[] getTopControlledObjectGroups(Subject subject)
          Get Top Controlled Object Groups for a Subject
 java.lang.String getUser()
          Returns the effective user name for an authenticated context.
 java.util.List listResourceObjects(java.lang.String objectType, java.util.List resourceList, java.util.Map options)
          Return a List of object names of a given type and a list of resources
 java.util.List listResourceObjects(java.lang.String objectType, java.lang.String resourceId, java.util.Map options)
          Return a List of object names of a given type on a resource.
 void log(AuditEvent e)
          Log an event fully specified with an AuditEvent object.
 void logFailure(PersistentObject obj, java.lang.String action, java.lang.String reason)
          Log a failure event for an object.
 void logFailure(java.lang.String objectName, java.lang.String objectType, java.lang.String action, java.lang.String reason)
          Log a failure event with an object name and type mask.
 void logResultErrors(PersistentObject obj, java.lang.String action, WavesetResult result)
          Log any errors found within a WavesetResult.
 void logSuccess(PersistentObject obj, java.lang.String action)
          Log a success event for an object.
 void logSuccess(PersistentObject obj, java.lang.String action, java.util.Map oldValues, java.util.Map newValues)
          Log a success event for an object, include new and old values that will be stored in the blob of the audit table.
 TaskInstance runTask(TaskTemplate tt)
          Launch a task defined by a task template.
 void setSubject(Subject subject)
          Change the effective user for logical locking.
 void setUser(java.lang.String name)
          Change the effective user for logical locking.
 boolean subjectControlsObjectGroup(java.util.List objectgroups)
          This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false.
 boolean subjectHasRight(java.lang.String type, Right right)
          This method will return true if the subject has the specified right to the specified type.
 boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type, Right right)
          This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes.
 boolean subjectIsAssignedAdminGroups(java.util.List admingroups)
          This method will return true if the current subject has the specified capabilities; otherwise, returns false.
 boolean testPermission(PersistentObject obj, Right right)
          Test permissions without throwing an exception.
 boolean testPermission(Type type, java.lang.String id, Right right)
          Test permissions without throwing an exception.
 
Methods inherited from interface com.waveset.object.ObjectSource
breakLock, checkinObject, checkinView, checkoutObject, checkoutView, commitView, countObjects, createView, deleteObject, deleteObjects, deleteView, getCache, getForm, getLock, getObject, getObject, getObjectIfExists, getObjectIfExists, getObjects, getSystemConfiguration, getView, listObjects, lockObject, refreshView, renameObject, unlockObject, unlockView
 

Field Detail

OP_CACHE

public static final java.lang.String OP_CACHE
Requests that the list returned by listResourceObjects or getResourceObjects should be cached for later use. This may improve performance if the list is large and accessed frequently.

See Also:
Constant Field Values

OP_CACHE_TIMEOUT

public static final java.lang.String OP_CACHE_TIMEOUT
Used in combination with the OP_CACHE_LIST option, it specifies the number of milliseonds the list should be cached. If this is not specified the list will remain in the cache until explicitly removed with the OP_CLEAR_CACHE option.

See Also:
Constant Field Values

OP_CLEAR_CACHE

public static final java.lang.String OP_CLEAR_CACHE
Used with the listresourceObjects or getResourceObjects to request that any caches related to the request be cleared before calcualting the result.

See Also:
Constant Field Values

OP_NO_RESULT

public static final java.lang.String OP_NO_RESULT
Used in conjunction with the OP_CLEAR_CACHE option to request that no results be returned. This can be used to explicltly clear the cache without calculating another result. // jsl - is this really useful? Isn't it enough just to // clear it as it is requested?

See Also:
Constant Field Values

COMP_REPOSITORY

public static final java.lang.String COMP_REPOSITORY
See Also:
Constant Field Values

COMP_PROVISIONER

public static final java.lang.String COMP_PROVISIONER
See Also:
Constant Field Values

COMP_LOGIN_CONFIG_INFO

public static final java.lang.String COMP_LOGIN_CONFIG_INFO
See Also:
Constant Field Values

COMP_ACCESS_POLICY

public static final java.lang.String COMP_ACCESS_POLICY
See Also:
Constant Field Values

COMP_TASK_MANAGER

public static final java.lang.String COMP_TASK_MANAGER
See Also:
Constant Field Values

COMP_RECONCILER

public static final java.lang.String COMP_RECONCILER
See Also:
Constant Field Values

COMP_WORKFLOW

public static final java.lang.String COMP_WORKFLOW
See Also:
Constant Field Values

COMP_AUTH_CACHE

public static final java.lang.String COMP_AUTH_CACHE
See Also:
Constant Field Values

COMP_SUBJECT_AUTH_CACHE

public static final java.lang.String COMP_SUBJECT_AUTH_CACHE
See Also:
Constant Field Values
Method Detail

getAuthenticatedContext

public LighthouseContext getAuthenticatedContext(java.lang.String user)
                                          throws WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of the named user. An authenticated context does not need to pass the OP_USER option to methods such as checkinObject.

Throws:
WavesetException

getAuthenticatedContext

public LighthouseContext getAuthenticatedContext(Subject subject)
                                          throws WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a Subject.

Throws:
WavesetException

getAuthenticatedContext

public LighthouseContext getAuthenticatedContext(WSUser user)
                                          throws WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a WSUser

Throws:
WavesetException

getAuthenticatedContext

public LighthouseContext getAuthenticatedContext(IDMXUser user)
                                          throws WavesetException
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with an IDMXUser

Throws:
WavesetException

setUser

public void setUser(java.lang.String name)
             throws WavesetException
Change the effective user for logical locking. This should only be called if you know this is a private context that won't be shared by another thread. Here the user is specified by name.

Throws:
WavesetException

setSubject

public void setSubject(Subject subject)
                throws WavesetException
Change the effective user for logical locking. This should only be called if you know this is a private context that won't be shared by another thread. Here the user is specified by Subject.

Throws:
WavesetException

getUser

public java.lang.String getUser()
Returns the effective user name for an authenticated context. Returns null for an anonymous context.


getSubject

public Subject getSubject()
Returns the Subject for an authenticated context. Returns null for an anonymous context, or if the context was created with only the user name rather than a full subject.


getComponent

public java.lang.Object getComponent(java.lang.String name)
Return a handle to another system component identified by name. The context is not required to provide every component. The purpose of this method is primarily to eliminate compile time dependencies on internal server components so this interface may be used in many contexts.


checkPermission

public void checkPermission(PersistentObject obj,
                            Right right)
                     throws WSAuthorizationException,
                            WavesetException
Check permissions for the curent subject against the given object and right.

Throws:
WSAuthorizationException
WavesetException

checkPermission

public void checkPermission(Type type,
                            Right right)
                     throws WSAuthorizationException,
                            WavesetException
Check permissions for the current subject, against the given type and right.

Throws:
WSAuthorizationException
WavesetException

checkPermissionToAnyAuthTypeSubType

public void checkPermissionToAnyAuthTypeSubType(Type type,
                                                Right right)
                                         throws WSAuthorizationException,
                                                WavesetException
Check permissions for the given subject, against the given type or any of its authtype subtypes and right.

Throws:
WSAuthorizationException
WavesetException

testPermission

public boolean testPermission(PersistentObject obj,
                              Right right)
                       throws WSAuthorizationException,
                              WavesetException
Test permissions without throwing an exception.

Throws:
WSAuthorizationException
WavesetException

testPermission

public boolean testPermission(Type type,
                              java.lang.String id,
                              Right right)
                       throws WSAuthorizationException,
                              WavesetException
Test permissions without throwing an exception.

Throws:
WSAuthorizationException
WavesetException

subjectHasRight

public boolean subjectHasRight(java.lang.String type,
                               Right right)
                        throws WavesetException
This method will return true if the subject has the specified right to the specified type. It does not imply that the subject has the specified right to all objects of the specified type, since a given object may or may not be in the subject's scope of control or if it is the subject may not have the specified right to the object in that scope. Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type.

Throws:
WavesetException

subjectHasRightToAnyAuthTypeSubType

public boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type,
                                                   Right right)
                                            throws WavesetException
This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes. It does not imply that the subject has the specified right to all objects of the specified type or any of its authtype subtypes, since a given object may or may not be in the subject's scope of control or if it is the subject may not have the specified right to the object in that scope.

Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type or any of its authtype subtypes. For example, this method is called by the UI to determine if the current subject should be able to view a given page or not. If the subject has the specified right to the specified type or one of the type's authtype subtypes, then they can view the page.

Throws:
WavesetException

subjectIsAssignedAdminGroups

public boolean subjectIsAssignedAdminGroups(java.util.List admingroups)
                                     throws WavesetException
This method will return true if the current subject has the specified capabilities; otherwise, returns false. The supported list of capabilities include those returned by listing all objects of type AdminGroup (e.g. "Account Administrator")

Throws:
WavesetException

subjectControlsObjectGroup

public boolean subjectControlsObjectGroup(java.util.List objectgroups)
                                   throws WavesetException
This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false. The supported list of organizations include those returned by listing all objects of type ObjectGroup

Throws:
WavesetException

checkReferencePermissions

public void checkReferencePermissions(PersistentObject obj)
                               throws WSAuthorizationException,
                                      WavesetException
Check connect/disconnect permissions to objects referenced by another object.

We might be able to assume this is done by checkinObject, but then we would want this disabled by default in most of the context implemetations.

Throws:
WSAuthorizationException
WavesetException

getTopControlledObjectGroups

public ObjectGroup[] getTopControlledObjectGroups(Subject subject)
                                           throws WavesetException
Get Top Controlled Object Groups for a Subject

Returns the set of 0 or more object groups controlled by the specified principal, each of which has no object group parent that is also controlled by the principal.

Throws:
WavesetException

log

public void log(AuditEvent e)
         throws WavesetException
Log an event fully specified with an AuditEvent object.

Throws:
WavesetException

logFailure

public void logFailure(PersistentObject obj,
                       java.lang.String action,
                       java.lang.String reason)
                throws WavesetException
Log a failure event for an object.

Throws:
WavesetException

logFailure

public void logFailure(java.lang.String objectName,
                       java.lang.String objectType,
                       java.lang.String action,
                       java.lang.String reason)
                throws WavesetException
Log a failure event with an object name and type mask.

Throws:
WavesetException

logSuccess

public void logSuccess(PersistentObject obj,
                       java.lang.String action)
                throws WavesetException
Log a success event for an object.

Throws:
WavesetException

logSuccess

public void logSuccess(PersistentObject obj,
                       java.lang.String action,
                       java.util.Map oldValues,
                       java.util.Map newValues)
                throws WavesetException
Log a success event for an object, include new and old values that will be stored in the blob of the audit table.

Throws:
WavesetException

logResultErrors

public void logResultErrors(PersistentObject obj,
                            java.lang.String action,
                            WavesetResult result)
                     throws WavesetException
Log any errors found within a WavesetResult.

Throws:
WavesetException

getResourceObject

public GenericObject getResourceObject(java.lang.String resourceId,
                                       java.lang.String objectType,
                                       java.lang.String objectId,
                                       java.util.Map options)
                                throws WavesetException
Return the requested object given the resource, object type and object id.

Throws:
WavesetException

listResourceObjects

public java.util.List listResourceObjects(java.lang.String objectType,
                                          java.util.List resourceList,
                                          java.util.Map options)
                                   throws WavesetException
Return a List of object names of a given type and a list of resources

Throws:
WavesetException

listResourceObjects

public java.util.List listResourceObjects(java.lang.String objectType,
                                          java.lang.String resourceId,
                                          java.util.Map options)
                                   throws WavesetException
Return a List of object names of a given type on a resource.

Throws:
WavesetException

getResourceObjects

public java.util.List getResourceObjects(java.lang.String objectType,
                                         java.lang.String resourceId,
                                         java.util.Map options)
                                  throws WavesetException
Return a List of GenericObjects representing objects in a resource.

Throws:
WavesetException

clearResourceObjectListCache

public void clearResourceObjectListCache(java.lang.String subjectName,
                                         java.lang.String objectType,
                                         java.lang.String resourceId)
                                  throws WavesetException
Clear all resource object lists from the cache for all users including default

Throws:
WavesetException

clearResourceObjectListCache

public void clearResourceObjectListCache(java.util.Map options)
                                  throws WavesetException
Clear specified resource object lists from the cache

Throws:
WavesetException

clearResourceObjectGetCache

public void clearResourceObjectGetCache(java.lang.String subjectName,
                                        java.lang.String objectType,
                                        java.lang.String resourceId)
                                 throws WavesetException
Clear all resource object lists from the cache for all users including default

Throws:
WavesetException

clearResourceObjectGetCache

public void clearResourceObjectGetCache(java.util.Map options)
                                 throws WavesetException
Clear specified resource object lists from the cache

Throws:
WavesetException

callResourceMethod

public java.lang.Object callResourceMethod(java.lang.String resourceId,
                                           java.lang.String methodName,
                                           java.util.Map args)
                                    throws WavesetException
Call a resource adapter specific method. The method names, arguments, and return values are all resource specific.

Throws:
WavesetException

runTask

public TaskInstance runTask(TaskTemplate tt)
                     throws WavesetException
Launch a task defined by a task template.

Throws:
WavesetException

extendedOperation

public java.lang.Object extendedOperation(java.lang.String op,
                                          java.util.Map arguments)
                                   throws WavesetException
This provides a way to expose arbitrary methods that aren't part of the interface. It is intended primarily to assist the migration of older code to use the LighthouseContext interface where it may need to call things that aren't in the interface, and we don't yet know the best way to expose them. // // This should be avoided if at all possible. As soon as you find // something that needs to be exposed here, call a meeting to figure // out why this is is necessary, if there's another way, and if not // how to cleanly expose it through this interface.

Throws:
WavesetException