public class ObjectVisibility
extends java.lang.Object
implements java.io.Serializable
Object visibility is a set of business rules to filter the rows and related actions.
Visibility build AND operations between the following options:
- Owner: implicit filter, Visible = created_by is the user session login
- Group: implicit filter, Visible = created_by in the function group hierarchy
- Organization: explicit organization groups, Visible = user is in the organization
- SQL: add a where clause, for example t.mylogin=[login]
- expression: logical statement like return obj.getFieldalue("myfield").equals("X") && grant.hasResponsibility("Y")
- Method: callback method, public boolean myMethod(String[] row)
The visibility is defined in a function to complete the simple global access (read, update, delete, action). The object must be timestamped to have the created_by field in the options Owner, Group and Organization. If the visibility has more than one option, a 'AND' between them will be made. (ex: my activities in a specific status = One Visibility sets to Owner AND an expression obj.getFieldValue("myStatus").equals("X")) When the object's functions have more than 1 visibility, a 'OR' between them will be made. (ex: my activities or a specific status = 1 Visibility sets to Owner + 1 sets with an expression).
Modifier and Type | Field and Description |
---|---|
static char |
TYPE_ACTION
Type to check the external action
|
static char |
TYPE_CREATE
Type to check the create access
|
static char |
TYPE_DELETE
Type to check the deletion access
|
static char |
TYPE_READ
Type to filter the search in the where clause
|
static char |
TYPE_UPDATE
Type to check the update access
|
Constructor and Description |
---|
ObjectVisibility(java.lang.String id,
char type,
boolean owner,
boolean group,
java.lang.String organization,
java.lang.String expression,
java.lang.String method,
java.lang.String sql)
Visibility constructor
|
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getExpression()
Update/delete/action option: Script expression
|
java.lang.String |
getGroupVisibility(Grant g,
java.lang.String login) |
java.lang.String |
getId()
Visibility Id
|
java.lang.String |
getMethod()
Visibility callback method to implement in the object:
public boolean myMethod(String row[])
|
java.lang.String |
getOrganization()
Organization visibility
|
java.util.Vector<java.lang.String> |
getOrganizationGroups()
Organization groups
|
java.lang.String |
getOrganizationVisibility(java.util.Vector<java.lang.String> org,
java.lang.String login) |
java.lang.String |
getSQL()
Read option: SQL expression to add in the "where" clause of object
|
char |
getType()
Visibility type
|
boolean |
isGroupHierarchy()
Group means all created_by in (user function groups hierarchy)
|
boolean |
isOwner()
Owner means session login = created_by
|
java.lang.String |
toString() |
public static final char TYPE_READ
public static final char TYPE_CREATE
public static final char TYPE_UPDATE
public static final char TYPE_DELETE
public static final char TYPE_ACTION
public ObjectVisibility(java.lang.String id, char type, boolean owner, boolean group, java.lang.String organization, java.lang.String expression, java.lang.String method, java.lang.String sql)
id
- Unique Idtype
- Visibility type TYPE_READ, TYPE_CREATE, TYPE_UPDATE, TYPE_DELETE, TYPE_ACTIONowner
- Owner only flaggroup
- Group hierarchy flagorganization
- Specific groups hierarchy (optional)expression
- Expression (optional)method
- Callback method (optional)sql
- SQL where expression (optional)public java.lang.String getId()
public char getType()
public java.lang.String getMethod()
public java.lang.String getOrganization()
public java.util.Vector<java.lang.String> getOrganizationGroups()
public boolean isOwner()
Owner means session login = created_by
Example: Function "My activities"
public boolean isGroupHierarchy()
Group means all created_by in (user function groups hierarchy)
Example in a group hierarchy : Object X has a function READ set to 'Group' visibility.
This function is granted to the group ORGANIZATION (tree root).
- any user in this tree gets the right to READ (accessObject, search, select),
but because of the visibility :
- If user is only in group A (tree leaf) => access only to A elements
- If user is in GRP1 => access to GRP1 and its childs A and B elements
- If user is in root ORGANIZATION => access all
- If user is in GRP1 and GRP2 => access all except ORGANIZATION
public java.lang.String getSQL()
Read option: SQL expression to add in the "where" clause of object
Example: t.action_user_id = [userid]
public java.lang.String getExpression()
Update/delete/action option: Script expression
Example: [HASRESP:MANAGER] && [STATUS].equals("DRAFT")
public java.lang.String getOrganizationVisibility(java.util.Vector<java.lang.String> org, java.lang.String login)
public java.lang.String getGroupVisibility(Grant g, java.lang.String login)
public java.lang.String toString()
toString
in class java.lang.Object
Copyright (c)2006-2014 Simplicite Software. All Rights Reserved.