Package org.odpi.openmetadata.repositoryservices.connectors.stores.metadatacollectionstore

Interface OpenMetadataRepositorySecurity

  • All Known Implementing Classes:
    OMRSMetadataDefaultRepositorySecurity
    public interface OpenMetadataRepositorySecurity
    OpenMetadataRepositorySecurity defines security checks for accessing and maintaining open metadata types and instances in the local repository. An instance is an entity or a relationship. There is also a special method for changing classifications added to an entity.

    • Method Detail

      • validateUserForTypeCreate

        void validateUserForTypeCreate​(String userId,
                               String metadataCollectionName,
                               TypeDef typeDef)
                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to create a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        typeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeCreate

        void validateUserForTypeCreate​(String userId,
                               String metadataCollectionName,
                               AttributeTypeDef attributeTypeDef)
                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to create a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        attributeTypeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeRead

        void validateUserForTypeRead​(String userId,
                             String metadataCollectionName,
                             TypeDef typeDef)
                      throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        typeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve types

      • validateUserForTypeRead

        void validateUserForTypeRead​(String userId,
                             String metadataCollectionName,
                             AttributeTypeDef attributeTypeDef)
                      throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        attributeTypeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve types

      • validateUserForTypeUpdate

        void validateUserForTypeUpdate​(String userId,
                               String metadataCollectionName,
                               TypeDef typeDef,
                               TypeDefPatch patch)
                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to update a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        typeDef - current type details
        patch - proposed changes to type
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeDelete

        void validateUserForTypeDelete​(String userId,
                               String metadataCollectionName,
                               TypeDef typeDef)
                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to delete a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        typeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeDelete

        void validateUserForTypeDelete​(String userId,
                               String metadataCollectionName,
                               AttributeTypeDef attributeTypeDef)
                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to delete a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        attributeTypeDef - type details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeReIdentify

        void validateUserForTypeReIdentify​(String userId,
                                   String metadataCollectionName,
                                   TypeDef originalTypeDef,
                                   String newTypeDefGUID,
                                   String newTypeDefName)
                            throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the identifiers for a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        originalTypeDef - type details
        newTypeDefGUID - the new identifier for the type.
        newTypeDefName - new name for this type.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForTypeReIdentify

        void validateUserForTypeReIdentify​(String userId,
                                   String metadataCollectionName,
                                   AttributeTypeDef originalAttributeTypeDef,
                                   String newTypeDefGUID,
                                   String newTypeDefName)
                            throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the identifiers for a type within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        originalAttributeTypeDef - type details
        newTypeDefGUID - the new identifier for the type.
        newTypeDefName - new name for this type.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain types

      • validateUserForEntityCreate

        void validateUserForEntityCreate​(String userId,
                                 String metadataCollectionName,
                                 String entityTypeGUID,
                                 InstanceProperties initialProperties,
                                 List<Classification> initialClassifications,
                                 InstanceStatus initialStatus)
                          throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to create a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        entityTypeGUID - unique identifier (guid) for the new entity's type.
        initialProperties - initial list of properties for the new entity null means no properties.
        initialClassifications - initial list of classifications for the new entity null means no classifications.
        initialStatus - initial status typically DRAFT, PREPARED or ACTIVE.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityRead

        EntityDetail validateUserForEntityRead​(String userId,
                                       String metadataCollectionName,
                                       EntityDetail instance)
                                throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Returns:
        entity to return (may be altered by the connector)
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve instances

      • validateUserForEntitySummaryRead

        void validateUserForEntitySummaryRead​(String userId,
                                      String metadataCollectionName,
                                      EntitySummary instance)
                               throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve instances

      • validateUserForEntityProxyRead

        void validateUserForEntityProxyRead​(String userId,
                                    String metadataCollectionName,
                                    EntityProxy instance)
                             throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve instances

      • validateUserForEntityUpdate

        void validateUserForEntityUpdate​(String userId,
                                 String metadataCollectionName,
                                 EntityDetail instance)
                          throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to update a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityClassificationAdd

        void validateUserForEntityClassificationAdd​(String userId,
                                            String metadataCollectionName,
                                            EntityDetail instance,
                                            String classificationName,
                                            InstanceProperties properties)
                                     throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to add a classification to an entity instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        classificationName - String name for the classification.
        properties - list of properties for the classification.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityClassificationUpdate

        void validateUserForEntityClassificationUpdate​(String userId,
                                               String metadataCollectionName,
                                               EntityDetail instance,
                                               String classificationName,
                                               InstanceProperties properties)
                                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to update a classification for an entity instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        classificationName - String name for the classification.
        properties - list of properties for the classification.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityClassificationDelete

        void validateUserForEntityClassificationDelete​(String userId,
                                               String metadataCollectionName,
                                               EntityDetail instance,
                                               String classificationName)
                                        throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to delete a classification from an entity instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        classificationName - String name for the classification.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityDelete

        void validateUserForEntityDelete​(String userId,
                                 String metadataCollectionName,
                                 EntityDetail instance)
                          throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to delete a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityRestore

        void validateUserForEntityRestore​(String userId,
                                  String metadataCollectionName,
                                  String deletedEntityGUID)
                           throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to restore a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        deletedEntityGUID - String unique identifier (guid) for the entity.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityReIdentification

        void validateUserForEntityReIdentification​(String userId,
                                           String metadataCollectionName,
                                           EntityDetail instance,
                                           String newGUID)
                                    throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the guid on a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newGUID - the new guid for the instance.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityReTyping

        void validateUserForEntityReTyping​(String userId,
                                   String metadataCollectionName,
                                   EntityDetail instance,
                                   TypeDefSummary newTypeDefSummary)
                            throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the type of a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newTypeDefSummary - details of this instance's new TypeDef.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForEntityReHoming

        void validateUserForEntityReHoming​(String userId,
                                   String metadataCollectionName,
                                   EntityDetail instance,
                                   String newHomeMetadataCollectionId,
                                   String newHomeMetadataCollectionName)
                            throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the home of a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newHomeMetadataCollectionId - unique identifier for the new home metadata collection/repository.
        newHomeMetadataCollectionName - display name for the new home metadata collection/repository.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipCreate

        void validateUserForRelationshipCreate​(String userId,
                                       String metadataCollectionName,
                                       String relationshipTypeGUID,
                                       InstanceProperties initialProperties,
                                       EntitySummary entityOneSummary,
                                       EntitySummary entityTwoSummary,
                                       InstanceStatus initialStatus)
                                throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to create a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        relationshipTypeGUID - unique identifier (guid) for the new relationship's type.
        initialProperties - initial list of properties for the new entity null means no properties.
        entityOneSummary - the unique identifier of one of the entities that the relationship is connecting together.
        entityTwoSummary - the unique identifier of the other entity that the relationship is connecting together.
        initialStatus - initial status typically DRAFT, PREPARED or ACTIVE.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipRead

        Relationship validateUserForRelationshipRead​(String userId,
                                             String metadataCollectionName,
                                             Relationship instance)
                                      throws UserNotAuthorizedException
        Tests for whether a specific user should have read access to a specific instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Returns:
        relationship to return (may be altered by the connector)
        Throws:
        UserNotAuthorizedException - the user is not authorized to retrieve instances

      • validateUserForRelationshipUpdate

        void validateUserForRelationshipUpdate​(String userId,
                                       String metadataCollectionName,
                                       Relationship instance)
                                throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to update a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipDelete

        void validateUserForRelationshipDelete​(String userId,
                                       String metadataCollectionName,
                                       Relationship instance)
                                throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to delete a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipRestore

        void validateUserForRelationshipRestore​(String userId,
                                        String metadataCollectionName,
                                        String deletedRelationshipGUID)
                                 throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to restore a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        deletedRelationshipGUID - String unique identifier (guid) for the relationship.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipReIdentification

        void validateUserForRelationshipReIdentification​(String userId,
                                                 String metadataCollectionName,
                                                 Relationship instance,
                                                 String newGUID)
                                          throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the guid on a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newGUID - the new guid for the instance.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipReTyping

        void validateUserForRelationshipReTyping​(String userId,
                                         String metadataCollectionName,
                                         Relationship instance,
                                         TypeDefSummary newTypeDefSummary)
                                  throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the type of a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newTypeDefSummary - details of this instance's new TypeDef.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateUserForRelationshipReHoming

        void validateUserForRelationshipReHoming​(String userId,
                                         String metadataCollectionName,
                                         Relationship instance,
                                         String newHomeMetadataCollectionId,
                                         String newHomeMetadataCollectionName)
                                  throws UserNotAuthorizedException
        Tests for whether a specific user should have the right to change the home of a instance within a repository.
        Parameters:
        userId - identifier of user
        metadataCollectionName - configurable name of the metadata collection
        instance - instance details
        newHomeMetadataCollectionId - unique identifier for the new home metadata collection/repository.
        newHomeMetadataCollectionName - display name for the new home metadata collection/repository.
        Throws:
        UserNotAuthorizedException - the user is not authorized to maintain instances

      • validateEntityReferenceCopySave

        boolean validateEntityReferenceCopySave​(EntityDetail instance)
        Tests for whether a reference copy should be saved to the repository.
        Parameters:
        instance - instance details
        Returns:
        flag indicating whether the reference copy should be saved

      • validateRelationshipReferenceCopySave

        boolean validateRelationshipReferenceCopySave​(Relationship instance)
        Tests for whether a reference copy should be saved to the repository.
        Parameters:
        instance - instance details
        Returns:
        flag indicating whether the reference copy should be saved