Package org.yamcs.security
Class User
java.lang.Object
org.yamcs.security.Account
org.yamcs.security.User
A user contains identifying information and a convenient set of methods to perform access control.
Users may be assigned two kinds of different privileges:
- System privileges that grant the user the right to perform an action on any object.
- Object privileges that grant the user the right to perform an action on a specific object.
superuser
may have been granted to a user. Users with this attribute are not
subjected to privilege checking (i.e. they are allowed everything, even without being assigned privileges).-
Field Summary
Fields inherited from class org.yamcs.security.Account
active, confirmationTime, createdBy, creationTime, displayName, id, lastLoginTime, name
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addClearanceListener
(ClearanceListener listener) void
addIdentity
(String provider, String identity) void
addObjectPrivilege
(ObjectPrivilege objectPrivilege, boolean external) void
Add a role to this user.void
addSystemPrivilege
(SystemPrivilege systemPrivilege, boolean external) void
Resets user privileges to only those that are externally defined.void
deleteIdentity
(String provider) void
deleteRole
(String role) getEmail()
getHash()
getRoles()
boolean
hasObjectPrivilege
(ObjectPrivilegeType type, String object) boolean
hasSystemPrivilege
(SystemPrivilege systemPrivilege) boolean
boolean
void
removeClearanceListener
(ClearanceListener listener) void
setClearance
(Clearance clearance) void
void
void
setRoles
(Collection<String> roles) void
setSuperuser
(boolean superuser) toTuple
(boolean forUpdate) Methods inherited from class org.yamcs.security.Account
confirm, equals, getConfirmationTime, getCreatedBy, getCreationTime, getDisplayName, getId, getLastLoginTime, getName, hashCode, isActive, isBuiltIn, newRecordBuilder, setActive, setDisplayName, setName, toString
-
Constructor Details
-
User
-
-
Method Details
-
getEmail
-
getHash
-
isExternallyManaged
public boolean isExternallyManaged() -
addIdentity
-
getIdentityEntrySet
-
deleteIdentity
-
getClearance
-
setClearance
-
getRoles
-
setRoles
-
addRole
Add a role to this user. If marked as external, this role assignment is not persisted to Yamcs DB. -
deleteRole
-
isSuperuser
public boolean isSuperuser() -
setSuperuser
public void setSuperuser(boolean superuser) -
setEmail
-
setHash
-
getSystemPrivileges
-
getObjectPrivileges
-
getObjectPrivileges
-
addSystemPrivilege
-
addObjectPrivilege
-
clearDirectoryPrivileges
public void clearDirectoryPrivileges()Resets user privileges to only those that are externally defined. -
hasSystemPrivilege
-
hasObjectPrivilege
-
addClearanceListener
-
removeClearanceListener
-
toTuple
-