Uses of Class
com.evolveum.midpoint.security.api.MidPointPrincipal
Packages that use MidPointPrincipal
Package
Description
Low-level security functions.
-
Uses of MidPointPrincipal in com.evolveum.midpoint.authentication.api.util
Methods in com.evolveum.midpoint.authentication.api.util that return MidPointPrincipalModifier and TypeMethodDescriptionstatic @Nullable MidPointPrincipal
AuthUtil.getMidpointPrincipal()
Methods in com.evolveum.midpoint.authentication.api.util with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionAuthUtil.findAuthAttemptDataForModule
(ConnectionEnvironment connectionEnvironment, MidPointPrincipal principal) AuthUtil.findOrCreateAuthenticationAttemptDataFoModule
(ConnectionEnvironment connectionEnvironment, MidPointPrincipal principal) AuthUtil.getOrCreateBehavioralDataForSequence
(MidPointPrincipal principal, String sequenceId) -
Uses of MidPointPrincipal in com.evolveum.midpoint.cases.api
Methods in com.evolveum.midpoint.cases.api that return MidPointPrincipal -
Uses of MidPointPrincipal in com.evolveum.midpoint.cases.api.util
Methods in com.evolveum.midpoint.cases.api.util with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionstatic ObjectQuery
QueryUtils.createQueryForOpenWorkItems
(ObjectQuery baseWorkItemsQuery, MidPointPrincipal principal, boolean notDecidedOnly) static S_FilterExit
QueryUtils.filterForAssignees
(@NotNull S_FilterEntryOrEmpty q, @Nullable MidPointPrincipal principal, OtherPrivilegesLimitations.Type limitationType) Augments work item query by including filter to see only work items assigned to the current user or any of his delegators, providing that the limitation(s) allow it.static S_FilterExit
QueryUtils.filterForCaseAssignees
(@NotNull S_FilterEntryOrEmpty q, @Nullable MidPointPrincipal principal) The call toQueryUtils.filterForAssignees(S_FilterEntryOrEmpty, MidPointPrincipal, OtherPrivilegesLimitations.Type)
, for case management work items.static S_FilterExit
QueryUtils.filterForCertificationAssignees
(@NotNull S_FilterEntryOrEmpty q, @Nullable MidPointPrincipal principal) The call toQueryUtils.filterForAssignees(S_FilterEntryOrEmpty, MidPointPrincipal, OtherPrivilegesLimitations.Type)
, for access certification work items.static S_FilterExit
QueryUtils.filterForNotClosedStateAndAssignees
(@NotNull S_FilterEntryOrEmpty q, @Nullable MidPointPrincipal principal, OtherPrivilegesLimitations.Type limitationType) -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.api
Methods in com.evolveum.midpoint.model.api that return MidPointPrincipalModifier and TypeMethodDescriptionModelInteractionService.assumePowerOfAttorney
(PrismObject<? extends FocusType> donor, Task task, OperationResult result) ModelInteractionService.dropPowerOfAttorney
(Task task, OperationResult result) -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.api.authentication
Subclasses of MidPointPrincipal in com.evolveum.midpoint.model.api.authenticationModifier and TypeClassDescriptionclass
Principal that extends simple MidPointPrincipal with user interface concepts (user profile).Methods in com.evolveum.midpoint.model.api.authentication with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionvoid
GuiProfiledPrincipalManager.updateFocus
(MidPointPrincipal principal, Collection<? extends ItemDelta<?, ?>> itemDeltas) -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.api.expr
Methods in com.evolveum.midpoint.model.api.expr that return MidPointPrincipalModifier and TypeMethodDescriptionMidpointFunctions.getPrincipal()
Returns principal representing the user whose identity is used to execute the expression. -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.impl.controller
Methods in com.evolveum.midpoint.model.impl.controller that return MidPointPrincipalModifier and TypeMethodDescriptionModelInteractionServiceImpl.assumePowerOfAttorney
(PrismObject<? extends FocusType> donor, Task task, OperationResult result) ModelInteractionServiceImpl.dropPowerOfAttorney
(Task task, OperationResult result) -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.impl.expr
Methods in com.evolveum.midpoint.model.impl.expr that return MidPointPrincipal -
Uses of MidPointPrincipal in com.evolveum.midpoint.model.impl.security
Methods in com.evolveum.midpoint.model.impl.security with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionvoid
GuiProfiledPrincipalManagerImpl.updateFocus
(MidPointPrincipal principal, Collection<? extends ItemDelta<?, ?>> itemDeltas) -
Uses of MidPointPrincipal in com.evolveum.midpoint.security.api
Methods in com.evolveum.midpoint.security.api that return MidPointPrincipalModifier and TypeMethodDescriptionMidPointPrincipal.clone()
Semi-shallow clone.MidPointPrincipal.cloneWithAdditionalAuthorizations
(@NotNull List<Authorization> additionalAuthorizations, boolean full) SetseffectivePrivilegesModification
flag if needed.static MidPointPrincipal
Returns a principal without authorizations.MidPointPrincipal.getPreviousPrincipal()
Principal that was used before this principal was active.MidPointPrincipalManager.getPrincipal
(PrismObject<? extends FocusType> focus, AuthorizationTransformer authorizationTransformer, ProfileCompilerOptions options, OperationResult result) MidPointPrincipalManager.getPrincipal
(PrismObject<? extends FocusType> focus, ProfileCompilerOptions options, OperationResult result) default MidPointPrincipal
MidPointPrincipalManager.getPrincipal
(String username, Class<? extends FocusType> clazz) MidPointPrincipalManager.getPrincipal
(String username, Class<? extends FocusType> clazz, ProfileCompilerOptions options) default MidPointPrincipal
SecurityContextManager.getPrincipal()
Returns principal representing the currently logged-in user.static MidPointPrincipal
SecurityUtil.getPrincipal()
Returns principal representing currently logged-in user.MidPointPrincipalManager.getPrincipalByOid
(String oid, Class<? extends FocusType> clazz, ProfileCompilerOptions options) static @Nullable MidPointPrincipal
SecurityUtil.getPrincipalIfExists()
Benevolent version ofSecurityUtil.getPrincipal()
static MidPointPrincipal
SecurityUtil.getPrincipalRequired()
Returns the principal, insisting on that it exists.static MidPointPrincipal
SecurityUtil.getPrincipalSilent()
Consider using more benevolentSecurityUtil.getPrincipalIfExists()
.static @NotNull MidPointPrincipal
MidPointPrincipal.privileged
(@NotNull FocusType focus) Returns a principal with a single privileged authorization; regardless of what authorizations the focus has.Methods in com.evolveum.midpoint.security.api with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionprotected void
MidPointPrincipal.copyValues
(MidPointPrincipal clone) static void
SecurityUtil.logSecurityDeny
(MidPointPrincipal midPointPrincipal, Object object, String message) void
MidPointPrincipal.setPreviousPrincipal
(MidPointPrincipal previousPrincipal) void
SecurityContextManager.setupPreAuthenticatedSecurityContext
(MidPointPrincipal principal) void
MidPointPrincipalManager.updateFocus
(MidPointPrincipal principal, Collection<? extends ItemDelta<?, ?>> itemDeltas) -
Uses of MidPointPrincipal in com.evolveum.midpoint.security.enforcer.api
Methods in com.evolveum.midpoint.security.enforcer.api that return MidPointPrincipalModifier and TypeMethodDescription<F extends FocusType>
MidPointPrincipalSecurityEnforcer.createDonorPrincipal
(MidPointPrincipal attorneyPrincipal, String attorneyAuthorizationAction, PrismObject<F> donor, Task task, OperationResult result) TODO describe@Nullable MidPointPrincipal
SecurityEnforcer.getMidPointPrincipal()
Obtains currently logged-in principal, if it's ofMidPointPrincipal
type.Methods in com.evolveum.midpoint.security.enforcer.api with parameters of type MidPointPrincipalModifier and TypeMethodDescriptionSecurityEnforcer.compileOperationConstraints
(@Nullable MidPointPrincipal principal, @NotNull PrismObjectValue<?> value, @Nullable AuthorizationPhaseType phase, @NotNull String[] actionUrls, @NotNull SecurityEnforcer.Options enforcerOptions, @NotNull CompileConstraintsOptions compileConstraintsOptions, @NotNull Task task, @NotNull OperationResult result) Compiles the security constraints related to given `actionUrls` and `phase` for a given principal against the `object`.<T extends ObjectType,
O extends ObjectType, F>
FSecurityEnforcer.computeTargetSecurityFilter
(MidPointPrincipal principal, String[] operationUrls, AuthorizationPhaseType phase, Class<T> searchResultType, @NotNull PrismObject<O> object, ObjectFilter origFilter, String limitAuthorizationAction, List<OrderConstraintsType> paramOrderConstraints, FilterGizmo<F> gizmo, Task task, OperationResult result) Similar toSecurityEnforcer.preProcessObjectFilter(MidPointPrincipal, String[], AuthorizationPhaseType, Class, ObjectFilter, String, List, Options, Task, OperationResult)
but deals with the target-related authorization statements, not object-related ones.<F extends FocusType>
MidPointPrincipalSecurityEnforcer.createDonorPrincipal
(MidPointPrincipal attorneyPrincipal, String attorneyAuthorizationAction, PrismObject<F> donor, Task task, OperationResult result) TODO describe@NotNull AccessDecision
SecurityEnforcer.decideAccess
(@Nullable MidPointPrincipal principal, @NotNull String operationUrl, @Nullable AuthorizationPhaseType phase, @NotNull AbstractAuthorizationParameters params, @NotNull SecurityEnforcer.Options options, @NotNull Task task, @NotNull OperationResult result) General access-decision method.default <O extends ObjectType,
T extends ObjectType>
@NotNull AccessDecisionSecurityEnforcer.decideAccess
(@Nullable MidPointPrincipal principal, @NotNull Collection<String> operationUrls, @NotNull AuthorizationParameters<O, T> params, @NotNull Task task, @NotNull OperationResult result) Simple access control decision similar to that used by spring security.default @NotNull AccessDecision
SecurityEnforcer.decideAccess
(@Nullable MidPointPrincipal principal, @NotNull Collection<String> operationUrls, @NotNull Task task, @NotNull OperationResult result) <O extends ObjectType,
R extends AbstractRoleType>
ItemSecurityConstraintsSecurityEnforcer.getAllowedRequestAssignmentItems
(MidPointPrincipal midPointPrincipal, String operationUrl, PrismObject<O> object, PrismObject<R> target, Task task, OperationResult result) Returns decisions for individual items for "assign" authorization.static @NotNull Collection<Authorization>
SecurityEnforcerUtil.getAuthorizations
(@Nullable MidPointPrincipal principal) Returns authorizations for the given principal, or from the current security context.<T> @Nullable ObjectFilter
SecurityEnforcer.preProcessObjectFilter
(@Nullable MidPointPrincipal principal, @NotNull String[] operationUrls, @Nullable AuthorizationPhaseType phase, @NotNull Class<T> filterType, @Nullable ObjectFilter origFilter, @Nullable String limitAuthorizationAction, @NotNull List<OrderConstraintsType> paramOrderConstraints, @NotNull SecurityEnforcer.Options options, @NotNull Task task, @NotNull OperationResult result) Returns a filter that covers all the objects for which the principal is authorized to apply `operationUrls`.