Package com.orchestranetworks.schema

Interface SchemaExtensionsContext

    • Method Detail

      • getSchemaNode

        SchemaNode getSchemaNode()
        Returns the root node of the data model.

      • setAccessRuleOnNode

        void setAccessRuleOnNode​(Path aPath,
                         AccessRule aRule,
                         UserMessage aDescription)
        Declares that the access to an element may be restricted by the specified rule.

        Attention: Only one AccessRule can be specified for a terminal element. As a consequence:

        • if an AccessRule has previously been set on the element, it will be replaced by the current one;
        • if the element is not terminal, the rule will be ignored.

        When a rule is not defined at a given level, it is considered to be AccessRule.ALWAYS_READ_WRITE at that level.

        At runtime, the effective access permission for an element is the most restrictive permission of the following:

        1. Resolved user-defined permissions: this is the minimum permission computed from the user-defined rules set at each level (dataspace, dataset, table, record and node);
        2. AccessRule for the element's dataset: this is the permission computed by the AccessRule attached to the dataset containing the element (see setAccessRuleOnInstance(AccessRule));
        3. AccessRule for the element's record: (only when in a record context) this is the permission computed by the AccessRule attached to the record containing the element, if the element is in a table (see setAccessRuleOnOccurrence(Path, AccessRule)).
        4. AccessRule for the element: this is the permission computed by the AccessRule attached to the element, as set by this method;
        5. AccessRuleForCreate for the element: (only when in a record creation context) this is the permission computed by the AccessRuleForCreate attached to the element, as set by setAccessRuleForCreateOnNode(Path, AccessRuleForCreate);
        Parameters:
        aPath - the location of the element on which to set the rule
        aRule - the rule to be set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        Programmatic access right on the data model node

      • setAccessRuleOnNodeAndAllDescendants

        void setAccessRuleOnNodeAndAllDescendants​(Path aSubTreePath,
                                          boolean includeRoot,
                                          AccessRule aRule,
                                          UserMessage aDescription)
        Declares that the access to an element's subtree may be restricted by the specified rule. Only terminal elements will be affected by the specified rule.

        Attention: Only one AccessRule can be specified for a terminal element. As a consequence, if an AccessRule has previously been set on any node in the specified sub-tree, it will be replaced by the specified one.

        Parameters:
        aSubTreePath - the root of the sub-tree on which to set the rule
        includeRoot - specifies whether the root is also to have the rule set
        aRule - the rule to set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        setAccessRuleOnNode(Path, AccessRule, UserMessage)

      • setAccessRuleForCreateOnNode

        void setAccessRuleForCreateOnNode​(Path aPath,
                                  AccessRuleForCreate aRule,
                                  UserMessage aDescription)
        Declares that the access to a record node may be restricted by the specified rule while in a record creation context.

        See setAccessRuleOnNode(Path, AccessRule) for more information about permission evaluation.

        Attention: Only one AccessRuleForCreate can be specified for a terminal element under a table. As a consequence:

        • if an AccessRuleForCreate has previously been set on the element, it will be replaced by the current one;
        • if the element is not terminal or not under a table, a compilation error is added.

        Parameters:
        aPath - the location of the element on which to set the rule
        aRule - the rule to be set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        Programmatic access right on the data model node

      • setAccessRuleForCreateOnNodeAndAllDescendants

        void setAccessRuleForCreateOnNodeAndAllDescendants​(Path aSubTreePath,
                                                   boolean includeRoot,
                                                   AccessRuleForCreate aRule,
                                                   UserMessage aDescription)
        Declares that the access to an element's subtree may be restricted in a record creation context by the specified AccessRuleForCreate. Only record terminal nodes will be affected by the specified rule.

        Attention: Only one AccessRuleForCreate can be specified for a terminal element under a table. As a consequence, if an AccessRuleForCreate has previously been set on any node in the specified sub-tree, it will be replaced by the specified one.

        Parameters:
        aSubTreePath - the root of the sub-tree on which to set the rule
        includeRoot - specifies whether the root is also to have the rule set
        aRule - the rule to set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        setAccessRuleForCreateOnNode(Path, AccessRuleForCreate, UserMessage)

      • setAccessRuleOnOccurrence

        void setAccessRuleOnOccurrence​(Path aTablePath,
                               AccessRule aRule,
                               UserMessage aDescription)
        Declares that global access to a table record in the data model may be restricted by the specified rule.

        Attention 1: When dealing with large volume, it is highly recommended to use scripting record access rule instead.

        Attention 2: Only one rule can be associated with a table at a given path for access to its records. Thus, if a rule has already been set, it will be replaced by the current one.

        At runtime, the effective access permission to a table record is the most restrictive permission of the following:

        1. AccessRule for the table's dataset: these are the rights that are computed by the AccessRule attached to the dataset containing the table (see setAccessRuleOnInstance(AccessRule));
        2. AccessRule for the element's record: these are the rights that are computed by the AccessRule and/or scripting record access rule attached to the record containing the element.

        When a rule is not defined at a given level, it is considered to be AccessRule.ALWAYS_READ_WRITE at that level.

        Parameters:
        aTablePath - location of the table element
        aRule - the rule to set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        AccessRule.getPermission(com.onwbp.adaptation.Adaptation, Session, SchemaNode)

      • setServicePermissionRuleOnNode

        void setServicePermissionRuleOnNode​(Path aPathInSchema,
                                    ServiceKey aServiceKey,
                                    ServicePermissionRule<? extends EntitySelection> aRule,
                                    UserMessage aDescription)
        Declares that the display and execution of the specified service is conditioned by the specified rule, when invoked on the element referred by the specified path. The rule can only restrict the service availability.

        Attention: Only one rule can be associated with a path. Thus, if a rule has previously been set on the element, it will be replaced by the current one.

        Possible types of rule by element

        When the element specified by the path is a dataset, the specified rule can only be a ServicePermissionRule<DatasetEntitySelection>, in which case the rule will be evaluated when the selection is this dataset.

        When the element specified by the path is a table, the specified rule can either be:

        • a ServicePermissionRule<TableViewEntitySelection> or a ServicePermissionRule<RecordEntitySelection>, in which case the rule will be evaluated when the selection is:
          • this table;
          • a record selection or single record of this table;
          • an association view linking to this table;
          • a single record in an association view linking to this table;
          • a hierarchy with this table as target table;
          • a hierarchy node representing a record of this table.

            • For a ServicePermissionRule<RecordEntitySelection>, the provided context is more limited than the one provided in a ServicePermissionRule<TableViewEntitySelection>, but it is also easier to use when working on a single record base.

        • a ServicePermissionRule<HierarchyEntitySelection>, in which case the rule will only be evaluated when the selection is a hierarchy with this table as target table.
        • a ServicePermissionRule<HierarchyNodeEntitySelection>, in which case the rule will only be evaluated when the selection is a hierarchy node representing a record of this table.

        When the element specified by the path is an association, the specified rule can either be:

        • a ServicePermissionRule<AssociationEntitySelection>, in which case the rule will only be evaluated when the selection is this association.
        • a ServicePermissionRule<AssociationRecordEntitySelection>, in which case the rule will only be evaluated when the selection is a linked record by this association.

        Compilation errors

        A data model compilation error is added:

        • if the element referred by the specified path is not the data model's root, a table, or an association.
        • if the permission rule EntitySelection parameter does not match the element referred by the specified path (see previous section).
        Parameters:
        aPathInSchema - the location of the element on which to set the rule
        aServiceKey - the key of the service on which the rule will apply
        aRule - the rule to be set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Throws:
        IllegalArgumentException - if:
        • specified Path is null.
        • specified ServiceKey is null.
        • specified ServicePermissionRule is null.
        Since:
        6.1.2
        See Also:
        ServicePermissionRule.getPermission(ServicePermissionRuleContext), Programmatic activation on service, Resolving permissions for services

      • setServicePermissionRuleOnNodeAndAllDescendants

        void setServicePermissionRuleOnNodeAndAllDescendants​(Path aSubTreePathInSchema,
                                                     ServiceKey aServiceKey,
                                                     ServicePermissionRule<? extends EntitySelection> aRule,
                                                     UserMessage aDescription)
        Declares that the display and execution of the specified service is conditioned by the specified rule, for all elements matching the rule's type of EntitySelection under the specified data model element.

        Attention: Only one rule can be associated with an element. Thus, if a rule has previously been set for any element in the specified sub-tree, it will be replaced by the specified rule. For this reason, the order in which rules are set is important.

        Matching elements by type of rule

        The rule will be set on table elements only, when the specified rule is either:

        • a ServicePermissionRule<TableViewEntitySelection>
        • a ServicePermissionRule<RecordEntitySelection>,
        • a ServicePermissionRule<HierarchyEntitySelection>
        • a ServicePermissionRule<HierarchyNodeEntitySelection>

        The rule will be set on association elements only, when the specified rule is either:

        • a ServicePermissionRule<AssociationEntitySelection>
        • a ServicePermissionRule<AssociationRecordEntitySelection>

        Parameters:
        aSubTreePathInSchema - the root of the sub-tree on which to set the rule
        aServiceKey - the key of the service on which the rule will apply
        aRule - the rule to set
        aDescription - a description for the rule. When null, aRule's class name is used.
        Since:
        6.1.2
        See Also:
        setServicePermissionRuleOnNode(Path, ServiceKey, ServicePermissionRule, UserMessage), ServicePermissionRule.getPermission(ServicePermissionRuleContext)

      • registerUserServiceExtension

        void registerUserServiceExtension​(UserServiceExtensionDeclaration aUserServiceExtensionDeclaration)
        Registers a new user service extension for the current data model in EBX®.

        Only built-in services and services declared in the current data model can be extended using this method.

        Since:
        5.8.0