public abstract class AbstractACLTemplate extends Object implements JackrabbitAccessControlList, AccessControlConstants
AbstractACLTemplate
...Modifier and Type | Field and Description |
---|---|
protected String |
path
Path of the node this ACL template has been created for.
|
protected javax.jcr.ValueFactory |
valueFactory
The value factory
|
N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES
Modifier | Constructor and Description |
---|---|
protected |
AbstractACLTemplate(String path,
javax.jcr.ValueFactory valueFactory) |
Modifier and Type | Method and Description |
---|---|
boolean |
addAccessControlEntry(Principal principal,
javax.jcr.security.Privilege[] privileges) |
boolean |
addEntry(Principal principal,
javax.jcr.security.Privilege[] privileges,
boolean isAllow)
Same as
JackrabbitAccessControlList.addEntry(Principal, Privilege[], boolean, Map) using
some implementation specific restrictions. |
boolean |
addEntry(Principal principal,
javax.jcr.security.Privilege[] privileges,
boolean isAllow,
Map<String,javax.jcr.Value> restrictions,
Map<String,javax.jcr.Value[]> mvRestrictions)
Adds an access control entry to this policy consisting of the specified
principal , the specified privileges , the
isAllow flag and an optional map containing additional
restrictions. |
protected abstract void |
checkValidEntry(Principal principal,
javax.jcr.security.Privilege[] privileges,
boolean isAllow,
Map<String,javax.jcr.Value> restrictions)
Validates the given parameters to create a new ACE and throws an
AccessControlException if any of them is invalid. |
javax.jcr.security.AccessControlEntry[] |
getAccessControlEntries() |
protected abstract List<javax.jcr.security.AccessControlEntry> |
getEntries()
Return the list of entries, if they are held in an orderable list.
|
String |
getPath()
Returns the path of the node this policy has been created for.
|
boolean |
isEmpty()
Returns
true if this policy does not yet define any
entries. |
void |
orderBefore(javax.jcr.security.AccessControlEntry srcEntry,
javax.jcr.security.AccessControlEntry destEntry)
If the
AccessControlList implementation supports
reordering of entries the specified srcEntry is inserted
at the position of the specified destEntry . |
int |
size()
Returns the number of entries or 0 if the policy
is empty . |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
addEntry, getRestrictionNames, getRestrictionType
protected final String path
protected final javax.jcr.ValueFactory valueFactory
protected AbstractACLTemplate(String path, javax.jcr.ValueFactory valueFactory)
protected abstract void checkValidEntry(Principal principal, javax.jcr.security.Privilege[] privileges, boolean isAllow, Map<String,javax.jcr.Value> restrictions) throws javax.jcr.security.AccessControlException
AccessControlException
if any of them is invalid. Otherwise
this method returns silently.principal
- The principal to create the ACE for.privileges
- The privileges to be granted/denied by the ACE.isAllow
- Defines if the privileges are allowed or denied.restrictions
- The additional restrictions.javax.jcr.security.AccessControlException
- If any of the given parameters is invalid.protected abstract List<javax.jcr.security.AccessControlEntry> getEntries()
orderBefore(AccessControlEntry, AccessControlEntry)
public String getPath()
JackrabbitAccessControlPolicy
getPath
in interface JackrabbitAccessControlPolicy
JackrabbitAccessControlPolicy.getPath()
public boolean addEntry(Principal principal, javax.jcr.security.Privilege[] privileges, boolean isAllow) throws javax.jcr.security.AccessControlException, javax.jcr.RepositoryException
JackrabbitAccessControlList
JackrabbitAccessControlList.addEntry(Principal, Privilege[], boolean, Map)
using
some implementation specific restrictions.addEntry
in interface JackrabbitAccessControlList
principal
- the principal to add the entry forprivileges
- the privileges to addisAllow
- if true
if this is a positive (allow) entryjavax.jcr.security.AccessControlException
- If any of the given parameter is invalid
or cannot be handled by the implementation.javax.jcr.RepositoryException
- If another error occurs.JackrabbitAccessControlList.addEntry(Principal, Privilege[], boolean)
public boolean addEntry(Principal principal, javax.jcr.security.Privilege[] privileges, boolean isAllow, Map<String,javax.jcr.Value> restrictions, Map<String,javax.jcr.Value[]> mvRestrictions) throws javax.jcr.security.AccessControlException, javax.jcr.RepositoryException
JackrabbitAccessControlList
principal
, the specified privileges
, the
isAllow
flag and an optional map containing additional
restrictions.
This method returns true
if this policy was modified,
false
otherwise.
An AccessControlException
is thrown if any of the specified
parameters is invalid or if some other access control related exception occurs.
addEntry
in interface JackrabbitAccessControlList
principal
- the principal to add the entry forprivileges
- the privileges to addisAllow
- if true
if this is a positive (allow) entryrestrictions
- A map of additional restrictions used to narrow the
effect of the entry to be created. The map must map JCR names to a single
Value
object.javax.jcr.security.AccessControlException
- If any of the given parameter is invalid
or cannot be handled by the implementation.javax.jcr.RepositoryException
- If another error occurs.JackrabbitAccessControlList.addEntry(Principal, Privilege[], boolean, Map, Map)
public int size()
JackrabbitAccessControlList
is empty
.size
in interface JackrabbitAccessControlList
is empty
.JackrabbitAccessControlList.size()
public boolean isEmpty()
JackrabbitAccessControlList
true
if this policy does not yet define any
entries.isEmpty
in interface JackrabbitAccessControlList
JackrabbitAccessControlList.isEmpty()
public void orderBefore(javax.jcr.security.AccessControlEntry srcEntry, javax.jcr.security.AccessControlEntry destEntry) throws javax.jcr.security.AccessControlException, javax.jcr.UnsupportedRepositoryOperationException, javax.jcr.RepositoryException
JackrabbitAccessControlList
AccessControlList
implementation supports
reordering of entries the specified srcEntry
is inserted
at the position of the specified destEntry
.
If destEntry
is null
the entry is moved to the
end of the list.
If srcEntry
and destEntry
are the same no
changes are made.
orderBefore
in interface JackrabbitAccessControlList
srcEntry
- The access control entry to be moved within the list.destEntry
- The entry before which the srcEntry
will be moved.javax.jcr.security.AccessControlException
- If any of the given entries is invalid or
cannot be handled by the implementation.javax.jcr.UnsupportedRepositoryOperationException
- If ordering is not supported.javax.jcr.RepositoryException
- If another error occurs.JackrabbitAccessControlList.orderBefore(javax.jcr.security.AccessControlEntry, javax.jcr.security.AccessControlEntry)
public javax.jcr.security.AccessControlEntry[] getAccessControlEntries() throws javax.jcr.RepositoryException
getAccessControlEntries
in interface javax.jcr.security.AccessControlList
javax.jcr.RepositoryException
AccessControlList.getAccessControlEntries()
public boolean addAccessControlEntry(Principal principal, javax.jcr.security.Privilege[] privileges) throws javax.jcr.security.AccessControlException, javax.jcr.RepositoryException
addAccessControlEntry
in interface javax.jcr.security.AccessControlList
javax.jcr.security.AccessControlException
javax.jcr.RepositoryException
AccessControlList.addAccessControlEntry(java.security.Principal , javax.jcr.security.Privilege[])
Copyright © 2004-2020 The Apache Software Foundation. All Rights Reserved.