public interface CompiledPermissions
CompiledPermissions
represents the evaluation of an
AccessControlPolicy
that applies for a given set of
Principal
s (normally obtained from the Subject
of a Session).Modifier and Type | Field and Description |
---|---|
static CompiledPermissions |
NO_PERMISSION
Static implementation of a
CompiledPermissions that doesn't
grant any permissions at all. |
Modifier and Type | Method and Description |
---|---|
boolean |
canRead(Path itemPath,
ItemId itemId)
Returns
true if READ permission is granted for the
existing item with the given Path and/or
ItemId . |
boolean |
canReadAll()
Returns
true if READ permission is granted everywhere. |
void |
close()
Indicate to this
CompiledPermissions object that it is
not used any more. |
int |
getPrivileges(Path absPath)
Deprecated.
Use
getPrivilegeSet(Path) instead. |
Set<Privilege> |
getPrivilegeSet(Path absPath)
Returns the
Privilege s granted by the underlying policy
at the given absPath . |
boolean |
grants(Path absPath,
int permissions)
Returns
true if the specified permissions are granted
on the item identified by the given path . |
boolean |
hasPrivileges(Path absPath,
Privilege... privileges)
Returns
true if the given privileges are granted at the
specified absPath . |
static final CompiledPermissions NO_PERMISSION
CompiledPermissions
that doesn't
grant any permissions at all.void close()
CompiledPermissions
object that it is
not used any more.boolean grants(Path absPath, int permissions) throws RepositoryException
true
if the specified permissions are granted
on the item identified by the given path
.absPath
- Absolute path pointing to an item. If the item does
not exist yet (asking for 'add-node' and 'set-property' permission),
it's direct ancestor must exist.permissions
- A combination of one or more of permission constants
defined by Permission
encoded as a bitmask valuetrue
if the specified permissions are granted,
false
otherwise.RepositoryException
- if an error occurs.int getPrivileges(Path absPath) throws RepositoryException
getPrivilegeSet(Path)
instead.Privilege
bits granted by the underlying policy
if the given absPath
.absPath
- Absolute path to a Node
.absPath
.RepositoryException
- if an error occursboolean hasPrivileges(Path absPath, Privilege... privileges) throws RepositoryException
true
if the given privileges are granted at the
specified absPath
.absPath
- privileges
- true
if the given privileges are granted at the
specified absPath
.RepositoryException
Set<Privilege> getPrivilegeSet(Path absPath) throws RepositoryException
Privilege
s granted by the underlying policy
at the given absPath
.absPath
- Absolute path to a Node
.absPath
.RepositoryException
- if an error occursboolean canReadAll() throws RepositoryException
true
if READ permission is granted everywhere.
This method acts as shortcut for grants(Path, int)
where
permissions is Permission.READ
and allows to shorten the
evaluation time given the fact that a check for READ permission is
considered to be the most frequent test.true
if the READ permission is granted everywhere.RepositoryException
- if an error occursboolean canRead(Path itemPath, ItemId itemId) throws RepositoryException
true
if READ permission is granted for the
existing item with the given Path
and/or
ItemId
.
This method acts as shortcut for grants(Path, int)
where
permissions is Permission.READ
and allows to shorten the
evaluation time given the fact that a check for READ permissions is
considered to be the most frequent test.null
it is left to the
implementation which parameter to use.nitemPath
- The path to the item or null
if the ID
should be used to determine the READ permission.itemId
- The itemId or null
if the path should be
used to determine the READ permission.true
if the READ permission is granted.RepositoryException
- If no item exists with the specified path or
itemId or if some other error occurs.Copyright © 2004–2021 The Apache Software Foundation. All rights reserved.