org.apache.jackrabbit.core.security.authorization

Class PrivilegeManagerImpl

java.lang.Object

org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl

All Implemented Interfaces:

PrivilegeManager

public final class PrivilegeManagerImpl
extends Object
implements PrivilegeManager

PrivilegeManager...

Constructor Summary

Constructors

Constructor and Description
PrivilegeManagerImpl(PrivilegeRegistry registry, NameResolver nameResolver)

Method Summary

Modifier and Type	Method and Description
void	dispose() Disposes this privilege manager
PrivilegeBits	getBits(Name... privilegeNames)
PrivilegeBits	getBits(Privilege... privileges)
Privilege	getPrivilege(String privilegeName) Returns the privilege with the specified privilegeName.
Set<Privilege>	getPrivileges(PrivilegeBits bits) Returns an array of registered Privileges.
Privilege[]	getRegisteredPrivileges() Returns all registered privileges.
void	privilegesRegistered(Set<Name> privilegeNames)
Privilege	registerPrivilege(String privilegeName, boolean isAbstract, String[] declaredAggregateNames) Register a new custom privilege with the specified characteristics.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PrivilegeManagerImpl

public PrivilegeManagerImpl(PrivilegeRegistry registry,
                            NameResolver nameResolver)

Method Detail

dispose

public void dispose()

Disposes this privilege manager

getRegisteredPrivileges

public Privilege[] getRegisteredPrivileges()
                                    throws RepositoryException

Description copied from interface: PrivilegeManager

Returns all registered privileges.

Specified by:

getRegisteredPrivileges in interface PrivilegeManager

Returns:

all registered privileges.

Throws:

RepositoryException - If an error occurs.

See Also:

PrivilegeManager.getRegisteredPrivileges()

getPrivilege

public Privilege getPrivilege(String privilegeName)
                       throws AccessControlException,
                              RepositoryException

Description copied from interface: PrivilegeManager

Returns the privilege with the specified privilegeName.

Specified by:

getPrivilege in interface PrivilegeManager

Parameters:

privilegeName - Name of the principal.

Returns:

the privilege with the specified privilegeName.

Throws:

AccessControlException - If no privilege with the given name exists.

RepositoryException - If another error occurs.

See Also:

PrivilegeManager.getPrivilege(String)

registerPrivilege

public Privilege registerPrivilege(String privilegeName,
                                   boolean isAbstract,
                                   String[] declaredAggregateNames)
                            throws AccessDeniedException,
                                   RepositoryException

Register a new custom privilege with the specified characteristics.

The current implementation has the following limitations and constraints:

• the name may not be in use by another privilege
• the namespace URI must be a valid, registered namespace excluding those namespaces marked as being reserved
• an aggregate custom privilege is valid if all declared aggregate names can be resolved to registered privileges and if there exists no registered privilege with the same aggregated privileges.

Please note
Custom privilege(s) will not be enforced for any kind of repository operations. Those are exclusively covered by the built-in privileges. This also implies that the Permissions are not affected by custom privileges.

Applications making use of the custom privilege(s) are in charge of asserting whether the privileges are granted/denied according to their application specific needs.

Specified by:

registerPrivilege in interface PrivilegeManager

Parameters:

privilegeName - The name of the new custom privilege.

isAbstract - Boolean flag indicating if the privilege is abstract.

declaredAggregateNames - An array of privilege names referring to registered privileges being aggregated by this new custom privilege. In case of a non aggregate privilege an empty array should be passed.

Returns:

the new privilege.

Throws:

AccessDeniedException - If the session this manager has been created lacks rep:privilegeManagement privilege.

RepositoryException - If the privilege could not be registered due to constraint violations or if persisting the custom privilege fails.

See Also:

PrivilegeManager.registerPrivilege(String, boolean, String[])

getBits

public PrivilegeBits getBits(Privilege... privileges)
                      throws AccessControlException

Parameters:

privileges - An array of privileges.

Returns:

The bits of the privileges contained in the specified array.

Throws:

AccessControlException - If the specified array is null, empty or if it contains an unregistered privilege.

getBits

public PrivilegeBits getBits(Name... privilegeNames)
                      throws RepositoryException

Parameters:

privilegeNames - An array of privilege names.

Returns:

The bits of the privileges contained in the specified array.

Throws:

AccessControlException - If the specified array is null or if it contains the name of an unregistered privilege.

RepositoryException

getPrivileges

public Set<Privilege> getPrivileges(PrivilegeBits bits)

Returns an array of registered Privileges. If the specified bits represent a single registered privilege the returned array contains a single element. Otherwise the returned array contains the individual registered privileges that are combined in the given bits. If bits does not match to any registered privilege an empty array will be returned.

Parameters:

bits - Privilege bits as obtained from getBits(Privilege...).

Returns:

Array of Privileges that are presented by the given bits or an empty array if bits cannot be resolved to registered Privileges.

See Also:

getBits(Privilege...)

privilegesRegistered

public void privilegesRegistered(Set<Name> privilegeNames)

Parameters:

privilegeNames -

See Also:

PrivilegeRegistry.Listener.privilegesRegistered(java.util.Set)