public interface AccessControlProvider
AccessControlManager
that
is bound to a specific session/subject.
Please note following additional special conditions:
AccessControlProvider
.ItemNotFoundException
will be thrown. It is
therefore recommended to evaluate the id of the closest not-new ancestor
node before calling any methods on the provider.AccessControlEditor
are not effective unless
they are persisted by calling Session.save()
on the session
that has been used to obtain the editor.AccessControlProviderFactory
Modifier and Type | Method and Description |
---|---|
boolean |
canAccessRoot(Set<Principal> principals)
Returns
true if the given set of principals can access the
root node of the workspace this provider has been built for;
false otherwise. |
void |
close()
Closes this provider when it is no longer used by the respective
workspace and release resources bound by this provider.
|
CompiledPermissions |
compilePermissions(Set<Principal> principals)
Compiles the effective policy for the specified set of
Principal s. |
AccessControlEditor |
getEditor(Session session)
Returns an
AccessControlEditor for the given Session object
or null if the implementation does not support editing
of access control policies. |
AccessControlPolicy[] |
getEffectivePolicies(Path absPath,
CompiledPermissions permissions)
Returns the effective policies for the node at the given absPath.
|
AccessControlPolicy[] |
getEffectivePolicies(Set<Principal> principals,
CompiledPermissions permissions)
Returns the effective policies for the given principals.
|
void |
init(Session systemSession,
Map configuration)
Allows the
AccessControlProviderFactory to pass a session
and configuration parameters to the AccessControlProvider . |
boolean |
isLive()
Returns
true , if this provider is still alive and able to
evaluate permissions; false otherwise. |
void init(Session systemSession, Map configuration) throws RepositoryException
AccessControlProviderFactory
to pass a session
and configuration parameters to the AccessControlProvider
.systemSession
- System session.configuration
- Configuration used to initialize this provider.RepositoryException
- If an error occurs.void close()
boolean isLive()
true
, if this provider is still alive and able to
evaluate permissions; false
otherwise.true
, if this provider is still alive and able to
evaluate permissions; false
otherwise.AccessControlPolicy[] getEffectivePolicies(Path absPath, CompiledPermissions permissions) throws ItemNotFoundException, RepositoryException
absPath
- an absolute path.permissions
- The effective permissions of the editing
sessions that attempts to view the effective policies.absPath
or
an empty array if the implementation cannot determine the effective
policy at the given path.ItemNotFoundException
- If no Node with the specified
absPath
exists.RepositoryException
- If another error occurs.AccessControlManager.getEffectivePolicies(String)
AccessControlPolicy[] getEffectivePolicies(Set<Principal> principals, CompiledPermissions permissions) throws RepositoryException
principals
- A set of principal.permissions
- The effective permissions of the editing
sessions that attempts to view the effective policies. @return The effective policies that are in effect for the given
principal
or an empty array.RepositoryException
- If error occurs.JackrabbitAccessControlManager.getEffectivePolicies(Set)
AccessControlEditor getEditor(Session session) throws RepositoryException
AccessControlEditor
for the given Session object
or null
if the implementation does not support editing
of access control policies.session
- The editing session.null
.RepositoryException
- If an error occurs.CompiledPermissions compilePermissions(Set<Principal> principals) throws RepositoryException
Principal
s.principals
- Set of principals to compile the permissions for. If
the order of evaluating permissions for principals is meaningful, the
caller should pass a Set that respects the order of insertion.RepositoryException
- If an error occurs.boolean canAccessRoot(Set<Principal> principals) throws RepositoryException
true
if the given set of principals can access the
root node of the workspace this provider has been built for;
false
otherwise.principals
- Set of principals to be tested for being allowed to
access the root node.true
if the given set of principals can access the
root node of the workspace this provider has been built for;
false
otherwise.RepositoryException
- If an error occurs.Copyright © 2004–2024 The Apache Software Foundation. All rights reserved.