Class PrivilegeRegistry
- java.lang.Object
-
- org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry
-
- All Implemented Interfaces:
PrivilegeEventListener
public final class PrivilegeRegistry extends Object implements PrivilegeEventListener
ThePrivilegeRegistrydefines the set ofPrivileges known to the repository.
-
-
Field Summary
Fields Modifier and Type Field Description static intNO_PRIVILEGENo privilegesstatic StringREP_PRIVILEGE_MANAGEMENTJackrabbit specific privilege for privilege management.static NameREP_PRIVILEGE_MANAGEMENT_NAMEstatic StringREP_WRITEJackrabbit specific write privilege that combinesPrivilege.JCR_WRITEandPrivilege.JCR_NODE_TYPE_MANAGEMENT.static NameREP_WRITE_NAME
-
Constructor Summary
Constructors Constructor Description PrivilegeRegistry(NamespaceRegistry namespaceRegistry, FileSystem fs)Create a newPrivilegeRegistryinstance.PrivilegeRegistry(NameResolver resolver)Deprecated.UsePrivilegeManagerinstead.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static intcalculatePermissions(int privs, int parentPrivs, boolean isAllow, boolean protectsPolicy)Deprecated.static intcalculatePermissions(PrivilegeBits privs, PrivilegeBits parentPrivs, boolean isAllow, boolean protectsPolicy)Build the permissions granted by evaluating the given privileges.voidexternalRegisteredPrivileges(Collection<PrivilegeDefinition> definitions)Called when one or more privilege definitions have been externally registered.static intgetBits(Privilege[] privileges)Deprecated.PrivilegegetPrivilege(String privilegeName)Deprecated.UsePrivilegeManager.getPrivilege(String)instead.Privilege[]getPrivileges(int bits)Deprecated.UsePrivilegeManagerImpl.getPrivileges(PrivilegeBits)instead.Privilege[]getRegisteredPrivileges()Deprecated.UsePrivilegeManager.getRegisteredPrivileges()instead.voidremoveListener(org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry.Listener listener)Removes a privilege registration listener.voidsetEventChannel(PrivilegeEventChannel eventChannel)Set a clustering event channel to inform about changes.
-
-
-
Field Detail
-
REP_WRITE
public static final String REP_WRITE
Jackrabbit specific write privilege that combinesPrivilege.JCR_WRITEandPrivilege.JCR_NODE_TYPE_MANAGEMENT.- See Also:
- Constant Field Values
-
REP_WRITE_NAME
public static final Name REP_WRITE_NAME
-
REP_PRIVILEGE_MANAGEMENT
public static final String REP_PRIVILEGE_MANAGEMENT
Jackrabbit specific privilege for privilege management.- See Also:
- Constant Field Values
-
REP_PRIVILEGE_MANAGEMENT_NAME
public static final Name REP_PRIVILEGE_MANAGEMENT_NAME
-
NO_PRIVILEGE
public static final int NO_PRIVILEGE
No privileges- See Also:
- Constant Field Values
-
-
Constructor Detail
-
PrivilegeRegistry
public PrivilegeRegistry(NamespaceRegistry namespaceRegistry, FileSystem fs) throws RepositoryException
Create a newPrivilegeRegistryinstance.- Parameters:
namespaceRegistry-fs-- Throws:
RepositoryException
-
PrivilegeRegistry
@Deprecated public PrivilegeRegistry(NameResolver resolver)
Deprecated.UsePrivilegeManagerinstead.Create a newPrivilegeRegistryinstance defining only built-in privileges.- Parameters:
resolver-- See Also:
JackrabbitWorkspace.getPrivilegeManager()
-
-
Method Detail
-
externalRegisteredPrivileges
public void externalRegisteredPrivileges(Collection<PrivilegeDefinition> definitions) throws RepositoryException
Called when one or more privilege definitions have been externally registered.- Specified by:
externalRegisteredPrivilegesin interfacePrivilegeEventListener- Parameters:
definitions- privilege definitions- Throws:
RepositoryException- if an error occurs- See Also:
PrivilegeEventListener.externalRegisteredPrivileges(java.util.Collection)
-
setEventChannel
public void setEventChannel(PrivilegeEventChannel eventChannel)
Set a clustering event channel to inform about changes.- Parameters:
eventChannel- event channel
-
getRegisteredPrivileges
@Deprecated public Privilege[] getRegisteredPrivileges()
Deprecated.UsePrivilegeManager.getRegisteredPrivileges()instead.ThrowsUnsupportedOperationException.- Returns:
- all registered privileges.
-
getPrivilege
@Deprecated public Privilege getPrivilege(String privilegeName) throws AccessControlException, RepositoryException
Deprecated.UsePrivilegeManager.getPrivilege(String)instead.Creates a newPrivilegeManagerfrom the specified resolver and callsPrivilegeManagerImpl.getRegisteredPrivileges().- Parameters:
privilegeName- Name of the privilege.- Returns:
- the privilege with the specified
privilegeName. - Throws:
AccessControlException- If no privilege with the given name exists.RepositoryException- If another error occurs.
-
getPrivileges
@Deprecated public Privilege[] getPrivileges(int bits)
Deprecated.UsePrivilegeManagerImpl.getPrivileges(PrivilegeBits)instead.Creates a newPrivilegeManagerfrom the specified resolver and callsPrivilegeManagerImpl.getPrivileges(PrivilegeBits).- Parameters:
bits- Privilege bits as obtained fromgetBits(Privilege[]).- Returns:
- Array of
Privileges that are presented by the given it or an empty array ifbitsis lower thanREADor cannot be resolved to registeredPrivileges. - See Also:
getBits(Privilege[])
-
getBits
@Deprecated public static int getBits(Privilege[] privileges) throws AccessControlException
Deprecated.Best effort approach to calculate bits for built-in privileges. ThrowsUnsupportedOperationExceptionif the workaround fails.- Parameters:
privileges- An array of privileges.- Returns:
- The privilege bits.
- Throws:
AccessControlException- If the specified array is null or if it contains an unregistered privilege.- See Also:
getPrivileges(int)
-
calculatePermissions
public static int calculatePermissions(PrivilegeBits privs, PrivilegeBits parentPrivs, boolean isAllow, boolean protectsPolicy)
Build the permissions granted by evaluating the given privileges. Note, that only built-in privileges can be mapped to permissions. Any other privileges will be ignored.- Parameters:
privs- The privileges granted on the Node itself (for properties the ACL of the direct ancestor).parentPrivs- The privileges granted on the parent of the Node. Not relevant for properties since it only is used to determine permissions on a Node (add_child_nodes, remove_child_nodes).isAllow-trueif the privileges are granted;falseotherwise.protectsPolicy- Iftruethe affected item itself defines access control related information.- Returns:
- the permissions granted evaluating the given privileges.
-
calculatePermissions
@Deprecated public static int calculatePermissions(int privs, int parentPrivs, boolean isAllow, boolean protectsPolicy)
Deprecated.Build the permissions granted by evaluating the given privileges. Note, that only built-in privileges can be mapped to permissions. Any other privileges will be ignored.- Parameters:
privs- The privileges granted on the Node itself (for properties the ACL of the direct ancestor).parentPrivs- The privileges granted on the parent of the Node. Not relevant for properties since it only is used to determine permissions on a Node (add_child_nodes, remove_child_nodes).isAllow-trueif the privileges are granted;falseotherwise.protectsPolicy- Iftruethe affected item itself defines access control related information.- Returns:
- the permissions granted evaluating the given privileges.
-
removeListener
public void removeListener(org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry.Listener listener)
Removes a privilege registration listener.- Parameters:
listener-
-
-