Package org.apache.jackrabbit.core.security.authorization

Interface CompiledPermissions

  • All Known Implementing Classes:
    AbstractCompiledPermissions
    public interface CompiledPermissions
    CompiledPermissions represents the evaluation of an AccessControlPolicy that applies for a given set of Principals (normally obtained from the Subject of a Session).

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static CompiledPermissions NO_PERMISSION
      Static implementation of a CompiledPermissions that doesn't grant any permissions at all.

    • Field Detail

      • NO_PERMISSION

        static final CompiledPermissions NO_PERMISSION
        Static implementation of a CompiledPermissions that doesn't grant any permissions at all.

    • Method Detail

      • close

        void close()
        Indicate to this CompiledPermissions object that it is not used any more.

      • grants

        boolean grants​(Path absPath,
               int permissions)
        throws RepositoryException
        Returns true if the specified permissions are granted on the item identified by the given path.
        Parameters:
        absPath - Absolute path pointing to an item. If the item does not exist yet (asking for 'add-node' and 'set-property' permission), it's direct ancestor must exist.
        permissions - A combination of one or more of permission constants defined by Permission encoded as a bitmask value
        Returns:
        true if the specified permissions are granted, false otherwise.
        Throws:
        RepositoryException - if an error occurs.

      • getPrivileges

        int getPrivileges​(Path absPath)
           throws RepositoryException
        Deprecated.
        Use getPrivilegeSet(Path) instead.
        Returns the Privilege bits granted by the underlying policy if the given absPath.
        Parameters:
        absPath - Absolute path to a Node.
        Returns:
        the granted privileges at absPath.
        Throws:
        RepositoryException - if an error occurs

      • hasPrivileges

        boolean hasPrivileges​(Path absPath,
                      Privilege... privileges)
               throws RepositoryException
        Returns true if the given privileges are granted at the specified absPath.
        Parameters:
        absPath -
        privileges -
        Returns:
        true if the given privileges are granted at the specified absPath.
        Throws:
        RepositoryException

      • getPrivilegeSet

        Set<Privilege> getPrivilegeSet​(Path absPath)
                        throws RepositoryException
        Returns the Privileges granted by the underlying policy at the given absPath.
        Parameters:
        absPath - Absolute path to a Node.
        Returns:
        the granted privileges at absPath.
        Throws:
        RepositoryException - if an error occurs

      • canReadAll

        boolean canReadAll()
            throws RepositoryException
        Returns true if READ permission is granted everywhere. This method acts as shortcut for grants(Path, int) where permissions is Permission.READ and allows to shorten the evaluation time given the fact that a check for READ permission is considered to be the most frequent test.
        Returns:
        true if the READ permission is granted everywhere.
        Throws:
        RepositoryException - if an error occurs

      • canRead

        boolean canRead​(Path itemPath,
                ItemId itemId)
         throws RepositoryException
        Returns true if READ permission is granted for the existing item with the given Path and/or ItemId. This method acts as shortcut for grants(Path, int) where permissions is Permission.READ and allows to shorten the evaluation time given the fact that a check for READ permissions is considered to be the most frequent test.
        If both Path and ItemId are not null it is left to the implementation which parameter to use.n
        Parameters:
        itemPath - The path to the item or null if the ID should be used to determine the READ permission.
        itemId - The itemId or null if the path should be used to determine the READ permission.
        Returns:
        true if the READ permission is granted.
        Throws:
        RepositoryException - If no item exists with the specified path or itemId or if some other error occurs.