Package org.apache.jackrabbit.core.security.authorization

Class PrivilegeManagerImpl

    • Method Detail

      • dispose

        public void dispose()
        Disposes this privilege manager

      • registerPrivilege

        public Privilege registerPrivilege​(String privilegeName,
                                   boolean isAbstract,
                                   String[] declaredAggregateNames)
                            throws AccessDeniedException,
                                   RepositoryException
        Register a new custom privilege with the specified characteristics.

        The current implementation has the following limitations and constraints:

        • the name may not be in use by another privilege
        • the namespace URI must be a valid, registered namespace excluding those namespaces marked as being reserved
        • an aggregate custom privilege is valid if all declared aggregate names can be resolved to registered privileges and if there exists no registered privilege with the same aggregated privileges.

        Please note
        Custom privilege(s) will not be enforced for any kind of repository operations. Those are exclusively covered by the built-in privileges. This also implies that the Permissions are not affected by custom privileges.

        Applications making use of the custom privilege(s) are in charge of asserting whether the privileges are granted/denied according to their application specific needs.

        Specified by:
        registerPrivilege in interface PrivilegeManager
        Parameters:
        privilegeName - The name of the new custom privilege.
        isAbstract - Boolean flag indicating if the privilege is abstract.
        declaredAggregateNames - An array of privilege names referring to registered privileges being aggregated by this new custom privilege. In case of a non aggregate privilege an empty array should be passed.
        Returns:
        the new privilege.
        Throws:
        AccessDeniedException - If the session this manager has been created lacks rep:privilegeManagement privilege.
        RepositoryException - If the privilege could not be registered due to constraint violations or if persisting the custom privilege fails.
        See Also:
        PrivilegeManager.registerPrivilege(String, boolean, String[])

      • getBits

        public PrivilegeBits getBits​(Privilege... privileges)
                      throws AccessControlException
        Parameters:
        privileges - An array of privileges.
        Returns:
        The bits of the privileges contained in the specified array.
        Throws:
        AccessControlException - If the specified array is null, empty or if it contains an unregistered privilege.

      • getPrivileges

        public Set<Privilege> getPrivileges​(PrivilegeBits bits)
        Returns an array of registered Privileges. If the specified bits represent a single registered privilege the returned array contains a single element. Otherwise the returned array contains the individual registered privileges that are combined in the given bits. If bits does not match to any registered privilege an empty array will be returned.
        Parameters:
        bits - Privilege bits as obtained from getBits(Privilege...).
        Returns:
        Array of Privileges that are presented by the given bits or an empty array if bits cannot be resolved to registered Privileges.
        See Also:
        getBits(Privilege...)

      • privilegesRegistered

        public void privilegesRegistered​(Set<Name> privilegeNames)
        Parameters:
        privilegeNames -
        See Also:
        PrivilegeRegistry.Listener.privilegesRegistered(java.util.Set)