Package org.apache.jackrabbit.core.security.authorization.acl

Class ACLEditor

java.lang.Object

org.apache.jackrabbit.core.ProtectedItemModifier

org.apache.jackrabbit.core.security.authorization.acl.ACLEditor

All Implemented Interfaces:

AccessControlConstants, AccessControlEditor

public class ACLEditor
extends ProtectedItemModifier
implements AccessControlEditor, AccessControlConstants

ACLEditor...

Field Summary

Fields inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlConstants

N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES

Method Summary

Modifier and Type	Method	Description
AccessControlPolicy[]	editAccessControlPolicies(String nodePath)	Retrieves the editable policies for the Node identified by the given nodePath that are applicable but have not yet have been set. The AccessControlPolicy objects returned are detached from the underlying AccessControlProvider and is only an external representation.
JackrabbitAccessControlPolicy[]	editAccessControlPolicies(Principal principal)	Returns an array of editable policies for the given principal.
AccessControlPolicy[]	getPolicies(String nodePath)	Retrieves the policies for the Node identified by the given nodePath.
JackrabbitAccessControlPolicy[]	getPolicies(Principal principal)	Always returns an empty array as no applicable policies are exposed.
protected static Name	getUniqueNodeName(Node node, String name)	Create a unique valid name for the Permission nodes to be save.
void	removePolicy(String nodePath, AccessControlPolicy policy)	Removes the specified policy from the node at nodePath.
void	setPolicy(String nodePath, AccessControlPolicy policy)	Stores the policy template to the respective node.

Methods inherited from class org.apache.jackrabbit.core.ProtectedItemModifier

addNode, addNode, markModified, performProtected, removeItem, setProperty, setProperty, setProperty, setProperty

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getPolicies

public AccessControlPolicy[] getPolicies(String nodePath)
                                  throws AccessControlException,
                                         PathNotFoundException,
                                         RepositoryException

Description copied from interface: AccessControlEditor

Retrieves the policies for the Node identified by the given nodePath. In contrast to AccessControlEditor.editAccessControlPolicies(java.lang.String) this method returns an empty array if no policy has been applied before by calling AccessControlEditor.setPolicy(java.lang.String, javax.jcr.security.AccessControlPolicy)). Still the returned policies are detached from the AccessControlProvider and are only an external representation. Modification will therefore not take effect, until they are written back to the editor and persisted.

Compared to the policy returned by AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path, CompiledPermissions), the scope of the policies it limited to the Node itself and does not take inherited elements into account.

Specified by:

getPolicies in interface AccessControlEditor

Parameters:

nodePath - Absolute path to an existing node object.

Returns:

the policies applied so far or an empty array if no policy has been applied to the node before.

Throws:

AccessControlException - If the Node identified by the given nodePath does not allow access control modifications (e.g. the node itself stores the access control information for its parent).

PathNotFoundException - if no node exists for the given nodePath.

RepositoryException - if an error occurs

See Also:

AccessControlEditor.getPolicies(String)

getPolicies

public JackrabbitAccessControlPolicy[] getPolicies(Principal principal)
                                            throws AccessControlException,
                                                   RepositoryException

Always returns an empty array as no applicable policies are exposed.

Specified by:

getPolicies in interface AccessControlEditor

Parameters:

principal - Principal for which the editable policies should be returned.

Returns:

the policies applied so far or an empty array if no policy has been applied before.

Throws:

AccessControlException - if the specified principal does not exist, if this implementation cannot provide policies for individual principals or if same other access control related exception occurs.

RepositoryException - if an error occurs

See Also:

AccessControlEditor.getPolicies(Principal)

editAccessControlPolicies

public AccessControlPolicy[] editAccessControlPolicies(String nodePath)
                                                throws AccessControlException,
                                                       PathNotFoundException,
                                                       RepositoryException

Description copied from interface: AccessControlEditor

Retrieves the editable policies for the Node identified by the given nodePath that are applicable but have not yet have been set.
The AccessControlPolicy objects returned are detached from the underlying AccessControlProvider and is only an external representation. Modification will therefore not take effect, until a modified policy is written back to the editor and persisted.

See AccessControlEditor.getPolicies(String) for the corresponding method that returns the editable policies that have been set to the node at nodePath before.

Compared to the policies returned by AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path, CompiledPermissions), the scope of the policies returned by this methods it limited to the Node itself and does never not take inherited elements into account.

Specified by:

editAccessControlPolicies in interface AccessControlEditor

Parameters:

nodePath - Absolute path to an existing node object.

Returns:

an array of editable access control policies.

Throws:

AccessControlException - If the Node identified by the given nodePath does not allow access control modifications.

PathNotFoundException - if no node exists for the given nodePath.

RepositoryException - if an error occurs

See Also:

AccessControlEditor.editAccessControlPolicies(String)

editAccessControlPolicies

public JackrabbitAccessControlPolicy[] editAccessControlPolicies(Principal principal)
                                                          throws AccessDeniedException,
                                                                 AccessControlException,
                                                                 RepositoryException

Description copied from interface: AccessControlEditor

Returns an array of editable policies for the given principal.

Specified by:

editAccessControlPolicies in interface AccessControlEditor

Parameters:

principal - Principal for which the editable policies should be returned.

Returns:

an array of editable policies for the given principal.

Throws:

AccessDeniedException - If the editing session is not allowed to edit policies.

AccessControlException - if the specified principal does not exist, if this implementation cannot provide policies for individual principals or if same other access control related exception occurs.

RepositoryException - if another error occurs.

See Also:

AccessControlEditor.editAccessControlPolicies(Principal)

setPolicy

public void setPolicy(String nodePath,
                      AccessControlPolicy policy)
               throws RepositoryException

Description copied from interface: AccessControlEditor

Stores the policy template to the respective node.

Specified by:

setPolicy in interface AccessControlEditor

Parameters:

nodePath - Absolute path to an existing node object.

policy - the AccessControlPolicy to store.

Throws:

AccessControlException - If the policy is null or if it is not applicable to the Node identified by the given nodePath.

PathNotFoundException - if no node exists for the given nodePath.

RepositoryException - if an other error occurs.

See Also:

AccessControlEditor.setPolicy(String,AccessControlPolicy)

removePolicy

public void removePolicy(String nodePath,
                         AccessControlPolicy policy)
                  throws AccessControlException,
                         RepositoryException

Description copied from interface: AccessControlEditor

Removes the specified policy from the node at nodePath.

Specified by:

removePolicy in interface AccessControlEditor

Parameters:

nodePath - Absolute path to an existing node object.

policy - The policy to be removed at nodePath.

Throws:

AccessControlException - If the Node identified by the given nodePath does not allow policy modifications or does not have the specified policy attached.

PathNotFoundException - if no node exists for the given nodePath.

RepositoryException - if an other error occurs

See Also:

AccessControlEditor.removePolicy(String,AccessControlPolicy)

getUniqueNodeName

protected static Name getUniqueNodeName(Node node,
                                        String name)
                                 throws RepositoryException

Create a unique valid name for the Permission nodes to be save.

Parameters:

node - a name for the child is resolved

name - if missing the DEFAULT_ACE_NAME is taken

Returns:

the name

Throws:

RepositoryException - if an error occurs