Class ACLProvider

  • All Implemented Interfaces:
    AccessControlConstants, AccessControlProvider, AccessControlUtils

    public class ACLProvider
    extends AbstractAccessControlProvider
    implements AccessControlConstants
    The ACLProvider generates access control policies out of the items stored in the workspace applying the following rules:
    • A Node is considered access controlled if an ACL has been explicitly assigned to it by adding the mixin type rep:AccessControllable and adding child node of type rep:acl that forms the acl.
    • a Property is considered 'access controlled' if its parent Node is.
    • An ACL is never assigned to a Property item.
    • A Node that is not access controlled may inherit the ACL. The ACL is inherited from the closest access controlled ancestor.
    • It may be possible that a given Node has no effective ACL, in which case some a default policy is returned that grants READ privilege to any principal and denies all other privileges.
    • an item is considered an ACL item if it is used to define an ACL. ACL items inherit the ACL from node they defined the ACL for.
    See Also:
    for additional information.