Class ACLEditor
- java.lang.Object
-
- org.apache.jackrabbit.core.ProtectedItemModifier
-
- org.apache.jackrabbit.core.security.authorization.principalbased.ACLEditor
-
- All Implemented Interfaces:
AccessControlConstants
,AccessControlEditor
public class ACLEditor extends ProtectedItemModifier implements AccessControlEditor, AccessControlConstants
ACLEditor
...
-
-
Field Summary
-
Fields inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlConstants
N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description AccessControlPolicy[]
editAccessControlPolicies(String nodePath)
Retrieves the editable policies for the Node identified by the givennodePath
that are applicable but have not yet have been set.
The AccessControlPolicy objects returned are detached from the underlyingAccessControlProvider
and is only an external representation.JackrabbitAccessControlPolicy[]
editAccessControlPolicies(Principal principal)
Returns an array of editable policies for the givenprincipal
.AccessControlPolicy[]
getPolicies(String nodePath)
Retrieves the policies for the Node identified by the givennodePath
.JackrabbitAccessControlPolicy[]
getPolicies(Principal principal)
Retrieves the policies that have been applied before for the givenprincipal
.protected static Name
getUniqueNodeName(Node node, String name)
Create a unique valid name for the Permission nodes to be save.void
removePolicy(String nodePath, AccessControlPolicy policy)
Removes the specified policy from the node atnodePath
.void
setPolicy(String nodePath, AccessControlPolicy policy)
Stores the policy template to the respective node.-
Methods inherited from class org.apache.jackrabbit.core.ProtectedItemModifier
addNode, addNode, markModified, performProtected, removeItem, setProperty, setProperty, setProperty, setProperty
-
-
-
-
Method Detail
-
getPolicies
public AccessControlPolicy[] getPolicies(String nodePath) throws AccessControlException, PathNotFoundException, RepositoryException
Description copied from interface:AccessControlEditor
Retrieves the policies for the Node identified by the givennodePath
. In contrast toAccessControlEditor.editAccessControlPolicies(java.lang.String)
this method returns an empty array if no policy has been applied before by callingAccessControlEditor.setPolicy(java.lang.String, javax.jcr.security.AccessControlPolicy)
). Still the returned policies are detached from theAccessControlProvider
and are only an external representation. Modification will therefore not take effect, until they are written back to the editor and persisted.Compared to the policy returned by
AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path, CompiledPermissions)
, the scope of the policies it limited to the Node itself and does not take inherited elements into account.- Specified by:
getPolicies
in interfaceAccessControlEditor
- Parameters:
nodePath
- Absolute path to an existing node object.- Returns:
- the policies applied so far or an empty array if no policy has been applied to the node before.
- Throws:
AccessControlException
- If the Node identified by the givennodePath
does not allow access control modifications (e.g. the node itself stores the access control information for its parent).PathNotFoundException
- if no node exists for the givennodePath
.RepositoryException
- if an error occurs- See Also:
AccessControlEditor.getPolicies(String)
-
getPolicies
public JackrabbitAccessControlPolicy[] getPolicies(Principal principal) throws AccessControlException, RepositoryException
Description copied from interface:AccessControlEditor
Retrieves the policies that have been applied before for the givenprincipal
. In contrast toAccessControlEditor.editAccessControlPolicies(java.lang.String)
this method returns an empty array if no policy has been applied before by callingAccessControlEditor.setPolicy(java.lang.String, javax.jcr.security.AccessControlPolicy)
). Still the returned policies are detached from theAccessControlProvider
and are only an external representation. Modification will therefore not take effect, until they are written back to the editor and persisted.- Specified by:
getPolicies
in interfaceAccessControlEditor
- Parameters:
principal
- Principal for which the editable policies should be returned.- Returns:
- the policies applied so far or an empty array if no policy has been applied before.
- Throws:
AccessControlException
- if the specified principal does not exist, if this implementation cannot provide policies for individual principals or if same other access control related exception occurs.RepositoryException
- if an error occurs- See Also:
AccessControlEditor.getPolicies(Principal)
-
editAccessControlPolicies
public AccessControlPolicy[] editAccessControlPolicies(String nodePath) throws AccessControlException, PathNotFoundException, RepositoryException
Description copied from interface:AccessControlEditor
Retrieves the editable policies for the Node identified by the givennodePath
that are applicable but have not yet have been set.
The AccessControlPolicy objects returned are detached from the underlyingAccessControlProvider
and is only an external representation. Modification will therefore not take effect, until a modified policy is written back to the editor and persisted.See
AccessControlEditor.getPolicies(String)
for the corresponding method that returns the editable policies that have been set to the node atnodePath
before.Compared to the policies returned by
AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path, CompiledPermissions)
, the scope of the policies returned by this methods it limited to the Node itself and does never not take inherited elements into account.- Specified by:
editAccessControlPolicies
in interfaceAccessControlEditor
- Parameters:
nodePath
- Absolute path to an existing node object.- Returns:
- an array of editable access control policies.
- Throws:
AccessControlException
- If the Node identified by the givennodePath
does not allow access control modifications.PathNotFoundException
- if no node exists for the givennodePath
.RepositoryException
- if an error occurs- See Also:
AccessControlEditor.editAccessControlPolicies(String)
-
editAccessControlPolicies
public JackrabbitAccessControlPolicy[] editAccessControlPolicies(Principal principal) throws RepositoryException
Description copied from interface:AccessControlEditor
Returns an array of editable policies for the givenprincipal
.- Specified by:
editAccessControlPolicies
in interfaceAccessControlEditor
- Parameters:
principal
- Principal for which the editable policies should be returned.- Returns:
- an array of editable policies for the given
principal
. - Throws:
AccessDeniedException
- If the editing session is not allowed to edit policies.AccessControlException
- if the specified principal does not exist, if this implementation cannot provide policies for individual principals or if same other access control related exception occurs.RepositoryException
- if another error occurs.- See Also:
AccessControlEditor.editAccessControlPolicies(Principal)
-
setPolicy
public void setPolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException
Description copied from interface:AccessControlEditor
Stores the policy template to the respective node.- Specified by:
setPolicy
in interfaceAccessControlEditor
- Parameters:
nodePath
- Absolute path to an existing node object.policy
- theAccessControlPolicy
to store.- Throws:
AccessControlException
- If the policy isnull
or if it is not applicable to the Node identified by the givennodePath
.PathNotFoundException
- if no node exists for the givennodePath
.RepositoryException
- if an other error occurs.- See Also:
AccessControlEditor.setPolicy(String,AccessControlPolicy)
-
removePolicy
public void removePolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException
Description copied from interface:AccessControlEditor
Removes the specified policy from the node atnodePath
.- Specified by:
removePolicy
in interfaceAccessControlEditor
- Parameters:
nodePath
- Absolute path to an existing node object.policy
- The policy to be removed atnodePath
.- Throws:
AccessControlException
- If the Node identified by the givennodePath
does not allow policy modifications or does not have the specified policy attached.PathNotFoundException
- if no node exists for the givennodePath
.RepositoryException
- if an other error occurs- See Also:
AccessControlEditor.removePolicy(String,AccessControlPolicy)
-
getUniqueNodeName
protected static Name getUniqueNodeName(Node node, String name) throws RepositoryException
Create a unique valid name for the Permission nodes to be save.- Parameters:
node
- a name for the child is resolvedname
- if missing theDEFAULT_ACE_NAME
is taken- Returns:
- the name
- Throws:
RepositoryException
- if an error occurs
-
-