Class ACLProvider
- java.lang.Object
-
- org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider
-
- org.apache.jackrabbit.core.security.authorization.principalbased.ACLProvider
-
- All Implemented Interfaces:
AccessControlConstants
,AccessControlProvider
,AccessControlUtils
public class ACLProvider extends AbstractAccessControlProvider implements AccessControlConstants
ACLProvider
...
-
-
Field Summary
-
Fields inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider
observationMgr, PARAM_OMIT_DEFAULT_PERMISSIONS, privilegeManager, session
-
Fields inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlConstants
N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES
-
-
Constructor Summary
Constructors Constructor Description ACLProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
canAccessRoot(Set<Principal> principals)
Returnstrue
if the given set of principals can access the root node of the workspace this provider has been built for;false
otherwise.void
close()
Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.CompiledPermissions
compilePermissions(Set<Principal> principals)
Compiles the effective policy for the specified set ofPrincipal
s.AccessControlEditor
getEditor(Session editingSession)
Returns anAccessControlEditor
for the given Session object ornull
if the implementation does not support editing of access control policies.AccessControlPolicy[]
getEffectivePolicies(Set<Principal> principals, CompiledPermissions permissions)
Returns the effective policies for the given principals.AccessControlPolicy[]
getEffectivePolicies(Path absPath, CompiledPermissions permissions)
Returns the effective policies for the node at the given absPath.void
init(Session systemSession, Map configuration)
Tests if the givensystemSession
is a SessionImpl and retrieves the observation manager.-
Methods inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider
checkInitialized, getAdminPermissions, getPrivilegeManagerImpl, getReadOnlyPermissions, isAcItem, isAcItem, isAdminOrSystem, isLive, isReadOnly
-
-
-
-
Method Detail
-
init
public void init(Session systemSession, Map configuration) throws RepositoryException
Description copied from class:AbstractAccessControlProvider
Tests if the givensystemSession
is a SessionImpl and retrieves the observation manager. The it sets the internal 'initialized' field to true.- Specified by:
init
in interfaceAccessControlProvider
- Overrides:
init
in classAbstractAccessControlProvider
- Parameters:
systemSession
- System session.configuration
- Configuration used to initialize this provider.- Throws:
RepositoryException
- If the specified session is not aSessionImpl
or if retrieving the observation manager fails.- See Also:
AccessControlProvider.init(javax.jcr.Session, java.util.Map)
-
close
public void close()
Description copied from interface:AccessControlProvider
Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.- Specified by:
close
in interfaceAccessControlProvider
- Overrides:
close
in classAbstractAccessControlProvider
- See Also:
AccessControlProvider.close()
-
getEffectivePolicies
public AccessControlPolicy[] getEffectivePolicies(Path absPath, CompiledPermissions permissions) throws ItemNotFoundException, RepositoryException
Description copied from interface:AccessControlProvider
Returns the effective policies for the node at the given absPath.- Specified by:
getEffectivePolicies
in interfaceAccessControlProvider
- Parameters:
absPath
- an absolute path.permissions
- The effective permissions of the editing sessions that attempts to view the effective policies.- Returns:
- The effective policies that apply at
absPath
or an empty array if the implementation cannot determine the effective policy at the given path. - Throws:
ItemNotFoundException
- If no Node with the specifiedabsPath
exists.RepositoryException
- If another error occurs.- See Also:
AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path,org.apache.jackrabbit.core.security.authorization.CompiledPermissions)
-
getEffectivePolicies
public AccessControlPolicy[] getEffectivePolicies(Set<Principal> principals, CompiledPermissions permissions) throws RepositoryException
Description copied from interface:AccessControlProvider
Returns the effective policies for the given principals.- Specified by:
getEffectivePolicies
in interfaceAccessControlProvider
- Parameters:
principals
- A set of principal.permissions
- The effective permissions of the editing sessions that attempts to view the effective policies. @return The effective policies that are in effect for the givenprincipal
or an empty array.- Throws:
RepositoryException
- If error occurs.- See Also:
AccessControlProvider.getEffectivePolicies(java.util.Set, CompiledPermissions)
-
getEditor
public AccessControlEditor getEditor(Session editingSession)
Description copied from interface:AccessControlProvider
Returns anAccessControlEditor
for the given Session object ornull
if the implementation does not support editing of access control policies.- Specified by:
getEditor
in interfaceAccessControlProvider
- Parameters:
editingSession
- The editing session.- Returns:
- the ACL editor or
null
. - See Also:
AccessControlProvider.getEditor(Session)
-
compilePermissions
public CompiledPermissions compilePermissions(Set<Principal> principals) throws RepositoryException
Description copied from interface:AccessControlProvider
Compiles the effective policy for the specified set ofPrincipal
s.- Specified by:
compilePermissions
in interfaceAccessControlProvider
- Parameters:
principals
- Set of principals to compile the permissions for. If the order of evaluating permissions for principals is meaningful, the caller should pass a Set that respects the order of insertion.- Returns:
- The effective, compiled CompiledPolicy that applies for the specified set of principals.
- Throws:
RepositoryException
- If an error occurs.- See Also:
AccessControlProvider.compilePermissions(Set)
-
canAccessRoot
public boolean canAccessRoot(Set<Principal> principals) throws RepositoryException
Description copied from interface:AccessControlProvider
Returnstrue
if the given set of principals can access the root node of the workspace this provider has been built for;false
otherwise.- Specified by:
canAccessRoot
in interfaceAccessControlProvider
- Parameters:
principals
- Set of principals to be tested for being allowed to access the root node.- Returns:
true
if the given set of principals can access the root node of the workspace this provider has been built for;false
otherwise.- Throws:
RepositoryException
- If an error occurs.- See Also:
AccessControlProvider.canAccessRoot(Set)
-
-