Class SimpleAccessManager
- java.lang.Object
-
- org.apache.jackrabbit.core.security.AbstractAccessControlManager
-
- org.apache.jackrabbit.core.security.simple.SimpleAccessManager
-
- All Implemented Interfaces:
AccessControlManager,JackrabbitAccessControlManager,AccessManager
public class SimpleAccessManager extends AbstractAccessControlManager implements AccessManager
SimpleAccessManager...
-
-
Field Summary
-
Fields inherited from interface org.apache.jackrabbit.core.security.AccessManager
READ, REMOVE, WRITE
-
-
Constructor Summary
Constructors Constructor Description SimpleAccessManager()Empty constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleancanAccess(String workspaceName)Determines whether the subject of the current context is granted access to the given workspace.booleancanRead(Path itemPath, ItemId itemId)Determines whether the item with the specifieditemPathoritemIdcan be read.protected voidcheckInitialized()Check if this manager has been properly initialized.protected voidcheckPermission(String absPath, int permission)Check if the specified privileges are granted atabsPath.voidcheckPermission(ItemId id, int permissions)Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e.voidcheckPermission(Path absPath, int permissions)Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e.voidcheckRepositoryPermission(int permissions)Determines whether the specifiedpermissionsare granted on the repository level.protected voidcheckValidNodePath(String absPath)Tests if the givenabsPathis absolute and points to an existing node.voidclose()Close this access manager.AccessControlPolicy[]getEffectivePolicies(String absPath)AccessControlPolicy[]getEffectivePolicies(Set<Principal> principals)protected PrivilegeManagergetPrivilegeManager()Privilege[]getPrivileges(String absPath)Privilege[]getPrivileges(String absPath, Set<Principal> principals)booleanhasPrivileges(String absPath, Set<Principal> principals, Privilege[] privileges)booleanhasPrivileges(String absPath, Privilege[] privileges)voidinit(AMContext context)Initialize this access manager.voidinit(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager)Initialize this access manager.booleanisGranted(ItemId id, int permissions)Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e.booleanisGranted(Path absPath, int permissions)Determines whether the specifiedpermissionsare granted on the item with the specifiedabsPath(i.e.booleanisGranted(Path parentPath, Name childName, int permissions)Determines whether the specifiedpermissionsare granted on an item represented by the combination of the givenparentPathandchildName(i.e.-
Methods inherited from class org.apache.jackrabbit.core.security.AbstractAccessControlManager
getApplicablePolicies, getApplicablePolicies, getPolicies, getPolicies, getSupportedPrivileges, privilegeFromName, removePolicy, setPolicy
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.jackrabbit.api.security.JackrabbitAccessControlManager
getEffectivePolicies, getPrivilegeCollection, getPrivilegeCollection, privilegeCollectionFromNames
-
-
-
-
Method Detail
-
init
public void init(AMContext context) throws AccessDeniedException, Exception
Initialize this access manager. AnAccessDeniedExceptionwill be thrown if the subject of the givencontextis not granted access to the specified workspace.- Specified by:
initin interfaceAccessManager- Parameters:
context- access manager context- Throws:
AccessDeniedException- if the subject is not granted access to the specified workspace.Exception- if another error occurs
-
init
public void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager) throws AccessDeniedException, Exception
Initialize this access manager. AnAccessDeniedExceptionwill be thrown if the subject of the givencontextis not granted access to the specified workspace.- Specified by:
initin interfaceAccessManager- Parameters:
context- access manager context.acProvider- The access control provider.wspAccessManager- The workspace access manager.- Throws:
AccessDeniedException- if the subject is not granted access to the specified workspace.Exception- if another error occurs
-
close
public void close() throws ExceptionClose this access manager. After having closed an access manager, further operations on this object are treated as illegal and throw- Specified by:
closein interfaceAccessManager- Throws:
Exception- if an error occurs
-
checkPermission
public void checkPermission(ItemId id, int permissions) throws AccessDeniedException, RepositoryException
Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e. the target item).- Specified by:
checkPermissionin interfaceAccessManager- Parameters:
id- the id of the target itempermissions- A combination of one or more of the following constants encoded as a bitmask value:READWRITEREMOVE
- Throws:
AccessDeniedException- if permission is deniedItemNotFoundException- if the target item does not existRepositoryException- it an error occurs
-
checkPermission
public void checkPermission(Path absPath, int permissions) throws AccessDeniedException, RepositoryException
Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e. the target item).- Specified by:
checkPermissionin interfaceAccessManager- Parameters:
absPath- Path to an item.permissions- A combination of one or more of thePermissionconstants encoded as a bitmask value.- Throws:
AccessDeniedException- if permission is deniedRepositoryException- it another error occurs
-
checkRepositoryPermission
public void checkRepositoryPermission(int permissions) throws AccessDeniedException, RepositoryExceptionDetermines whether the specifiedpermissionsare granted on the repository level.- Specified by:
checkRepositoryPermissionin interfaceAccessManager- Parameters:
permissions- The permissions to check.- Throws:
AccessDeniedException- if permissions are denied.RepositoryException- if another error occurs.
-
isGranted
public boolean isGranted(ItemId id, int permissions) throws RepositoryException
Determines whether the specifiedpermissionsare granted on the item with the specifiedid(i.e. the target item).- Specified by:
isGrantedin interfaceAccessManager- Parameters:
id- the id of the target itempermissions- A combination of one or more of the following constants encoded as a bitmask value:READWRITEREMOVE
- Returns:
trueif permission is granted; otherwisefalse- Throws:
ItemNotFoundException- if the target item does not existRepositoryException- if another error occurs
-
isGranted
public boolean isGranted(Path absPath, int permissions) throws RepositoryException
Description copied from interface:AccessManagerDetermines whether the specifiedpermissionsare granted on the item with the specifiedabsPath(i.e. the target item, that may or may not yet exist).- Specified by:
isGrantedin interfaceAccessManager- Parameters:
absPath- the absolute path to testpermissions- A combination of one or more of thePermissionconstants encoded as a bitmask value.- Returns:
trueif the specified permissions are granted; otherwisefalse.- Throws:
RepositoryException- if an error occurs.
-
isGranted
public boolean isGranted(Path parentPath, Name childName, int permissions) throws RepositoryException
Description copied from interface:AccessManagerDetermines whether the specifiedpermissionsare granted on an item represented by the combination of the givenparentPathandchildName(i.e. the target item, that may or may not yet exist).- Specified by:
isGrantedin interfaceAccessManager- Parameters:
parentPath- Path to an existing parent node.childName- Name of the child item that may or may not exist yet.permissions- A combination of one or more of thePermissionconstants encoded as a bitmask value.- Returns:
trueif the specified permissions are granted; otherwisefalse.- Throws:
RepositoryException- if an error occurs.
-
canRead
public boolean canRead(Path itemPath, ItemId itemId) throws RepositoryException
Description copied from interface:AccessManagerDetermines whether the item with the specifieditemPathoritemIdcan be read. Either of the two parameters may benull.
Note, that this method should only be called for persisted items as NEW items may not be visible to the permission evaluation. For new itemsAccessManager.isGranted(Path, int)should be used instead.If this method is called with both Path and ItemId it is left to the evaluation, which parameter is used.
- Specified by:
canReadin interfaceAccessManager- Parameters:
itemPath- The path to the item ornullif itemId should be used to determine the READ permission.itemId- Id of the item to be tested ornullif the itemPath should be used to determine the permission.- Returns:
trueif the item can be read; otherwisefalse.- Throws:
RepositoryException- if the item is NEW and only an itemId is specified or if another error occurs.
-
canAccess
public boolean canAccess(String workspaceName) throws RepositoryException
Determines whether the subject of the current context is granted access to the given workspace. Note that an implementation is free to test for the existence of a workspace with the specified name. In this case the expected return value isfalse, if no such workspace exists.- Specified by:
canAccessin interfaceAccessManager- Parameters:
workspaceName- name of workspace- Returns:
trueif the subject of the current context is granted access to the given workspace; otherwisefalse.- Throws:
RepositoryException- if an error occurs.
-
hasPrivileges
public boolean hasPrivileges(String absPath, Privilege[] privileges) throws PathNotFoundException, RepositoryException
- Specified by:
hasPrivilegesin interfaceAccessControlManager- Throws:
PathNotFoundExceptionRepositoryException
-
getPrivileges
public Privilege[] getPrivileges(String absPath) throws PathNotFoundException, RepositoryException
- Specified by:
getPrivilegesin interfaceAccessControlManager- Throws:
PathNotFoundExceptionRepositoryException
-
getEffectivePolicies
public AccessControlPolicy[] getEffectivePolicies(String absPath) throws PathNotFoundException, AccessDeniedException, RepositoryException
- Specified by:
getEffectivePoliciesin interfaceAccessControlManager- Throws:
PathNotFoundExceptionAccessDeniedExceptionRepositoryException
-
checkInitialized
protected void checkInitialized() throws IllegalStateExceptionDescription copied from class:AbstractAccessControlManagerCheck if this manager has been properly initialized.- Specified by:
checkInitializedin classAbstractAccessControlManager- Throws:
IllegalStateException- If this manager has not been properly initialized.- See Also:
AbstractAccessControlManager.checkInitialized()
-
checkPermission
protected void checkPermission(String absPath, int permission) throws AccessDeniedException, PathNotFoundException, RepositoryException
Description copied from class:AbstractAccessControlManagerCheck if the specified privileges are granted atabsPath.- Specified by:
checkPermissionin classAbstractAccessControlManager- Parameters:
absPath- Path to an existing node.permission- Permissions to be checked.- Throws:
AccessDeniedException- if the session does not have the specified privileges.PathNotFoundException- if no node exists atabsPathof if the session does not have the permission to READ it.RepositoryException- If another error occurs.- See Also:
AbstractAccessControlManager.checkPermission(String,int)
-
getPrivilegeManager
protected PrivilegeManager getPrivilegeManager() throws RepositoryException
- Specified by:
getPrivilegeManagerin classAbstractAccessControlManager- Returns:
- the privilege manager
- Throws:
RepositoryException- If another error occurs.- See Also:
AbstractAccessControlManager.getPrivilegeManager()
-
checkValidNodePath
protected void checkValidNodePath(String absPath) throws PathNotFoundException, RepositoryException
Description copied from class:AbstractAccessControlManagerTests if the givenabsPathis absolute and points to an existing node.- Specified by:
checkValidNodePathin classAbstractAccessControlManager- Parameters:
absPath- Path to an existing node.- Throws:
PathNotFoundException- if no node atabsPathexists or the session does not have privilege to retrieve the node.RepositoryException- If the givenabsPathis not absolute or if some other error occurs.- See Also:
AbstractAccessControlManager.checkValidNodePath(String)
-
getEffectivePolicies
public AccessControlPolicy[] getEffectivePolicies(Set<Principal> principals) throws AccessDeniedException, AccessControlException, UnsupportedRepositoryOperationException, RepositoryException
-
hasPrivileges
public boolean hasPrivileges(String absPath, Set<Principal> principals, Privilege[] privileges) throws PathNotFoundException, RepositoryException
- Specified by:
hasPrivilegesin interfaceJackrabbitAccessControlManager- Throws:
PathNotFoundExceptionRepositoryException- See Also:
JackrabbitAccessControlManager.hasPrivileges(String, Set, Privilege[])
-
getPrivileges
public Privilege[] getPrivileges(String absPath, Set<Principal> principals) throws PathNotFoundException, RepositoryException
- Specified by:
getPrivilegesin interfaceJackrabbitAccessControlManager- Throws:
PathNotFoundExceptionRepositoryException- See Also:
JackrabbitAccessControlManager.getPrivileges(String, Set)
-
-