Package org.apache.jackrabbit.api.security

Interface JackrabbitAccessControlList

All Superinterfaces:
AccessControlList, AccessControlPolicy, JackrabbitAccessControlPolicy
All Known Subinterfaces:
PrincipalAccessControlList
All Known Implementing Classes:
AbstractAccessControlList, ImmutableACL
@ProviderType public interface JackrabbitAccessControlList extends JackrabbitAccessControlPolicy, AccessControlList
JackrabbitAccessControlList is an extension of the AccessControlList. Similar to the latter any modifications made will not take effect, until it is written back and saved.

  • Method Details

    • getRestrictionNames

      @NotNull @NotNull String[] getRestrictionNames() throws RepositoryException
      Returns the names of the supported restrictions or an empty array if no restrictions are respected.
      Returns:
      the names of the supported restrictions or an empty array.
      Throws:
      RepositoryException - If an error occurs.
      See Also:

    • getRestrictionType

      int getRestrictionType(@NotNull @NotNull String restrictionName) throws RepositoryException
      Return the expected property type of the restriction with the specified restrictionName.
      Parameters:
      restrictionName - Any of the restriction names retrieved from getRestrictionNames().
      Returns:
      expected property type.
      Throws:
      RepositoryException - If an error occurs.

    • isMultiValueRestriction

      boolean isMultiValueRestriction(@NotNull @NotNull String restrictionName) throws RepositoryException
      Returns true if the restriction is multivalued; false otherwise. If an given implementation doesn't support multivalued restrictions, this method always returns false.
      Parameters:
      restrictionName - Any of the restriction names retrieved from getRestrictionNames().
      Returns:
      true if the restriction is multivalued; false if the restriction with the given name is single value or if the implementation doesn't support multivalued restrictions, this method always returns false.
      Throws:
      RepositoryException - If an error occurs.
      See Also:

    • isEmpty

      boolean isEmpty()
      Returns true if this policy does not yet define any entries.
      Returns:
      If no entries are present.

    • size

      int size()
      Returns the number of entries or 0 if the policy is empty.
      Returns:
      The number of entries present or 0 if the policy is empty.

    • addEntry

      boolean addEntry(@NotNull @NotNull Principal principal, @NotNull @NotNull Privilege[] privileges, boolean isAllow) throws AccessControlException, RepositoryException
      Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
      Parameters:
      principal - the principal to add the entry for
      privileges - the privileges to add
      isAllow - if true if this is a positive (allow) entry
      Returns:
      true if this policy has changed by incorporating the given entry; false otherwise.
      Throws:
      AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
      RepositoryException - If another error occurs.
      See Also:

    • addEntry

      boolean addEntry(@NotNull @NotNull Principal principal, @NotNull @NotNull Privilege[] privileges, boolean isAllow, @Nullable @Nullable Map<String,Value> restrictions) throws AccessControlException, RepositoryException
      Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

      This method returns true if this policy was modified, false otherwise.

      An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

      Parameters:
      principal - the principal to add the entry for
      privileges - the privileges to add
      isAllow - if true if this is a positive (allow) entry
      restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.
      Returns:
      true if this policy has changed by incorporating the given entry; false otherwise.
      Throws:
      AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
      RepositoryException - If another error occurs.
      See Also:

    • addEntry

      boolean addEntry(@NotNull @NotNull Principal principal, @NotNull @NotNull Privilege[] privileges, boolean isAllow, @Nullable @Nullable Map<String,Value> restrictions, @Nullable @Nullable Map<String,Value[]> mvRestrictions) throws AccessControlException, RepositoryException
      Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

      This method returns true if this policy was modified, false otherwise.

      An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

      Parameters:
      principal - the principal to add the entry for
      privileges - the privileges to add
      isAllow - if true if this is a positive (allow) entry
      restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.
      mvRestrictions - A map of additional multivalued restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a Value array.
      Returns:
      true if this policy has changed by incorporating the given entry; false otherwise.
      Throws:
      AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
      RepositoryException - If another error occurs.
      Since:
      2.8
      See Also:

    • orderBefore

      void orderBefore(@NotNull @NotNull AccessControlEntry srcEntry, @Nullable @Nullable AccessControlEntry destEntry) throws AccessControlException, UnsupportedRepositoryOperationException, RepositoryException
      If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.

      If destEntry is null the entry is moved to the end of the list.

      If srcEntry and destEntry are the same no changes are made.

      Parameters:
      srcEntry - The access control entry to be moved within the list.
      destEntry - The entry before which the srcEntry will be moved.
      Throws:
      AccessControlException - If any of the given entries is invalid or cannot be handled by the implementation.
      UnsupportedRepositoryOperationException - If ordering is not supported.
      RepositoryException - If another error occurs.