public interface AccessControlConstants
Modifier and Type | Field and Description |
---|---|
static java.util.Collection<java.lang.String> |
AC_NODETYPE_NAMES |
static java.util.Collection<java.lang.String> |
ACE_PROPERTY_NAMES |
static java.lang.String |
MIX_REP_ACCESS_CONTROLLABLE |
static java.lang.String |
MIX_REP_REPO_ACCESS_CONTROLLABLE |
static java.lang.String |
NT_REP_ACE |
static java.lang.String |
NT_REP_ACL |
static java.lang.String |
NT_REP_DENY_ACE |
static java.lang.String |
NT_REP_GRANT_ACE |
static java.lang.String |
NT_REP_POLICY |
static java.lang.String |
NT_REP_RESTRICTIONS |
static java.lang.String |
PARAM_RESTRICTION_PROVIDER |
static java.util.Collection<java.lang.String> |
POLICY_NODE_NAMES |
static java.lang.String |
REP_CURRENT
Name of the optional multivalued access control restriction that limits access to a single level i.e.
|
static java.lang.String |
REP_GLOB |
static java.lang.String |
REP_GLOBS
Name of the optional multi-valued access control restriction that allows to combine more than one
REP_GLOB restriction. |
static java.lang.String |
REP_ITEM_NAMES
Name of the optional multivalued access control restriction by item name.
|
static java.lang.String |
REP_NODE_PATH |
static java.lang.String |
REP_NT_NAMES
Name of the optional multivalued access control restriction by node type name.
|
static java.lang.String |
REP_POLICY |
static java.lang.String |
REP_PREFIXES
Name of the optional multivalued access control restriction which matches by name space prefix.
|
static java.lang.String |
REP_PRINCIPAL_NAME |
static java.lang.String |
REP_PRIVILEGES |
static java.lang.String |
REP_REPO_POLICY |
static java.lang.String |
REP_RESTRICTIONS |
static java.lang.String |
REP_SUBTREES
Name of the optional multi-valued access control restriction that allows to limit the effect to one or multiple
subtrees.
|
static final java.lang.String REP_POLICY
static final java.lang.String REP_REPO_POLICY
static final java.lang.String REP_PRIVILEGES
static final java.lang.String REP_PRINCIPAL_NAME
static final java.lang.String REP_GLOB
static final java.lang.String REP_NODE_PATH
static final java.lang.String REP_NT_NAMES
Type.NAMES
.static final java.lang.String REP_PREFIXES
Type.STRINGS
.static final java.lang.String REP_ITEM_NAMES
Type.NAMES
.static final java.lang.String REP_CURRENT
Name of the optional multivalued access control restriction that limits access to a single level i.e. the target
node where the access control entry takes effect and optionally all or a subset of it's properties.
An empty value array will make this restriction matching the target node only (i.e. equivalent to rep:glob="").
An array of property names will extend the effect of the restriction to properties of the target node that match
the specified names. The residual name '*'
will match the target node and all it's properties.
The corresponding restriction type is Type.STRINGS
Note: due to the support of NodeTypeConstants.RESIDUAL_NAME
, which isn't a valid JCR name,
this restriction is defined to be of Type.STRINGS
instead of
Type.NAMES
. Like the rep:glob restriction it will therefore not work with
expanded JCR names or with remapped namespace prefixes.
Note: In case of permission evaluation for a path pointing to a non-existing JCR item (see e.g.
Session.hasPermission(String, String)
) a best-effort attempt is made to determine if the path
may point to a property, default being that the path points to a non-existing node.
rep:current = [] => restriction applies to the target node only rep:current = [*] => restriction applies to the target node and all it's properties rep:current = [jcr:primaryType] => restriction applies to the target node and it's property jcr:primaryType rep:current = [a, b, prefix:c] => restriction applies to the target node and it's properties a, b and prefix:c
static final java.lang.String REP_GLOBS
Name of the optional multi-valued access control restriction that allows to combine more than one
REP_GLOB
restriction. The effect is equivalent to defining multiple access control entries with a
single REP_GLOB
restriction each and will match a given path or item if any of the specified glob-values
matches.
Note, that an empty value array will never match any path/item.
The corresponding restriction type is Type.STRINGS
static final java.lang.String REP_SUBTREES
Name of the optional multi-valued access control restriction that allows to limit the effect to one or multiple
subtrees. It is a simplified variant of the common pattern using 2 REP_GLOB
wildcard patterns to grant or
deny access on a particular node in the subtree and all its descendent items.
NodePath = "/foo" Restriction | Matches ----------------------------------------------------------------------------- /cat | all descendants of /foo whose path ends with "/cat" or that have an intermediate segment /cat/ /cat/ | all descendants of /foo that have an intermediate segment /cat/ cat | all siblings or descendants of /foo whose path ends with "cat" or that have an intermediate segment ending with "cat" cat/ | all siblings or descendants of /foo that have an intermediate segment ending with "cat"
Note, that variants of 'cat'-paths could also consist of multiple segments like e.g. '/cat/dog' or '/cat/dog'
Note, that in contrast to REP_GLOB
Note, that an empty value array will never match any path/item.
Note, that null values and empty string values will be omitted.
static final java.lang.String REP_RESTRICTIONS
static final java.lang.String MIX_REP_ACCESS_CONTROLLABLE
static final java.lang.String MIX_REP_REPO_ACCESS_CONTROLLABLE
static final java.lang.String NT_REP_POLICY
static final java.lang.String NT_REP_ACL
static final java.lang.String NT_REP_ACE
static final java.lang.String NT_REP_GRANT_ACE
static final java.lang.String NT_REP_DENY_ACE
static final java.lang.String NT_REP_RESTRICTIONS
static final java.util.Collection<java.lang.String> POLICY_NODE_NAMES
static final java.util.Collection<java.lang.String> ACE_PROPERTY_NAMES
static final java.util.Collection<java.lang.String> AC_NODETYPE_NAMES
static final java.lang.String PARAM_RESTRICTION_PROVIDER
Copyright © 2012–2022 The Apache Software Foundation. All rights reserved.