Class ImmutableACL
java.lang.Object
org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlList
org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ImmutableACL
- All Implemented Interfaces:
AccessControlList
,AccessControlPolicy
,JackrabbitAccessControlList
,JackrabbitAccessControlPolicy
An implementation of the
JackrabbitAccessControlList
interface that only
allows for reading. The write methods throw an AccessControlException
.-
Constructor Summary
ConstructorsConstructorDescriptionImmutableACL
(@NotNull AbstractAccessControlList accessControlList) Construct a newImmutableACL
from the givenAbstractAccessControlList
.ImmutableACL
(@Nullable String oakPath, @NotNull List<? extends JackrabbitAccessControlEntry> entries, @NotNull RestrictionProvider restrictionProvider, @NotNull NamePathMapper namePathMapper) Construct a newImmutableACL
-
Method Summary
Modifier and TypeMethodDescriptionboolean
addEntry
(@NotNull Principal principal, @NotNull Privilege[] privileges, boolean isAllow, @Nullable Map<String, Value> restrictions) Adds an access control entry to this policy consisting of the specifiedprincipal
, the specifiedprivileges
, theisAllow
flag and an optional map containing additional restrictions.boolean
addEntry
(@NotNull Principal principal, @NotNull Privilege[] privileges, boolean isAllow, @Nullable Map<String, Value> restrictions, @Nullable Map<String, Value[]> mvRestrictions) Adds an access control entry to this policy consisting of the specifiedprincipal
, the specifiedprivileges
, theisAllow
flag and an optional map containing additional restrictions.boolean
@NotNull List<JackrabbitAccessControlEntry>
@NotNull RestrictionProvider
int
hashCode()
void
orderBefore
(@NotNull AccessControlEntry srcEntry, @Nullable AccessControlEntry destEntry) If theAccessControlList
implementation supports reordering of entries the specifiedsrcEntry
is inserted at the position of the specifieddestEntry
.void
Methods inherited from class org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlList
addAccessControlEntry, addEntry, getAccessControlEntries, getNamePathMapper, getOakPath, getPath, getRestrictionNames, getRestrictionType, isEmpty, isMultiValueRestriction, size
-
Constructor Details
-
ImmutableACL
public ImmutableACL(@Nullable @Nullable String oakPath, @NotNull @NotNull List<? extends JackrabbitAccessControlEntry> entries, @NotNull @NotNull RestrictionProvider restrictionProvider, @NotNull @NotNull NamePathMapper namePathMapper) Construct a newImmutableACL
- Parameters:
oakPath
- The Oak path of this policy ornull
.entries
- The access control entries contained in this policy.restrictionProvider
- The restriction provider.namePathMapper
- TheNamePathMapper
used for conversion.
-
ImmutableACL
Construct a newImmutableACL
from the givenAbstractAccessControlList
.- Parameters:
accessControlList
- The base list
-
-
Method Details
-
removeAccessControlEntry
- Throws:
AccessControlException
-
addEntry
public boolean addEntry(@NotNull @NotNull Principal principal, @NotNull @NotNull Privilege[] privileges, boolean isAllow, @Nullable @Nullable Map<String, Value> restrictions) throws AccessControlExceptionDescription copied from interface:JackrabbitAccessControlList
Adds an access control entry to this policy consisting of the specifiedprincipal
, the specifiedprivileges
, theisAllow
flag and an optional map containing additional restrictions.This method returns
true
if this policy was modified,false
otherwise.An
AccessControlException
is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.- Specified by:
addEntry
in interfaceJackrabbitAccessControlList
- Overrides:
addEntry
in classAbstractAccessControlList
- Parameters:
principal
- the principal to add the entry forprivileges
- the privileges to addisAllow
- iftrue
if this is a positive (allow) entryrestrictions
- A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a singleValue
object.- Returns:
- true if this policy has changed by incorporating the given entry; false otherwise.
- Throws:
AccessControlException
- If any of the given parameter is invalid or cannot be handled by the implementation.- See Also:
-
addEntry
public boolean addEntry(@NotNull @NotNull Principal principal, @NotNull @NotNull Privilege[] privileges, boolean isAllow, @Nullable @Nullable Map<String, Value> restrictions, @Nullable @Nullable Map<String, throws AccessControlExceptionValue[]> mvRestrictions) Description copied from interface:JackrabbitAccessControlList
Adds an access control entry to this policy consisting of the specifiedprincipal
, the specifiedprivileges
, theisAllow
flag and an optional map containing additional restrictions.This method returns
true
if this policy was modified,false
otherwise.An
AccessControlException
is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.- Parameters:
principal
- the principal to add the entry forprivileges
- the privileges to addisAllow
- iftrue
if this is a positive (allow) entryrestrictions
- A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a singleValue
object.mvRestrictions
- A map of additional multivalued restrictions used to narrow the effect of the entry to be created. The map must map JCR names to aValue
array.- Returns:
- true if this policy has changed by incorporating the given entry; false otherwise.
- Throws:
AccessControlException
- If any of the given parameter is invalid or cannot be handled by the implementation.- See Also:
-
orderBefore
public void orderBefore(@NotNull @NotNull AccessControlEntry srcEntry, @Nullable @Nullable AccessControlEntry destEntry) throws AccessControlException Description copied from interface:JackrabbitAccessControlList
If theAccessControlList
implementation supports reordering of entries the specifiedsrcEntry
is inserted at the position of the specifieddestEntry
.If
destEntry
isnull
the entry is moved to the end of the list.If
srcEntry
anddestEntry
are the same no changes are made.- Parameters:
srcEntry
- The access control entry to be moved within the list.destEntry
- The entry before which thesrcEntry
will be moved.- Throws:
AccessControlException
- If any of the given entries is invalid or cannot be handled by the implementation.
-
getEntries
- Specified by:
getEntries
in classAbstractAccessControlList
-
getRestrictionProvider
- Specified by:
getRestrictionProvider
in classAbstractAccessControlList
-
hashCode
public int hashCode() -
equals
-