Interface PermissionConstants
-
- All Known Implementing Classes:
MountPermissionProvider
,PermissionHook
,PermissionProviderImpl
,PermissionStoreValidatorProvider
,PermissionUtil
public interface PermissionConstants
Implementation specific constants related to permission evaluation.- Since:
- OAK 1.0
-
-
Field Summary
Fields Modifier and Type Field Description static java.util.Set<java.lang.String>
DEFAULT_READ_PATHS
Default value for thePARAM_READ_PATHS
configuration parameter.static java.lang.String
NT_REP_PERMISSION_STORE
static java.lang.String
NT_REP_PERMISSIONS
static java.lang.String
PARAM_ADMINISTRATIVE_PRINCIPALS
Configuration parameter specifying additional principals that should be treated as 'administrator' thus get granted full permissions on the complete repository content.static java.lang.String
PARAM_PERMISSIONS_JR2
Configuration parameter to enforce backwards compatible permission validation with respect to user management and node removal: User Management: As of OAK 1.0 creation/removal of user and groups as well as modification of user/group specific protected properties requiresUSER_MANAGEMENT
permissions while in Jackrabbit 2.0 they were covered by regular item write permissions. Removing Nodes: As of OAK 1.0 removing a node will succeed if the removal is granted on that specific node irrespective of the permission granted or denied within the subtree.static java.lang.String
PARAM_READ_PATHS
Configuration parameter to enable full read access to regular nodes and properties at the specified paths.static java.util.Set<java.lang.String>
PERMISSION_NODE_NAMES
static java.util.Set<java.lang.String>
PERMISSION_NODETYPE_NAMES
static java.util.Set<java.lang.String>
PERMISSION_PROPERTY_NAMES
static java.lang.String
PERMISSIONS_STORE_PATH
static java.lang.String
REP_ACCESS_CONTROLLED_PATH
static java.lang.String
REP_IS_ALLOW
static java.lang.String
REP_NUM_PERMISSIONS
static java.lang.String
REP_PERMISSION_STORE
static java.lang.String
REP_PRIVILEGE_BITS
static java.lang.String
VALUE_PERMISSIONS_JR2
Value of thePARAM_PERMISSIONS_JR2
configuration parameter that contains all value entries.
-
-
-
Field Detail
-
NT_REP_PERMISSIONS
static final java.lang.String NT_REP_PERMISSIONS
- See Also:
- Constant Field Values
-
NT_REP_PERMISSION_STORE
static final java.lang.String NT_REP_PERMISSION_STORE
- See Also:
- Constant Field Values
-
REP_PERMISSION_STORE
static final java.lang.String REP_PERMISSION_STORE
- See Also:
- Constant Field Values
-
PERMISSIONS_STORE_PATH
static final java.lang.String PERMISSIONS_STORE_PATH
- See Also:
- Constant Field Values
-
REP_ACCESS_CONTROLLED_PATH
static final java.lang.String REP_ACCESS_CONTROLLED_PATH
- See Also:
- Constant Field Values
-
REP_IS_ALLOW
static final java.lang.String REP_IS_ALLOW
- See Also:
- Constant Field Values
-
REP_PRIVILEGE_BITS
static final java.lang.String REP_PRIVILEGE_BITS
- See Also:
- Constant Field Values
-
REP_NUM_PERMISSIONS
static final java.lang.String REP_NUM_PERMISSIONS
- See Also:
- Constant Field Values
-
PERMISSION_NODETYPE_NAMES
static final java.util.Set<java.lang.String> PERMISSION_NODETYPE_NAMES
-
PERMISSION_NODE_NAMES
static final java.util.Set<java.lang.String> PERMISSION_NODE_NAMES
-
PERMISSION_PROPERTY_NAMES
static final java.util.Set<java.lang.String> PERMISSION_PROPERTY_NAMES
-
PARAM_PERMISSIONS_JR2
static final java.lang.String PARAM_PERMISSIONS_JR2
Configuration parameter to enforce backwards compatible permission validation with respect to user management and node removal:- User Management: As of OAK 1.0 creation/removal of user and
groups as well as modification of user/group specific protected properties
requires
USER_MANAGEMENT
permissions while in Jackrabbit 2.0 they were covered by regular item write permissions. - Removing Nodes: As of OAK 1.0 removing a node will succeed if the removal is granted on that specific node irrespective of the permission granted or denied within the subtree. This contrasts to JR 2.0 where removal of a node only succeeded if all child items (nodes and properties) could be removed.
#PARAM_PERMISSIONS_JR2
configuration parameter whose value is expected to be a comma separated string of permission names for which backwards compatible behavior should be turned on.Currently the following values are respected:
- "USER_MANAGEMENT" : to avoid enforcing
Permissions.USER_MANAGEMENT
permission. - "REMOVE_NODE" : to enforce permission checks for all items located in the subtree in case of removal.
- Since:
- OAK 1.0
- See Also:
- Constant Field Values
- User Management: As of OAK 1.0 creation/removal of user and
groups as well as modification of user/group specific protected properties
requires
-
VALUE_PERMISSIONS_JR2
static final java.lang.String VALUE_PERMISSIONS_JR2
Value of thePARAM_PERMISSIONS_JR2
configuration parameter that contains all value entries.
-
PARAM_ADMINISTRATIVE_PRINCIPALS
static final java.lang.String PARAM_ADMINISTRATIVE_PRINCIPALS
Configuration parameter specifying additional principals that should be treated as 'administrator' thus get granted full permissions on the complete repository content.- Since:
- OAK 1.0
- See Also:
- Constant Field Values
-
PARAM_READ_PATHS
static final java.lang.String PARAM_READ_PATHS
Configuration parameter to enable full read access to regular nodes and properties at the specified paths.- Since:
- OAK 1.0
- See Also:
- Constant Field Values
-
DEFAULT_READ_PATHS
static final java.util.Set<java.lang.String> DEFAULT_READ_PATHS
Default value for thePARAM_READ_PATHS
configuration parameter.- Since:
- OAK 1.0
-
-