Package org.apache.jackrabbit.oak.spi.security.authorization.restriction

Interface RestrictionDefinition

All Known Implementing Classes:
RestrictionDefinitionImpl
public interface RestrictionDefinition
The RestrictionDefinition interface provides methods for discovering the static definition of any additional policy-internal refinements of the access control definitions. These restrictions are intended to be used wherever effects are too fine-grained to be exposed through privilege discovery or define a different restriction mechanism. A common case may be to provide finer-grained access restrictions to individual properties or child nodes of the node to which the policy applies e.g. by means of naming patterns or node type restrictions. Its subclass Restriction adds methods that are relevant only when a given restriction is "live" after being created and applied to a given policy.
See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    @NotNull String
    getName()
    The internal oak name of this restriction definition.
    @NotNull Type<?>
    getRequiredType()
    The required type as defined by this definition.
    boolean
    isMandatory()
    Indicates if this restriction is mandatory.

  • Method Details

    • getName

      @NotNull @NotNull String getName()
      The internal oak name of this restriction definition.
      Returns:
      The oak name.

    • getRequiredType

      @NotNull @NotNull Type<?> getRequiredType()
      The required type as defined by this definition.
      Returns:
      The required type which must be a valid PropertyType.

    • isMandatory

      boolean isMandatory()
      Indicates if this restriction is mandatory.
      Returns:
      true if this restriction is mandatory; false otherwise.