Interface RestrictionProvider
-
- All Known Implementing Classes:
AbstractRestrictionProvider
,CompositeRestrictionProvider
,CustomRestrictionProvider
,PrincipalRestrictionProvider
,RestrictionProviderImpl
,WhiteboardRestrictionProvider
public interface RestrictionProvider
Interface to manage the supported restrictions present with a given access control and permission management implementation.- Since:
- OAK 1.0
-
-
Field Summary
Fields Modifier and Type Field Description static RestrictionProvider
EMPTY
Empty restriction provider implementation that doesn't support any restrictions.
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description @NotNull Restriction
createRestriction(@Nullable String oakPath, @NotNull String oakName, @NotNull Value value)
Creates a new single valued restriction for the specified parameters.@NotNull Restriction
createRestriction(@Nullable String oakPath, @NotNull String oakName, @NotNull Value... values)
Creates a new multi valued restriction for the specified parameters.@NotNull RestrictionPattern
getPattern(@Nullable String oakPath, @NotNull Set<Restriction> restrictions)
Creates theRestrictionPattern
for the specified restrictions.@NotNull RestrictionPattern
getPattern(@Nullable String oakPath, @NotNull Tree tree)
Creates theRestrictionPattern
for the restriction information stored with specified tree.@NotNull Set<RestrictionDefinition>
getSupportedRestrictions(@Nullable String oakPath)
Returns the restriction definitions supported by this provider implementation at the specified path.@NotNull Set<Restriction>
readRestrictions(@Nullable String oakPath, @NotNull Tree aceTree)
Read the valid restrictions stored in the specified ACE tree.void
validateRestrictions(@Nullable String oakPath, @NotNull Tree aceTree)
Validate the restrictions present with the specified ACE tree.void
writeRestrictions(@Nullable String oakPath, @NotNull Tree aceTree, @NotNull Set<Restriction> restrictions)
Writes the given restrictions to the specified ACE tree.
-
-
-
Field Detail
-
EMPTY
static final RestrictionProvider EMPTY
Empty restriction provider implementation that doesn't support any restrictions.
-
-
Method Detail
-
getSupportedRestrictions
@NotNull @NotNull Set<RestrictionDefinition> getSupportedRestrictions(@Nullable @Nullable String oakPath)
Returns the restriction definitions supported by this provider implementation at the specified path.- Parameters:
oakPath
- The path of the access controlled tree. Anull
path indicates that the supported restrictions for repository level policies should be returned.- Returns:
- The set of supported restrictions at the given path.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value value) throws AccessControlException, RepositoryException
Creates a new single valued restriction for the specified parameters.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.oakName
- The name of the restriction.value
- The value of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException
- If no matching restriction definition exists for the specified parameters.RepositoryException
- If another error occurs.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value... values) throws AccessControlException, RepositoryException
Creates a new multi valued restriction for the specified parameters.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.oakName
- The name of the restriction.values
- The values of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException
- If no matching restriction definition exists for the specified parameters.RepositoryException
- If another error occurs.
-
readRestrictions
@NotNull @NotNull Set<Restriction> readRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree)
Read the valid restrictions stored in the specified ACE tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE that may contain restrictions.- Returns:
- The valid restrictions stored with the specified tree or an empty set.
-
writeRestrictions
void writeRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree, @NotNull @NotNull Set<Restriction> restrictions) throws RepositoryException
Writes the given restrictions to the specified ACE tree. Note, that this method does not need to validate the specified restrictions (see alsovalidateRestrictions(String, org.apache.jackrabbit.oak.api.Tree)
).- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE that will have the specified restrictions added.restrictions
- The set of restrictions to be written to the specified tree.- Throws:
RepositoryException
- If an error occurs while writing the restrictions.
-
validateRestrictions
void validateRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree) throws AccessControlException, RepositoryException
Validate the restrictions present with the specified ACE tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE.- Throws:
AccessControlException
- If any invalid restrictions are detected.RepositoryException
- If another error occurs.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree tree)
Creates theRestrictionPattern
for the restriction information stored with specified tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.tree
- The tree holding the restriction information.- Returns:
- A new
RestrictionPattern
representing the restriction information present with the given tree.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Set<Restriction> restrictions)
Creates theRestrictionPattern
for the specified restrictions. The implementation should ignore all restrictions present in the specified set that it doesn't support.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.restrictions
- the restrictions.- Returns:
- A new
RestrictionPattern
representing those restrictions of the specified set that are supported by this implementation.
-
-