Interface RestrictionProvider

    • Field Detail

      • EMPTY

        static final RestrictionProvider EMPTY
        Empty restriction provider implementation that doesn't support any restrictions.
    • Method Detail

      • getSupportedRestrictions

        @NotNull
        @NotNull Set<RestrictionDefinition> getSupportedRestrictions​(@Nullable
                                                                     @Nullable String oakPath)
        Returns the restriction definitions supported by this provider implementation at the specified path.
        Parameters:
        oakPath - The path of the access controlled tree. A null path indicates that the supported restrictions for repository level policies should be returned.
        Returns:
        The set of supported restrictions at the given path.
      • createRestriction

        @NotNull
        @NotNull Restriction createRestriction​(@Nullable
                                               @Nullable String oakPath,
                                               @NotNull
                                               @NotNull String oakName,
                                               @NotNull
                                               @NotNull Value value)
                                        throws AccessControlException,
                                               RepositoryException
        Creates a new single valued restriction for the specified parameters.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        oakName - The name of the restriction.
        value - The value of the restriction.
        Returns:
        A new restriction instance.
        Throws:
        AccessControlException - If no matching restriction definition exists for the specified parameters.
        RepositoryException - If another error occurs.
      • createRestriction

        @NotNull
        @NotNull Restriction createRestriction​(@Nullable
                                               @Nullable String oakPath,
                                               @NotNull
                                               @NotNull String oakName,
                                               @NotNull
                                               @NotNull Value... values)
                                        throws AccessControlException,
                                               RepositoryException
        Creates a new multi valued restriction for the specified parameters.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        oakName - The name of the restriction.
        values - The values of the restriction.
        Returns:
        A new restriction instance.
        Throws:
        AccessControlException - If no matching restriction definition exists for the specified parameters.
        RepositoryException - If another error occurs.
      • readRestrictions

        @NotNull
        @NotNull Set<Restriction> readRestrictions​(@Nullable
                                                   @Nullable String oakPath,
                                                   @NotNull
                                                   @NotNull Tree aceTree)
        Read the valid restrictions stored in the specified ACE tree.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        aceTree - The tree corresponding to an ACE that may contain restrictions.
        Returns:
        The valid restrictions stored with the specified tree or an empty set.
      • writeRestrictions

        void writeRestrictions​(@Nullable
                               @Nullable String oakPath,
                               @NotNull
                               @NotNull Tree aceTree,
                               @NotNull
                               @NotNull Set<Restriction> restrictions)
                        throws RepositoryException
        Writes the given restrictions to the specified ACE tree. Note, that this method does not need to validate the specified restrictions (see also validateRestrictions(String, org.apache.jackrabbit.oak.api.Tree)).
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        aceTree - The tree corresponding to an ACE that will have the specified restrictions added.
        restrictions - The set of restrictions to be written to the specified tree.
        Throws:
        RepositoryException - If an error occurs while writing the restrictions.
      • validateRestrictions

        void validateRestrictions​(@Nullable
                                  @Nullable String oakPath,
                                  @NotNull
                                  @NotNull Tree aceTree)
                           throws AccessControlException,
                                  RepositoryException
        Validate the restrictions present with the specified ACE tree.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        aceTree - The tree corresponding to an ACE.
        Throws:
        AccessControlException - If any invalid restrictions are detected.
        RepositoryException - If another error occurs.
      • getPattern

        @NotNull
        @NotNull RestrictionPattern getPattern​(@Nullable
                                               @Nullable String oakPath,
                                               @NotNull
                                               @NotNull Tree tree)
        Creates the RestrictionPattern for the restriction information stored with specified tree.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        tree - The tree holding the restriction information.
        Returns:
        A new RestrictionPattern representing the restriction information present with the given tree.
      • getPattern

        @NotNull
        @NotNull RestrictionPattern getPattern​(@Nullable
                                               @Nullable String oakPath,
                                               @NotNull
                                               @NotNull Set<Restriction> restrictions)
        Creates the RestrictionPattern for the specified restrictions. The implementation should ignore all restrictions present in the specified set that it doesn't support.
        Parameters:
        oakPath - The path of the access controlled tree or null if the target policies applies to the repository level.
        restrictions - the restrictions.
        Returns:
        A new RestrictionPattern representing those restrictions of the specified set that are supported by this implementation.