Interface RestrictionProvider
-
- All Known Implementing Classes:
AbstractRestrictionProvider,CompositeRestrictionProvider,CustomRestrictionProvider,PrincipalRestrictionProvider,RestrictionProviderImpl,WhiteboardRestrictionProvider
public interface RestrictionProviderInterface to manage the supported restrictions present with a given access control and permission management implementation.- Since:
- OAK 1.0
-
-
Field Summary
Fields Modifier and Type Field Description static RestrictionProviderEMPTYEmpty restriction provider implementation that doesn't support any restrictions.
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description @NotNull RestrictioncreateRestriction(@Nullable String oakPath, @NotNull String oakName, @NotNull Value value)Creates a new single valued restriction for the specified parameters.@NotNull RestrictioncreateRestriction(@Nullable String oakPath, @NotNull String oakName, @NotNull Value... values)Creates a new multi valued restriction for the specified parameters.@NotNull RestrictionPatterngetPattern(@Nullable String oakPath, @NotNull Set<Restriction> restrictions)Creates theRestrictionPatternfor the specified restrictions.@NotNull RestrictionPatterngetPattern(@Nullable String oakPath, @NotNull Tree tree)Creates theRestrictionPatternfor the restriction information stored with specified tree.@NotNull Set<RestrictionDefinition>getSupportedRestrictions(@Nullable String oakPath)Returns the restriction definitions supported by this provider implementation at the specified path.@NotNull Set<Restriction>readRestrictions(@Nullable String oakPath, @NotNull Tree aceTree)Read the valid restrictions stored in the specified ACE tree.voidvalidateRestrictions(@Nullable String oakPath, @NotNull Tree aceTree)Validate the restrictions present with the specified ACE tree.voidwriteRestrictions(@Nullable String oakPath, @NotNull Tree aceTree, @NotNull Set<Restriction> restrictions)Writes the given restrictions to the specified ACE tree.
-
-
-
Field Detail
-
EMPTY
static final RestrictionProvider EMPTY
Empty restriction provider implementation that doesn't support any restrictions.
-
-
Method Detail
-
getSupportedRestrictions
@NotNull @NotNull Set<RestrictionDefinition> getSupportedRestrictions(@Nullable @Nullable String oakPath)
Returns the restriction definitions supported by this provider implementation at the specified path.- Parameters:
oakPath- The path of the access controlled tree. Anullpath indicates that the supported restrictions for repository level policies should be returned.- Returns:
- The set of supported restrictions at the given path.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value value) throws AccessControlException, RepositoryException
Creates a new single valued restriction for the specified parameters.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.oakName- The name of the restriction.value- The value of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException- If no matching restriction definition exists for the specified parameters.RepositoryException- If another error occurs.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value... values) throws AccessControlException, RepositoryException
Creates a new multi valued restriction for the specified parameters.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.oakName- The name of the restriction.values- The values of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException- If no matching restriction definition exists for the specified parameters.RepositoryException- If another error occurs.
-
readRestrictions
@NotNull @NotNull Set<Restriction> readRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree)
Read the valid restrictions stored in the specified ACE tree.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.aceTree- The tree corresponding to an ACE that may contain restrictions.- Returns:
- The valid restrictions stored with the specified tree or an empty set.
-
writeRestrictions
void writeRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree, @NotNull @NotNull Set<Restriction> restrictions) throws RepositoryExceptionWrites the given restrictions to the specified ACE tree. Note, that this method does not need to validate the specified restrictions (see alsovalidateRestrictions(String, org.apache.jackrabbit.oak.api.Tree)).- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.aceTree- The tree corresponding to an ACE that will have the specified restrictions added.restrictions- The set of restrictions to be written to the specified tree.- Throws:
RepositoryException- If an error occurs while writing the restrictions.
-
validateRestrictions
void validateRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree) throws AccessControlException, RepositoryExceptionValidate the restrictions present with the specified ACE tree.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.aceTree- The tree corresponding to an ACE.- Throws:
AccessControlException- If any invalid restrictions are detected.RepositoryException- If another error occurs.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree tree)
Creates theRestrictionPatternfor the restriction information stored with specified tree.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.tree- The tree holding the restriction information.- Returns:
- A new
RestrictionPatternrepresenting the restriction information present with the given tree.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Set<Restriction> restrictions)
Creates theRestrictionPatternfor the specified restrictions. The implementation should ignore all restrictions present in the specified set that it doesn't support.- Parameters:
oakPath- The path of the access controlled tree ornullif the target policies applies to the repository level.restrictions- the restrictions.- Returns:
- A new
RestrictionPatternrepresenting those restrictions of the specified set that are supported by this implementation.
-
-