Interface RestrictionProvider
- All Known Implementing Classes:
AbstractRestrictionProvider
,CompositeRestrictionProvider
,CustomRestrictionProvider
,PrincipalRestrictionProvider
,RestrictionProviderImpl
,WhiteboardRestrictionProvider
public interface RestrictionProvider
Interface to manage the supported restrictions present with a given access
control and permission management implementation.
- Since:
- OAK 1.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final RestrictionProvider
Empty restriction provider implementation that doesn't support any restrictions. -
Method Summary
Modifier and TypeMethodDescription@NotNull Restriction
createRestriction
(@Nullable String oakPath, @NotNull String oakName, @NotNull Value value) Creates a new single valued restriction for the specified parameters.@NotNull Restriction
createRestriction
(@Nullable String oakPath, @NotNull String oakName, @NotNull Value... values) Creates a new multi valued restriction for the specified parameters.@NotNull RestrictionPattern
getPattern
(@Nullable String oakPath, @NotNull Set<Restriction> restrictions) Creates theRestrictionPattern
for the specified restrictions.@NotNull RestrictionPattern
getPattern
(@Nullable String oakPath, @NotNull Tree tree) Creates theRestrictionPattern
for the restriction information stored with specified tree.@NotNull Set<RestrictionDefinition>
getSupportedRestrictions
(@Nullable String oakPath) Returns the restriction definitions supported by this provider implementation at the specified path.@NotNull Set<Restriction>
readRestrictions
(@Nullable String oakPath, @NotNull Tree aceTree) Read the valid restrictions stored in the specified ACE tree.void
validateRestrictions
(@Nullable String oakPath, @NotNull Tree aceTree) Validate the restrictions present with the specified ACE tree.void
writeRestrictions
(@Nullable String oakPath, @NotNull Tree aceTree, @NotNull Set<Restriction> restrictions) Writes the given restrictions to the specified ACE tree.
-
Field Details
-
EMPTY
Empty restriction provider implementation that doesn't support any restrictions.
-
-
Method Details
-
getSupportedRestrictions
@NotNull @NotNull Set<RestrictionDefinition> getSupportedRestrictions(@Nullable @Nullable String oakPath) Returns the restriction definitions supported by this provider implementation at the specified path.- Parameters:
oakPath
- The path of the access controlled tree. Anull
path indicates that the supported restrictions for repository level policies should be returned.- Returns:
- The set of supported restrictions at the given path.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value value) throws AccessControlException, RepositoryException Creates a new single valued restriction for the specified parameters.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.oakName
- The name of the restriction.value
- The value of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException
- If no matching restriction definition exists for the specified parameters.RepositoryException
- If another error occurs.
-
createRestriction
@NotNull @NotNull Restriction createRestriction(@Nullable @Nullable String oakPath, @NotNull @NotNull String oakName, @NotNull @NotNull Value... values) throws AccessControlException, RepositoryException Creates a new multi valued restriction for the specified parameters.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.oakName
- The name of the restriction.values
- The values of the restriction.- Returns:
- A new restriction instance.
- Throws:
AccessControlException
- If no matching restriction definition exists for the specified parameters.RepositoryException
- If another error occurs.
-
readRestrictions
@NotNull @NotNull Set<Restriction> readRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree) Read the valid restrictions stored in the specified ACE tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE that may contain restrictions.- Returns:
- The valid restrictions stored with the specified tree or an empty set.
-
writeRestrictions
void writeRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree, @NotNull @NotNull Set<Restriction> restrictions) throws RepositoryException Writes the given restrictions to the specified ACE tree. Note, that this method does not need to validate the specified restrictions (see alsovalidateRestrictions(String, org.apache.jackrabbit.oak.api.Tree)
).- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE that will have the specified restrictions added.restrictions
- The set of restrictions to be written to the specified tree.- Throws:
RepositoryException
- If an error occurs while writing the restrictions.
-
validateRestrictions
void validateRestrictions(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree aceTree) throws AccessControlException, RepositoryException Validate the restrictions present with the specified ACE tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.aceTree
- The tree corresponding to an ACE.- Throws:
AccessControlException
- If any invalid restrictions are detected.RepositoryException
- If another error occurs.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Tree tree) Creates theRestrictionPattern
for the restriction information stored with specified tree.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.tree
- The tree holding the restriction information.- Returns:
- A new
RestrictionPattern
representing the restriction information present with the given tree.
-
getPattern
@NotNull @NotNull RestrictionPattern getPattern(@Nullable @Nullable String oakPath, @NotNull @NotNull Set<Restriction> restrictions) Creates theRestrictionPattern
for the specified restrictions. The implementation should ignore all restrictions present in the specified set that it doesn't support.- Parameters:
oakPath
- The path of the access controlled tree ornull
if the target policies applies to the repository level.restrictions
- the restrictions.- Returns:
- A new
RestrictionPattern
representing those restrictions of the specified set that are supported by this implementation.
-