org.apache.jackrabbit.core.security.authorization.principalbased

Class ACLProvider

java.lang.Object

org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider

org.apache.jackrabbit.core.security.authorization.principalbased.ACLProvider

All Implemented Interfaces:

AccessControlConstants, AccessControlProvider, AccessControlUtils

public class ACLProvider
extends AbstractAccessControlProvider
implements AccessControlConstants

ACLProvider...

Field Summary

Fields inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider

observationMgr, PARAM_OMIT_DEFAULT_PERMISSIONS, privilegeManager, session

Fields inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlConstants

N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES

Constructor Summary

Constructors

Constructor and Description
ACLProvider()

Method Summary

Modifier and Type	Method and Description
boolean	canAccessRoot(Set<Principal> principals) Returns true if the given set of principals can access the root node of the workspace this provider has been built for; false otherwise.
void	close() Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.
CompiledPermissions	compilePermissions(Set<Principal> principals) Compiles the effective policy for the specified set of Principals.
AccessControlEditor	getEditor(Session editingSession) Returns an AccessControlEditor for the given Session object or null if the implementation does not support editing of access control policies.
AccessControlPolicy[]	getEffectivePolicies(Path absPath, CompiledPermissions permissions) Returns the effective policies for the node at the given absPath.
AccessControlPolicy[]	getEffectivePolicies(Set<Principal> principals, CompiledPermissions permissions) Returns the effective policies for the given principals.
void	init(Session systemSession, Map configuration) Tests if the given systemSession is a SessionImpl and retrieves the observation manager.

Methods inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider

checkInitialized, getAdminPermissions, getPrivilegeManagerImpl, getReadOnlyPermissions, isAcItem, isAcItem, isAdminOrSystem, isLive, isReadOnly

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ACLProvider

public ACLProvider()

Method Detail

init

public void init(Session systemSession,
                 Map configuration)
          throws RepositoryException

Description copied from class: AbstractAccessControlProvider

Tests if the given systemSession is a SessionImpl and retrieves the observation manager. The it sets the internal 'initialized' field to true.

Specified by:

init in interface AccessControlProvider

Overrides:

init in class AbstractAccessControlProvider

Parameters:

systemSession - System session.

configuration - Configuration used to initialize this provider.

Throws:

RepositoryException - If the specified session is not a SessionImpl or if retrieving the observation manager fails.

See Also:

AccessControlProvider.init(javax.jcr.Session, java.util.Map)

close

public void close()

Description copied from interface: AccessControlProvider

Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.

Specified by:

close in interface AccessControlProvider

Overrides:

close in class AbstractAccessControlProvider

See Also:

AccessControlProvider.close()

getEffectivePolicies

public AccessControlPolicy[] getEffectivePolicies(Path absPath,
                                                  CompiledPermissions permissions)
                                           throws ItemNotFoundException,
                                                  RepositoryException

Description copied from interface: AccessControlProvider

Returns the effective policies for the node at the given absPath.

Specified by:

getEffectivePolicies in interface AccessControlProvider

Parameters:

absPath - an absolute path.

permissions - The effective permissions of the editing sessions that attempts to view the effective policies.

Returns:

The effective policies that apply at absPath or an empty array if the implementation cannot determine the effective policy at the given path.

Throws:

ItemNotFoundException - If no Node with the specified absPath exists.

RepositoryException - If another error occurs.

See Also:

AccessControlProvider.getEffectivePolicies(org.apache.jackrabbit.spi.Path,org.apache.jackrabbit.core.security.authorization.CompiledPermissions)

getEffectivePolicies

public AccessControlPolicy[] getEffectivePolicies(Set<Principal> principals,
                                                  CompiledPermissions permissions)
                                           throws RepositoryException

Description copied from interface: AccessControlProvider

Returns the effective policies for the given principals.

Specified by:

getEffectivePolicies in interface AccessControlProvider

Parameters:

principals - A set of principal.

permissions - The effective permissions of the editing sessions that attempts to view the effective policies. @return The effective policies that are in effect for the given principal or an empty array.

Throws:

RepositoryException - If error occurs.

See Also:

AccessControlProvider.getEffectivePolicies(java.util.Set, CompiledPermissions)

getEditor

public AccessControlEditor getEditor(Session editingSession)

Description copied from interface: AccessControlProvider

Returns an AccessControlEditor for the given Session object or null if the implementation does not support editing of access control policies.

Specified by:

getEditor in interface AccessControlProvider

Parameters:

editingSession - The editing session.

Returns:

the ACL editor or null.

See Also:

AccessControlProvider.getEditor(Session)

compilePermissions

public CompiledPermissions compilePermissions(Set<Principal> principals)
                                       throws RepositoryException

Description copied from interface: AccessControlProvider

Compiles the effective policy for the specified set of Principals.

Specified by:

compilePermissions in interface AccessControlProvider

Parameters:

principals - Set of principals to compile the permissions for. If the order of evaluating permissions for principals is meaningful, the caller should pass a Set that respects the order of insertion.

Returns:

The effective, compiled CompiledPolicy that applies for the specified set of principals.

Throws:

RepositoryException - If an error occurs.

See Also:

AccessControlProvider.compilePermissions(Set)

canAccessRoot

public boolean canAccessRoot(Set<Principal> principals)
                      throws RepositoryException

Description copied from interface: AccessControlProvider

Returns true if the given set of principals can access the root node of the workspace this provider has been built for; false otherwise.

Specified by:

canAccessRoot in interface AccessControlProvider

Parameters:

principals - Set of principals to be tested for being allowed to access the root node.

Returns:

true if the given set of principals can access the root node of the workspace this provider has been built for; false otherwise.

Throws:

RepositoryException - If an error occurs.

See Also:

AccessControlProvider.canAccessRoot(Set)