|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider
org.apache.jackrabbit.core.security.authorization.acl.ACLProvider
public class ACLProvider
The ACLProvider generates access control policies out of the items stored in the workspace applying the following rules:
Node
is considered access controlled if an ACL has
been explicitely assigned to it by adding the mixin type
rep:AccessControllable
and adding child node of type
rep:acl
that forms the acl.Property
item.Node
that is not access controlled may inherit the ACL.
The ACL is inherited from the closest access controlled ancestor.Node
has no effective ACL, in
which case some a default policy is returned that grants READ privilege to
any principal and denies all other privileges.
for additional information.
Field Summary |
---|
Fields inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider |
---|
observationMgr, PARAM_OMIT_DEFAULT_PERMISSIONS, resolver, session |
Fields inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlConstants |
---|
N_ACCESSCONTROL, N_POLICY, NF, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, P_PRINCIPAL_NAME, P_PRIVILEGES |
Constructor Summary | |
---|---|
ACLProvider()
|
Method Summary | |
---|---|
boolean |
canAccessRoot(Set principals)
Returns true if the given set of principals can access the
root node of the workspace this provider has been built for;
false otherwise. |
CompiledPermissions |
compilePermissions(Set principals)
Compiles the effective policy for the specified set of Principal s. |
AccessControlEditor |
getEditor(Session session)
Returns an AccessControlEditor for the given Session object
or null if the implementation does not support editing
of access control policies. |
AccessControlPolicy[] |
getEffectivePolicies(Path absPath)
Returns the effective policies for the node at the given absPath. |
void |
init(Session systemSession,
Map configuration)
Tests if the given systemSession is a SessionImpl and
retrieves the observation manager. |
boolean |
isAcItem(ItemImpl item)
Test if the given node is itself a rep:ACL or a rep:ACE node. |
boolean |
isAcItem(Path absPath)
Test if the specified path points to an item that defines AC information. |
Methods inherited from class org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider |
---|
checkInitialized, close, getAdminPermissions, getReadOnlyPermissions, isAdminOrSystem, isReadOnly |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ACLProvider()
Method Detail |
---|
public boolean isAcItem(Path absPath) throws RepositoryException
AccessControlUtils
isAcItem
in interface AccessControlUtils
absPath
contains
access control information.
RepositoryException
AccessControlUtils.isAcItem(Path)
public boolean isAcItem(ItemImpl item) throws RepositoryException
isAcItem
in interface AccessControlUtils
item
defines
access control related information is should therefore be considered
protected.
RepositoryException
AccessControlUtils.isAcItem(ItemImpl)
public void init(Session systemSession, Map configuration) throws RepositoryException
AbstractAccessControlProvider
systemSession
is a SessionImpl and
retrieves the observation manager. The it sets the internal 'initialized'
field to true.
init
in interface AccessControlProvider
init
in class AbstractAccessControlProvider
RepositoryException
- If the specified session is not a
SessionImpl
or if retrieving the observation manager fails.AccessControlProvider.init(Session, Map)
public AccessControlPolicy[] getEffectivePolicies(Path absPath) throws ItemNotFoundException, RepositoryException
AccessControlProvider
getEffectivePolicies
in interface AccessControlProvider
absPath
-
absPath
.
ItemNotFoundException
- If no Node with the specified
absPath
exists.
RepositoryException
- If another error occurs.AccessControlProvider.getEffectivePolicies(Path)
public AccessControlEditor getEditor(Session session)
AccessControlProvider
AccessControlEditor
for the given Session object
or null
if the implementation does not support editing
of access control policies.
getEditor
in interface AccessControlProvider
null
AccessControlProvider.getEditor(Session)
public CompiledPermissions compilePermissions(Set principals) throws RepositoryException
AccessControlProvider
Principal
s.
compilePermissions
in interface AccessControlProvider
principals
- Set of principals to compile the permissions for. If
the order of evaluating permissions for principals is meaningful, the
caller is adviced to pass a Set that respects the order of insertion.
RepositoryException
- If an error occurs.AccessControlProvider.compilePermissions(Set)
public boolean canAccessRoot(Set principals) throws RepositoryException
AccessControlProvider
true
if the given set of principals can access the
root node of the workspace this provider has been built for;
false
otherwise.
canAccessRoot
in interface AccessControlProvider
true
if the given set of principals can access the
root node of the workspace this provider has been built for;
false
otherwise.
RepositoryException
AccessControlProvider.canAccessRoot(Set)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |