org.apache.jackrabbit.core.security.authorization
Class AbstractAccessControlProvider

java.lang.Object
  org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider

All Implemented Interfaces:

AccessControlProvider, AccessControlUtils

Direct Known Subclasses:

ACLProvider, ACLProvider, CombinedProvider, UserAccessControlProvider

public abstract class AbstractAccessControlProvider
extends Object
implements AccessControlProvider, AccessControlUtils

AbstractAccessControlProvider...

Field Summary

protected ObservationManager	observationMgr
static String	PARAM_OMIT_DEFAULT_PERMISSIONS
protected int	privAll
protected int	privRead
protected NamePathResolver	resolver
protected SessionImpl	session the system session this provider has been created for.

Constructor Summary

protected

AbstractAccessControlProvider()

Method Summary

protected void	checkInitialized() Throws IllegalStateException if the provider has not been initialized or has been closed.
void	close() Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.
protected CompiledPermissions	getAdminPermissions() Returns compiled permissions for the administrator i.e. permissions that grants everything and returns the int representation of Privilege.JCR_ALL upon CompiledPermissions.getPrivileges(Path) for all paths.
protected CompiledPermissions	getReadOnlyPermissions() Returns compiled permissions for a read-only user i.e. permissions that grants READ permission for all non-AC items.
void	init(Session systemSession, Map configuration) Tests if the given systemSession is a SessionImpl and retrieves the observation manager.
boolean	isAdminOrSystem(Set principals) Test if the specified set of principals contains an admin or system principal.
boolean	isReadOnly(Set principals) Test if if the specified set of principals will have read-only permissions only.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlProvider

canAccessRoot, compilePermissions, getEditor, getEffectivePolicies

Methods inherited from interface org.apache.jackrabbit.core.security.authorization.AccessControlUtils

isAcItem, isAcItem

Field Detail

PARAM_OMIT_DEFAULT_PERMISSIONS

public static final String PARAM_OMIT_DEFAULT_PERMISSIONS

See Also:

Constant Field Values

session

protected SessionImpl session

the system session this provider has been created for.

observationMgr

protected ObservationManager observationMgr

resolver

protected NamePathResolver resolver

privAll

protected int privAll

privRead

protected int privRead

Constructor Detail

AbstractAccessControlProvider

protected AbstractAccessControlProvider()

Method Detail

checkInitialized

protected void checkInitialized()

Throws IllegalStateException if the provider has not been initialized or has been closed.

getAdminPermissions

protected CompiledPermissions getAdminPermissions()

Returns compiled permissions for the administrator i.e. permissions that grants everything and returns the int representation of Privilege.JCR_ALL upon CompiledPermissions.getPrivileges(Path) for all paths.

Returns:

an implementation of CompiledPermissions that grants everything and always returns the int representation of Privilege.JCR_ALL upon CompiledPermissions.getPrivileges(Path).

getReadOnlyPermissions

protected CompiledPermissions getReadOnlyPermissions()

Returns compiled permissions for a read-only user i.e. permissions that grants READ permission for all non-AC items.

Returns:

an implementation of CompiledPermissions that grants READ permission for all non-AC items.

isAdminOrSystem

public boolean isAdminOrSystem(Set principals)

Description copied from interface: AccessControlUtils

Test if the specified set of principals contains an admin or system principal.

Specified by:

isAdminOrSystem in interface AccessControlUtils

Parameters:

principals - A set of principals.

Returns:

true if the specified set of principals contains an AdminPrincipal or a SystemPrincipal.

See Also:

AccessControlUtils.isAdminOrSystem(Set)

isReadOnly

public boolean isReadOnly(Set principals)

Description copied from interface: AccessControlUtils

Test if if the specified set of principals will have read-only permissions only. False otherwise (or if it cannot be determined from the principal set only).

Specified by:

isReadOnly in interface AccessControlUtils

Parameters:

principals - A set of principals.

Returns:

true if the specified set of principals will only be granted read permission on all items.

See Also:

AccessControlUtils.isReadOnly(Set)

init

public void init(Session systemSession,
                 Map configuration)
          throws RepositoryException

Tests if the given systemSession is a SessionImpl and retrieves the observation manager. The it sets the internal 'initialized' field to true.

Specified by:

init in interface AccessControlProvider

Parameters:

systemSession - System session.

configuration - Configuration used to initialize this provider.

Throws:

RepositoryException - If the specified session is not a SessionImpl or if retrieving the observation manager fails.

See Also:

AccessControlProvider.init(Session, Map)

close

public void close()

Description copied from interface: AccessControlProvider

Closes this provider when it is no longer used by the respective workspace and release resources bound by this provider.

Specified by:

close in interface AccessControlProvider

See Also:

AccessControlProvider.close()