|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jackrabbit.core.security.AbstractAccessControlManager
org.apache.jackrabbit.core.security.simple.SimpleAccessManager
public class SimpleAccessManager
SimpleAccessManager
...
Field Summary |
---|
Fields inherited from interface org.apache.jackrabbit.core.security.AccessManager |
---|
READ, REMOVE, WRITE |
Constructor Summary | |
---|---|
SimpleAccessManager()
Empty constructor |
Method Summary | |
---|---|
boolean |
canAccess(String workspaceName)
Determines whether the subject of the current context is granted access to the given workspace. |
boolean |
canRead(Path itemPath)
Determines whether the item at the specified absolute path can be read. |
protected void |
checkInitialized()
Check if this manager has been properly initialized. |
void |
checkPermission(ItemId id,
int permissions)
Determines whether the specified permissions are granted
on the item with the specified id (i.e. |
void |
checkPermission(Path absPath,
int permissions)
Determines whether the specified permissions are granted
on the item with the specified id (i.e. |
protected void |
checkPermission(String absPath,
int permission)
Check if the specified privileges are granted at absPath . |
protected void |
checkValidNodePath(String absPath)
Tests if the given absPath is absolute and points to an existing node. |
void |
close()
Close this access manager. |
AccessControlPolicy[] |
getEffectivePolicies(String absPath)
|
protected PrivilegeRegistry |
getPrivilegeRegistry()
|
Privilege[] |
getPrivileges(String absPath)
|
Privilege[] |
getPrivileges(String absPath,
Set<Principal> principals)
Returns the privileges the given set of Principal s has for
absolute path absPath , which must be an existing node. |
boolean |
hasPrivileges(String absPath,
Privilege[] privileges)
|
boolean |
hasPrivileges(String absPath,
Set<Principal> principals,
Privilege[] privileges)
Returns whether the given set of Principal s has the specified
privileges for absolute path absPath , which must be an
existing node. |
void |
init(AMContext context)
Initialize this access manager. |
void |
init(AMContext context,
AccessControlProvider acProvider,
WorkspaceAccessManager wspAccessManager)
Initialize this access manager. |
boolean |
isGranted(ItemId id,
int permissions)
Determines whether the specified permissions are granted
on the item with the specified id (i.e. |
boolean |
isGranted(Path absPath,
int permissions)
Determines whether the specified permissions are granted
on the item with the specified absPath (i.e. |
boolean |
isGranted(Path parentPath,
Name childName,
int permissions)
Determines whether the specified permissions are granted
on an item represented by the combination of the given
parentPath and childName (i.e. |
Methods inherited from class org.apache.jackrabbit.core.security.AbstractAccessControlManager |
---|
getApplicablePolicies, getApplicablePolicies, getPolicies, getPolicies, getSupportedPrivileges, privilegeFromName, removePolicy, setPolicy |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SimpleAccessManager()
Method Detail |
---|
public void init(AMContext context) throws AccessDeniedException, Exception
AccessDeniedException
will
be thrown if the subject of the given context
is not
granted access to the specified workspace.
init
in interface AccessManager
context
- access manager context
AccessDeniedException
- if the subject is not granted access
to the specified workspace.
Exception
- if another error occurspublic void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager) throws AccessDeniedException, Exception
AccessDeniedException
will
be thrown if the subject of the given context
is not
granted access to the specified workspace.
init
in interface AccessManager
context
- access manager context.acProvider
- The access control provider.wspAccessManager
- The workspace access manager.
AccessDeniedException
- if the subject is not granted access
to the specified workspace.
Exception
- if another error occurspublic void close() throws Exception
close
in interface AccessManager
Exception
- if an error occurspublic void checkPermission(ItemId id, int permissions) throws AccessDeniedException, RepositoryException
permissions
are granted
on the item with the specified id
(i.e. the target item).
checkPermission
in interface AccessManager
id
- the id of the target itempermissions
- A combination of one or more of the following constants
encoded as a bitmask value:
READ
WRITE
REMOVE
AccessDeniedException
- if permission is denied
ItemNotFoundException
- if the target item does not exist
RepositoryException
- it an error occurspublic void checkPermission(Path absPath, int permissions) throws AccessDeniedException, RepositoryException
permissions
are granted
on the item with the specified id
(i.e. the target item).
checkPermission
in interface AccessManager
absPath
- Path to an item.permissions
- A combination of one or more of the
Permission
constants encoded as a bitmask value.
AccessDeniedException
- if permission is denied
RepositoryException
- it another error occurspublic boolean isGranted(ItemId id, int permissions) throws RepositoryException
permissions
are granted
on the item with the specified id
(i.e. the target item).
isGranted
in interface AccessManager
id
- the id of the target itempermissions
- A combination of one or more of the following constants
encoded as a bitmask value:
READ
WRITE
REMOVE
true
if permission is granted; otherwise false
ItemNotFoundException
- if the target item does not exist
RepositoryException
- if another error occurspublic boolean isGranted(Path absPath, int permissions) throws RepositoryException
AccessManager
permissions
are granted
on the item with the specified absPath
(i.e. the target
item, that may or may not yet exist).
isGranted
in interface AccessManager
absPath
- the absolute path to testpermissions
- A combination of one or more of the
Permission
constants encoded as a bitmask value.
true
if the specified permissions are granted;
otherwise false
.
RepositoryException
- if an error occurs.public boolean isGranted(Path parentPath, Name childName, int permissions) throws RepositoryException
AccessManager
permissions
are granted
on an item represented by the combination of the given
parentPath
and childName
(i.e. the target
item, that may or may not yet exist).
isGranted
in interface AccessManager
parentPath
- Path to an existing parent node.childName
- Name of the child item that may or may not exist yet.permissions
- A combination of one or more of the
Permission
constants encoded as a bitmask value.
true
if the specified permissions are granted;
otherwise false
.
RepositoryException
- if an error occurs.public boolean canRead(Path itemPath) throws RepositoryException
AccessManager
canRead
in interface AccessManager
itemPath
- Path to the item to be tested.s
true
if the item can be read; otherwise false
.
RepositoryException
- if an error occurs.public boolean canAccess(String workspaceName) throws RepositoryException
false
, if no such workspace
exists.
canAccess
in interface AccessManager
workspaceName
- name of workspace
true
if the subject of the current context is
granted access to the given workspace; otherwise false
.
RepositoryException
- if an error occurs.public boolean hasPrivileges(String absPath, Privilege[] privileges) throws PathNotFoundException, RepositoryException
hasPrivileges
in interface AccessControlManager
PathNotFoundException
RepositoryException
public Privilege[] getPrivileges(String absPath) throws PathNotFoundException, RepositoryException
getPrivileges
in interface AccessControlManager
PathNotFoundException
RepositoryException
public AccessControlPolicy[] getEffectivePolicies(String absPath) throws PathNotFoundException, AccessDeniedException, RepositoryException
getEffectivePolicies
in interface AccessControlManager
PathNotFoundException
AccessDeniedException
RepositoryException
protected void checkInitialized() throws IllegalStateException
AbstractAccessControlManager
checkInitialized
in class AbstractAccessControlManager
IllegalStateException
- If this manager has not been properly initialized.AbstractAccessControlManager.checkInitialized()
protected void checkPermission(String absPath, int permission) throws AccessDeniedException, PathNotFoundException, RepositoryException
AbstractAccessControlManager
absPath
.
checkPermission
in class AbstractAccessControlManager
absPath
- Path to an existing node.permission
- Permissions to be checked.
AccessDeniedException
- if the session does not have the
specified privileges.
PathNotFoundException
- if no node exists at absPath
of if the session does not have the permission to READ it.
RepositoryException
- If another error occurs.AbstractAccessControlManager.checkPermission(String,int)
protected PrivilegeRegistry getPrivilegeRegistry() throws RepositoryException
getPrivilegeRegistry
in class AbstractAccessControlManager
RepositoryException
- If another error occurs.AbstractAccessControlManager.getPrivilegeRegistry()
protected void checkValidNodePath(String absPath) throws PathNotFoundException, RepositoryException
AbstractAccessControlManager
absPath
is absolute and points to an existing node.
checkValidNodePath
in class AbstractAccessControlManager
absPath
- Path to an existing node.
PathNotFoundException
- if no node at absPath
exists
or the session does not have privilege to retrieve the node.
RepositoryException
- If the given absPath
is not
absolute or if some other error occurs.AbstractAccessControlManager.checkValidNodePath(String)
public boolean hasPrivileges(String absPath, Set<Principal> principals, Privilege[] privileges) throws PathNotFoundException, RepositoryException
JackrabbitAccessControlManager
Principal
s has the specified
privileges for absolute path absPath
, which must be an
existing node.
Testing an aggregate privilege is equivalent to testing each non
aggregate privilege among the set returned by calling
Privilege.getAggregatePrivileges()
for that privilege.
The results reported by the this method reflect the net effect of
the currently applied control mechanisms. It does not reflect unsaved
access control policies or unsaved access control entries. Changes to
access control status caused by these mechanisms only take effect on
Session.save()
and are only then reflected in the results of
the privilege test methods.
Since this method allows to view the privileges of principals other
than included in the editing session, this method must throw
AccessDeniedException
if the session lacks
READ_ACCESS_CONTROL
privilege for the absPath
node.
hasPrivileges
in interface JackrabbitAccessControlManager
absPath
- an absolute path.principals
- a set of Principal
s for which is the
given privileges are tested.privileges
- an array of Privilege
s.
true
if the session has the specified privileges;
false
otherwise.
PathNotFoundException
- if no node at absPath
exists
or the session does not have sufficent access to retrieve a node at that location.
AccessDeniedException
- if the session lacks
READ_ACCESS_CONTROL
privilege for the absPath
node.
RepositoryException
- if another error occurs.JackrabbitAccessControlManager.hasPrivileges(String, Set, Privilege[])
public Privilege[] getPrivileges(String absPath, Set<Principal> principals) throws PathNotFoundException, RepositoryException
JackrabbitAccessControlManager
Principal
s has for
absolute path absPath
, which must be an existing node.
The returned privileges are those for which JackrabbitAccessControlManager.hasPrivileges(java.lang.String, java.util.Set
would
return true
.
The results reported by the this method reflect the net effect of
the currently applied control mechanisms. It does not reflect unsaved
access control policies or unsaved access control entries. Changes to
access control status caused by these mechanisms only take effect on
Session.save()
and are only then reflected in the results of
the privilege test methods.
Since this method allows to view the privileges of principals other
than included in the editing session, this method must throw
AccessDeniedException
if the session lacks
READ_ACCESS_CONTROL
privilege for the absPath
node.
Note that this method does not resolve any group membership, as this is the job of the user manager. nor does it augment the set with the "everyone" principal.
getPrivileges
in interface JackrabbitAccessControlManager
absPath
- an absolute path.principals
- a set of Principal
s for which is the
privileges are retrieved.
Privilege
s.
PathNotFoundException
- if no node at absPath
exists
or the session does not have sufficient access to retrieve a node at that
location.
AccessDeniedException
- if the session lacks READ_ACCESS_CONTROL
privilege for the absPath
node.
RepositoryException
- if another error occurs.JackrabbitAccessControlManager.getPrivileges(String, Set)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |