org.apache.jackrabbit.api.security

Interface JackrabbitAccessControlList

All Superinterfaces:

JackrabbitAccessControlPolicy

All Known Implementing Classes:

AbstractAccessControlList, ImmutableACL

public interface JackrabbitAccessControlList
extends JackrabbitAccessControlPolicy

JackrabbitAccessControlList is an extension of the AccessControlList. Similar to the latter any modifications made will not take effect, until it is written back and saved.

Method Summary

Modifier and Type	Method and Description
boolean	addEntry(java.security.Principal principal, Privilege[] privileges, boolean isAllow) Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
boolean	addEntry(java.security.Principal principal, Privilege[] privileges, boolean isAllow, java.util.Map<java.lang.String,Value> restrictions) Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
boolean	addEntry(java.security.Principal principal, Privilege[] privileges, boolean isAllow, java.util.Map<java.lang.String,Value> restrictions, java.util.Map<java.lang.String,Value[]> mvRestrictions) Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
java.lang.String[]	getRestrictionNames() Returns the names of the supported restrictions or an empty array if no restrictions are respected.
int	getRestrictionType(java.lang.String restrictionName) Return the expected property type of the restriction with the specified restrictionName.
boolean	isEmpty() Returns true if this policy does not yet define any entries.
boolean	isMultiValueRestriction(java.lang.String restrictionName) Returns true if the restriction is multivalued; false otherwise.
void	orderBefore(AccessControlEntry srcEntry, AccessControlEntry destEntry) If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.
int	size() Returns the number of entries or 0 if the policy is empty.

Methods inherited from interface org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy

getPath

Method Detail

getRestrictionNames

java.lang.String[] getRestrictionNames()
                                throws RepositoryException

Returns the names of the supported restrictions or an empty array if no restrictions are respected.

Returns:

the names of the supported restrictions or an empty array.

Throws:

RepositoryException - If an error occurs.

See Also:

addEntry(Principal, Privilege[], boolean, Map)

getRestrictionType

int getRestrictionType(java.lang.String restrictionName)
                throws RepositoryException

Return the expected property type of the restriction with the specified restrictionName.

Parameters:

restrictionName - Any of the restriction names retrieved from getRestrictionNames().

Returns:

expected property type.

Throws:

RepositoryException - If an error occurs.

isMultiValueRestriction

boolean isMultiValueRestriction(java.lang.String restrictionName)
                         throws RepositoryException

Returns true if the restriction is multivalued; false otherwise. If an given implementation doesn't support multivalued restrictions, this method always returns false.

Parameters:

restrictionName - Any of the restriction names retrieved from getRestrictionNames().

Returns:

true if the restriction is multivalued; false if the restriction with the given name is single value or if the implementation doesn't support multivalued restrictions, this method always returns false.

Throws:

RepositoryException - If an error occurs.

See Also:

addEntry(Principal, Privilege[], boolean, Map, Map)

isEmpty

boolean isEmpty()

Returns true if this policy does not yet define any entries.

Returns:

If no entries are present.

size

int size()

Returns the number of entries or 0 if the policy is empty.

Returns:

The number of entries present or 0 if the policy is empty.

addEntry

boolean addEntry(java.security.Principal principal,
                 Privilege[] privileges,
                 boolean isAllow)
          throws AccessControlException,
                 RepositoryException

Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

See Also:

AccessControlList#addAccessControlEntry(Principal, Privilege[])

addEntry

boolean addEntry(java.security.Principal principal,
                 Privilege[] privileges,
                 boolean isAllow,
                 java.util.Map<java.lang.String,Value> restrictions)
          throws AccessControlException,
                 RepositoryException

Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

This method returns true if this policy was modified, false otherwise.

An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single javax.jcr.Value object.

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

See Also:

AccessControlList#addAccessControlEntry(Principal, Privilege[])

addEntry

boolean addEntry(java.security.Principal principal,
                 Privilege[] privileges,
                 boolean isAllow,
                 java.util.Map<java.lang.String,Value> restrictions,
                 java.util.Map<java.lang.String,Value[]> mvRestrictions)
          throws AccessControlException,
                 RepositoryException

Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

This method returns true if this policy was modified, false otherwise.

An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single javax.jcr.Value object.

restrictions - A map of additional multivalued restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a javax.jcr.Value array.

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

Since:

2.8

See Also:

AccessControlList#addAccessControlEntry(Principal, Privilege[])

orderBefore

void orderBefore(AccessControlEntry srcEntry,
                 AccessControlEntry destEntry)
          throws AccessControlException,
                 UnsupportedRepositoryOperationException,
                 RepositoryException

If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.

If destEntry is null the entry is moved to the end of the list.

If srcEntry and destEntry are the same no changes are made.

Parameters:

srcEntry - The access control entry to be moved within the list.

destEntry - The entry before which the srcEntry will be moved.

Throws:

AccessControlException - If any of the given entries is invalid or cannot be handled by the implementation.

UnsupportedRepositoryOperationException - If ordering is not supported.

RepositoryException - If another error occurs.