JackrabbitAccessControlManager ("The Adobe AEM Quickstart and Web Application.")

All Known Implementing Classes:

AbstractAccessControlManager
```
public interface JackrabbitAccessControlManager
```
JackrabbitAccessControlManager provides extensions to the AccessControlManager interface.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`JackrabbitAccessControlPolicy[]`	`getApplicablePolicies(java.security.Principal principal)` Returns the applicable policies for the specified `principal` or an empty array if no additional policies can be applied.
`AccessControlPolicy[]`	`getEffectivePolicies(java.util.Set<java.security.Principal> principals)` Returns the `AccessControlPolicy` objects that are in effect for the given `Principal`s.
`JackrabbitAccessControlPolicy[]`	`getPolicies(java.security.Principal principal)` Returns the `AccessControlPolicy` objects that have been set for the given `principal` or an empty array if no policy has been set.
`Privilege[]`	`getPrivileges(java.lang.String absPath, java.util.Set<java.security.Principal> principals)` Returns the privileges the given set of `Principal`s has for absolute path `absPath`, which must be an existing node.
`boolean`	`hasPrivileges(java.lang.String absPath, java.util.Set<java.security.Principal> principals, Privilege[] privileges)` Returns whether the given set of `Principal`s has the specified privileges for absolute path `absPath`, which must be an existing node.

- Method Detail
  - getApplicablePolicies
```
JackrabbitAccessControlPolicy[] getApplicablePolicies(java.security.Principal principal)
                                               throws AccessDeniedException,
                                                      AccessControlException,
                                                      UnsupportedRepositoryOperationException,
                                                      RepositoryException
```
    Returns the applicable policies for the specified principal or an empty array if no additional policies can be applied.
    
    Parameters:
    
    principal - A principal known to the editing session.
    
    Returns:
    
    array of policies for the specified principal. Note that the policy object returned must reveal the path of the node where they can be applied later on using AccessControlManager#setPolicy(String, javax.jcr.security.AccessControlPolicy).
    
    Throws:
    
    AccessDeniedException - if the session lacks MODIFY_ACCESS_CONTROL privilege.
    
    AccessControlException - if the specified principal does not exist or if another access control related exception occurs.
    
    UnsupportedRepositoryOperationException - if editing access control policies by principal is not supported.
    
    RepositoryException - if another error occurs.
    
    See Also:
    
    JackrabbitAccessControlPolicy.getPath()
  - getPolicies
```
JackrabbitAccessControlPolicy[] getPolicies(java.security.Principal principal)
                                     throws AccessDeniedException,
                                            AccessControlException,
                                            UnsupportedRepositoryOperationException,
                                            RepositoryException
```
    Returns the AccessControlPolicy objects that have been set for the given principal or an empty array if no policy has been set. This method reflects the binding state, including transient policy modifications.
    
    Parameters:
    
    principal - A valid principal.
    
    Returns:
    
    The policies defined for the given principal or an empty array.
    
    Throws:
    
    AccessDeniedException - if the session lacks READ_ACCESS_CONTROL privilege.
    
    AccessControlException - if the specified principal does not exist or if another access control related exception occurs.
    
    UnsupportedRepositoryOperationException - if editing access control policies by principal is not supported.
    
    RepositoryException - If another error occurs.
  - getEffectivePolicies
```
AccessControlPolicy[] getEffectivePolicies(java.util.Set<java.security.Principal> principals)
                                    throws AccessDeniedException,
                                           AccessControlException,
                                           UnsupportedRepositoryOperationException,
                                           RepositoryException
```
    Returns the AccessControlPolicy objects that are in effect for the given Principals. This may be policies set through this API or some implementation specific (default) policies.
    
    Parameters:
    
    principals - A set of valid principals.
    
    Returns:
    
    The policies defined for the given principal or an empty array.
    
    Throws:
    
    AccessDeniedException - if the session lacks READ_ACCESS_CONTROL privilege.
    
    AccessControlException - if the specified principal does not exist or if another access control related exception occurs.
    
    UnsupportedRepositoryOperationException - if editing access control policies by principal is not supported.
    
    RepositoryException - If another error occurs.
  - hasPrivileges
```
boolean hasPrivileges(java.lang.String absPath,
                      java.util.Set<java.security.Principal> principals,
                      Privilege[] privileges)
               throws PathNotFoundException,
                      AccessDeniedException,
                      RepositoryException
```
    Returns whether the given set of Principals has the specified privileges for absolute path absPath, which must be an existing node.
    Testing an aggregate privilege is equivalent to testing each non aggregate privilege among the set returned by calling Privilege.getAggregatePrivileges() for that privilege.
    The results reported by the this method reflect the net effect of the currently applied control mechanisms. It does not reflect unsaved access control policies or unsaved access control entries. Changes to access control status caused by these mechanisms only take effect on Session.save() and are only then reflected in the results of the privilege test methods.
    Since this method allows to view the privileges of principals other than included in the editing session, this method must throw AccessDeniedException if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.
    
    Parameters:
    
    absPath - an absolute path.
    
    principals - a set of Principals for which is the given privileges are tested.
    
    privileges - an array of Privileges.
    
    Returns:
    
    true if the session has the specified privileges; false otherwise.
    
    Throws:
    
    javax.jcr.PathNotFoundException - if no node at absPath exists or the session does not have sufficient access to retrieve a node at that location.
    
    AccessDeniedException - if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.
    
    RepositoryException - if another error occurs.
    
    PathNotFoundException
  - getPrivileges
```
Privilege[] getPrivileges(java.lang.String absPath,
                          java.util.Set<java.security.Principal> principals)
                   throws PathNotFoundException,
                          AccessDeniedException,
                          RepositoryException
```
    Returns the privileges the given set of Principals has for absolute path absPath, which must be an existing node.
    The returned privileges are those for which hasPrivileges(java.lang.String, java.util.Set<java.security.Principal>, Privilege[]) would return true.
    The results reported by the this method reflect the net effect of the currently applied control mechanisms. It does not reflect unsaved access control policies or unsaved access control entries. Changes to access control status caused by these mechanisms only take effect on Session.save() and are only then reflected in the results of the privilege test methods.
    Since this method allows to view the privileges of principals other than included in the editing session, this method must throw AccessDeniedException if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.
    Note that this method does not resolve any group membership, as this is the job of the user manager. nor does it augment the set with the "everyone" principal.
    
    Parameters:
    
    absPath - an absolute path.
    
    principals - a set of Principals for which is the privileges are retrieved.
    
    Returns:
    
    an array of Privileges.
    
    Throws:
    
    PathNotFoundException - if no node at absPath exists or the session does not have sufficient access to retrieve a node at that location.
    
    AccessDeniedException - if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.
    
    RepositoryException - if another error occurs.

Interface JackrabbitAccessControlManager

Method Summary

Method Detail

getApplicablePolicies

getPolicies

getEffectivePolicies

hasPrivileges

getPrivileges