org.apache.jackrabbit.api.security

Interface JackrabbitAccessControlList

All Superinterfaces:

AccessControlList, AccessControlPolicy, JackrabbitAccessControlPolicy

All Known Subinterfaces:

PrincipalAccessControlList

All Known Implementing Classes:

AbstractAccessControlList, ImmutableACL

@ProviderType
public interface JackrabbitAccessControlList
extends JackrabbitAccessControlPolicy, AccessControlList

JackrabbitAccessControlList is an extension of the AccessControlList. Similar to the latter any modifications made will not take effect, until it is written back and saved.

Method Summary

Modifier and Type	Method and Description
boolean	addEntry(@NotNull java.security.Principal principal, @NotNull Privilege[] privileges, boolean isAllow) Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
boolean	addEntry(@NotNull java.security.Principal principal, @NotNull Privilege[] privileges, boolean isAllow, @Nullable java.util.Map<java.lang.String,Value> restrictions) Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
boolean	addEntry(@NotNull java.security.Principal principal, @NotNull Privilege[] privileges, boolean isAllow, @Nullable java.util.Map<java.lang.String,Value> restrictions, @Nullable java.util.Map<java.lang.String,Value[]> mvRestrictions) Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
@NotNull java.lang.String[]	getRestrictionNames() Returns the names of the supported restrictions or an empty array if no restrictions are respected.
int	getRestrictionType(@NotNull java.lang.String restrictionName) Return the expected property type of the restriction with the specified restrictionName.
boolean	isEmpty() Returns true if this policy does not yet define any entries.
boolean	isMultiValueRestriction(@NotNull java.lang.String restrictionName) Returns true if the restriction is multivalued; false otherwise.
void	orderBefore(@NotNull AccessControlEntry srcEntry, @Nullable AccessControlEntry destEntry) If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.
int	size() Returns the number of entries or 0 if the policy is empty.

Methods inherited from interface org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy

getPath

Methods inherited from interface javax.jcr.security.AccessControlList

addAccessControlEntry, getAccessControlEntries, removeAccessControlEntry

Method Detail

getRestrictionNames

@NotNull
@NotNull java.lang.String[] getRestrictionNames()
                                                  throws RepositoryException

Returns the names of the supported restrictions or an empty array if no restrictions are respected.

Returns:

the names of the supported restrictions or an empty array.

Throws:

RepositoryException - If an error occurs.

See Also:

addEntry(Principal, Privilege[], boolean, Map)

getRestrictionType

int getRestrictionType(@NotNull
                       @NotNull java.lang.String restrictionName)
                throws RepositoryException

Return the expected property type of the restriction with the specified restrictionName.

Parameters:

restrictionName - Any of the restriction names retrieved from getRestrictionNames().

Returns:

expected property type.

Throws:

RepositoryException - If an error occurs.

isMultiValueRestriction

boolean isMultiValueRestriction(@NotNull
                                @NotNull java.lang.String restrictionName)
                         throws RepositoryException

Returns true if the restriction is multivalued; false otherwise. If an given implementation doesn't support multivalued restrictions, this method always returns false.

Parameters:

restrictionName - Any of the restriction names retrieved from getRestrictionNames().

Returns:

true if the restriction is multivalued; false if the restriction with the given name is single value or if the implementation doesn't support multivalued restrictions, this method always returns false.

Throws:

RepositoryException - If an error occurs.

See Also:

addEntry(Principal, Privilege[], boolean, Map, Map)

isEmpty

boolean isEmpty()

Returns true if this policy does not yet define any entries.

Returns:

If no entries are present.

size

int size()

Returns the number of entries or 0 if the policy is empty.

Returns:

The number of entries present or 0 if the policy is empty.

addEntry

boolean addEntry(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull Privilege[] privileges,
                 boolean isAllow)
          throws AccessControlException,
                 RepositoryException

Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

See Also:

AccessControlList.addAccessControlEntry(Principal, Privilege[])

addEntry

boolean addEntry(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull Privilege[] privileges,
                 boolean isAllow,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,Value> restrictions)
          throws AccessControlException,
                 RepositoryException

Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

This method returns true if this policy was modified, false otherwise.

An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

See Also:

AccessControlList.addAccessControlEntry(Principal, Privilege[])

addEntry

boolean addEntry(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull Privilege[] privileges,
                 boolean isAllow,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,Value> restrictions,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,Value[]> mvRestrictions)
          throws AccessControlException,
                 RepositoryException

Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

This method returns true if this policy was modified, false otherwise.

An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

Parameters:

principal - the principal to add the entry for

privileges - the privileges to add

isAllow - if true if this is a positive (allow) entry

restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.

mvRestrictions - A map of additional multivalued restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a Value array.

Returns:

true if this policy has changed by incorporating the given entry; false otherwise.

Throws:

AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.

RepositoryException - If another error occurs.

Since:

2.8

See Also:

AccessControlList.addAccessControlEntry(Principal, Privilege[])

orderBefore

void orderBefore(@NotNull
                 @NotNull AccessControlEntry srcEntry,
                 @Nullable
                 @Nullable AccessControlEntry destEntry)
          throws AccessControlException,
                 UnsupportedRepositoryOperationException,
                 RepositoryException

If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.

If destEntry is null the entry is moved to the end of the list.

If srcEntry and destEntry are the same no changes are made.

Parameters:

srcEntry - The access control entry to be moved within the list.

destEntry - The entry before which the srcEntry will be moved.

Throws:

AccessControlException - If any of the given entries is invalid or cannot be handled by the implementation.

UnsupportedRepositoryOperationException - If ordering is not supported.

RepositoryException - If another error occurs.