public class AccessControlAction extends AbstractAuthorizableAction
AccessControlAction
allows to setup permissions upon creation
of a new authorizable; namely the privileges the new authorizable should be
granted on it's own 'home directory' being represented by the new node
associated with that new authorizable.
The following to configuration parameters are available with this implementation:
Example configuration:
groupPrivilegeNames : ["jcr:read"] userPrivilegeNames : ["jcr:read,rep:write"]
This configuration could for example lead to the following content structure upon user or group creation. Note however that the resulting structure depends on the actual access control management being in place:
UserManager umgr = ((JackrabbitSession) session).getUserManager(); User user = umgr.createUser("testUser", "t"); + t rep:AuthorizableFolder + te rep:AuthorizableFolder + testUser rep:User, mix:AccessControllable + rep:policy rep:ACL + allow rep:GrantACE - rep:principalName = "testUser" - rep:privileges = ["jcr:read","rep:write"] - rep:password - rep:principalName = "testUser"
UserManager umgr = ((JackrabbitSession) session).getUserManager(); Group group = umgr.createGroup("testGroup"); + t rep:AuthorizableFolder + te rep:AuthorizableFolder + testGroup rep:Group, mix:AccessControllable + rep:policy rep:ACL + allow rep:GrantACE - rep:principalName = "testGroup" - rep:privileges = ["jcr:read"] - rep:principalName = "testGroup"
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
GROUP_PRIVILEGE_NAMES |
static java.lang.String |
USER_PRIVILEGE_NAMES |
Constructor and Description |
---|
AccessControlAction() |
Modifier and Type | Method and Description |
---|---|
void |
init(SecurityProvider securityProvider,
ConfigurationParameters config)
Doesn't perform any action.
|
void |
onCreate(@NotNull Group group,
@NotNull Root root,
@NotNull NamePathMapper namePathMapper)
Doesn't perform any action.
|
void |
onCreate(@NotNull User user,
@Nullable java.lang.String password,
@NotNull Root root,
@NotNull NamePathMapper namePathMapper)
Doesn't perform any action.
|
onPasswordChange, onRemove
public static final java.lang.String USER_PRIVILEGE_NAMES
public static final java.lang.String GROUP_PRIVILEGE_NAMES
public void init(SecurityProvider securityProvider, ConfigurationParameters config)
AbstractAuthorizableAction
init
in interface AuthorizableAction
init
in class AbstractAuthorizableAction
public void onCreate(@NotNull @NotNull Group group, @NotNull @NotNull Root root, @NotNull @NotNull NamePathMapper namePathMapper) throws RepositoryException
AbstractAuthorizableAction
onCreate
in interface AuthorizableAction
onCreate
in class AbstractAuthorizableAction
group
- The new group that has not yet been persisted;
e.g. the associated tree is still 'NEW'.root
- The root associated with the user manager.RepositoryException
- If an error occurs.public void onCreate(@NotNull @NotNull User user, @Nullable @Nullable java.lang.String password, @NotNull @NotNull Root root, @NotNull @NotNull NamePathMapper namePathMapper) throws RepositoryException
AbstractAuthorizableAction
onCreate
in interface AuthorizableAction
onCreate
in class AbstractAuthorizableAction
user
- The new user that has not yet been persisted;
e.g. the associated tree is still 'NEW'.password
- The password that was specified upon user creation.root
- The root associated with the user manager.RepositoryException
- If an error occurs.Copyright © 2010 - 2020 Adobe. All Rights Reserved