Privilege (Content Repository for Java Technology API Version 2.0)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

javax.jcr.security
Interface Privilege

public interface Privilege

A privilege represents the capability of performing a particular set of operations on items in the JCR repository. Each privilege is identified by a JCR name. JCR defines a set of standard privileges in the jcr namespace. Implementations may add additional privileges in namespaces other than jcr.

A privilege may be an aggregate privilege. Aggregate privileges are sets of other privileges. Granting, denying, or testing an aggregate privilege is equivalent to individually granting, denying, or testing each privilege it contains. The privileges contained by an aggregate privilege may themselves be aggregate privileges if the resulting privilege graph is acyclic.

A privilege may be an abstract privilege. Abstract privileges cannot themselves be granted or denied, but can be composed into aggregate privileges which are granted or denied.

A privilege can be both aggregate and abstract.

Since:: JCR 2.0

Field Summary
`static java.lang.String`	`JCR_ADD_CHILD_NODES` A constant representing `jcr:addChildNodes` (in expanded form), the privilege to create child nodes of a node.
`static java.lang.String`	`JCR_ALL` A constant representing `jcr:all` (in expanded form), an aggregate privilege that contains all predefined privileges.
`static java.lang.String`	`JCR_LIFECYCLE_MANAGEMENT` A constant representing `jcr:lifecycleManagement` (in expanded form), the privilege to perform lifecycle operations on a node.
`static java.lang.String`	`JCR_LOCK_MANAGEMENT` A constant representing `jcr:lockManagement` (in expanded form), the privilege to lock and unlock a node.
`static java.lang.String`	`JCR_MODIFY_ACCESS_CONTROL` A constant representing `jcr:modifyAccessControl` (in expanded form), the privilege to modify the access control policies of a node.
`static java.lang.String`	`JCR_MODIFY_PROPERTIES` A constant representing `jcr:modifyProperties` (in expanded form), the privilege to create, modify and remove the properties of a node.
`static java.lang.String`	`JCR_NODE_TYPE_MANAGEMENT` A constant representing `jcr:nodeTypeManagement` (in expanded form), the privilege to add and remove mixin node types and change the primary node type of a node.
`static java.lang.String`	`JCR_READ` A constant representing `jcr:read` (in expanded form), the privilege to retrieve a node and get its properties and their values.
`static java.lang.String`	`JCR_READ_ACCESS_CONTROL` A constant representing `jcr:readAccessControl` (in expanded form), the privilege to get the access control policy of a node.
`static java.lang.String`	`JCR_REMOVE_CHILD_NODES` A constant representing `jcr:removeChildNodes` (in expanded form), the privilege to remove child nodes of a node.
`static java.lang.String`	`JCR_REMOVE_NODE` A constant representing `jcr:removeNode` (in expanded form), the privilege to remove a node.
`static java.lang.String`	`JCR_RETENTION_MANAGEMENT` A constant representing `jcr:retentionManagement` (in expanded form), the privilege to perform retention management operations on a node.
`static java.lang.String`	`JCR_VERSION_MANAGEMENT` A constant representing `jcr:versionManagement` (in expanded form), the privilege to perform versioning operations on a node.
`static java.lang.String`	`JCR_WRITE` A constant representing `jcr:write` (in expanded form), an aggregate privilege that contains: `jcr:modifyProperties` `jcr:addChildNodes` `jcr:removeNode` `jcr:removeChildNodes`

Method Summary
`Privilege[]`	`getAggregatePrivileges()` If this privilege is an aggregate privilege, returns the privileges it contains, the privileges contained by any aggregate privileges among those, and so on (the transitive closure of privileges contained by this privilege).
`Privilege[]`	`getDeclaredAggregatePrivileges()` If this privilege is an aggregate privilege, returns the privileges directly contained by the aggregate privilege.
`java.lang.String`	`getName()` Returns the name of this privilege.
`boolean`	`isAbstract()` Returns whether this privilege is an abstract privilege.
`boolean`	`isAggregate()` Returns whether this privilege is an aggregate privilege.

Field Detail

JCR_READ

static final java.lang.String JCR_READ

A constant representing jcr:read (in expanded form), the privilege to retrieve a node and get its properties and their values.

See Also:: Constant Field Values

JCR_MODIFY_PROPERTIES

static final java.lang.String JCR_MODIFY_PROPERTIES

A constant representing jcr:modifyProperties (in expanded form), the privilege to create, modify and remove the properties of a node.

See Also:: Constant Field Values

JCR_ADD_CHILD_NODES

static final java.lang.String JCR_ADD_CHILD_NODES

A constant representing jcr:addChildNodes (in expanded form), the privilege to create child nodes of a node.

See Also:: Constant Field Values

JCR_REMOVE_NODE

static final java.lang.String JCR_REMOVE_NODE

A constant representing jcr:removeNode (in expanded form), the privilege to remove a node.

In order to actually remove a node requires jcr:removeNode on that node and jcr:removeChildNodes on the parent node.

The distinction is provided in order to reflect implementations that internally model "remove" as a "delete" instead of a "unlink". A repository that uses the "delete" model can have jcr:removeChildNodes in every access control policy, so that removal is effectively controlled by jcr:removeNode.

See Also:: Constant Field Values

JCR_REMOVE_CHILD_NODES

static final java.lang.String JCR_REMOVE_CHILD_NODES

A constant representing jcr:removeChildNodes (in expanded form), the privilege to remove child nodes of a node. In order to actually remove a node requires jcr:removeNode on that node and jcr:removeChildNodes on the parent node.

The distinction is provided in order to reflect implementations that internally model "remove" as a "unlink" instead of a "delete". A repository that uses the "unlink" model can have jcr:removeNode in every access control policy, so that removal is effectively controlled by jcr:removeChildNodes.

See Also:: Constant Field Values

JCR_WRITE

static final java.lang.String JCR_WRITE

A constant representing jcr:write (in expanded form), an aggregate privilege that contains:

jcr:modifyProperties
jcr:addChildNodes
jcr:removeNode
jcr:removeChildNodes

See Also:: Constant Field Values

JCR_READ_ACCESS_CONTROL

static final java.lang.String JCR_READ_ACCESS_CONTROL

A constant representing jcr:readAccessControl (in expanded form), the privilege to get the access control policy of a node.

See Also:: Constant Field Values

JCR_MODIFY_ACCESS_CONTROL

static final java.lang.String JCR_MODIFY_ACCESS_CONTROL

A constant representing jcr:modifyAccessControl (in expanded form), the privilege to modify the access control policies of a node.

See Also:: Constant Field Values

JCR_LOCK_MANAGEMENT

static final java.lang.String JCR_LOCK_MANAGEMENT

A constant representing jcr:lockManagement (in expanded form), the privilege to lock and unlock a node.

See Also:: Constant Field Values

JCR_VERSION_MANAGEMENT

static final java.lang.String JCR_VERSION_MANAGEMENT

A constant representing jcr:versionManagement (in expanded form), the privilege to perform versioning operations on a node.

See Also:: Constant Field Values

JCR_NODE_TYPE_MANAGEMENT

static final java.lang.String JCR_NODE_TYPE_MANAGEMENT

A constant representing jcr:nodeTypeManagement (in expanded form), the privilege to add and remove mixin node types and change the primary node type of a node.

See Also:: Constant Field Values

JCR_RETENTION_MANAGEMENT

static final java.lang.String JCR_RETENTION_MANAGEMENT

A constant representing jcr:retentionManagement (in expanded form), the privilege to perform retention management operations on a node.

See Also:: Constant Field Values

JCR_LIFECYCLE_MANAGEMENT

static final java.lang.String JCR_LIFECYCLE_MANAGEMENT

A constant representing jcr:lifecycleManagement (in expanded form), the privilege to perform lifecycle operations on a node.

See Also:: Constant Field Values

JCR_ALL

static final java.lang.String JCR_ALL

A constant representing jcr:all (in expanded form), an aggregate privilege that contains all predefined privileges.

jcr:read
jcr:write
jcr:readAccessControl
jcr:modifyAccessControl
jcr:lockManagement
jcr:versionManagement
jcr:nodeTypeManagement
jcr:retentionManagement
jcr:lifecycleManagement

It should, in addition, include all implementation-defined privileges.

See Also:: Constant Field Values

Method Detail

getName

java.lang.String getName()

Returns the name of this privilege.

Since the privilege name is a JCR name, it must be returned in qualified form, according to the prevailing namespace-to-prefix mapping in the current Session (see the specification for details on JCR names).

Returns:: the name of this privilege.

isAbstract

boolean isAbstract()

Returns whether this privilege is an abstract privilege.

Returns:: true if this privilege is an abstract privilege; false otherwise.

isAggregate

boolean isAggregate()

Returns whether this privilege is an aggregate privilege.

Returns:: true if this privilege is an aggregate privilege; false otherwise.

getDeclaredAggregatePrivileges

Privilege[] getDeclaredAggregatePrivileges()

If this privilege is an aggregate privilege, returns the privileges directly contained by the aggregate privilege. Otherwise returns an empty array.

Returns:: an array of Privileges

getAggregatePrivileges

Privilege[] getAggregatePrivileges()

If this privilege is an aggregate privilege, returns the privileges it contains, the privileges contained by any aggregate privileges among those, and so on (the transitive closure of privileges contained by this privilege). Otherwise returns an empty array.

Returns:: an array of Privileges