javax.jcr.security
Interface AccessControlList

All Superinterfaces:
AccessControlPolicy

public interface AccessControlList
extends AccessControlPolicy

The AccessControlList is an AccessControlPolicy representing a list of access control entries. It is mutable before being set to the AccessControlManager and consequently defines methods to read and mutate the list i.e. to get, add or remove individual entries.

Since:
JCR 2.0

Method Summary
 boolean addAccessControlEntry(java.security.Principal principal, Privilege[] privileges)
          Adds an access control entry to this policy consisting of the specified principal and the specified privileges.
 AccessControlEntry[] getAccessControlEntries()
          Returns all access control entries present with this policy.
 void removeAccessControlEntry(AccessControlEntry ace)
          Removes the specified AccessControlEntry from this policy.
 

Method Detail

getAccessControlEntries

AccessControlEntry[] getAccessControlEntries()
                                             throws RepositoryException
Returns all access control entries present with this policy.

This method is only guaranteed to return an AccessControlEntry if that AccessControlEntry has been assigned through this API.

Returns:
all access control entries present with this policy.
Throws:
RepositoryException - if an error occurs.

addAccessControlEntry

boolean addAccessControlEntry(java.security.Principal principal,
                              Privilege[] privileges)
                              throws AccessControlException,
                                     RepositoryException
Adds an access control entry to this policy consisting of the specified principal and the specified privileges.

This method returns true if this policy was modified, false otherwise.

How the entries are grouped within the list is an implementation detail. An implementation may e.g. combine the specified privileges with those added by a previous call to addAccessControlEntry for the same Principal. However, a call to addAccessControlEntry for a given Principal can never remove a Privilege added by a previous call.

The modification does not take effect until this policy has been set to a node by calling AccessControlManager.setPolicy(String, AccessControlPolicy) and save is performed.

Parameters:
principal - a Principal.
privileges - an array of Privileges.
Returns:
true if this policy was modify; false otherwise.
Throws:
AccessControlException - if the specified principal or any of the privileges does not exist or if some other access control related exception occurs.
RepositoryException - if another error occurs.

removeAccessControlEntry

void removeAccessControlEntry(AccessControlEntry ace)
                              throws AccessControlException,
                                     RepositoryException
Removes the specified AccessControlEntry from this policy.

Only exactly those entries obtained through getAccessControlEntries can be removed. This method does not take effect until this policy has been re-set to a node by calling AccessControlManager.setPolicy(String, AccessControlPolicy) and save is performed.

Parameters:
ace - the access control entry to be removed.
Throws:
AccessControlException - if the specified entry is not present on the specified node.
RepositoryException - if another error occurs.