Interface ACL

  • All Superinterfaces:
    Cloneable, Collection<ACE>, Iterable<ACE>, List<ACE>, Serializable
    All Known Implementing Classes:
    ACLImpl

    public interface ACL
    extends List<ACE>, Serializable, Cloneable
    An ACL (Access Control List) is a list of ACEs (Access Control Entry).

    An ACP may contain several ACL identified by a name. This is to let external modules add security rules. There are 2 default ACLs:

    • the local ACL - this is the default type of ACL that may be defined by an user locally to a document (using a security UI).
      This is the only ACL an user can change
    • the inherited - this is a special ACL generated by merging all document parents ACL. This ACL is read only (cannot be modified locally on the document since it is inherited.
    ACLs that are used by external modules cannot be modified by the user through the security UI. These ACLs should be modified only programmatically by the tool that added them.
    Author:
    Bogdan Stefanescu
    • Method Detail

      • getName

        String getName()
        Gets the ACL name.
        Returns:
        the ACL name
      • getACEs

        ACE[] getACEs()
        Returns the ACEs defined by this list as an array.
      • setACEs

        void setACEs​(ACE[] aces)
        Sets the ACEs defined by this ACL.
        Parameters:
        aces - the ACE array
      • blockInheritance

        boolean blockInheritance​(String username)
        Block the inheritance.
        Parameters:
        username - the user blocking the inheritance
        Returns:
        true if the ACL was changed.
        Since:
        7.4
      • unblockInheritance

        boolean unblockInheritance()
        Unblock the inheritance.
        Returns:
        true if the ACL was changed.
        Since:
        7.4
      • add

        boolean add​(ACE ace)
        Add an ACE.
        Specified by:
        add in interface Collection<ACE>
        Specified by:
        add in interface List<ACE>
        Returns:
        true if the ACL was changed.
        Since:
        7.4
      • replace

        boolean replace​(ACE oldACE,
                        ACE newACE)
        Replace the oldACE with newACE, only if the oldACE exists.

        The newACE keeps the same index as oldACE.

        Returns:
        true if the ACL was changed.
        Since:
        7.4
      • removeByUsername

        boolean removeByUsername​(String username)
        Remove all ACEs for username.
        Returns:
        true if the ACL was changed.
        Since:
        7.4
      • clone

        Object clone()
        Returns a recursive copy of the ACL sharing no mutable substructure with the original.
        Returns:
        a copy
      • replacePermission

        void replacePermission​(String oldPerm,
                               String newPerm)
        Replaces a permission with another in this ACL.
        Parameters:
        oldPerm - the old permission
        newPerm - the new permission
        Since:
        11.3