Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo ECM Projects 5.4.3-SNAPSHOT
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.nuxeo.ecm.core.security
Class LockSecurityPolicy

java.lang.Object
  extended by org.nuxeo.ecm.core.security.AbstractSecurityPolicy
      extended by org.nuxeo.ecm.core.security.LockSecurityPolicy
All Implemented Interfaces:
SecurityPolicy
public class LockSecurityPolicy
extends AbstractSecurityPolicy

Security policy that blocks WRITE permission on a document if it is locked by someone else.

Author:
Anahide Tchertchian, Florent Guillaume

Constructor Summary
LockSecurityPolicy()
           
 
Method Summary
 Access checkPermission(Document doc, ACP mergedAcp, Principal principal, String permission, String[] resolvedPermissions, String[] additionalPrincipals)
          Checks given permission for doc and principal.
 SQLQuery.Transformer getQueryTransformer()
          Legacy method for compatibility, use AbstractSecurityPolicy.getQueryTransformer(String) instead
 boolean isExpressibleInQuery()
          Legacy method for compatibility, use AbstractSecurityPolicy.isExpressibleInQuery(String) instead
 boolean isRestrictingPermission(String permission)
          Checks if this policy is restricting the given permission.
 
Methods inherited from class org.nuxeo.ecm.core.security.AbstractSecurityPolicy
getQueryTransformer, isExpressibleInQuery
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LockSecurityPolicy

public LockSecurityPolicy()
Method Detail

checkPermission

public Access checkPermission(Document doc,
                              ACP mergedAcp,
                              Principal principal,
                              String permission,
                              String[] resolvedPermissions,
                              String[] additionalPrincipals)
Description copied from interface: SecurityPolicy
Checks given permission for doc and principal.

Note that for the Browse permission, which is also implemented in SQL using SecurityPolicy.getQueryTransformer(java.lang.String), a security policy must never bypass standard ACL access, it must only return DENY or UNKNOWN. Failing to do this would make direct access and queries behave differently.

Parameters:
doc - the document to check
mergedAcp - merged ACP resolved for this document
principal - principal to check
permission - permission to check
resolvedPermissions - permissions or groups of permissions containing permission
Returns:
access: GRANT, DENY, or UNKNOWN. When UNKNOWN is returned, following policies or default core security are applied.

isRestrictingPermission

public boolean isRestrictingPermission(String permission)
Description copied from interface: SecurityPolicy
Checks if this policy is restricting the given permission.

Queries check the BROWSE permission.

Specified by:
isRestrictingPermission in interface SecurityPolicy
Overrides:
isRestrictingPermission in class AbstractSecurityPolicy
Parameters:
permission - the permission to check for
Returns:
true if the policy restricts the permission

isExpressibleInQuery

public boolean isExpressibleInQuery()
Description copied from class: AbstractSecurityPolicy
Legacy method for compatibility, use AbstractSecurityPolicy.isExpressibleInQuery(String) instead

Overrides:
isExpressibleInQuery in class AbstractSecurityPolicy

getQueryTransformer

public SQLQuery.Transformer getQueryTransformer()
Description copied from class: AbstractSecurityPolicy
Legacy method for compatibility, use AbstractSecurityPolicy.getQueryTransformer(String) instead

Overrides:
getQueryTransformer in class AbstractSecurityPolicy
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo ECM Projects 5.4.3-SNAPSHOT
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 Nuxeo SAS. All Rights Reserved.