SecurityManager (Nuxeo Enterprise Platform 5.3 API Documentation)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Nuxeo Enterprise Platform 5.3

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.nuxeo.ecm.core.security
Interface SecurityManager

All Known Implementing Classes:: JCRSecurityManager, SQLSecurityManager

public interface SecurityManager

Author:: Bogdan Stefanescu

Method Summary
`boolean`	`checkPermission(Document doc, String username, String permission)` Checks whether this ACP grant the given permission on the given user.
`Access`	`getAccess(Document doc, String username, String permission)` Checks whether this ACP grant the given permission on the given user, denies it or doesn't specify a rule.
`ACP`	`getACP(Document doc)`
`ACP`	`getMergedACP(Document doc)`
`void`	`invalidateCache(Session session)` Invalidates cache, if there is any.
`void`	`setACP(Document doc, ACP acp, boolean overwrite)`

Method Detail

getMergedACP

ACP getMergedACP(Document doc)
                 throws SecurityException

Throws:: SecurityException

getACP

ACP getACP(Document doc)
           throws SecurityException

Throws:: SecurityException

setACP

void setACP(Document doc,
            ACP acp,
            boolean overwrite)
            throws SecurityException

Throws:: SecurityException

checkPermission

boolean checkPermission(Document doc,
                        String username,
                        String permission)
                        throws SecurityException

Checks whether this ACP grant the given permission on the given user.

The merged ACP is checked (this means all parents ACP + the local one) but this doesn't check user groups or permission groups.

If the ACP is not explicitly denying or granting the permission false is returned (the default behavior is to deny).

Parameters:: doc - the document; username - the user name; permission - the permission to check
Returns:: true if granted, false if denied
Throws:: SecurityException

getAccess

Access getAccess(Document doc,
                 String username,
                 String permission)
                 throws SecurityException

Checks whether this ACP grant the given permission on the given user, denies it or doesn't specify a rule.

Parameters:: doc - the document; username - the user name; permission - the permission to check
Returns:: Access.GRANT if granted, Access.DENY if denied or Access.UNKNOWN if no rule for that permission exists. Never return null
Throws:: SecurityException

invalidateCache

void invalidateCache(Session session)

Invalidates cache, if there is any.

Do nothing if no cache is used.

Parameters:: session - the current session