Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo Enterprise Platform 5.4
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.nuxeo.ecm.core.api.security.impl
Class ACPImpl

java.lang.Object
  extended by org.nuxeo.ecm.core.api.security.impl.ACPImpl
All Implemented Interfaces:
java.io.Serializable, java.lang.Cloneable, ACP
public class ACPImpl
extends java.lang.Object
implements ACP

The ACP implementation uses a cache used when calling getAccess().

Author:
Bogdan Stefanescu
See Also:
Serialized Form

Constructor Summary
ACPImpl()
           
 
Method Summary
 void addAccessRule(java.lang.String aclName, ACE ace)
           
 void addACL(ACL acl)
          This method must append the ACL and not insert it since it is used to append the inherited ACL which is the less significant ACL.
 void addACL(int pos, ACL acl)
           
 void addACL(java.lang.String afterMe, ACL acl)
           
 void addOwner(java.lang.String owner)
           
 java.lang.Object clone()
          Return a recursive copy of the ACP sharing no mutable substructure with the original
static Access getAccess(ACE ace, java.lang.String[] principals, java.lang.String[] permissions)
           
 Access getAccess(java.lang.String[] principals, java.lang.String[] permissions)
          Checks the access on the ACLs for each set of the given permissions and principals.
 Access getAccess(java.lang.String principal, java.lang.String permission)
          Check whether this ACP grant the given permission on the given user, denies it or doesn't specify a rule.
 ACL getACL(java.lang.String name)
           
 ACL[] getACLs()
           
 ACL getMergedACLs(java.lang.String name)
           
 ACL getOrCreateACL()
           
 ACL getOrCreateACL(java.lang.String name)
           
 java.lang.String[] getOwners()
           
 boolean isOwner(java.lang.String username)
           
 java.lang.String[] listUsernamesForAnyPermission(java.util.Set<java.lang.String> perms)
          Returns the usernames granted to perform an operation based on a list of permissions.
 java.lang.String[] listUsernamesForPermission(java.lang.String perm)
          Returns the usernames having a given permission.
static ACL newACL(java.lang.String name)
           
 ACL removeACL(java.lang.String name)
           
 void removeOwner(java.lang.String owner)
           
 void setOwners(java.lang.String[] owners)
           
 void setRules(java.lang.String aclName, UserEntry[] userEntries)
          Replaces the modifiable user entries (associated with the currentDocument) related to the ACP.
 void setRules(java.lang.String aclName, UserEntry[] userEntries, boolean overwrite)
          Replaces the modifiable user entries (associated with the currentDocument) related to the ACP.
 void setRules(UserEntry[] userEntries)
          Replaces the modifiable user entries (associated with the currentDocument) related to the current ACP.
 void setRules(UserEntry[] userEntries, boolean overwrite)
          Replaces the modifiable user entries (associated with the currentDocument) related to the current ACP.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ACPImpl

public ACPImpl()
Method Detail

getOwners

public java.lang.String[] getOwners()
Specified by:
getOwners in interface ACP

isOwner

public boolean isOwner(java.lang.String username)
Specified by:
isOwner in interface ACP

addOwner

public void addOwner(java.lang.String owner)
Specified by:
addOwner in interface ACP

removeOwner

public void removeOwner(java.lang.String owner)
Specified by:
removeOwner in interface ACP

setOwners

public void setOwners(java.lang.String[] owners)
Specified by:
setOwners in interface ACP

addACL

public void addACL(ACL acl)
This method must append the ACL and not insert it since it is used to append the inherited ACL which is the less significant ACL.

Specified by:
addACL in interface ACP

addACL

public void addACL(int pos,
                   ACL acl)
Specified by:
addACL in interface ACP

addACL

public void addACL(java.lang.String afterMe,
                   ACL acl)
Specified by:
addACL in interface ACP

getACL

public ACL getACL(java.lang.String name)
Specified by:
getACL in interface ACP

getACLs

public ACL[] getACLs()
Specified by:
getACLs in interface ACP

getMergedACLs

public ACL getMergedACLs(java.lang.String name)
Specified by:
getMergedACLs in interface ACP

newACL

public static ACL newACL(java.lang.String name)

removeACL

public ACL removeACL(java.lang.String name)
Specified by:
removeACL in interface ACP

getAccess

public Access getAccess(java.lang.String principal,
                        java.lang.String permission)
Description copied from interface: ACP
Check whether this ACP grant the given permission on the given user, denies it or doesn't specify a rule.

This is checking only the ACLs on that ACP. Parents if any are not checked.

Specified by:
getAccess in interface ACP
Parameters:
principal - the principal to check
permission - the permission to check
Returns:
Access.GRANT if granted, Access.DENY if denied or Access.UNKNOWN if no rule for that permission exists. Never returns null.

getAccess

public Access getAccess(java.lang.String[] principals,
                        java.lang.String[] permissions)
Description copied from interface: ACP
Checks the access on the ACLs for each set of the given permissions and principals.

This differs for an iterative check using getAccess(String principal, String permission) in the order of checks - so that in this case each ACE is fully checked against the given users and permissions before passing to the next ACE.

Specified by:
getAccess in interface ACP
Returns:

getAccess

public static Access getAccess(ACE ace,
                               java.lang.String[] principals,
                               java.lang.String[] permissions)

addAccessRule

public void addAccessRule(java.lang.String aclName,
                          ACE ace)

getOrCreateACL

public ACL getOrCreateACL(java.lang.String name)
Specified by:
getOrCreateACL in interface ACP

getOrCreateACL

public ACL getOrCreateACL()
Specified by:
getOrCreateACL in interface ACP

setRules

public void setRules(java.lang.String aclName,
                     UserEntry[] userEntries)
Description copied from interface: ACP
Replaces the modifiable user entries (associated with the currentDocument) related to the ACP.

Considers that all the passed entries are modifiable and attempts to set them as entries related to the current document.

Specified by:
setRules in interface ACP

setRules

public void setRules(java.lang.String aclName,
                     UserEntry[] userEntries,
                     boolean overwrite)
Description copied from interface: ACP
Replaces the modifiable user entries (associated with the currentDocument) related to the ACP.

Considers that all the passed entries are modifiable and attempts to set them as entries related to the current document.

Specified by:
setRules in interface ACP
overwrite - if true, will overwrite the whole ACL

setRules

public void setRules(UserEntry[] userEntries)
Description copied from interface: ACP
Replaces the modifiable user entries (associated with the currentDocument) related to the current ACP.

Considers that all the passed entries are modifiable and attempts to set them as local entries related to the current document.

Specified by:
setRules in interface ACP

setRules

public void setRules(UserEntry[] userEntries,
                     boolean overwrite)
Description copied from interface: ACP
Replaces the modifiable user entries (associated with the currentDocument) related to the current ACP.

Considers that all the passed entries are modifiable and attempts to set them as local entries related to the current document.

The current behavior reset completely the current ACL.

Specified by:
setRules in interface ACP
overwrite - if true, will overwrite the whole current ACL

listUsernamesForPermission

public java.lang.String[] listUsernamesForPermission(java.lang.String perm)
Description copied from interface: ACP
Returns the usernames having a given permission.

Specified by:
listUsernamesForPermission in interface ACP
Parameters:
perm - the permission name.
Returns:
a list of usernames

listUsernamesForAnyPermission

public java.lang.String[] listUsernamesForAnyPermission(java.util.Set<java.lang.String> perms)
Description copied from interface: ACP
Returns the usernames granted to perform an operation based on a list of permissions.

Specified by:
listUsernamesForAnyPermission in interface ACP
Parameters:
perms - the list of permissions.
Returns:
a list of usernames

clone

public java.lang.Object clone()
Description copied from interface: ACP
Return a recursive copy of the ACP sharing no mutable substructure with the original

Specified by:
clone in interface ACP
Overrides:
clone in class java.lang.Object
Returns:
a copy
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo Enterprise Platform 5.4
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 Nuxeo SAS. All Rights Reserved.