|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.nuxeo.ecm.core.query.test.NoFileSecurityPolicy
public class NoFileSecurityPolicy
Dummy security policy denying all access to File objects.
Constructor Summary | |
---|---|
NoFileSecurityPolicy()
|
Method Summary | |
---|---|
Access |
checkPermission(Document doc,
ACP mergedAcp,
java.security.Principal principal,
java.lang.String permission,
java.lang.String[] resolvedPermissions,
java.lang.String[] additionalPrincipals)
Checks given permission for doc and principal. |
SQLQuery.Transformer |
getQueryTransformer()
Get the transformer to use to apply this policy to a query. |
boolean |
isExpressibleInQuery()
Checks if this policy can be expressed in a query. |
boolean |
isRestrictingPermission(java.lang.String permission)
Checks if this policy is restricting the given permission. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public NoFileSecurityPolicy()
Method Detail |
---|
public Access checkPermission(Document doc, ACP mergedAcp, java.security.Principal principal, java.lang.String permission, java.lang.String[] resolvedPermissions, java.lang.String[] additionalPrincipals)
SecurityPolicy
Note that for the Browse
permission, which is also implemented in
SQL using SecurityPolicy.getQueryTransformer()
, a security policy must never
bypass standard ACL access, it must only return DENY or UNKNOWN. Failing
to do this would make direct access and queries behave differently.
checkPermission
in interface SecurityPolicy
doc
- the document to checkmergedAcp
- merged ACP resolved for this documentprincipal
- principal to checkpermission
- permission to checkresolvedPermissions
- permissions or groups of permissions
containing permission
public boolean isRestrictingPermission(java.lang.String permission)
SecurityPolicy
Queries check the BROWSE permission.
isRestrictingPermission
in interface SecurityPolicy
permission
- the permission to check for
true
if the policy restricts the permissionpublic boolean isExpressibleInQuery()
SecurityPolicy
If not, then any query made will have to be post-filtered.
isExpressibleInQuery
in interface SecurityPolicy
true
if the policy can be expressed in a querypublic SQLQuery.Transformer getQueryTransformer()
SecurityPolicy
Called only when SecurityPolicy.isExpressibleInQuery()
returned true
getQueryTransformer
in interface SecurityPolicy
|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |