|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.nuxeo.ecm.core.security.AbstractSecurityPolicy org.nuxeo.ecm.core.security.LockSecurityPolicy
public class LockSecurityPolicy
Security policy that blocks WRITE permission on a document if it is locked by someone else.
Constructor Summary | |
---|---|
LockSecurityPolicy()
|
Method Summary | |
---|---|
Access |
checkPermission(Document doc,
ACP mergedAcp,
java.security.Principal principal,
java.lang.String permission,
java.lang.String[] resolvedPermissions,
java.lang.String[] additionalPrincipals)
Checks given permission for doc and principal. |
SQLQuery.Transformer |
getQueryTransformer()
Get the transformer to use to apply this policy to a query. |
boolean |
isExpressibleInQuery()
Checks if this policy can be expressed in a query. |
boolean |
isRestrictingPermission(java.lang.String permission)
Checks if this policy is restricting the given permission. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public LockSecurityPolicy()
Method Detail |
---|
public Access checkPermission(Document doc, ACP mergedAcp, java.security.Principal principal, java.lang.String permission, java.lang.String[] resolvedPermissions, java.lang.String[] additionalPrincipals)
SecurityPolicy
Note that for the Browse
permission, which is also implemented in
SQL using SecurityPolicy.getQueryTransformer()
, a security policy must never
bypass standard ACL access, it must only return DENY or UNKNOWN. Failing
to do this would make direct access and queries behave differently.
doc
- the document to checkmergedAcp
- merged ACP resolved for this documentprincipal
- principal to checkpermission
- permission to checkresolvedPermissions
- permissions or groups of permissions
containing permission
public boolean isRestrictingPermission(java.lang.String permission)
SecurityPolicy
Queries check the BROWSE permission.
isRestrictingPermission
in interface SecurityPolicy
isRestrictingPermission
in class AbstractSecurityPolicy
permission
- the permission to check for
true
if the policy restricts the permissionpublic boolean isExpressibleInQuery()
SecurityPolicy
If not, then any query made will have to be post-filtered.
isExpressibleInQuery
in interface SecurityPolicy
isExpressibleInQuery
in class AbstractSecurityPolicy
true
if the policy can be expressed in a querypublic SQLQuery.Transformer getQueryTransformer()
SecurityPolicy
Called only when SecurityPolicy.isExpressibleInQuery()
returned true
getQueryTransformer
in interface SecurityPolicy
getQueryTransformer
in class AbstractSecurityPolicy
|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |