|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SecurityPolicyService
Service checking permissions for pluggable policies.
Method Summary | |
---|---|
boolean |
arePoliciesExpressibleInQuery()
Checks if the policies can be expressed in a query. |
boolean |
arePoliciesRestrictingPermission(java.lang.String permission)
Checks if any policy restricts the given permission. |
Access |
checkPermission(Document doc,
ACP mergedAcp,
java.security.Principal principal,
java.lang.String permission,
java.lang.String[] resolvedPermissions,
java.lang.String[] principalsToCheck)
Checks given permission for doc and principal. |
java.util.Collection<SQLQuery.Transformer> |
getPoliciesQueryTransformers()
Get the transformers to apply the policies to a query. |
void |
registerDescriptor(SecurityPolicyDescriptor descriptor)
|
void |
unregisterDescriptor(SecurityPolicyDescriptor descriptor)
|
Method Detail |
---|
Access checkPermission(Document doc, ACP mergedAcp, java.security.Principal principal, java.lang.String permission, java.lang.String[] resolvedPermissions, java.lang.String[] principalsToCheck)
The security service checks this service for a security access. This access is defined iterating over pluggable policies in a defined order. If access is not specified, security service applies its default policy.
doc
- the document to checkmergedAcp
- merged acp resolved for this documentprincipal
- principal to checkpermission
- permission to checkresolvedPermissions
- permissions or groups of permissions
containing permissionprincipalsToCheck
- principals (groups) to check for principal
void registerDescriptor(SecurityPolicyDescriptor descriptor)
void unregisterDescriptor(SecurityPolicyDescriptor descriptor)
boolean arePoliciesRestrictingPermission(java.lang.String permission)
If not, then no post-filtering on policies will be needed for query results.
true
if a policy restricts the permissionboolean arePoliciesExpressibleInQuery()
If not, then any query made will have to be post-filtered.
true
if all policies can be expressed in a queryjava.util.Collection<SQLQuery.Transformer> getPoliciesQueryTransformers()
|
Nuxeo Enterprise Platform 5.4 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |