org.nuxeo.ecm.core.security.SecurityPolicyServiceImpl
|
Nuxeo Enterprise Platform 5.4 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class SecurityPolicyServiceImpl
Security policy service implementation.
Iterates over ordered policies. First policy to give a known access (grant or deny) applies.
| Constructor Summary | |
|---|---|
SecurityPolicyServiceImpl()
|
|
| Method Summary | |
|---|---|
boolean |
arePoliciesExpressibleInQuery()
Checks if the policies can be expressed in a query. |
boolean |
arePoliciesRestrictingPermission(java.lang.String permission)
Checks if any policy restricts the given permission. |
Access |
checkPermission(Document doc,
ACP mergedAcp,
java.security.Principal principal,
java.lang.String permission,
java.lang.String[] resolvedPermissions,
java.lang.String[] additionalPrincipals)
Checks given permission for doc and principal. |
java.util.Collection<SQLQuery.Transformer> |
getPoliciesQueryTransformers()
Get the transformers to apply the policies to a query. |
void |
registerDescriptor(SecurityPolicyDescriptor descriptor)
|
void |
unregisterDescriptor(SecurityPolicyDescriptor descriptor)
|
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public SecurityPolicyServiceImpl()
| Method Detail |
|---|
public boolean arePoliciesRestrictingPermission(java.lang.String permission)
SecurityPolicyServiceIf not, then no post-filtering on policies will be needed for query results.
arePoliciesRestrictingPermission in interface SecurityPolicyServicetrue if a policy restricts the permissionpublic boolean arePoliciesExpressibleInQuery()
SecurityPolicyServiceIf not, then any query made will have to be post-filtered.
arePoliciesExpressibleInQuery in interface SecurityPolicyServicetrue if all policies can be expressed in a querypublic java.util.Collection<SQLQuery.Transformer> getPoliciesQueryTransformers()
SecurityPolicyService
getPoliciesQueryTransformers in interface SecurityPolicyServicepublic void registerDescriptor(SecurityPolicyDescriptor descriptor)
registerDescriptor in interface SecurityPolicyServicepublic void unregisterDescriptor(SecurityPolicyDescriptor descriptor)
unregisterDescriptor in interface SecurityPolicyService
public Access checkPermission(Document doc,
ACP mergedAcp,
java.security.Principal principal,
java.lang.String permission,
java.lang.String[] resolvedPermissions,
java.lang.String[] additionalPrincipals)
SecurityPolicyServiceThe security service checks this service for a security access. This access is defined iterating over pluggable policies in a defined order. If access is not specified, security service applies its default policy.
checkPermission in interface SecurityPolicyServicedoc - the document to checkmergedAcp - merged acp resolved for this documentprincipal - principal to checkpermission - permission to checkresolvedPermissions - permissions or groups of permissions
containing permissionadditionalPrincipals - principals (groups) to check for principal
|
Nuxeo Enterprise Platform 5.4 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||