Interface PrincipalAccessControlList

    • Method Detail

      • getPrincipal

        @NotNull
        @NotNull Principal getPrincipal()
        Returns the Principal this policy is bound to. It will be the same all entries contained in this list. An attempt to add an entry associated with a different principal than the one returned by this method will fail.
        Returns:
        the target principal of this access control list.
        See Also:
        AccessControlEntry.getPrincipal()
      • addEntry

        boolean addEntry​(@Nullable
                         @Nullable String effectivePath,
                         @NotNull
                         @NotNull Privilege[] privileges)
                  throws RepositoryException
        Adds an access control entry to this policy consisting of the specified effectivePath and the specified privileges and indicates upon return if the policy was modified.

        The effectivePath defines the object where the privileges will take effect. If effectivePath is an absolute path then the specified object is a Node. If it is null the object is the repository as a whole and the privileges in question are those that are not associated with any particular node (e.g. privilege to register a namespace). Whether or not an absolute path must point to an accessible node is an implementation detail.

        How the entries are grouped within the list is an implementation detail. An implementation may e.g. combine the specified privileges with those added by a previous call for the same effectivePath but it will not remove Privileges added by a previous call.

        Modifications to this policy will not take effect until this policy has been written back by calling AccessControlManager.setPolicy(String, javax.jcr.security.AccessControlPolicy) followed by Session.save() to persist the transient modifications.

        This method is equivalent to calling addEntry(String, Privilege[], Map, Map) with empty restriction maps.

        Parameters:
        effectivePath - An absolute path or null to indicate where this entry will take effect.
        privileges - an array of Privilege.
        Returns:
        true if this policy was modify; false otherwise.
        Throws:
        AccessControlException - if the specified path or any of the privileges is not valid or if some other access control related exception occurs.
        RepositoryException - If another error occurs
      • addEntry

        boolean addEntry​(@Nullable
                         @Nullable String effectivePath,
                         @NotNull
                         @NotNull Privilege[] privileges,
                         @NotNull
                         @NotNull Map<String,​Value> restrictions,
                         @NotNull
                         @NotNull Map<String,​Value[]> mvRestrictions)
                  throws RepositoryException
        Adds an access control entry to this policy consisting of the specified effectivePath, the specified privileges as well as the specified single and multivalued restrictions and indicates upon return if the policy was modified.

        The effectivePath defines the object where the privileges will take effect. If effectivePath is an absolute path then the specified object is a Node. If it is null the object is the repository as a whole and the privileges in question are those that are not associated with any particular node (e.g. privilege to register a namespace). Whether or not an absolute path must point to an accessible node is an implementation detail.

        The names of the supported restrictions can be obtained by calling JackrabbitAccessControlList.getRestrictionNames(), while JackrabbitAccessControlList.getRestrictionType(String) and JackrabbitAccessControlList.isMultiValueRestriction(String) will reveal the expected value type and cardinality.

        How the entries are grouped within the list is an implementation detail. An implementation may e.g. combine the specified privileges with those added by a previous call for the same effectivePath but it will not remove a Privilege or restrictions added by a previous call.

        Modifications to this policy will not take effect until this policy has been written back by calling AccessControlManager.setPolicy(String, javax.jcr.security.AccessControlPolicy) followed by Session.save() to persist the transient modifications.

        Parameters:
        effectivePath - An absolute path or null to indicate where this entry will take effect.
        privileges - an array of Privilege.
        restrictions - The single valued restrictions associated with the entry to be created or an empty map.
        mvRestrictions - the multi-valued restrictions associated with the entry to be created or an empty map.
        Returns:
        true if this policy was modify; false otherwise.
        Throws:
        AccessControlException - if the specified path, any of the privileges or the restrictions are not valid or if some other access control related exception occurs.
        RepositoryException - If another error occurs