Package org.apache.jackrabbit.api.security

Interface JackrabbitAccessControlList

  • All Superinterfaces:
    javax.jcr.security.AccessControlList, javax.jcr.security.AccessControlPolicy, JackrabbitAccessControlPolicy
    All Known Subinterfaces:
    PrincipalAccessControlList
    @ProviderType
public interface JackrabbitAccessControlList
extends JackrabbitAccessControlPolicy, javax.jcr.security.AccessControlList
    JackrabbitAccessControlList is an extension of the AccessControlList. Similar to the latter any modifications made will not take effect, until it is written back and saved.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean addEntry​(@NotNull java.security.Principal principal, @NotNull javax.jcr.security.Privilege[] privileges, boolean isAllow)
      Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
      boolean addEntry​(@NotNull java.security.Principal principal, @NotNull javax.jcr.security.Privilege[] privileges, boolean isAllow, @Nullable java.util.Map<java.lang.String,​javax.jcr.Value> restrictions)
      Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
      boolean addEntry​(@NotNull java.security.Principal principal, @NotNull javax.jcr.security.Privilege[] privileges, boolean isAllow, @Nullable java.util.Map<java.lang.String,​javax.jcr.Value> restrictions, @Nullable java.util.Map<java.lang.String,​javax.jcr.Value[]> mvRestrictions)
      Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
      @NotNull java.lang.String[] getRestrictionNames()
      Returns the names of the supported restrictions or an empty array if no restrictions are respected.
      int getRestrictionType​(@NotNull java.lang.String restrictionName)
      Return the expected property type of the restriction with the specified restrictionName.
      boolean isEmpty()
      Returns true if this policy does not yet define any entries.
      boolean isMultiValueRestriction​(@NotNull java.lang.String restrictionName)
      Returns true if the restriction is multivalued; false otherwise.
      void orderBefore​(@NotNull javax.jcr.security.AccessControlEntry srcEntry, @Nullable javax.jcr.security.AccessControlEntry destEntry)
      If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.
      int size()
      Returns the number of entries or 0 if the policy is empty.

      • Methods inherited from interface javax.jcr.security.AccessControlList

        addAccessControlEntry, getAccessControlEntries, removeAccessControlEntry

    • Method Detail

      • getRestrictionNames

        @NotNull
@NotNull java.lang.String[] getRestrictionNames()
                                         throws javax.jcr.RepositoryException
        Returns the names of the supported restrictions or an empty array if no restrictions are respected.
        Returns:
        the names of the supported restrictions or an empty array.
        Throws:
        javax.jcr.RepositoryException - If an error occurs.
        See Also:
        addEntry(Principal, Privilege[], boolean, Map)

      • getRestrictionType

        int getRestrictionType​(@NotNull
                       @NotNull java.lang.String restrictionName)
                throws javax.jcr.RepositoryException
        Return the expected property type of the restriction with the specified restrictionName.
        Parameters:
        restrictionName - Any of the restriction names retrieved from getRestrictionNames().
        Returns:
        expected property type.
        Throws:
        javax.jcr.RepositoryException - If an error occurs.

      • isMultiValueRestriction

        boolean isMultiValueRestriction​(@NotNull
                                @NotNull java.lang.String restrictionName)
                         throws javax.jcr.RepositoryException
        Returns true if the restriction is multivalued; false otherwise. If an given implementation doesn't support multivalued restrictions, this method always returns false.
        Parameters:
        restrictionName - Any of the restriction names retrieved from getRestrictionNames().
        Returns:
        true if the restriction is multivalued; false if the restriction with the given name is single value or if the implementation doesn't support multivalued restrictions, this method always returns false.
        Throws:
        javax.jcr.RepositoryException - If an error occurs.
        See Also:
        addEntry(Principal, Privilege[], boolean, Map, Map)

      • isEmpty

        boolean isEmpty()
        Returns true if this policy does not yet define any entries.
        Returns:
        If no entries are present.

      • size

        int size()
        Returns the number of entries or 0 if the policy is empty.
        Returns:
        The number of entries present or 0 if the policy is empty.

      • addEntry

        boolean addEntry​(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull javax.jcr.security.Privilege[] privileges,
                 boolean isAllow)
          throws javax.jcr.security.AccessControlException,
                 javax.jcr.RepositoryException
        Same as addEntry(Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
        Parameters:
        principal - the principal to add the entry for
        privileges - the privileges to add
        isAllow - if true if this is a positive (allow) entry
        Returns:
        true if this policy has changed by incorporating the given entry; false otherwise.
        Throws:
        javax.jcr.security.AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
        javax.jcr.RepositoryException - If another error occurs.
        See Also:
        AccessControlList.addAccessControlEntry(Principal, Privilege[])

      • addEntry

        boolean addEntry​(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull javax.jcr.security.Privilege[] privileges,
                 boolean isAllow,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,​javax.jcr.Value> restrictions)
          throws javax.jcr.security.AccessControlException,
                 javax.jcr.RepositoryException
        Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

        This method returns true if this policy was modified, false otherwise.

        An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

        Parameters:
        principal - the principal to add the entry for
        privileges - the privileges to add
        isAllow - if true if this is a positive (allow) entry
        restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.
        Returns:
        true if this policy has changed by incorporating the given entry; false otherwise.
        Throws:
        javax.jcr.security.AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
        javax.jcr.RepositoryException - If another error occurs.
        See Also:
        AccessControlList.addAccessControlEntry(Principal, Privilege[])

      • addEntry

        boolean addEntry​(@NotNull
                 @NotNull java.security.Principal principal,
                 @NotNull
                 @NotNull javax.jcr.security.Privilege[] privileges,
                 boolean isAllow,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,​javax.jcr.Value> restrictions,
                 @Nullable
                 @Nullable java.util.Map<java.lang.String,​javax.jcr.Value[]> mvRestrictions)
          throws javax.jcr.security.AccessControlException,
                 javax.jcr.RepositoryException
        Adds an access control entry to this policy consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

        This method returns true if this policy was modified, false otherwise.

        An AccessControlException is thrown if any of the specified parameters is invalid or if some other access control related exception occurs.

        Parameters:
        principal - the principal to add the entry for
        privileges - the privileges to add
        isAllow - if true if this is a positive (allow) entry
        restrictions - A map of additional restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a single Value object.
        mvRestrictions - A map of additional multivalued restrictions used to narrow the effect of the entry to be created. The map must map JCR names to a Value array.
        Returns:
        true if this policy has changed by incorporating the given entry; false otherwise.
        Throws:
        javax.jcr.security.AccessControlException - If any of the given parameter is invalid or cannot be handled by the implementation.
        javax.jcr.RepositoryException - If another error occurs.
        Since:
        2.8
        See Also:
        AccessControlList.addAccessControlEntry(Principal, Privilege[])

      • orderBefore

        void orderBefore​(@NotNull
                 @NotNull javax.jcr.security.AccessControlEntry srcEntry,
                 @Nullable
                 @Nullable javax.jcr.security.AccessControlEntry destEntry)
          throws javax.jcr.security.AccessControlException,
                 javax.jcr.UnsupportedRepositoryOperationException,
                 javax.jcr.RepositoryException
        If the AccessControlList implementation supports reordering of entries the specified srcEntry is inserted at the position of the specified destEntry.

        If destEntry is null the entry is moved to the end of the list.

        If srcEntry and destEntry are the same no changes are made.

        Parameters:
        srcEntry - The access control entry to be moved within the list.
        destEntry - The entry before which the srcEntry will be moved.
        Throws:
        javax.jcr.security.AccessControlException - If any of the given entries is invalid or cannot be handled by the implementation.
        javax.jcr.UnsupportedRepositoryOperationException - If ordering is not supported.
        javax.jcr.RepositoryException - If another error occurs.