Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jackrabbit.core.security.simple
Class SimpleAccessManager

java.lang.Object
  extended by org.apache.jackrabbit.core.security.AbstractAccessControlManager
      extended by org.apache.jackrabbit.core.security.simple.SimpleAccessManager
All Implemented Interfaces:
AccessControlManager, AccessManager, JackrabbitAccessControlManager
Direct Known Subclasses:
SimpleAccessManager
public class SimpleAccessManager
extends AbstractAccessControlManager
implements AccessManager

SimpleAccessManager ...

Field Summary
 
Fields inherited from interface org.apache.jackrabbit.core.security.AccessManager
READ, REMOVE, WRITE
 
Constructor Summary
SimpleAccessManager()
          Empty constructor
 
Method Summary
 boolean canAccess(java.lang.String workspaceName)
          Determines whether the subject of the current context is granted access to the given workspace.
 boolean canRead(Path itemPath)
          Determines whether the item at the specified absolute path can be read.
protected  void checkInitialized()
          Check if this manager has been properly initialized.
 void checkPermission(ItemId id, int permissions)
          Determines whether the specified permissions are granted on the item with the specified id (i.e.
protected  void checkPrivileges(java.lang.String absPath, int privileges)
          Check if the specified privileges are granted at absPath.
protected  void checkValidNodePath(java.lang.String absPath)
          Build a qualified path from the specified absPath and test if it is really absolute and points to an existing node.
 void close()
          Close this access manager.
 AccessControlPolicy[] getEffectivePolicies(java.lang.String absPath)
          Returns the AccessControlPolicy objects that currently are in effect at the node at absPath.
protected  PrivilegeRegistry getPrivilegeRegistry()
           
 Privilege[] getPrivileges(java.lang.String absPath)
          Returns the privileges the session has for absolute path absPath, which must be an existing node.
 boolean hasPrivileges(java.lang.String absPath, Privilege[] privileges)
          Returns whether the session has the specified privileges for absolute path absPath, which must be an existing node.
 void init(AMContext context)
          Initialize this access manager.
 void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager)
          Initialize this access manager.
 boolean isGranted(ItemId id, int permissions)
          Determines whether the specified permissions are granted on the item with the specified id (i.e.
 boolean isGranted(Path absPath, int permissions)
          Determines whether the specified permissions are granted on the item with the specified absPath (i.e.
 boolean isGranted(Path parentPath, Name childName, int permissions)
          Determines whether the specified permissions are granted on an item represented by the combination of the given parentPath and childName (i.e.
 
Methods inherited from class org.apache.jackrabbit.core.security.AbstractAccessControlManager
getApplicablePolicies, getApplicablePolicies, getPolicies, getSupportedPrivileges, privilegeFromName, removePolicy, setPolicy
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SimpleAccessManager

public SimpleAccessManager()
Empty constructor

Method Detail

init

public void init(AMContext context)
          throws javax.jcr.AccessDeniedException,
                 java.lang.Exception
Initialize this access manager. An AccessDeniedException will be thrown if the subject of the given context is not granted access to the specified workspace.

Specified by:
init in interface AccessManager
Parameters:
context - access manager context
Throws:
javax.jcr.AccessDeniedException - if the subject is not granted access to the specified workspace.
java.lang.Exception - if another error occurs

init

public void init(AMContext context,
                 AccessControlProvider acProvider,
                 WorkspaceAccessManager wspAccessManager)
          throws javax.jcr.AccessDeniedException,
                 java.lang.Exception
Initialize this access manager. An AccessDeniedException will be thrown if the subject of the given context is not granted access to the specified workspace.

Specified by:
init in interface AccessManager
Parameters:
context - access manager context
Throws:
javax.jcr.AccessDeniedException - if the subject is not granted access to the specified workspace.
java.lang.Exception - if another error occurs

close

public void close()
           throws java.lang.Exception
Close this access manager. After having closed an access manager, further operations on this object are treated as illegal and throw

Specified by:
close in interface AccessManager
Throws:
java.lang.Exception - if an error occurs

checkPermission

public void checkPermission(ItemId id,
                            int permissions)
                     throws javax.jcr.AccessDeniedException,
                            javax.jcr.RepositoryException
Determines whether the specified permissions are granted on the item with the specified id (i.e. the target item).

Specified by:
checkPermission in interface AccessManager
Parameters:
id - the id of the target item
permissions - A combination of one or more of the following constants encoded as a bitmask value:
  • READ
  • WRITE
  • REMOVE
Throws:
javax.jcr.AccessDeniedException - if permission is denied
javax.jcr.ItemNotFoundException - if the target item does not exist
javax.jcr.RepositoryException - it an error occurs

isGranted

public boolean isGranted(ItemId id,
                         int permissions)
                  throws javax.jcr.RepositoryException
Determines whether the specified permissions are granted on the item with the specified id (i.e. the target item).

Specified by:
isGranted in interface AccessManager
Parameters:
id - the id of the target item
permissions - A combination of one or more of the following constants encoded as a bitmask value:
  • READ
  • WRITE
  • REMOVE
Returns:
true if permission is granted; otherwise false
Throws:
javax.jcr.ItemNotFoundException - if the target item does not exist
javax.jcr.RepositoryException - if another error occurs

isGranted

public boolean isGranted(Path absPath,
                         int permissions)
                  throws javax.jcr.RepositoryException
Description copied from interface: AccessManager
Determines whether the specified permissions are granted on the item with the specified absPath (i.e. the target item, that may or may not yet exist).

Specified by:
isGranted in interface AccessManager
Parameters:
absPath - the absolute path to test
permissions - A combination of one or more of the following constants encoded as a bitmask value:
Returns:
true if the specified permissions are granted; otherwise false.
Throws:
javax.jcr.RepositoryException - if an error occurs.

isGranted

public boolean isGranted(Path parentPath,
                         Name childName,
                         int permissions)
                  throws javax.jcr.RepositoryException
Description copied from interface: AccessManager
Determines whether the specified permissions are granted on an item represented by the combination of the given parentPath and childName (i.e. the target item, that may or may not yet exist).

Specified by:
isGranted in interface AccessManager
Parameters:
parentPath - Path to an existing parent node.
childName - Name of the child item that may or may not exist yet.
permissions - A combination of one or more of the following constants encoded as a bitmask value:
Returns:
true if the specified permissions are granted; otherwise false.
Throws:
javax.jcr.RepositoryException - if an error occurs.

canRead

public boolean canRead(Path itemPath)
                throws javax.jcr.RepositoryException
Description copied from interface: AccessManager
Determines whether the item at the specified absolute path can be read.

Specified by:
canRead in interface AccessManager
Returns:
true if the item can be read; otherwise false.
Throws:
javax.jcr.RepositoryException - if an error occurs.

canAccess

public boolean canAccess(java.lang.String workspaceName)
                  throws javax.jcr.RepositoryException
Determines whether the subject of the current context is granted access to the given workspace. Note that an implementation is free to test for the existance of a workspace with the specified name. In this case the expected return value is false, if no such workspace exists.

Specified by:
canAccess in interface AccessManager
Parameters:
workspaceName - name of workspace
Returns:
true if the subject of the current context is granted access to the given workspace; otherwise false.
Throws:
javax.jcr.RepositoryException - if an error occurs.

hasPrivileges

public boolean hasPrivileges(java.lang.String absPath,
                             Privilege[] privileges)
                      throws javax.jcr.PathNotFoundException,
                             javax.jcr.RepositoryException
Returns whether the session has the specified privileges for absolute path absPath, which must be an existing node.

Testing an aggregate privilege is equivalent to testing each non aggregate privilege among the set returned by calling Privilege.getAggregatePrivileges() for that privilege.

The results reported by the this method reflect the net effect of the currently applied control mechanisms. It does not reflect unsaved access control policies or unsaved access control entries. Changes to access control status caused by these mechanisms only take effect on Session.save() and are only then reflected in the results of the privilege test methods.

A PathNotFoundException is thrown if no node at absPath exists or the session does not have privilege to retrieve the node.

A RepositoryException is thrown if another error occurs.

Specified by:
hasPrivileges in interface AccessControlManager
Parameters:
absPath - an absolute path.
privileges - an array of Privileges.
Returns:
true if the session has the specified privileges; false otherwise.
Throws:
javax.jcr.PathNotFoundException - if no node at absPath exists or the session does not have privilege to retrieve the node.
javax.jcr.RepositoryException - if another error occurs.

getPrivileges

public Privilege[] getPrivileges(java.lang.String absPath)
                          throws javax.jcr.PathNotFoundException,
                                 javax.jcr.RepositoryException
Returns the privileges the session has for absolute path absPath, which must be an existing node.

The returned privileges are those for which AccessControlManager.hasPrivileges(java.lang.String, org.apache.jackrabbit.api.jsr283.security.Privilege[]) would return true.

The results reported by the this method reflect the net effect of the currently applied control mechanisms. It does not reflect unsaved access control policies or unsaved access control entries. Changes to access control status caused by these mechanisms only take effect on Session.save() and are only then reflected in the results of the privilege test methods.

A PathNotFoundException is thrown if no node at absPath exists or the session does not have privilege to retrieve the node.

A RepositoryException is thrown if another error occurs.

Specified by:
getPrivileges in interface AccessControlManager
Parameters:
absPath - an absolute path.
Returns:
an array of Privileges.
Throws:
javax.jcr.PathNotFoundException - if no node at absPath exists or the session does not have privilege to retrieve the node.
javax.jcr.RepositoryException - if another error occurs.

getEffectivePolicies

public AccessControlPolicy[] getEffectivePolicies(java.lang.String absPath)
                                           throws javax.jcr.PathNotFoundException,
                                                  javax.jcr.AccessDeniedException,
                                                  javax.jcr.RepositoryException
Returns the AccessControlPolicy objects that currently are in effect at the node at absPath. This may be policies set through this API or some implementation specific (default) policies.

A PathNotFoundException is thrown if no node at absPath exists or the session does not have privilege to retrieve the node.

An AccessDeniedException is thrown if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.

A RepositoryException is thrown if another error occurs.

Specified by:
getEffectivePolicies in interface AccessControlManager
Parameters:
absPath - an absolute path.
Returns:
an array of AccessControlPolicy objects.
Throws:
javax.jcr.PathNotFoundException - if no node at absPath exists or the session does not have privilege to retrieve the node.
javax.jcr.AccessDeniedException - if the session lacks READ_ACCESS_CONTROL privilege for the absPath node.
javax.jcr.RepositoryException - if another error occurs.

checkInitialized

protected void checkInitialized()
                         throws java.lang.IllegalStateException
Description copied from class: AbstractAccessControlManager
Check if this manager has been properly initialized.

Specified by:
checkInitialized in class AbstractAccessControlManager
Throws:
java.lang.IllegalStateException - If this manager has not been properly initialized.
See Also:
AbstractAccessControlManager.checkInitialized()

checkPrivileges

protected void checkPrivileges(java.lang.String absPath,
                               int privileges)
                        throws javax.jcr.AccessDeniedException,
                               javax.jcr.PathNotFoundException,
                               javax.jcr.RepositoryException
Description copied from class: AbstractAccessControlManager
Check if the specified privileges are granted at absPath.

Specified by:
checkPrivileges in class AbstractAccessControlManager
Throws:
javax.jcr.AccessDeniedException - if the session does not have the specified privileges.
javax.jcr.PathNotFoundException - if no node exists at absPath of if the session does not have the privilege to READ it.
javax.jcr.RepositoryException
See Also:
AbstractAccessControlManager.checkPrivileges(String, int)

getPrivilegeRegistry

protected PrivilegeRegistry getPrivilegeRegistry()
                                          throws javax.jcr.RepositoryException
Specified by:
getPrivilegeRegistry in class AbstractAccessControlManager
Returns:
the privilege registry
Throws:
javax.jcr.RepositoryException
See Also:
AbstractAccessControlManager.getPrivilegeRegistry()

checkValidNodePath

protected void checkValidNodePath(java.lang.String absPath)
                           throws javax.jcr.PathNotFoundException,
                                  javax.jcr.RepositoryException
Description copied from class: AbstractAccessControlManager
Build a qualified path from the specified absPath and test if it is really absolute and points to an existing node.

Specified by:
checkValidNodePath in class AbstractAccessControlManager
Throws:
javax.jcr.PathNotFoundException - if no node at absPath exists or the session does not have privilege to retrieve the node.
javax.jcr.RepositoryException - If the given absPath is not absolute or if some other error occurs.
See Also:
AbstractAccessControlManager.checkValidNodePath(String)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2011 Apache Software Foundation. All Rights Reserved.