org.apache.sling.jcr.base.util
Class AccessControlUtil

java.lang.Object
  extended by org.apache.sling.jcr.base.util.AccessControlUtil

public class AccessControlUtil
extends java.lang.Object

A simple utility class providing utilities with respect to access control over repositories.


Constructor Summary
AccessControlUtil()
           
 
Method Summary
static boolean addEntry(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl, java.security.Principal principal, org.apache.jackrabbit.api.jsr283.security.Privilege[] privileges, boolean isAllow)
          Same as addEntry(AccessControlList, Principal, Privilege[], boolean, Map) using some implementation specific restrictions.
static boolean addEntry(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl, java.security.Principal principal, org.apache.jackrabbit.api.jsr283.security.Privilege[] privileges, boolean isAllow, java.util.Map restrictions)
          Adds an access control entry to the acl consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.
static org.apache.jackrabbit.api.jsr283.security.AccessControlManager getAccessControlManager(javax.jcr.Session session)
          Returns the AccessControlManager for the given session.
static java.lang.String getPath(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
          Returns the path of the node AccessControlList acl has been created for.
static org.apache.jackrabbit.api.security.principal.PrincipalManager getPrincipalManager(javax.jcr.Session session)
          Returns the PrincipalManager for the given session.
static org.apache.jackrabbit.api.security.user.UserManager getUserManager(javax.jcr.Session session)
          Returns the UserManager for the given session.
static boolean isAllow(org.apache.jackrabbit.api.jsr283.security.AccessControlEntry ace)
          Returns true if the AccessControlEntry represents 'allowed' rights or false it it represents 'denied' rights.
static boolean isEmpty(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
          Returns true if AccessControlList acl does not yet define any entries.
static int size(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
          Returns the number of acl entries or 0 if the acl is empty.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessControlUtil

public AccessControlUtil()
Method Detail

getAccessControlManager

public static org.apache.jackrabbit.api.jsr283.security.AccessControlManager getAccessControlManager(javax.jcr.Session session)
                                                                                              throws javax.jcr.UnsupportedRepositoryOperationException,
                                                                                                     javax.jcr.RepositoryException
Returns the AccessControlManager for the given session. If the session does not have a getAccessControlManager method, a UnsupportedRepositoryOperationException is thrown. Otherwise the AccessControlManager is returned or if the call fails, the respective exception is thrown.

Parameters:
session - The JCR Session whose AccessControlManager is to be returned. If the session is a pooled session, the session underlying the pooled session is actually used.
Returns:
The AccessControlManager of the session
Throws:
javax.jcr.UnsupportedRepositoryOperationException - If the session has no getAccessControlManager method or the exception thrown by the method.
javax.jcr.RepositoryException - Forwarded from the getAccessControlManager method call.

getUserManager

public static org.apache.jackrabbit.api.security.user.UserManager getUserManager(javax.jcr.Session session)
                                                                          throws javax.jcr.AccessDeniedException,
                                                                                 javax.jcr.UnsupportedRepositoryOperationException,
                                                                                 javax.jcr.RepositoryException
Returns the UserManager for the given session. If the session does not have a getUserManager method, a UnsupportedRepositoryOperationException is thrown. Otherwise the UserManager is returned or if the call fails, the respective exception is thrown.

Parameters:
session - The JCR Session whose UserManager is to be returned. If the session is not a JackrabbitSession uses reflection to retrive the manager from the repository.
Returns:
The UserManager of the session.
Throws:
javax.jcr.AccessDeniedException - If this session is not allowed to access user data.
javax.jcr.UnsupportedRepositoryOperationException - If the session has no getUserManager method or the exception thrown by the method.
javax.jcr.RepositoryException - Forwarded from the getUserManager method call.

getPrincipalManager

public static org.apache.jackrabbit.api.security.principal.PrincipalManager getPrincipalManager(javax.jcr.Session session)
                                                                                         throws javax.jcr.AccessDeniedException,
                                                                                                javax.jcr.UnsupportedRepositoryOperationException,
                                                                                                javax.jcr.RepositoryException
Returns the PrincipalManager for the given session. If the session does not have a PrincipalManager method, a UnsupportedRepositoryOperationException is thrown. Otherwise the PrincipalManager is returned or if the call fails, the respective exception is thrown.

Parameters:
session - The JCR Session whose PrincipalManager is to be returned. If the session is not a JackrabbitSession uses reflection to retrive the manager from the repository.
Returns:
The PrincipalManager of the session.
Throws:
javax.jcr.AccessDeniedException
javax.jcr.UnsupportedRepositoryOperationException - If the session has no PrincipalManager method or the exception thrown by the method.
javax.jcr.RepositoryException - Forwarded from the PrincipalManager method call.

getPath

public static java.lang.String getPath(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
                                throws javax.jcr.RepositoryException
Returns the path of the node AccessControlList acl has been created for.

Throws:
javax.jcr.RepositoryException

isEmpty

public static boolean isEmpty(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
                       throws javax.jcr.RepositoryException
Returns true if AccessControlList acl does not yet define any entries.

Throws:
javax.jcr.RepositoryException

size

public static int size(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl)
                throws javax.jcr.RepositoryException
Returns the number of acl entries or 0 if the acl is empty.

Throws:
javax.jcr.RepositoryException

addEntry

public static boolean addEntry(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl,
                               java.security.Principal principal,
                               org.apache.jackrabbit.api.jsr283.security.Privilege[] privileges,
                               boolean isAllow)
                        throws org.apache.jackrabbit.api.jsr283.security.AccessControlException,
                               javax.jcr.RepositoryException
Same as addEntry(AccessControlList, Principal, Privilege[], boolean, Map) using some implementation specific restrictions.

Throws:
org.apache.jackrabbit.api.jsr283.security.AccessControlException
javax.jcr.RepositoryException

addEntry

public static boolean addEntry(org.apache.jackrabbit.api.jsr283.security.AccessControlList acl,
                               java.security.Principal principal,
                               org.apache.jackrabbit.api.jsr283.security.Privilege[] privileges,
                               boolean isAllow,
                               java.util.Map restrictions)
                        throws javax.jcr.UnsupportedRepositoryOperationException,
                               javax.jcr.RepositoryException
Adds an access control entry to the acl consisting of the specified principal, the specified privileges, the isAllow flag and an optional map containing additional restrictions.

This method returns true if this policy was modified, false otherwise.

Throws:
javax.jcr.UnsupportedRepositoryOperationException
javax.jcr.RepositoryException

isAllow

public static boolean isAllow(org.apache.jackrabbit.api.jsr283.security.AccessControlEntry ace)
                       throws javax.jcr.RepositoryException
Returns true if the AccessControlEntry represents 'allowed' rights or false it it represents 'denied' rights.

Throws:
javax.jcr.RepositoryException


Copyright © 2007-2009. All Rights Reserved.