Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jackrabbit.commons.jackrabbit.authorization
Class AccessControlUtils

java.lang.Object
  extended by org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils

public class AccessControlUtils
extends Object

This class provides common access control related utilities.

Constructor Summary
AccessControlUtils()
           
 
Method Summary
static boolean addAccessControlEntry(Session session, String absPath, Principal principal, Privilege[] privileges, boolean isAllow)
          A utility method to add a new access control entry.
static boolean addAccessControlEntry(Session session, String absPath, Principal principal, String[] privilegeNames, boolean isAllow)
          A utility method to add a new access control entry.
Please note, that calling Session.save()() is required in order to persist the changes.
static boolean denyAllToEveryone(Session session, String absPath)
          Utility to deny jcr:all privilege to the everyone group principal.
static org.apache.jackrabbit.api.security.JackrabbitAccessControlList getAccessControlList(Session session, String absPath)
          Utility that combines AccessControlManager.getApplicablePolicies(String) and AccessControlManager.getPolicies(String) to retrieve a modifiable JackrabbitAccessControlList for the given path.
Note that the policy must be reapplied and the changes must be saved in order to make the AC modifications take effect.
static boolean grantAllToEveryone(Session session, String absPath)
          Utility to grant jcr:all privilege to the everyone group principal.
static Privilege[] privilegesFromNames(Session session, String... privilegeNames)
          Retrieves the Privileges from the specified privilege names.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessControlUtils

public AccessControlUtils()
Method Detail

privilegesFromNames

public static Privilege[] privilegesFromNames(Session session,
                                              String... privilegeNames)
                                       throws RepositoryException
Retrieves the Privileges from the specified privilege names.

Parameters:
session - The editing session.
privilegeNames - The privilege names.
Returns:
An array of privileges.
Throws:
RepositoryException - If an error occurs or if privilegeNames contains an unknown/invalid privilege name.

getAccessControlList

public static org.apache.jackrabbit.api.security.JackrabbitAccessControlList getAccessControlList(Session session,
                                                                                                  String absPath)
                                                                                           throws RepositoryException
Utility that combines AccessControlManager.getApplicablePolicies(String) and AccessControlManager.getPolicies(String) to retrieve a modifiable JackrabbitAccessControlList for the given path.
Note that the policy must be reapplied and the changes must be saved in order to make the AC modifications take effect.

Parameters:
session - The editing session.
absPath - The absolute path of the target node.
Returns:
A modifiable access control list or null if there is none.
Throws:
RepositoryException - If an error occurs.

addAccessControlEntry

public static boolean addAccessControlEntry(Session session,
                                            String absPath,
                                            Principal principal,
                                            String[] privilegeNames,
                                            boolean isAllow)
                                     throws RepositoryException
A utility method to add a new access control entry.
Please note, that calling Session.save()() is required in order to persist the changes.

Parameters:
session - The editing session.
absPath - The absolute path of the target node.
principal - The principal to grant/deny privileges to.
privilegeNames - The names of the privileges to grant or deny.
isAllow - true to grant; false otherwise.
Returns:
true if the node's ACL was modified and the session has pending changes.
Throws:
RepositoryException - If an error occurs.

addAccessControlEntry

public static boolean addAccessControlEntry(Session session,
                                            String absPath,
                                            Principal principal,
                                            Privilege[] privileges,
                                            boolean isAllow)
                                     throws RepositoryException
A utility method to add a new access control entry. Please note, that a call to Session.save()() is required in order to persist the changes.

Parameters:
session - The editing session
absPath - The absolute path of the target node.
principal - The principal to grant/deny privileges to.
privileges - The privileges to grant or deny
isAllow - true to grant; false otherwise;
Returns:
true if the node's ACL was modified and the session has pending changes.
Throws:
RepositoryException - If an error occurs.

grantAllToEveryone

public static boolean grantAllToEveryone(Session session,
                                         String absPath)
                                  throws RepositoryException
Utility to grant jcr:all privilege to the everyone group principal. Please note, that Session.save()() is required in order to persist the changes.

Parameters:
session - The editing session.
absPath - The absolute path of the target node
Returns:
true if the node's access control list was modified; false otherwise;
Throws:
RepositoryException - If an error occurs.

denyAllToEveryone

public static boolean denyAllToEveryone(Session session,
                                        String absPath)
                                 throws RepositoryException
Utility to deny jcr:all privilege to the everyone group principal. Please note, that Session.save()() is required in order to persist the changes.

Parameters:
session - The editing session.
absPath - The absolute path of the target node
Returns:
true if the node's access control list was modified; false otherwise;
Throws:
RepositoryException - If an error occurs.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.