org.apache.slide.security
Class ACLSecurityImpl

java.lang.Object
  org.apache.slide.security.SecurityImpl
      org.apache.slide.security.ACLSecurityImpl

All Implemented Interfaces:

Security

public final class ACLSecurityImpl

extends SecurityImpl

WebDAV/ACL compliant security helper implementation (draft-12)

Version:

$Revision: 1.10 $

Field Summary

Fields inherited from class org.apache.slide.security.SecurityImpl

aclInheritanceType, logger, namespace, namespaceConfig, rolesCache

Constructor Summary

ACLSecurityImpl(Namespace namespace, NamespaceConfig namespaceConfig)
Constructor.

Method Summary

java.util.Enumeration	getGroupMembership(SlideToken token, SubjectNode subjectNode) Get enumeration of paths according to property DAV:group-membership
java.util.Enumeration	getRoles(ObjectNode object) Return the list of roles the specified node has.
java.util.Enumeration	getRoles(SlideToken token) Return the list of roles the specified token has.
java.util.Enumeration	getRoles(SlideToken token, SubjectNode subjectNode) Get the role names the specified subject has (deeply over nested roles, if there)
boolean	hasPermission(ObjectNode object, SubjectNode subject, ActionNode action) Check whether or not an actor can perform the specified activity on a collection.
boolean	hasPermission(SlideToken token, ObjectNode objectNode, ActionNode actionNode) Check whether or not an actor (principal) can perform the specified activity on the specified resource.
boolean	hasRole(ObjectNode object, java.lang.String role) Check whether or not the current user has the specified role.
boolean	hasRole(SlideToken token, java.lang.String role) Check whether or not the current user has the specified role.
boolean	hasRole(SlideToken token, SubjectNode subjectNode, java.lang.String role)
void	init(Namespace namespace, NamespaceConfig namespaceConfig) Method init

Methods inherited from class org.apache.slide.security.SecurityImpl

checkCredentials, checkPermission, checkPermission, denyPermission, denyPermission, denyPermission, enumeratePermissions, enumeratePermissions, enumeratePermissions, enumeratePermissions, getActionAggregation, getPrincipal, grantPermission, grantPermission, grantPermission, matchAction, matchPrincipal, matchPrincipal, retrieveAclSourceNodes, revokePermission, revokePermission, setPermissions

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ACLSecurityImpl

public ACLSecurityImpl(Namespace namespace,
                       NamespaceConfig namespaceConfig)

Constructor.

Parameters:

namespace - Namespace

namespaceConfig - Namespace configuration

Method Detail

init

public void init(Namespace namespace,
                 NamespaceConfig namespaceConfig)

Method init

Specified by:

init in interface Security

Overrides:

init in class SecurityImpl

Parameters:

namespace - a Namespace

namespaceConfig - a NamespaceConfig

hasPermission

public boolean hasPermission(ObjectNode object,
                             SubjectNode subject,
                             ActionNode action)
                      throws ServiceAccessException,
                             ObjectNotFoundException

Check whether or not an actor can perform the specified activity on a collection.

Specified by:

hasPermission in interface Security

Overrides:

hasPermission in class SecurityImpl

Parameters:

object - Object on which access is tested

subject - Subject who seeks to perform the action

action - Action which is to be performed

Returns:

true if the action can be performed

Throws:

ServiceAccessException - DataSource access error

ObjectNotFoundException - Specified object was not found in the DataSource

hasPermission

public boolean hasPermission(SlideToken token,
                             ObjectNode objectNode,
                             ActionNode actionNode)
                      throws ServiceAccessException,
                             ObjectNotFoundException

Check whether or not an actor (principal) can perform the specified activity on the specified resource.

Specified by:

hasPermission in interface Security

Overrides:

hasPermission in class SecurityImpl

Parameters:

token - a SlideToken

objectNode - Object on which access is tested

actionNode - Action which is to be performed

Returns:

true if the action can be performed

Throws:

ServiceAccessException

ObjectNotFoundException

hasRole

public boolean hasRole(SlideToken token,
                       java.lang.String role)
                throws ServiceAccessException,
                       ObjectNotFoundException

Description copied from class: SecurityImpl

Check whether or not the current user has the specified role.

Specified by:

hasRole in interface Security

Overrides:

hasRole in class SecurityImpl

Parameters:

token - Credentials token

role - Role

Throws:

ObjectNotFoundException - Specified object was not found in the DataSource

ServiceAccessException - DataSource access error

hasRole

public boolean hasRole(SlideToken token,
                       SubjectNode subjectNode,
                       java.lang.String role)
                throws ServiceAccessException,
                       ObjectNotFoundException

Throws:

ServiceAccessException

ObjectNotFoundException

hasRole

public boolean hasRole(ObjectNode object,
                       java.lang.String role)
                throws ServiceAccessException,
                       ObjectNotFoundException

Description copied from class: SecurityImpl

Check whether or not the current user has the specified role.

Specified by:

hasRole in interface Security

Overrides:

hasRole in class SecurityImpl

Parameters:

object - Object node

role - Role

Throws:

ObjectNotFoundException - Specified object was not found in the DataSource

ServiceAccessException - DataSource access error

getRoles

public java.util.Enumeration getRoles(SlideToken token)
                               throws ServiceAccessException,
                                      ObjectNotFoundException

Description copied from class: SecurityImpl

Return the list of roles the specified token has.

Specified by:

getRoles in interface Security

Overrides:

getRoles in class SecurityImpl

Parameters:

token - Credentials token

Throws:

ServiceAccessException

ObjectNotFoundException

getRoles

public java.util.Enumeration getRoles(SlideToken token,
                                      SubjectNode subjectNode)
                               throws ServiceAccessException,
                                      ObjectNotFoundException

Get the role names the specified subject has (deeply over nested roles, if there)

Specified by:

getRoles in interface Security

Overrides:

getRoles in class SecurityImpl

Parameters:

token - a SlideToken

subjectNode - a SubjectNode

Returns:

an Enumeration of role names

Throws:

ServiceAccessException

ObjectNotFoundException

getGroupMembership

public java.util.Enumeration getGroupMembership(SlideToken token,
                                                SubjectNode subjectNode)
                                         throws ServiceAccessException,
                                                ObjectNotFoundException

Get enumeration of paths according to property DAV:group-membership

Parameters:

token - a SlideToken

subjectNode - a SubjectNode

Returns:

an Enumeration of paths (String)

Throws:

ServiceAccessException

ObjectNotFoundException

getRoles

public java.util.Enumeration getRoles(ObjectNode object)

Description copied from class: SecurityImpl

Return the list of roles the specified node has.

Specified by:

getRoles in interface Security

Overrides:

getRoles in class SecurityImpl

Parameters:

object - Object node