lumis.util.security.acl
Class AccessControlList

java.lang.Object
  lumis.util.security.acl.AccessControlList

All Implemented Interfaces:

Cloneable, ICacheEntry, ICloneableCacheEntry, ICloneableConfig<AccessControlList>

public class AccessControlList
extends Object
implements ICloneableConfig<AccessControlList>, ICloneableCacheEntry

Value class for Access Control Lists

Since:

4.0.7

Field Summary

static int	REMOVE_INHERIT_COPY_PERMISSIONS
static int	REMOVE_INHERIT_REMOVE_PERMISSIONS

Constructor Summary

AccessControlList(String id, AccessControlEntry[] accessControlEntries, boolean inheriting)

AccessControlList(String id, AccessControlEntry[] accessControlEntries, boolean inheriting, String parentId)
Creates a new access control list with the data given.

Method Summary

boolean	checkPermission(Collection<String> principalIds, IPermission permission) Deprecated. Since 4.2.1, this method is no longer used and may be removed in the future.
boolean	checkPermission(String principalId, IPermission permission) Checks if the specified principal has access to the given permission.
AccessControlList	clone()
void	deserialize(Node accessControlListNode)
AccessControlEntry[]	getEntries()
AccessControlEntry	getEntry(String entryId)
String	getId()
AccessControlEntry[]	getLocalEntries()
String	getParentId()
void	inherit(AccessControlList parentAccessControlList)
void	inherit(AccessControlList parentAccessControlList, HashMap<Integer,Integer> permissionsMapping)
boolean	isInheriting()
void	removeInheritance(int removeType)
void	serialize(AccessControlList accessControlList, OutputStream outputStream)
void	setImpliedPermissions(int[] permissionImplies)
void	setInheriting(boolean inheriting)
void	setLocalEntries(AccessControlEntry[] entries)
void	setParentId(String parentId)

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REMOVE_INHERIT_COPY_PERMISSIONS

public static final int REMOVE_INHERIT_COPY_PERMISSIONS

See Also:

Constant Field Values

REMOVE_INHERIT_REMOVE_PERMISSIONS

public static final int REMOVE_INHERIT_REMOVE_PERMISSIONS

See Also:

Constant Field Values

Constructor Detail

AccessControlList

public AccessControlList(String id,
                         AccessControlEntry[] accessControlEntries,
                         boolean inheriting)

AccessControlList

public AccessControlList(String id,
                         AccessControlEntry[] accessControlEntries,
                         boolean inheriting,
                         String parentId)

Creates a new access control list with the data given.

The parentACL is not currently read from parentId. It is filled only when inherit(lumis.util.security.acl.AccessControlList) method is called. On the inherit(lumis.util.security.acl.AccessControlList) method, the parentId is also filled.

Method Detail

getId

public String getId()

isInheriting

public boolean isInheriting()

setInheriting

public void setInheriting(boolean inheriting)

getParentId

public String getParentId()

setParentId

public void setParentId(String parentId)

getEntry

public AccessControlEntry getEntry(String entryId)

getEntries

public AccessControlEntry[] getEntries()

getLocalEntries

public AccessControlEntry[] getLocalEntries()

setLocalEntries

public void setLocalEntries(AccessControlEntry[] entries)

setImpliedPermissions

public void setImpliedPermissions(int[] permissionImplies)

inherit

public void inherit(AccessControlList parentAccessControlList)

inherit

public void inherit(AccessControlList parentAccessControlList,
                    HashMap<Integer,Integer> permissionsMapping)

removeInheritance

public void removeInheritance(int removeType)

checkPermission

@Deprecated
public boolean checkPermission(Collection<String> principalIds,
                                          IPermission permission)

Deprecated. Since 4.2.1, this method is no longer used and may be removed in the future.

Checks if any of the given principlas have access to the given permission. If any of the principals are explicitly "denied" permission, this method returns false. Otherwise if any of the principals have access to the given permission, this method returns true.

Parameters:

principalIds -

permission -

Returns:

checkPermission

public boolean checkPermission(String principalId,
                               IPermission permission)
                        throws PortalException

Checks if the specified principal has access to the given permission. This permission check is done taking into account the principal's groups recursively.

This method needs a transactional context to be executed.

Parameters:

principalId - the principal identifier.

permission - the permission.

Returns:

true if the principal has access to the given permission, false otherwise.

Throws:

PortalException

serialize

public void serialize(AccessControlList accessControlList,
                      OutputStream outputStream)
               throws PortalException

Throws:

PortalException

deserialize

public void deserialize(Node accessControlListNode)
                 throws PortalException

Throws:

PortalException

clone

public AccessControlList clone()
                        throws CloneNotSupportedException

Specified by:

clone in interface ICloneableCacheEntry

Specified by:

clone in interface ICloneableConfig<AccessControlList>

Overrides:

clone in class Object

Throws:

CloneNotSupportedException