| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!--NewPage--> |
| <HTML> |
| <HEAD> |
| <!-- Generated by javadoc (build 1.6.0_20) on Wed Mar 14 23:31:23 PDT 2012 --> |
| <TITLE> |
| Acl |
| </TITLE> |
| |
| <META NAME="date" CONTENT="2012-03-14"> |
| |
| <LINK REL ="stylesheet" TYPE="text/css" HREF="../stylesheet.css" TITLE="Style"> |
| |
| <SCRIPT type="text/javascript"> |
| function windowTitle() |
| { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="Acl"; |
| } |
| } |
| </SCRIPT> |
| <NOSCRIPT> |
| </NOSCRIPT> |
| |
| </HEAD> |
| |
| <BODY BGCOLOR="white" onload="windowTitle();"> |
| <HR> |
| |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <A NAME="navbar_top"><!-- --></A> |
| <A HREF="#skip-navbar_top" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_top_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../adaptorlib/AbstractDocumentTransform.html" title="class in adaptorlib"><B>PREV CLASS</B></A> |
| <A HREF="../adaptorlib/Acl.BatchRetriever.html" title="interface in adaptorlib"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../index.html?adaptorlib/Acl.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="Acl.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: <A HREF="#nested_class_summary">NESTED</A> | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_top"></A> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| |
| <HR> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <H2> |
| <FONT SIZE="-1"> |
| adaptorlib</FONT> |
| <BR> |
| Class Acl</H2> |
| <PRE> |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A> |
| <IMG SRC="../resources/inherit.gif" ALT="extended by "><B>adaptorlib.Acl</B> |
| </PRE> |
| <HR> |
| <DL> |
| <DT><PRE>public class <B>Acl</B><DT>extends <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></DL> |
| </PRE> |
| |
| <P> |
| Immutable access control list. For description of the semantics of the |
| various fields, see <A HREF="../adaptorlib/Acl.html#isAuthorizedLocal(java.lang.String, java.util.Collection)"><CODE>isAuthorizedLocal</CODE></A> and |
| <A HREF="../adaptorlib/Acl.html#isAuthorized(java.lang.String, java.util.Collection, java.util.List, boolean)"><CODE>isAuthorized</CODE></A>. Users and groups must not be <code>null</code>, <code>""</code>, or have surrounding whitespace. These values are |
| disallowed to prevent confusion since <code>null</code> doesn't make sense, <code>""</code> would be ignored by the GSA, and surrounding whitespace is automatically |
| trimmed by the GSA. |
| |
| <p>It is very important to note that a completely empty ACL (one that has all |
| defaults) is equivalent to having no ACLs on the GSA, which is typically |
| treated as "public." |
| <P> |
| |
| <P> |
| <HR> |
| |
| <P> |
| <!-- ======== NESTED CLASS SUMMARY ======== --> |
| |
| <A NAME="nested_class_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Nested Class Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static interface</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.BatchRetriever.html" title="interface in adaptorlib">Acl.BatchRetriever</A></B></CODE> |
| |
| <BR> |
| Batch retrieval of ACLs for efficent processing of many authz checks at |
| once.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static class</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.Builder.html" title="class in adaptorlib">Acl.Builder</A></B></CODE> |
| |
| <BR> |
| Mutable ACL for creating instances of <A HREF="../adaptorlib/Acl.html" title="class in adaptorlib"><CODE>Acl</CODE></A>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static class</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.InheritanceType.html" title="enum in adaptorlib">Acl.InheritanceType</A></B></CODE> |
| |
| <BR> |
| The rule for combining a parent's authz response with its child's.</TD> |
| </TR> |
| </TABLE> |
| <!-- =========== FIELD SUMMARY =========== --> |
| |
| <A NAME="field_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Field Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="../adaptorlib/Acl.html" title="class in adaptorlib">Acl</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#EMPTY">EMPTY</A></B></CODE> |
| |
| <BR> |
| Empty convenience instance with all defaults used.</TD> |
| </TR> |
| </TABLE> |
| |
| <!-- ========== METHOD SUMMARY =========== --> |
| |
| <A NAME="method_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Method Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> boolean</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#equals(java.lang.Object)">equals</A></B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> o)</CODE> |
| |
| <BR> |
| Equality is determined if all the permit/deny sets are equal and the |
| inheritance is equal.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getDenyGroups()">getDenyGroups</A></B>()</CODE> |
| |
| <BR> |
| Returns immutable set of denied groups.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getDenyUsers()">getDenyUsers</A></B>()</CODE> |
| |
| <BR> |
| Returns immutable set of denied users.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="../adaptorlib/Acl.InheritanceType.html" title="enum in adaptorlib">Acl.InheritanceType</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getInheritanceType()">getInheritanceType</A></B>()</CODE> |
| |
| <BR> |
| Returns the inheritance type used to combine authz decisions of these ACLs |
| with its <em>child</em>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getInheritFrom()">getInheritFrom</A></B>()</CODE> |
| |
| <BR> |
| Returns <code>DocId</code> these ACLs are inherited from.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getPermitGroups()">getPermitGroups</A></B>()</CODE> |
| |
| <BR> |
| Returns immutable set of permitted groups.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#getPermitUsers()">getPermitUsers</A></B>()</CODE> |
| |
| <BR> |
| Returns immutable set of permitted users.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> int</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#hashCode()">hashCode</A></B>()</CODE> |
| |
| <BR> |
| Returns a hash code for this object that agrees with <code>equals</code>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#isAuthorized(java.lang.String, java.util.Collection, java.util.List, boolean)">isAuthorized</A></B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util">List</A><<A HREF="../adaptorlib/Acl.html" title="class in adaptorlib">Acl</A>> aclChain, |
| boolean emptyImpliesPublic)</CODE> |
| |
| <BR> |
| Determine if the provided <code>userIdentifier</code> belonging to <code>groups</code> is authorized for the provided <code>aclChain</code>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</A><<A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A>,<A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#isAuthorizedBatch(java.lang.String, java.util.Collection, java.util.Collection, adaptorlib.Acl.BatchRetriever, boolean)">isAuthorizedBatch</A></B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A>> ids, |
| <A HREF="../adaptorlib/Acl.BatchRetriever.html" title="interface in adaptorlib">Acl.BatchRetriever</A> retriever, |
| boolean emptyImpliesPublic)</CODE> |
| |
| <BR> |
| Check authz for many DocIds at once.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../adaptorlib/Acl.html#isAuthorizedLocal(java.lang.String, java.util.Collection)">isAuthorizedLocal</A></B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups)</CODE> |
| |
| <BR> |
| Determine if the provided <code>userIdentifier</code> belonging to <code>groups</code> is authorized, ignoring inheritance.</TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD> |
| </TR> |
| </TABLE> |
| |
| <P> |
| |
| <!-- ============ FIELD DETAIL =========== --> |
| |
| <A NAME="field_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Field Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="EMPTY"><!-- --></A><H3> |
| EMPTY</H3> |
| <PRE> |
| public static final <A HREF="../adaptorlib/Acl.html" title="class in adaptorlib">Acl</A> <B>EMPTY</B></PRE> |
| <DL> |
| <DD>Empty convenience instance with all defaults used. This is equivalent to |
| having no ACLs on the GSA, which is typically treated as "public." |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../adaptorlib/Acl.Builder.html#Acl.Builder()"><CODE>Acl.Builder.Acl.Builder()</CODE></A></DL> |
| </DL> |
| |
| <!-- ============ METHOD DETAIL ========== --> |
| |
| <A NAME="method_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Method Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="getPermitGroups()"><!-- --></A><H3> |
| getPermitGroups</H3> |
| <PRE> |
| public <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> <B>getPermitGroups</B>()</PRE> |
| <DL> |
| <DD>Returns immutable set of permitted groups. |
| <P> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getDenyGroups()"><!-- --></A><H3> |
| getDenyGroups</H3> |
| <PRE> |
| public <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> <B>getDenyGroups</B>()</PRE> |
| <DL> |
| <DD>Returns immutable set of denied groups. |
| <P> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getPermitUsers()"><!-- --></A><H3> |
| getPermitUsers</H3> |
| <PRE> |
| public <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> <B>getPermitUsers</B>()</PRE> |
| <DL> |
| <DD>Returns immutable set of permitted users. |
| <P> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getDenyUsers()"><!-- --></A><H3> |
| getDenyUsers</H3> |
| <PRE> |
| public <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> <B>getDenyUsers</B>()</PRE> |
| <DL> |
| <DD>Returns immutable set of denied users. |
| <P> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getInheritFrom()"><!-- --></A><H3> |
| getInheritFrom</H3> |
| <PRE> |
| public <A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A> <B>getInheritFrom</B>()</PRE> |
| <DL> |
| <DD>Returns <code>DocId</code> these ACLs are inherited from. This is also known as |
| the "parent's" ACLs. Note that the parent's <code>InheritanceType</code> |
| determines how to combine results with this ACL. |
| <P> |
| <DD><DL> |
| <DT><B>See Also:</B><DD><A HREF="../adaptorlib/Acl.html#getInheritanceType()"><CODE>getInheritanceType()</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getInheritanceType()"><!-- --></A><H3> |
| getInheritanceType</H3> |
| <PRE> |
| public <A HREF="../adaptorlib/Acl.InheritanceType.html" title="enum in adaptorlib">Acl.InheritanceType</A> <B>getInheritanceType</B>()</PRE> |
| <DL> |
| <DD>Returns the inheritance type used to combine authz decisions of these ACLs |
| with its <em>child</em>. The inheritance type applies to the interaction |
| between this ACL and any <em>children</em> it has. |
| <P> |
| <DD><DL> |
| <DT><B>See Also:</B><DD><A HREF="../adaptorlib/Acl.html#getInheritFrom()"><CODE>getInheritFrom()</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="isAuthorizedLocal(java.lang.String, java.util.Collection)"><!-- --></A><H3> |
| isAuthorizedLocal</H3> |
| <PRE> |
| public <A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A> <B>isAuthorizedLocal</B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups)</PRE> |
| <DL> |
| <DD>Determine if the provided <code>userIdentifier</code> belonging to <code>groups</code> is authorized, ignoring inheritance. Deny trumps permit, |
| independent of how specific the rule is. So if a user is in permitUsers and |
| one of the user's groups is in denyGroups, that user will be denied. If a |
| user and his groups are unspecified in the ACL, then the response is |
| indeterminate. |
| <P> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="isAuthorized(java.lang.String, java.util.Collection, java.util.List, boolean)"><!-- --></A><H3> |
| isAuthorized</H3> |
| <PRE> |
| public static <A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A> <B>isAuthorized</B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util">List</A><<A HREF="../adaptorlib/Acl.html" title="class in adaptorlib">Acl</A>> aclChain, |
| boolean emptyImpliesPublic)</PRE> |
| <DL> |
| <DD>Determine if the provided <code>userIdentifier</code> belonging to <code>groups</code> is authorized for the provided <code>aclChain</code>. The chain should |
| be in order of root to leaf; that means that the particular file or folder |
| you are checking for authz will be at the end of the chain. |
| |
| <p>If you have an ACL and wish to determine if a user is authorized, you |
| should manually generate an aclChain by recursively retrieving the ACLs of |
| the <code>inheritFrom</code> <A HREF="../adaptorlib/DocId.html" title="class in adaptorlib"><CODE>DocId</CODE></A>. The ACL you started with should be |
| at the end of the chain. Alternatively, you can use <A HREF="../adaptorlib/Acl.html#isAuthorizedBatch(java.lang.String, java.util.Collection, java.util.Collection, adaptorlib.Acl.BatchRetriever, boolean)"><CODE>isAuthorizedBatch()</CODE></A>. |
| |
| <p>If the entire chain has empty permit/deny sets, then the result is |
| <A HREF="../adaptorlib/AuthzStatus.html#INDETERMINATE"><CODE>AuthzStatus.INDETERMINATE</CODE></A>. |
| |
| <p>The result of the entire chain is the non-local decision of the root. |
| The non-local decision of any entry in the chain is the local decision of |
| that entry (as calculated with <A HREF="../adaptorlib/Acl.html#isAuthorizedLocal(java.lang.String, java.util.Collection)"><CODE>isAuthorizedLocal()</CODE></A>) combined with the non-local decision of the next |
| entry in the chain via the <code>InheritanceType</code> of the original entry. |
| To repeat, the non-local decision of an entry is that entry's local |
| decision combined using its <code>InheritanceType</code> with its child's |
| non-local decision (which is recursive). Thus, if the root's inheritance |
| type is <A HREF="../adaptorlib/Acl.InheritanceType.html#PARENT_OVERRIDES"><CODE>Acl.InheritanceType.PARENT_OVERRIDES</CODE></A> and its local decision is |
| <A HREF="../adaptorlib/AuthzStatus.html#DENY"><CODE>AuthzStatus.DENY</CODE></A>, then independent of any decendant's local |
| decision, the decision of the chain will be <code>DENY</code>. |
| |
| <p>It should also be noted that the leaf's inheritance type does not matter |
| and is ignored. |
| |
| <p>It is very important to note that a completely empty ACL (one that has |
| all defaults) is equivalent to having no ACLs. The GSA considers content |
| from the Adaptor as public unless it provides an ACL. Thus, empty ACLs |
| cause a document to become public and the GSA does not use ACLs when |
| considering public documents (and all results are PERMIT). However, for |
| non-Adaptor situations, you can get a document to be private and have no |
| ACLs. In these situations the ACLs are checked, but the result is |
| INDETERMINATE and different authz checks must be made. |
| |
| <p>In order to get perceived-equivalent behavior to the GSA, use |
| <code>true</code> for <code>emptyImpliesPublic</code>; in order to get identical ACL |
| authorization behavior (even though it would most commonly not be |
| computed), use <code>false</code> for <code>emptyImpliesPublic</code>. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>userIdentifier</CODE> - the username of the user<DD><CODE>groups</CODE> - all the groups the user belongs to<DD><CODE>aclChain</CODE> - ordered list of ACLs from root to leaf<DD><CODE>emptyImpliesPublic</CODE> - whether an empty ACL implies that the document is |
| public (if in question, use <code>true</code>). |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the chain is empty, the first element |
| of the chain's <code>getInheritFrom() != null</code>, or if any element but |
| the first has <code>getInheritFrom() == null</code>.<DT><B>See Also:</B><DD><A HREF="../adaptorlib/Acl.html#isAuthorizedLocal(java.lang.String, java.util.Collection)"><CODE>isAuthorizedLocal(java.lang.String, java.util.Collection<java.lang.String>)</CODE></A>, |
| <A HREF="../adaptorlib/Acl.InheritanceType.html" title="enum in adaptorlib"><CODE>Acl.InheritanceType</CODE></A></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="isAuthorizedBatch(java.lang.String, java.util.Collection, java.util.Collection, adaptorlib.Acl.BatchRetriever, boolean)"><!-- --></A><H3> |
| isAuthorizedBatch</H3> |
| <PRE> |
| public static <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</A><<A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A>,<A HREF="../adaptorlib/AuthzStatus.html" title="enum in adaptorlib">AuthzStatus</A>> <B>isAuthorizedBatch</B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> userIdentifier, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> groups, |
| <A HREF="http://download.oracle.com/javase/6/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util">Collection</A><<A HREF="../adaptorlib/DocId.html" title="class in adaptorlib">DocId</A>> ids, |
| <A HREF="../adaptorlib/Acl.BatchRetriever.html" title="interface in adaptorlib">Acl.BatchRetriever</A> retriever, |
| boolean emptyImpliesPublic) |
| throws <A HREF="http://download.oracle.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></PRE> |
| <DL> |
| <DD>Check authz for many DocIds at once. This will only fetch ACL information |
| for a DocId once, even when considering inheritFrom. It will then create |
| the appropriate chains and call <A HREF="../adaptorlib/Acl.html#isAuthorized(java.lang.String, java.util.Collection, java.util.List, boolean)"><CODE>isAuthorized()</CODE></A>. |
| |
| <p>For information concerning <code>emptyImpliesPublic</code>, please see <A HREF="../adaptorlib/Acl.html#isAuthorized(java.lang.String, java.util.Collection, java.util.List, boolean)"><CODE>isAuthorized</CODE></A> for the reasoning and behavior of the option. |
| |
| <p>If there is an inheritance cycle, an ACL for a DocId in <code>ids</code> was |
| not returned by <code>retriever</code> when requested, or an inherited ACL was |
| not returned by <code>retriever</code> when requested, its response will be |
| <A HREF="../adaptorlib/AuthzStatus.html#INDETERMINATE"><CODE>AuthzStatus.INDETERMINATE</CODE></A> for that DocId. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>userIdentifier</CODE> - the username of the user<DD><CODE>groups</CODE> - all the groups the user belongs to<DD><CODE>ids</CODE> - collection of DocIds that need authz performed<DD><CODE>retriever</CODE> - object to use to obtain an ACL for a given DocId<DD><CODE>emptyImpliesPublic</CODE> - whether an empty ACL implies that the document is |
| public (if in question, use <code>true</code>). |
| <DT><B>Throws:</B> |
| <DD><CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></CODE> - if the retriever throws an IOException</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="equals(java.lang.Object)"><!-- --></A><H3> |
| equals</H3> |
| <PRE> |
| public boolean <B>equals</B>(<A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> o)</PRE> |
| <DL> |
| <DD>Equality is determined if all the permit/deny sets are equal and the |
| inheritance is equal. |
| <P> |
| <DD><DL> |
| <DT><B>Overrides:</B><DD><CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A></CODE> in class <CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="hashCode()"><!-- --></A><H3> |
| hashCode</H3> |
| <PRE> |
| public int <B>hashCode</B>()</PRE> |
| <DL> |
| <DD>Returns a hash code for this object that agrees with <code>equals</code>. |
| <P> |
| <DD><DL> |
| <DT><B>Overrides:</B><DD><CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A></CODE> in class <CODE><A HREF="http://download.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| </DL> |
| </DD> |
| </DL> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <HR> |
| |
| |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <A NAME="navbar_bottom"><!-- --></A> |
| <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_bottom_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../adaptorlib/AbstractDocumentTransform.html" title="class in adaptorlib"><B>PREV CLASS</B></A> |
| <A HREF="../adaptorlib/Acl.BatchRetriever.html" title="interface in adaptorlib"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../index.html?adaptorlib/Acl.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="Acl.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: <A HREF="#nested_class_summary">NESTED</A> | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_bottom"></A> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| |
| <HR> |
| |
| </BODY> |
| </HTML> |