public final class WDAcl extends Object
WDAcl handles all DAV: properties defined in WebDAV ACL for a
particular IResource
.
In particular each WDAcl has the following properties:
hasManager()
). Without a manager,
the ACL really is a fake and cannot be changed. Especially without
a manager, an application can expect that all operations are allowed.IPrivilege
s
which can be used for named lookup of privileges and containement of privileges. All
WebDAV defined privileges can be expected to be present in the tree, however some
might be abstract. Abstract privileges cannot be set for a resource.IAce
s which
define which privilege is granted or denied for which principal.Copyright (c) SAP AG 2001-2006
Modifier and Type | Field and Description |
---|---|
static int |
EVAL_ALL_GRANT_FIRST
Entries evaluated by matching GRANTs before DENY
|
static int |
EVAL_FIRST_MATCH
Entries evaluated in the order specified
|
static int |
EVAL_SPECIFIC_DENY_OVERRIDES
Entries evaluated by matching DENY for Principal first
|
Constructor and Description |
---|
WDAcl(IResource resource)
Construct a WDAcl for a certain resource.
|
Modifier and Type | Method and Description |
---|---|
boolean |
allowsDenyAfterGrant()
DENY ACL entries can follow GRANT entries
|
boolean |
allowsGrantOnly()
Can only GRANT, but not DENY privileges
|
boolean |
allowsPrincipalsOnce()
Can have multiple entries for one Principal
|
void |
appendTo(Element element,
IHierarchicalUri servletUri)
Append a WebDAV ACL conform representation of the Access Control
List to the given Element.
|
List |
getAces()
Return the List of
IAce
objects for this Access Control List |
List |
getAces(Element acl,
IHierarchicalUri baseUrl,
IResourceContext context)
Return the List of
IAce
objects, representing the given DAV:ace property |
Set |
getCurrentUserSet()
Retrieves the DAV:current-user-privilege-set as Set of
IPrivilege s. |
int |
getEvaluationOrder()
Return the order in which entries are evaluated, when
multiple entries match a certain Principal.
|
IPrincipal |
getOwner()
Return the principal owning the ACL.
|
IResource |
getResource()
Returns the resource to which this ACL belongs.
|
IPrivilege |
getSupported()
Retrieve the tree's root of supported IPrivileges.
|
boolean |
hasManager()
Returns if there is a Manager handling ACLs
|
boolean |
isReadOnly()
Return if ACLs for this resource are generally read only.
|
protected static ResourceException |
map(AclException ex,
RID rid) |
void |
setAces(List newList,
boolean deep)
Sets the list of given IAce objects as new access control list.
|
Element |
toElement(Document document,
IHierarchicalUri servletUri)
Return an Element representing the DAV:acl property for the
access control list of the resource.
|
public static final int EVAL_FIRST_MATCH
public static final int EVAL_ALL_GRANT_FIRST
public static final int EVAL_SPECIFIC_DENY_OVERRIDES
public WDAcl(IResource resource) throws ResourceException
resource
- to retrieve ACL information forResourceException
- on internal failurespublic boolean allowsGrantOnly()
public boolean allowsPrincipalsOnce()
public boolean allowsDenyAfterGrant()
public int getEvaluationOrder()
public boolean hasManager()
public boolean isReadOnly()
public List getAces() throws ResourceException
IAce
objects for this Access Control ListIAce
ResourceException
- no descriptionpublic List getAces(Element acl, IHierarchicalUri baseUrl, IResourceContext context) throws ResourceException
IAce
objects, representing the given DAV:ace propertyacl
- DAV:acl property as in ACL Methodcontext
- no descriptionIAce
ResourceException
- no descriptionpublic Set getCurrentUserSet() throws ResourceException
IPrivilege
s.
A privilege is part of the list, if the current user was
granted that privilege (implicit or explicit).IPrivilege
sResourceException
- no descrippublic IPrincipal getOwner() throws ResourceException
ResourceException
- no descriptionpublic IResource getResource()
public IPrivilege getSupported() throws ResourceException
IPrivilege
.ResourceException
- no descriptionpublic void appendTo(Element element, IHierarchicalUri servletUri) throws ResourceException
servletUri
- no descriptionelement
- where DAV:ace shall be appendedResourceException
- no descriptionpublic Element toElement(Document document, IHierarchicalUri servletUri) throws ResourceException
document
- the Document where the Element is created inservletUri
- no descriptionResourceException
- no descriptionpublic void setAces(List newList, boolean deep) throws ResourceException
deep
- no descriptionnewList
- the list of IAce
sResourceException
- if ACL could not be changedprotected static ResourceException map(AclException ex, RID rid)
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] KMC-CM
|
[sap.com] tc/km/frwk
|
api
|
EP-KM-CM
|
[sap.com] KMC-WPC
|
[sap.com] tc/kmc/wpc/wpcfacade
|
api
|
EP-PIN-WPC-WCM
|
Copyright 2018 SAP AG Complete Copyright Notice