IRepositoryFileAclDao

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.pentaho.platform.repository2.unified
Interface IRepositoryFileAclDao

All Known Implementing Classes:: JackrabbitRepositoryFileAclDao

public interface IRepositoryFileAclDao

A data access object for reading and writing RepositoryFileAcl instances. The methods in this interface might closely resemble those in IUnifiedRepository but this interface is not part of the public Pentaho API and can evolve independently.

Author:: mlowery

Method Summary
`void`	`addAce(Serializable fileId, RepositoryFileSid recipient, EnumSet<RepositoryFilePermission> permission)` Adds ACE to end of ACL.
`RepositoryFileAcl`	`createAcl(Serializable fileId, RepositoryFileAcl acl)` Creates an ACL.
`RepositoryFileAcl`	`getAcl(Serializable fileId)` Returns ACL for file.
`List<RepositoryFileAce>`	`getEffectiveAces(Serializable fileId, boolean forceEntriesInheriting)` Returns the list of access control entries that will be used to make an access control decision.
`boolean`	`hasAccess(String relPath, EnumSet<RepositoryFilePermission> permissions)` Returns `true` if the user has all of the permissions.
`void`	`setFullControl(Serializable fileId, RepositoryFileSid sid, RepositoryFilePermission permission)` Gives full control (all permissions) to given sid.
`RepositoryFileAcl`	`updateAcl(RepositoryFileAcl acl)` Updates an ACL.

Method Detail

getEffectiveAces

List<RepositoryFileAce> getEffectiveAces(Serializable fileId,
                                         boolean forceEntriesInheriting)

Returns the list of access control entries that will be used to make an access control decision.

Parameters:: fileId - file id; forceEntriesInheriting - true to treat ACL as if isEntriesInheriting was true; this avoids having the caller fetch the parent of ACL belonging to file with fileId; no change is persisted to the ACL
Returns:: list of ACEs

hasAccess

boolean hasAccess(String relPath,
                  EnumSet<RepositoryFilePermission> permissions)

Returns true if the user has all of the permissions. The implementation should return false if either the user does not have access or the file does not exist.

Parameters:: relPath - path to file; permissions - permissions to check
Returns:: true if user has access

getAcl

RepositoryFileAcl getAcl(Serializable fileId)

Returns ACL for file.

Parameters:: fileId - file id
Returns:: access control list

updateAcl

RepositoryFileAcl updateAcl(RepositoryFileAcl acl)

Updates an ACL.

Parameters:: acl - ACL to set; must have non-null id
Returns:: updated ACL

createAcl

RepositoryFileAcl createAcl(Serializable fileId,
                            RepositoryFileAcl acl)

Creates an ACL.

Parameters:: fileId - file id; acl - file acl
Returns:: acl with id populated

addAce

void addAce(Serializable fileId,
            RepositoryFileSid recipient,
            EnumSet<RepositoryFilePermission> permission)

Adds ACE to end of ACL. ACL should already have been created. updateAcl(RepositoryFileAcl) should not need to be called after this method returns.

Parameters:: fileId - file id; recipient - recipient of permission; permission - permission to set

setFullControl

void setFullControl(Serializable fileId,
                    RepositoryFileSid sid,
                    RepositoryFilePermission permission)

Gives full control (all permissions) to given sid. updateAcl(RepositoryFileAcl) should not need to be called after this method returns.

Parameters:: fileId - file id; sid - sid that should own the domain object associated with this ACL; permision - permission representing full control