Interface IRepositoryFileAclDao
-
- All Known Implementing Classes:
FileSystemFileAclDao
,JcrRepositoryFileAclDao
public interface IRepositoryFileAclDao
A data access object for reading and writingRepositoryFileAcl
instances. The methods in this interface might closely resemble those inIUnifiedRepository
but this interface is not part of the public Pentaho API and can evolve independently.- Author:
- mlowery
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addAce(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileSid recipient, EnumSet<org.pentaho.platform.api.repository2.unified.RepositoryFilePermission> permission)
Adds ACE to end of ACL.org.pentaho.platform.api.repository2.unified.RepositoryFileAcl
createAcl(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileAcl acl)
Creates an ACL.org.pentaho.platform.api.repository2.unified.RepositoryFileAcl
getAcl(Serializable fileId)
Returns ACL for file.List<org.pentaho.platform.api.repository2.unified.RepositoryFileAce>
getEffectiveAces(Serializable fileId, boolean forceEntriesInheriting)
Returns the list of access control entries that will be used to make an access control decision.boolean
hasAccess(String relPath, EnumSet<org.pentaho.platform.api.repository2.unified.RepositoryFilePermission> permissions)
Returnstrue
if the user has all of the permissions.void
setFullControl(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileSid sid, org.pentaho.platform.api.repository2.unified.RepositoryFilePermission permission)
Gives full control (all permissions) to given sid.org.pentaho.platform.api.repository2.unified.RepositoryFileAcl
updateAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl acl)
Updates an ACL.
-
-
-
Method Detail
-
getEffectiveAces
List<org.pentaho.platform.api.repository2.unified.RepositoryFileAce> getEffectiveAces(Serializable fileId, boolean forceEntriesInheriting)
Returns the list of access control entries that will be used to make an access control decision.- Parameters:
fileId
- file idforceEntriesInheriting
-true
to treat ACL as ifisEntriesInheriting
was true; this avoids having the caller fetch the parent of ACL belonging to file withfileId
; no change is persisted to the ACL- Returns:
- list of ACEs
-
hasAccess
boolean hasAccess(String relPath, EnumSet<org.pentaho.platform.api.repository2.unified.RepositoryFilePermission> permissions)
Returnstrue
if the user has all of the permissions. The implementation should returnfalse
if either the user does not have access or the file does not exist.- Parameters:
relPath
- path to filepermissions
- permissions to check- Returns:
true
if user has access
-
getAcl
org.pentaho.platform.api.repository2.unified.RepositoryFileAcl getAcl(Serializable fileId)
Returns ACL for file.- Parameters:
fileId
- file id- Returns:
- access control list
-
updateAcl
org.pentaho.platform.api.repository2.unified.RepositoryFileAcl updateAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl acl)
Updates an ACL.- Parameters:
acl
- ACL to set; must have non-null id- Returns:
- updated ACL
-
createAcl
org.pentaho.platform.api.repository2.unified.RepositoryFileAcl createAcl(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileAcl acl)
Creates an ACL.- Parameters:
fileId
- file idacl
- file acl- Returns:
- acl with id populated
-
addAce
void addAce(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileSid recipient, EnumSet<org.pentaho.platform.api.repository2.unified.RepositoryFilePermission> permission)
Adds ACE to end of ACL. ACL should already have been created.updateAcl(RepositoryFileAcl)
should not need to be called after this method returns.- Parameters:
fileId
- file idrecipient
- recipient of permissionpermission
- permission to set
-
setFullControl
void setFullControl(Serializable fileId, org.pentaho.platform.api.repository2.unified.RepositoryFileSid sid, org.pentaho.platform.api.repository2.unified.RepositoryFilePermission permission)
Gives full control (all permissions) to given sid.updateAcl(RepositoryFileAcl)
should not need to be called after this method returns.- Parameters:
fileId
- file idsid
- sid that should own the domain object associated with this ACLpermision
- permission representing full control
-
-