public class PentahoEntryCollector
extends org.apache.jackrabbit.core.security.authorization.acl.EntryCollector
org.apache.jackrabbit.core.security.authorization.acl.EntryCollector
in Jackrabbit 2.4.0.
This class is in org.apache.jackrabbit.core.security.authorization.acl
package due to the scope of
collaborating classes.
Changes to original:
Entries
always have null
nextId
.collectEntries()
copied from EntryCollector
uses entries.getNextId()
instead of node.getParentId()
filterEntries()
copied from EntryCollector
as it was static
and
private
.AclMetadataPrincipal
.MagicPrincipal
s on the fly.rootID, systemSession
MOVE, POLICY_ADDED, POLICY_MODIFIED, POLICY_REMOVED
N_ACCESSCONTROL, N_POLICY, N_REPO_POLICY, NT_REP_ACCESS_CONTROL, NT_REP_ACCESS_CONTROLLABLE, NT_REP_ACE, NT_REP_ACL, NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_PRINCIPAL_ACCESS_CONTROL, NT_REP_REPO_ACCESS_CONTROLLABLE, P_GLOB, P_PRINCIPAL_NAME, P_PRIVILEGES
Constructor and Description |
---|
PentahoEntryCollector(org.apache.jackrabbit.core.SessionImpl systemSession,
org.apache.jackrabbit.core.id.NodeId rootID,
Map configuration) |
Modifier and Type | Method and Description |
---|---|
protected void |
addOwnerAce(String owner,
org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate acl)
Creates an ACE that gives full access to the owner.
|
protected List |
collectEntries(org.apache.jackrabbit.core.NodeImpl node,
org.apache.jackrabbit.core.security.authorization.acl.EntryFilter filter)
Overridden since
collectEntries() from EntryCollector called node.getParentId() instead of
entries.getNextId() . |
protected void |
filterEntries(org.apache.jackrabbit.core.security.authorization.acl.EntryFilter filter,
List aces,
LinkedList userAces,
LinkedList groupAces)
Copied from
EntryCollector since that method was private . |
protected org.apache.jackrabbit.core.NodeImpl |
findAccessControlledNode(org.apache.jackrabbit.core.NodeImpl node)
Find the ancestor (maybe the node itself) that is access-controlled.
|
protected org.apache.jackrabbit.core.NodeImpl |
findNonInheritingNode(org.apache.jackrabbit.core.NodeImpl node)
Find the ancestor (maybe the node itself) that is not inheriting ACEs.
|
protected List<PentahoEntry> |
getAcesIncludingMagicAces(String path,
String owner,
org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate ancestorAcl,
org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate acl)
Extracts ACEs including magic aces.
|
protected org.pentaho.platform.api.engine.IAuthorizationPolicy |
getAuthorizationPolicy()
IAuthorizationPolicy is used in magic ACE definitions. |
protected org.apache.jackrabbit.core.security.authorization.acl.PentahoEntryCollector.PentahoEntries |
getEntries(org.apache.jackrabbit.core.NodeImpl node)
Returns an
Entries for the given node. |
protected List<PentahoEntry> |
getRelevantAncestorAces(org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate ancestorAcl)
Selects (and modifies) ACEs containing JCR_ADD_CHILD_NODES or JCR_REMOVE_CHILD_NODES privileges from the given
ACL.
|
protected IRoleAuthorizationPolicyRoleBindingDao |
getRoleBindingDao() |
protected List<String> |
getRuntimeRoleNames() |
protected org.apache.jackrabbit.core.NodeImpl |
getVersionable(org.apache.jackrabbit.core.NodeImpl node)
Incoming node is in versionStorage.
|
protected boolean |
isAllowed(IRoleAuthorizationPolicyRoleBindingDao roleBindingDao,
String logicalRoleName) |
protected void |
notifyListeners(org.apache.jackrabbit.core.security.authorization.AccessControlModifications modifications) |
close, getEntries, onEvent
public PentahoEntryCollector(org.apache.jackrabbit.core.SessionImpl systemSession, org.apache.jackrabbit.core.id.NodeId rootID, Map configuration) throws javax.jcr.RepositoryException
javax.jcr.RepositoryException
protected org.apache.jackrabbit.core.NodeImpl findAccessControlledNode(org.apache.jackrabbit.core.NodeImpl node) throws javax.jcr.RepositoryException
javax.jcr.RepositoryException
protected org.apache.jackrabbit.core.NodeImpl findNonInheritingNode(org.apache.jackrabbit.core.NodeImpl node) throws javax.jcr.RepositoryException
javax.jcr.RepositoryException
protected org.apache.jackrabbit.core.security.authorization.acl.PentahoEntryCollector.PentahoEntries getEntries(org.apache.jackrabbit.core.NodeImpl node) throws javax.jcr.RepositoryException
Entries
for the given node. This is where most of the customization lives.getEntries
in class org.apache.jackrabbit.core.security.authorization.acl.EntryCollector
javax.jcr.RepositoryException
protected org.apache.jackrabbit.core.NodeImpl getVersionable(org.apache.jackrabbit.core.NodeImpl node) throws javax.jcr.RepositoryException
javax.jcr.RepositoryException
protected org.pentaho.platform.api.engine.IAuthorizationPolicy getAuthorizationPolicy()
IAuthorizationPolicy
is used in magic ACE definitions.protected IRoleAuthorizationPolicyRoleBindingDao getRoleBindingDao()
protected List<PentahoEntry> getAcesIncludingMagicAces(String path, String owner, org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate ancestorAcl, org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate acl) throws javax.jcr.RepositoryException
Modifications to these ACLs are not persisted.
javax.jcr.RepositoryException
protected List<PentahoEntry> getRelevantAncestorAces(org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate ancestorAcl) throws javax.jcr.RepositoryException
Modifications to this ACL are not persisted. ACEs must be created in the given ACL because the path embedded in the given ACL plays into authorization decisions using parentPrivs.
javax.jcr.RepositoryException
protected void addOwnerAce(String owner, org.apache.jackrabbit.core.security.authorization.acl.ACLTemplate acl) throws javax.jcr.RepositoryException
Modifications to this ACL are not persisted.
javax.jcr.RepositoryException
protected List collectEntries(org.apache.jackrabbit.core.NodeImpl node, org.apache.jackrabbit.core.security.authorization.acl.EntryFilter filter) throws javax.jcr.RepositoryException
collectEntries()
from EntryCollector
called node.getParentId()
instead of
entries.getNextId()
.collectEntries
in class org.apache.jackrabbit.core.security.authorization.acl.EntryCollector
javax.jcr.RepositoryException
protected void filterEntries(org.apache.jackrabbit.core.security.authorization.acl.EntryFilter filter, List aces, LinkedList userAces, LinkedList groupAces)
EntryCollector
since that method was private
.protected boolean isAllowed(IRoleAuthorizationPolicyRoleBindingDao roleBindingDao, String logicalRoleName) throws javax.jcr.RepositoryException
javax.jcr.RepositoryException
protected void notifyListeners(org.apache.jackrabbit.core.security.authorization.AccessControlModifications modifications)
notifyListeners
in class org.apache.jackrabbit.core.security.authorization.AccessControlObserver
Copyright © 2019 Hitachi Vantara. All rights reserved.