Package org.pentaho.platform.api.engine

Interface IPentahoBasicAclEntry

    • Method Detail

      • getAclObjectIdentity

        IPentahoAclObjectIdentity getAclObjectIdentity()
        Deprecated.
        Indicates the domain object instance that is subject of this BasicAclEntry. This information may be of interest to relying classes (voters and business methods) that wish to know the actual origination of the ACL entry (so as to distinguish individual ACL entries from others contributed by the inheritance hierarchy).
        Returns:
        the ACL object identity that is subject of this ACL entry (never null)

      • getAclObjectParentIdentity

        IPentahoAclObjectIdentity getAclObjectParentIdentity()
        Deprecated.
        Indicates any ACL parent of the domain object instance. This is used by BasicAclProvider to walk the inheritance hierarchy. An domain object instance need not have a parent.
        Returns:
        the ACL object identity that is the parent of this ACL entry (may be null if no parent should be consulted)

      • getMask

        int getMask()
        Deprecated.
        Access control lists in this package are based on bit masking. The integer value of the bit mask can be obtained from this method.
        Returns:
        the bit mask applicable to this ACL entry (zero indicates a bit mask where no permissions have been granted)

      • getRecipient

        Object getRecipient()
        Deprecated.
        A domain object instance will usually have multiple BasicAclEntrys. Each separate BasicAclEntry applies to a particular "recipient". Typical examples of recipients include (but do not necessarily have to include) usernames, role names, complex granted authorities etc.

        It is essential that only one BasicAclEntry exists for a given recipient. Otherwise conflicts as to the mask that should apply to a given recipient will occur.

        This method indicates which recipient this BasicAclEntry applies to. The returned object type will vary depending on the type of recipient. For instance, it might be a String containing a username, or a GrantedAuthorityImpl containing a complex granted authority that is being granted the permissions contained in this access control entry. The EffectiveAclsResolver and BasicAclProvider#getAcls(Object,org.springframework.security.Authentication) can process the different recipient types and return only those that apply to a specified Authentication object.

        Returns:
        the recipient of this access control list entry (never null)

      • isPermitted

        boolean isPermitted​(int permissionToCheck)
        Deprecated.
        Determine if the mask of this entry includes this permission or not
        Parameters:
        permissionToCheck -
        Returns:
        if the entry's mask includes this permission

      • setAclObjectIdentity

        void setAclObjectIdentity​(IPentahoAclObjectIdentity aclObjectIdentity)
        Deprecated.
        This setter should only be used by DAO implementations.
        Parameters:
        aclObjectIdentity - an object which can be used to uniquely identify the domain object instance subject of this ACL entry

      • setAclObjectParentIdentity

        void setAclObjectParentIdentity​(IPentahoAclObjectIdentity aclObjectParentIdentity)
        Deprecated.
        This setter should only be used by DAO implementations.
        Parameters:
        aclObjectParentIdentity - an object which represents the parent of the domain object instance subject of this ACL entry, or null if either the domain object instance has no parent or its parent should be not used to compute an inheritance hierarchy

      • setMask

        void setMask​(int mask)
        Deprecated.
        This setter should only be used by DAO implementations.
        Parameters:
        mask - the integer representing the permissions bit mask

      • setRecipient

        void setRecipient​(Object recipient)
        Deprecated.
        This setter should only be used by DAO implementations.
        Parameters:
        recipient - a representation of the recipient of this ACL entry that makes sense to an EffectiveAclsResolver implementation