|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.opencms.security.CmsAccessControlEntry
An access control entry defines the permissions of a user or group for a distinct resource.
Besides the CmsPermissionSet
to define the permissions, the access control entry
contains the UUID of the resource and of the principal (user or group) who has the defined permissions.
Since the principal is identified by its UUID, any other entity may act as principal also.
Additionally, the entry stores various flags:
ACCESS_FLAGS_DELETED
indicates that this entry is deleted
ACCESS_FLAGS_INHERIT
indicates that this entry should be inherited
ACCESS_FLAGS_OVERWRITE
indicates that this entry overwrites inherited settings
ACCESS_FLAGS_INHERITED
indicates that this entry is inherited
ACCESS_FLAGS_USER
indicates that the principal is a single user
ACCESS_FLAGS_GROUP
indicates that the principal is a group
Field Summary | |
static int |
ACCESS_FLAGS_DELETED
Flag to indicate that an access control entry is currently deleted. |
static int |
ACCESS_FLAGS_GROUP
Flag to indicate the pricipal type group. |
static int |
ACCESS_FLAGS_INHERIT
Flag to indicate that an access control entry should be inherited. |
static int |
ACCESS_FLAGS_INHERITED
Flag to indicate that an access control entry was inherited (read only). |
static int |
ACCESS_FLAGS_OVERWRITE
Flag to indicate that an access control entry overwrites inherited entries. |
static int |
ACCESS_FLAGS_RESPONSIBLE
Flag to indicate that the principal is responsible for the resource. |
static int |
ACCESS_FLAGS_USER
Flag to indicate the principal type user. |
Constructor Summary | |
CmsAccessControlEntry(CmsUUID resource,
CmsAccessControlEntry base)
Constructor to create a new access control entry for a given resource based on an existing access control entry. |
|
CmsAccessControlEntry(CmsUUID resource,
CmsUUID principal,
CmsPermissionSet permissions,
int flags)
Constructor to create a new access control entry on a given resource and a given principal. |
|
CmsAccessControlEntry(CmsUUID resource,
CmsUUID principal,
int allowed,
int denied,
int flags)
Constructor to create a new access control entry on a given resource and a given principal. |
|
CmsAccessControlEntry(CmsUUID resource,
CmsUUID principal,
java.lang.String acPermissionString)
Constructor to create a new access control entry on a given resource and a given principal. |
Method Summary | |
void |
denyPermissions(int denied)
Sets the explicitly denied permissions in the access control entry. |
boolean |
equals(java.lang.Object obj)
|
int |
getAllowedPermissions()
Returns the currently allowed permissions as bitset. |
int |
getDeniedPermissions()
Returns the currently denied permissions as bitset. |
int |
getFlags()
Returns the current flags of the access control entry. |
CmsPermissionSet |
getPermissions()
Returns the current permission set (both allowed and denied permissions). |
CmsUUID |
getPrincipal()
Returns the principal assigned with this access control entry. |
CmsUUID |
getResource()
Returns the resource assigned with this access control entry. |
java.lang.String |
getResponsibleString()
Returns the string representation of the "responsible" flag. |
void |
grantPermissions(int allowed)
Sets the allowed permissions in the access control entry. |
int |
hashCode()
|
boolean |
isInherited()
Returns if this access control entry has the inherited flag set. |
boolean |
isResponsible()
Returns if the principal is responsible for the current resource. |
void |
resetFlags(int flags)
Resets the given flags in the access control entry. |
void |
setFlags(int flags)
Sets the given flags in the access control entry. |
void |
setFlagsForPrincipal(I_CmsPrincipal principal)
Sets the access flags to identify the given principal type. |
void |
setPermissions(CmsPermissionSet permissions)
Sets the allowed and denied permissions of the access control entry. |
java.lang.String |
toString()
Returns the String representation of this access control entry object. |
Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
public static final int ACCESS_FLAGS_DELETED
public static final int ACCESS_FLAGS_GROUP
public static final int ACCESS_FLAGS_INHERIT
public static final int ACCESS_FLAGS_INHERITED
public static final int ACCESS_FLAGS_OVERWRITE
public static final int ACCESS_FLAGS_RESPONSIBLE
public static final int ACCESS_FLAGS_USER
Constructor Detail |
public CmsAccessControlEntry(CmsUUID resource, CmsAccessControlEntry base)
resource
- the resourcebase
- the base for the created access control entrypublic CmsAccessControlEntry(CmsUUID resource, CmsUUID principal, CmsPermissionSet permissions, int flags)
Permissions are specified as permission set, flags as bitset.
resource
- the resourceprincipal
- the id of a principal (user or group)permissions
- the set of allowed and denied permissions as permission setflags
- additional flags of the access control entrypublic CmsAccessControlEntry(CmsUUID resource, CmsUUID principal, int allowed, int denied, int flags)
Permissions and flags are specified as bitsets.
resource
- the resourceprincipal
- the id of a principal (user or group)allowed
- the set of allowed permissionsdenied
- set set of explicitly denied permissionsflags
- additional flags of the access control entryCmsPermissionSet
public CmsAccessControlEntry(CmsUUID resource, CmsUUID principal, java.lang.String acPermissionString)
Permission and flags are specified as string of the format {{+|-}{r|w|v|c|i}}*
resource
- the resourceprincipal
- the id of a principal (user or group)acPermissionString
- allowed and denied permissions and also flagsMethod Detail |
public void denyPermissions(int denied)
denied
- the denied permissions as bitsetpublic boolean equals(java.lang.Object obj)
Object.equals(java.lang.Object)
public int getAllowedPermissions()
public int getDeniedPermissions()
public int getFlags()
public CmsPermissionSet getPermissions()
public CmsUUID getPrincipal()
public CmsUUID getResource()
public java.lang.String getResponsibleString()
public void grantPermissions(int allowed)
allowed
- the allowed permissions as bitsetpublic int hashCode()
Object.hashCode()
public boolean isInherited()
Note: to check if an access control entry is inherited, also the resource id and the id of the current resource must be different.
public boolean isResponsible()
public void resetFlags(int flags)
flags
- bitset with flag values to resetpublic void setFlags(int flags)
flags
- bitset with flag values to setpublic void setFlagsForPrincipal(I_CmsPrincipal principal)
principal
- the principal to set the flags forpublic void setPermissions(CmsPermissionSet permissions)
permissions
- the set of permissionspublic java.lang.String toString()
Object.toString()
|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |