atg.security
Class AccessControlEntry

java.lang.Object
  atg.security.AccessControlEntry

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable, java.security.acl.AclEntry

public class AccessControlEntry
extends java.lang.Object
implements java.io.Serializable, java.security.acl.AclEntry, java.lang.Cloneable

An immutable object that defines a set of access rights granted to a given persona.

java.security.acl.AclEntry compatibility notes:

• Modification is always denied (i.e. addPermission(), removePermission(), setNegativePermissions(), and setPrincipal() will never succeed).
• checkPermission() can only succeed if Permission is an instance of AccessRight.

See Also:

Persona, AccessRight, Serialized Form

Field Summary

static java.lang.String	CLASS_VERSION
static int	DENY Indicates that the rights in this ACE should be specifically denied.
static int	GRANT Indicates that the right that is to be granted.
static AccessControlEntry[]	NO_ACES An empty array of access control entries.

Constructor Summary

AccessControlEntry(Persona pPersona)
Creates an access control entry object, with no access rights, for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight pRight)
Creates an access control entry object with the specified access right for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight[] pRights)
Creates an access control entry object, with the specified access rights, for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight[] pRights, boolean pNegative)
Creates an access control entry object, with the specified access rights and negativity, for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight[] pRights, int pType)
Creates an access control entry object, with the specified access rights and associated flags, for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight pRight, boolean pNegative)
Creates an access control entry object with the specified access right and negativity for the specified persona.

AccessControlEntry(Persona pPersona, AccessRight pRight, int pType)
Creates an access control entry object with the specified access right and flags for the specified persona.

Method Summary

boolean	addPermission(java.security.acl.Permission pPermission)
boolean	checkPermission(java.security.acl.Permission pPermission)
java.lang.Object	clone()
boolean	equals(java.lang.Object pObject)
AccessRight[]	getAccessRights() Returns the set of access rights granted this role.
Persona	getPersona() Returns the Persona granted this set of access rights.
java.security.Principal	getPrincipal()
int	getType() Returns the type of ACE.
boolean	hasAccessRight(AccessRight pRight) Returns true if the indicated access right is one of those in this access control entry object.
boolean	hasAccessRight(User pUser, AccessRight pRight) Returns true if the access control entry object has the specified access right for the specified role.
boolean	hasAccessRight(User pUser, AccessRight pRight, int pType) Returns true if the access control entry object has the specified access right for the specified role if this ACE is the same type as specified.
boolean	hasAccessRights(AccessRight[] pRights) Returns true if the indicated access rights are included in those of this access control entry object.
boolean	isNegative()
static void	main(java.lang.String[] args)
static AccessControlEntry[]	parse(java.lang.String pRightsString, SecurityContext pContext) Parses a list of access control entry elements into a string.
static AccessControlEntry[]	parse(java.lang.String pRightsString, SecurityContext pContext, boolean pBestEffort) Parses a list of access control entry elements into a string.
java.util.Enumeration	permissions()
boolean	removePermission(java.security.acl.Permission pPermission)
void	setNegativePermissions()
boolean	setPrincipal(java.security.Principal pPrincipal)
java.lang.String	toString()

Methods inherited from class java.lang.Object

finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

NO_ACES

public static final AccessControlEntry[] NO_ACES

An empty array of access control entries.

GRANT

public static final int GRANT

Indicates that the right that is to be granted. This is the default ACE type.

See Also:

Constant Field Values

DENY

public static final int DENY

Indicates that the rights in this ACE should be specifically denied. This feature is not supported by all security domains or policies.

See Also:

Constant Field Values

Constructor Detail

AccessControlEntry

public AccessControlEntry(Persona pPersona)

Creates an access control entry object, with no access rights, for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight pRight)

Creates an access control entry object with the specified access right for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight pRight,
                          int pType)

Creates an access control entry object with the specified access right and flags for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight pRight,
                          boolean pNegative)

Creates an access control entry object with the specified access right and negativity for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight[] pRights)

Creates an access control entry object, with the specified access rights, for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight[] pRights,
                          int pType)

Creates an access control entry object, with the specified access rights and associated flags, for the specified persona.

AccessControlEntry

public AccessControlEntry(Persona pPersona,
                          AccessRight[] pRights,
                          boolean pNegative)

Creates an access control entry object, with the specified access rights and negativity, for the specified persona.

Method Detail

getPersona

public Persona getPersona()

Returns the Persona granted this set of access rights.

getAccessRights

public AccessRight[] getAccessRights()

Returns the set of access rights granted this role.

getType

public int getType()

Returns the type of ACE.

hasAccessRight

public boolean hasAccessRight(AccessRight pRight)

Returns true if the indicated access right is one of those in this access control entry object.

See Also:

AccessRight

hasAccessRights

public boolean hasAccessRights(AccessRight[] pRights)

Returns true if the indicated access rights are included in those of this access control entry object.

Parameters:

pRights - a list of access rights

Returns:

true if all specified rights are included in this entry

See Also:

AccessRight

hasAccessRight

public boolean hasAccessRight(User pUser,
                              AccessRight pRight)

Returns true if the access control entry object has the specified access right for the specified role.

hasAccessRight

public boolean hasAccessRight(User pUser,
                              AccessRight pRight,
                              int pType)

Returns true if the access control entry object has the specified access right for the specified role if this ACE is the same type as specified.

parse

public static AccessControlEntry[] parse(java.lang.String pRightsString,
                                         SecurityContext pContext)
                                  throws SecurityException

Parses a list of access control entry elements into a string.

Throws:

SecurityException - if there is an error parsing the list. Usually this is an InvalidAccessRightException.

parse

public static AccessControlEntry[] parse(java.lang.String pRightsString,
                                         SecurityContext pContext,
                                         boolean pBestEffort)
                                  throws SecurityException

Parses a list of access control entry elements into a string. If pBestEffort is true, this will ignore errors during processing, returning the best representation it can manage.

Throws:

SecurityException - if there is an error parsing the list. Usually this is an InvalidAccessRightException unless pBestEffort is true.

equals

public boolean equals(java.lang.Object pObject)

Overrides:

equals in class java.lang.Object

toString

public java.lang.String toString()

Specified by:

toString in interface java.security.acl.AclEntry

Overrides:

toString in class java.lang.Object

addPermission

public boolean addPermission(java.security.acl.Permission pPermission)

Specified by:

addPermission in interface java.security.acl.AclEntry

checkPermission

public boolean checkPermission(java.security.acl.Permission pPermission)

Specified by:

checkPermission in interface java.security.acl.AclEntry

clone

public java.lang.Object clone()

Specified by:

clone in interface java.security.acl.AclEntry

Overrides:

clone in class java.lang.Object

getPrincipal

public java.security.Principal getPrincipal()

Specified by:

getPrincipal in interface java.security.acl.AclEntry

isNegative

public boolean isNegative()

Specified by:

isNegative in interface java.security.acl.AclEntry

permissions

public java.util.Enumeration permissions()

Specified by:

permissions in interface java.security.acl.AclEntry

removePermission

public boolean removePermission(java.security.acl.Permission pPermission)

Specified by:

removePermission in interface java.security.acl.AclEntry

setNegativePermissions

public void setNegativePermissions()

Specified by:

setNegativePermissions in interface java.security.acl.AclEntry

setPrincipal

public boolean setPrincipal(java.security.Principal pPrincipal)

Specified by:

setPrincipal in interface java.security.acl.AclEntry

main

public static void main(java.lang.String[] args)