atg.security
Interface SecuredContainer

All Known Subinterfaces:
SecuredRepositoryItemDescriptor

public interface SecuredContainer

An interface to be implemented by any object that wants to supply inherited security information to a SecuredObject. Note that the container may not be a SecuredObject itself.


Field Summary
static java.lang.String CLASS_VERSION
           
 
Method Summary
 AccessControlList getCreationAccessControlList()
          Returns the access control list fragment that may be added to any child of this container when it is created or inserted.
 atg.security.AccessControlListTemplate getCreationOwnerAccessControlListTemplate()
          Returns the template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object.
 atg.security.AccessControlListTemplate getCreationSubPersonaAccessControlListTemplate()
          Returns the template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object.
 AccessControlList getInheritableAccessControlList()
          Returns the access control list fragment that may be added to any child of this container when access checking is performed on an object.
 Persona getOwner()
          Returns the owner of the secured container.
 SecurityContext getSecurityContext()
          Returns the security system context information appropriate to this object.
 void setCreationAccessControlList(AccessControlList acl)
          Changes the access control list fragment that may be added to any child of this container when it is created or inserted.
 void setCreationOwnerAccessControlListTemplate(atg.security.AccessControlListTemplate template)
          Changes the template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object.
 void setCreationSubPersonaAccessControlListTemplate(atg.security.AccessControlListTemplate template)
          Changes the template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object.
 void setInheritableAccessControlList(AccessControlList acl)
          Changes the access control list fragment that may be added to any child of this container when access checking is performed on an object.
 void setOwner(Persona persona)
          Changes the owner of the secured container.
 AccessControlList unsecuredGetCreationAccessControlList()
          Returns the access control list to use when creating a new object without performing access control checking.
 atg.security.AccessControlListTemplate unsecuredGetCreationOwnerAccessControlListTemplate()
          Returns a template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object.
 atg.security.AccessControlListTemplate unsecuredGetCreationSubPersonaAccessControlListTemplate()
          Returns a template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object.
 AccessControlList unsecuredGetInheritableAccessControlList()
          Returns the access control list that should be inherited on creation of an object by a new child.
 Persona unsecuredGetOwner()
          Returns the owner of the container without performing access control checking.
 

Field Detail

CLASS_VERSION

static final java.lang.String CLASS_VERSION
See Also:
Constant Field Values
Method Detail

getOwner

Persona getOwner()
                 throws SecurityException
Returns the owner of the secured container. This information is usually used by the SecurityPolicy.getCreationAccessControlList() and SecurityPolicy.getEffectiveAccessControlList() methods to determine whether or not an inherited access control list fragment is applicable to a particular object. It is a good idea to not allow a secured container that does not have WRITE_ACL access to a secured object the ability to modify the ACL of the object via inheritance.

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object), SecurityPolicy.getEffectiveAccessControlList(java.lang.Object)

setOwner

void setOwner(Persona persona)
              throws SecurityException
Changes the owner of the secured container. This information is usually used by the SecurityPolicy.getCreationAccessControlList() and SecurityPolicy.getEffectiveAccessControlList() methods to determine whether or not an inherited access control list fragment is applicable to a particular object. It is a good idea to not allow a secured container that does not have WRITE_ACL access to a secured object the ability to modify the ACL of the object via inheritance.

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object), SecurityPolicy.getEffectiveAccessControlList(java.lang.Object)

getCreationAccessControlList

AccessControlList getCreationAccessControlList()
                                               throws SecurityException
Returns the access control list fragment that may be added to any child of this container when it is created or inserted. This is used by generic implementations of SecurityPolicy.getCreationAccessControlList().

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object)

setCreationAccessControlList

void setCreationAccessControlList(AccessControlList acl)
                                  throws SecurityException
Changes the access control list fragment that may be added to any child of this container when it is created or inserted. Whether or not this access control list will be applied is determined by SecurityPolicy.getCreationAccessControlList().

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object)

getCreationOwnerAccessControlListTemplate

atg.security.AccessControlListTemplate getCreationOwnerAccessControlListTemplate()
                                                                                 throws SecurityException
Returns the template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object.

Throws:
SecurityException

setCreationOwnerAccessControlListTemplate

void setCreationOwnerAccessControlListTemplate(atg.security.AccessControlListTemplate template)
                                               throws SecurityException
Changes the template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object.

Throws:
SecurityException

getCreationSubPersonaAccessControlListTemplate

atg.security.AccessControlListTemplate getCreationSubPersonaAccessControlListTemplate()
                                                                                      throws SecurityException
Returns the template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object.

Throws:
SecurityException

setCreationSubPersonaAccessControlListTemplate

void setCreationSubPersonaAccessControlListTemplate(atg.security.AccessControlListTemplate template)
                                                    throws SecurityException
Changes the template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object.

Throws:
SecurityException

getInheritableAccessControlList

AccessControlList getInheritableAccessControlList()
                                                  throws SecurityException
Returns the access control list fragment that may be added to any child of this container when access checking is performed on an object. This is used by generic implementations of SecurityPolicy.getEffectiveAccessControlList().

Throws:
SecurityException
See Also:
SecurityPolicy.getEffectiveAccessControlList(java.lang.Object)

setInheritableAccessControlList

void setInheritableAccessControlList(AccessControlList acl)
                                     throws SecurityException
Changes the access control list fragment that may be added to any child of this container when access checking is performed on an object. This is used by generic implementations of SecurityPolicy.getEffectiveAccessControlList().

Throws:
SecurityException
See Also:
SecurityPolicy.getEffectiveAccessControlList(java.lang.Object)

getSecurityContext

SecurityContext getSecurityContext()
Returns the security system context information appropriate to this object.


unsecuredGetOwner

Persona unsecuredGetOwner()
                          throws SecurityException
Returns the owner of the container without performing access control checking.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Throws:
SecurityException

unsecuredGetCreationAccessControlList

AccessControlList unsecuredGetCreationAccessControlList()
                                                        throws SecurityException
Returns the access control list to use when creating a new object without performing access control checking.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Throws:
SecurityException

unsecuredGetCreationOwnerAccessControlListTemplate

atg.security.AccessControlListTemplate unsecuredGetCreationOwnerAccessControlListTemplate()
                                                                                          throws SecurityException
Returns a template access control list to use in constructing the portion of the default access control list that applies to the owner of a new object. No access control checking is performed.

The security policy will determine how or if this template will be utilized.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object)

unsecuredGetCreationSubPersonaAccessControlListTemplate

atg.security.AccessControlListTemplate unsecuredGetCreationSubPersonaAccessControlListTemplate()
                                                                                               throws SecurityException
Returns a template access control list to use in constructing the portion of the default access control list that applies to any applicable sub-personae of the owner of a new object. No access control checking is performed.

The security policy will determine how or if this template will be utilized.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object)

unsecuredGetInheritableAccessControlList

AccessControlList unsecuredGetInheritableAccessControlList()
                                                           throws SecurityException
Returns the access control list that should be inherited on creation of an object by a new child. No access control checking is performed.

The security policy will determine how or if this access control list will be utilized.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Throws:
SecurityException
See Also:
SecurityPolicy.getCreationAccessControlList(java.lang.Object)