atg.adapter.secure

Class SecuredRepositoryObject

java.lang.Object

atg.security.GenericSecuredObject

atg.adapter.secure.SecuredRepositoryObject

All Implemented Interfaces:

SecuredObject

Direct Known Subclasses:

GenericSecuredRepositoryItem

public class SecuredRepositoryObject
extends GenericSecuredObject

Base class used to build secured repository components. This manages the persistence and caching of security information for an object.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CLASS_VERSION
protected atg.adapter.secure.SecuredRepositoryObjectDescriptor	mDescriptor The secured object descriptor that this item is configured with.
protected RepositoryItem	mItem The repository item that manages the backing store for this object.
protected MutableRepositoryItem	mMutableItem The mutable version of the repository item that manages the backing store for this object, or null if the item is immutable.
protected GenericSecuredRepository	mRepository The secured repository that we're a part of.

Fields inherited from class atg.security.GenericSecuredObject

mAcl, mOwner, mSecurityContext

Constructor Summary

Constructors

Constructor and Description
SecuredRepositoryObject(GenericSecuredRepository pRepository, atg.adapter.secure.SecuredRepositoryObjectDescriptor pDescriptor, RepositoryItem pItem) Creates a new repository-backed secured object.

Method Summary

Methods

Modifier and Type	Method and Description
RepositoryItem	getRepositoryItem() Returns the repository item that this object refers to.
atg.adapter.secure.SecuredRepositoryObjectDescriptor	getSecuredObjectDescriptor() Returns the descriptor for the secured object.
void	invalidate() Invalidates the cache of owner and access control information.
void	logError(java.lang.String message) Logs an error message.
void	logError(java.lang.String message, java.lang.Throwable t) Logs an error message with an accompanying exception.
void	logError(java.lang.Throwable t) Logs an exception.
boolean	supportsAccessControlList() Returns true if this object supports an access control list.
boolean	supportsOwner() Returns true if this object supports an owner.
AccessControlList	unsecuredGetAccessControlList() Retrieves the access control list associated with this object without performing access control.
SecuredContainer[]	unsecuredGetContainers() Returns the set of containers (parents) that contain or may contain access control information that should be effective when this object is being manipulated.
Persona	unsecuredGetOwner() Retrieves the owner of this object without performing access control.
void	unsecuredSetAccessControlList(AccessControlList acl) Changes the access control list associated with this object without performing access control.
void	unsecuredSetOwner(Persona pOwner) Changes the owner of this object without performing access control.

Methods inherited from class atg.security.GenericSecuredObject

checkAccess, checkRuntimeAccess, getAccessControlList, getOwner, getSecurityContext, hasAccess, setAccessControlList, setOwner, setSecurityContext, unsecuredGetSecuredContainers, unsecuredSetCreationSecurity

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

mRepository

protected GenericSecuredRepository mRepository

The secured repository that we're a part of.

mDescriptor

protected atg.adapter.secure.SecuredRepositoryObjectDescriptor mDescriptor

The secured object descriptor that this item is configured with.

mItem

protected RepositoryItem mItem

The repository item that manages the backing store for this object.

mMutableItem

protected MutableRepositoryItem mMutableItem

The mutable version of the repository item that manages the backing store for this object, or null if the item is immutable.

Constructor Detail

SecuredRepositoryObject

public SecuredRepositoryObject(GenericSecuredRepository pRepository,
                       atg.adapter.secure.SecuredRepositoryObjectDescriptor pDescriptor,
                       RepositoryItem pItem)

Creates a new repository-backed secured object.

Method Detail

getRepositoryItem

public RepositoryItem getRepositoryItem()

Returns the repository item that this object refers to. This is for internal use of the secured repository only; it should not be used by applications.

getSecuredObjectDescriptor

public atg.adapter.secure.SecuredRepositoryObjectDescriptor getSecuredObjectDescriptor()

Returns the descriptor for the secured object.

invalidate

public void invalidate()

Invalidates the cache of owner and access control information.

logError

public void logError(java.lang.String message)

Logs an error message.

logError

public void logError(java.lang.String message,
            java.lang.Throwable t)

Logs an error message with an accompanying exception.

logError

public void logError(java.lang.Throwable t)

Logs an exception.

supportsAccessControlList

public boolean supportsAccessControlList()

Returns true if this object supports an access control list.

Specified by:

supportsAccessControlList in interface SecuredObject

Overrides:

supportsAccessControlList in class GenericSecuredObject

supportsOwner

public boolean supportsOwner()

Returns true if this object supports an owner.

Specified by:

supportsOwner in interface SecuredObject

Overrides:

supportsOwner in class GenericSecuredObject

unsecuredGetAccessControlList

public AccessControlList unsecuredGetAccessControlList()
                                                throws SecurityException

Retrieves the access control list associated with this object without performing access control.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Specified by:

unsecuredGetAccessControlList in interface SecuredObject

Overrides:

unsecuredGetAccessControlList in class GenericSecuredObject

Throws:

SecurityException

unsecuredSetAccessControlList

public void unsecuredSetAccessControlList(AccessControlList acl)
                                   throws SecurityException

Changes the access control list associated with this object without performing access control.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Specified by:

unsecuredSetAccessControlList in interface SecuredObject

Overrides:

unsecuredSetAccessControlList in class GenericSecuredObject

Throws:

SecurityException

unsecuredGetOwner

public Persona unsecuredGetOwner()
                          throws SecurityException

Retrieves the owner of this object without performing access control.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Specified by:

unsecuredGetOwner in interface SecuredObject

Overrides:

unsecuredGetOwner in class GenericSecuredObject

Throws:

SecurityException

unsecuredSetOwner

public void unsecuredSetOwner(Persona pOwner)
                       throws SecurityException

Changes the owner of this object without performing access control.

This is considered to be a private API for the security policy and domain objects and should not be used by applications.

Specified by:

unsecuredSetOwner in interface SecuredObject

Overrides:

unsecuredSetOwner in class GenericSecuredObject

Throws:

SecurityException

unsecuredGetContainers

public SecuredContainer[] unsecuredGetContainers()
                                          throws SecurityException

Returns the set of containers (parents) that contain or may contain access control information that should be effective when this object is being manipulated. This is used by StandardSecurityPolicy.getEffectiveAccessControlList() to determine creation and effective access control lists.

This is considered to be a private API for the security policy and domain objects and should not be used by applications. In this implementation the container is considered to be the object descriptor.

Specified by:

unsecuredGetContainers in interface SecuredObject

Overrides:

unsecuredGetContainers in class GenericSecuredObject

Throws:

SecurityException