com.jalios.jcms.accesscontrol
Class AccessControlList

java.lang.Object
  extended by com.jalios.jstore.BasicStorable
      extended by com.jalios.jcms.Data
          extended by com.jalios.jcms.accesscontrol.AccessControlList
All Implemented Interfaces:
AccessControlConstants, EditableData, JcmsConstants, ImportConstants, MashupConstants, Storable, JaliosConstants, LangPropertyArgument, Cloneable, Comparable<BasicStorable>

public class AccessControlList
extends Data
implements AccessControlConstants, EditableData

Define a collection of resources and their associated authorization.

Since:
jcms-7.0
Version:
$Revision: 37030 $

Nested Class Summary
static class AccessControlList.NameComparator<T extends AccessControlList>
          Comparator sorting ACL alphabetically using their name.
static class AccessControlList.NameSelector
          Select ACL by their name.
static class AccessControlList.WorkspaceAclSelector
          DataSelector selecting only workspace ACL.
 
Nested classes/interfaces inherited from class com.jalios.jcms.Data
Data.AuthorComparator<T extends Data>, Data.AuthorSelector, Data.CdateSelector, Data.DataNameComparator<T extends Data>, Data.DeletableSelector, Data.ImportSelector, Data.MdateSelector, Data.OpAuthorComparator<T extends Data>, Data.RowIdComparator<T extends Data>, Data.StrongLockSelector
 
Nested classes/interfaces inherited from class com.jalios.jstore.BasicStorable
BasicStorable.CdateComparator<T extends Storable>, BasicStorable.IdComparator<T extends Storable>, BasicStorable.MdateComparator<T extends Storable>
 
Field Summary
protected  HashMap<String,Boolean> explicitResourceToAuthorizationMap
           
protected  boolean isWorkspaceACL
           
protected  String name
           
static String REVISION
           
 
Fields inherited from class com.jalios.jcms.Data
author, authorDBID, channel, DISPLAY_URL_EXTRA_INFO, extension, extraDataMap, extraDBDataMapToSaveOnOp, importMap, opAuthor, opDelegate
 
Fields inherited from class com.jalios.jstore.BasicStorable
cdate, ddate, id, mdate, store
 
Fields inherited from interface com.jalios.jcms.accesscontrol.AccessControlConstants
ADMIN_RESOURCE, CTXT_DATA, CTXT_WORKSPACE, GRP_EDIT_RESOURCE, MBR_EDIT_RESOURCE, WORKSPACE_ADMIN_RESOURCE, WS_EDIT_RESOURCE, WSGRP_EDIT_RESOURCE, WSMBR_EDIT_RESOURCE
 
Fields inherited from interface com.jalios.jcms.JcmsConstants
ADATE_SEARCH, ADMIN_NOTES_PROP, ADVANCED_TAB, ARCHIVES_DIR, ASCII_WIDTH, CATEGORY_TAB, CDATE_SEARCH, COMMON_ALARM, CONTENT_TAB, COOKIE_MAX_AGE, CTRL_TOPIC_INTERNAL, CTRL_TOPIC_REF, CTRL_TOPIC_VALUE, CTRL_TOPIC_WRITE, CUSTOM_PROP, DOCCHOOSER_HEIGHT, DOCCHOOSER_WIDTH, DOCS_DIR, EDATE_SEARCH, EMAIL_REGEXP, ERROR_MSG, FORBIDDEN_FILE_ACCESS, FORBIDDEN_REDIRECT, FORCE_REDIRECT, ICON_ARCHIVE, ICON_LOCK, ICON_LOCK_STRONG, ICON_WARN, ICON_WH_BOOK_CLOSED, ICON_WH_BOOK_OPEN, INFORMATION_MSG, JALIOS_JUNIT_PROP, JCMS_CADDY, JCMS_MSG_LIST, JSYNC_DOWNLOAD_DIR, JSYNC_SYNC_ALARM, LOG_FILE, LOG_TOPIC_SECURITY, LOGGER_PROP, LOGGER_XMLPROP, MBR_PHOTO_DIR, MDATE_SEARCH, MONITOR_XML, OP_CREATE, OP_DEEP_COPY, OP_DEEP_DELETE, OP_DELETE, OP_MERGE, OP_UPDATE, PDATE_SEARCH, PHOTO_DIR, PHOTO_ICON, PHOTO_ICON_HEIGHT, PHOTO_ICON_WIDTH, PHOTO_LARGE, PHOTO_LARGE_HEIGHT, PHOTO_LARGE_WIDTH, PHOTO_NORMAL, PHOTO_NORMAL_HEIGHT, PHOTO_NORMAL_WIDTH, PHOTO_SMALL, PHOTO_SMALL_HEIGHT, PHOTO_SMALL_WIDTH, PHOTO_TINY, PHOTO_TINY_HEIGHT, PHOTO_TINY_WIDTH, PREVIOUS_TAB, PRINT_VIEW, PRIVATE_FILE_ACCESS, PUBLIC_FILE_ACCESS, READ_RIGHT_TAB, SDATE_SEARCH, SEARCHENGINE_ALARM, SESSION_AUTHORIZED_FILENAMES_SET, STATS_REPORT_DIR, STATUS_PROP, STORE_XML, TEMPLATE_TAB, THUMBNAIL_LARGE_HEIGHT, THUMBNAIL_LARGE_WIDTH, THUMBNAIL_SMALL_HEIGHT, THUMBNAIL_SMALL_WIDTH, UDATE_SEARCH, UPDATE_RIGHT_TAB, UPLOAD_DIR, URL_REGEXP, WARNING_MSG, WEBAPP_PROP, WFEXPRESS_ALARM, WFREMINDER_ALARM, WORKFLOW_TAB, WORKFLOW_XML
 
Fields inherited from interface com.jalios.util.JaliosConstants
CRLF, MILLIS_IN_ONE_DAY, MILLIS_IN_ONE_HOUR, MILLIS_IN_ONE_MINUTE, MILLIS_IN_ONE_MONTH, MILLIS_IN_ONE_SECOND, MILLIS_IN_ONE_WEEK, MILLIS_IN_ONE_YEAR
 
Fields inherited from interface com.jalios.jcms.mashup.ImportConstants
IMPORT_ALARM_MGR, IMPORT_AUTHOR_PROP, IMPORT_CATEGORY_DEFAULT, IMPORT_DC_ATTR, IMPORT_DC_STEP, IMPORT_DIR, IMPORT_ENABLED, IMPORT_JDOM_ELEMENT, IMPORT_LOG_FILE, IMPORT_LOG_MAX, IMPORT_OPTIONS, IMPORT_OPTIONS_DC_CONTEXT, IMPORT_ROOT_PROP, IMPORT_SOURCE_FILE, IMPORT_SOURCE_PREFIX_PROP, IMPORT_SOURCES_DIR, IMPORT_STEP_CLEAN, IMPORT_STEP_IMPORT, IMPORT_STEP_UPDATE_REF, IMPORT_WS_PROP
 
Fields inherited from interface com.jalios.jcms.mashup.MashupConstants
DATA_TAG, DATASET_TAG, FIELD_CLASS, FIELD_ENTRY, FIELD_ITEM, FIELD_KEY, FIELD_NAME, FIELD_TAG, FIELD_VALUE, FILE_FIELD, FILE_ID, FILE_MTIME, FILE_SIZE, FILE_TAG, FILE_TICKET, FILESET_TAG, RELATED_TAG
 
Constructor Summary
AccessControlList()
          Builds a new AccessControlList without any authorization and using default value.
AccessControlList(AccessControlList other)
          Builds a new AccessControlList by copying all authorization and option of the specified ACL.
 
Method Summary
 ControllerStatus checkDelete(Member mbr, Map context)
          Checks if the deletion can be performed
 ControllerStatus checkIntegrity()
          Checks whether or not data integrity constraints are respected.
 ControllerStatus checkMember(int op, Member mbr, Map context)
          Checks if the given member can perform the given operation.
 void clearExplicitAccessAuthorization()
          Remove all authorization for this ACL
 Boolean getAccessAuthorization(String resource)
          Retrieve the authorization of the specified resource
 String getDataName(String language)
          Return the name of this Data, every sub class Data which will be displayed to user should implements this method already.
 Boolean getExplicitAccessAuthorization(String resource)
          Retrieve the explicit authorization of the specified resource.
 HashMap<String,Boolean> getExplicitResourceToAuthorizationMap()
          Retrieve the internal map used to store authorization.
 Set<Group> getGroupSet()
          Retrieves the Set of Group using this ACL.
 String getName()
          Gets the name of this ACL.
static
<T extends AccessControlList>
Comparator<T>
getNameComparator()
          Retrieve a Comparator to sort ACL alphabetically using their name.
static AccessControlList.WorkspaceAclSelector getWorkspaceAclSelector()
          Retrieve a DataSelector to select only workspace ACL in a collection.
 boolean isWorker()
          Check if any ACL provides worker right to the member using it.
 boolean isWorkspaceACL()
          Check if this ACL is dedicated for Workspace's resource access control or any other right
 void removeExplicitAccessAuthorization(String resource)
          Remove all authorization for the specified resource
 void setExplicitAccessAuthorization(String resource, Boolean authorization)
          Set the authorization of the specified resource
 void setExplicitResourceToAuthorizationMap(HashMap<String,Boolean> explicitResourceToAuthorizationMap)
          Set the value of the internal map used to store authorization.
 void setName(String name)
          Set the name of this ACL.
 void setWorkspaceACL(boolean isWorkspaceACL)
          Set if this ACL is dedicated for Workspace's resource access control.
 void updateGroupSet(Group group, boolean add)
          Internal method used to update the (transient) set of Group using this ACL.
 
Methods inherited from class com.jalios.jcms.Data
canRequestLock, checkCreate, checkCreate, checkDelete, checkIntegrity, checkLockMember, checkStrongLockMember, checkUpdate, checkUpdate, checkWrite, clone, computeDBIDArray, exportXml, exportXml, exportXml, exportXml, exportXmlField, exportXmlRelated, exportXmlRelated, fillExportXmlFieldAttributes, getAllReferrerSet, getAllReferrerSet, getAllTypeFieldEntry, getAuthor, getAuthor, getAuthorComparator, getAuthorDBID, getAuthorId, getAuthorSelector, getBooleanFieldValue, getBooleanFieldValue, getCaddyComparator, getCategoryFieldValue, getCategoryFieldValue, getCdateSelector, getComparator, getCSVHeader, getDataImage, getDataImage, getDataImage, getDataNameComparator, getDate, getDate, getDateSelector, getDeletableSelector, getDisplayLink, getDisplayLink, getDisplayUrl, getDoubleFieldValue, getDoubleFieldValue, getExportXmlDataValue, getExtension, getExtraData, getExtraDataMap, getExtraDBData, getExtraDBDataMap, getExtraInfo, getExtraInfoMap, getFieldStatusMap, getFieldValue, getFieldValue, getFieldValue, getFieldValue, getGenericThumbnail, getImportAuthor, getImportBatch, getImportDate, getImportDisplayUrl, getImportId, getImportMap, getImportMdate, getImportSelector, getImportSignature, getImportSource, getImportSourceUrl, getImportUrl, getIntFieldValue, getIntFieldValue, getLangPropertyValue, getLinkCount, getLinkIndexedDataSet, getLinkIndexedDataSet, getLockDate, getLockInfo, getLockMember, getLongFieldValue, getLongFieldValue, getMdateSelector, getNewDefaultExtraDataMap, getNewDefaultExtraDataMap, getNewDefaultExtraDataMap, getNewDefaultExtraDataMap, getNewDefaultExtraDBDataMap, getNewDefaultExtraDBDataMap, getNewDefaultExtraDBDataMap, getNewDefaultExtraDBDataMap, getOpAuthor, getOpAuthorComparator, getOpDelegate, getRowId, getRowIdComparator, getStrongLock, getStrongLockDate, getStrongLockInfo, getStrongLockMember, getStrongLockSelector, getTypeEntry, getTypeFieldsEntries, getUpdateInstance, hashCode, importXml, importXmlFieldsWithReferences, importXmlFiles, importXmlReferences, initializeDBDataCollections, isDBData, isImported, isImportUpdated, isInDatabase, isLocked, isPersisted, isStrongLocked, lock, markNewImport, mergeHybridLink, performAfterWrite, performBeforeWrite, performCreate, performCreate, performDelete, performDelete, performUpdate, performUpdate, prepareUpdateContext, printDataName, printDisplayLinkEnd, printDisplayLinkStart, printDisplayUrl, printDisplayUrl, putStrongLock, releaseStrongLock, releaseStrongLock, removeExtraData, removeExtraDBData, removeExtraInfo, setAuthor, setAuthorDBID, setAuthorId, setBooleanFieldValue, setCategoryFieldValue, setDoubleFieldValue, setExtension, setExtraData, setExtraDataMap, setExtraDBData, setExtraDBDataMap, setExtraDBDataMap, setExtraInfo, setFieldValue, setFieldValue, setImportAuthor, setImportBatch, setImportDate, setImportDisplayUrl, setImportId, setImportMap, setImportMdate, setImportSignature, setImportSource, setImportSourceUrl, setImportUpdated, setIntFieldValue, setLongFieldValue, setMdate, setOpAuthor, setOpDelegate, setRowId, toCSV, toFullString, toString, unlock, unlock, unmarkNewImport, updateExtraDataMap, updateExtraDBDataMap, updateIndexTreeSet
 
Methods inherited from class com.jalios.jstore.BasicStorable
clearId, compareTo, equals, getAttribute, getAttributes, getCdate, getCdateComparator, getDdate, getId, getIdComparator, getMdate, getMdateComparator, getStore, getUrid, hasBeenUpdated, isStored, resolveAtt, resolveVal, setAttributes, setCdate, setDdate, setId, setStore, toXml
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

REVISION

public static final String REVISION
See Also:
Constant Field Values

name

protected String name

isWorkspaceACL

protected boolean isWorkspaceACL

explicitResourceToAuthorizationMap

protected HashMap<String,Boolean> explicitResourceToAuthorizationMap
Constructor Detail

AccessControlList

public AccessControlList()
Builds a new AccessControlList without any authorization and using default value.

Since:
jcms-7.0.0

AccessControlList

public AccessControlList(AccessControlList other)
Builds a new AccessControlList by copying all authorization and option of the specified ACL.

Parameters:
other - the ACl from which to copy fields
Since:
jcms-7.0.0
Method Detail

getDataName

public String getDataName(String language)
Description copied from class: Data
Return the name of this Data, every sub class Data which will be displayed to user should implements this method already.
Can be seen as a smart multi-language toString(), but never returning null.
Default behaviour is to return toFullString() of Data or empty string if toFullString is null.

Overrides:
getDataName in class Data
Parameters:
language - the language in which to return the name if multilang available for the data.
Returns:
name of ACL or empty String if not specified.
Since:
jcms-7.0
See Also:
getName(), Data.getDataName(String)

getName

public String getName()
Gets the name of this ACL.

Returns:
the acl's name or an empty string if the name has not been set.
Since:
jcms-7.0.0

setName

public void setName(String name)
Set the name of this ACL.

Parameters:
name - the name to use.
Since:
jcms-7.0.0

isWorkspaceACL

public boolean isWorkspaceACL()
Check if this ACL is dedicated for Workspace's resource access control or any other right

Returns:
true if the acl is dedicated for Workspace's resource access (and only that), false if it is dedicated to anything else (excluding workspace's resource).
Since:
jcms-7.0.0

setWorkspaceACL

public void setWorkspaceACL(boolean isWorkspaceACL)
Set if this ACL is dedicated for Workspace's resource access control.

Parameters:
isWorkspaceACL - true if the acl is dedicated for Workspace's resource access (and only that), false if it is dedicated to anything else (excluding workspace's resource).
Since:
jcms-7.0.0

getAccessAuthorization

public Boolean getAccessAuthorization(String resource)
Retrieve the authorization of the specified resource

Parameters:
resource - URI of the resource
Returns:
null if no authorization has been defined, TRUE if resource access is allowed, FALSE or null to apply default behavior.

isWorker

public boolean isWorker()
Check if any ACL provides worker right to the member using it.

Returns:
true if ACL provides isWorker right, false otherwise
Since:
jcms-7.0.0

getExplicitAccessAuthorization

public Boolean getExplicitAccessAuthorization(String resource)
Retrieve the explicit authorization of the specified resource.

Do not use this method for acces right check, see getAccessAuthorization(String).

Parameters:
resource - URI of the resource
Returns:
null if no authorization has been defined, TRUE if resource access is allowed, FALSE or null to apply default behavior.
Since:
jcms-7.0.0

setExplicitAccessAuthorization

public void setExplicitAccessAuthorization(String resource,
                                           Boolean authorization)
Set the authorization of the specified resource

Parameters:
resource - URI of the resource
authorization - TRUE to grant access, FALSE or null to apply default behavior. if null, the authorization is removed and default access will be applied.
Since:
jcms-7.0.0

removeExplicitAccessAuthorization

public void removeExplicitAccessAuthorization(String resource)
Remove all authorization for the specified resource

Parameters:
resource - URI of the resource
Since:
jcms-7.0.0

clearExplicitAccessAuthorization

public void clearExplicitAccessAuthorization()
Remove all authorization for this ACL

Since:
jcms-7.0.0

getExplicitResourceToAuthorizationMap

public HashMap<String,Boolean> getExplicitResourceToAuthorizationMap()
Retrieve the internal map used to store authorization.

Returns:
a Map of resource URI to authorization boolean
Since:
jcms-7.0.0

setExplicitResourceToAuthorizationMap

public void setExplicitResourceToAuthorizationMap(HashMap<String,Boolean> explicitResourceToAuthorizationMap)
Set the value of the internal map used to store authorization.

Parameters:
explicitResourceToAuthorizationMap -
Since:
jcms-7.0.0

checkIntegrity

public ControllerStatus checkIntegrity()
Checks whether or not data integrity constraints are respected.

Overrides:
checkIntegrity in class Data
Returns:
a ControllerStatus
Since:
jcms-7.0.0

checkMember

public ControllerStatus checkMember(int op,
                                    Member mbr,
                                    Map context)
Checks if the given member can perform the given operation.

Overrides:
checkMember in class Data
Parameters:
op - the operation (OP_CREATE, OP_UPDATE, ...)
mbr - the member which requests the write operation
context - a map which contains context parameters (may be null)
Returns:
a ControllerStatus
Since:
jcms-7.0.0

checkDelete

public ControllerStatus checkDelete(Member mbr,
                                    Map context)
Checks if the deletion can be performed

Overrides:
checkDelete in class Data
Parameters:
mbr - the member which requests the write operation
context - a map which contains context parameters (may be null)
Returns:
a ControllerStatus
Since:
jcms-7.0.0

updateGroupSet

public void updateGroupSet(Group group,
                           boolean add)
Internal method used to update the (transient) set of Group using this ACL.

Parameters:
group - the Group to add or remove from the group set.
add - true -> add, false -> remove
Since:
jcms-7.0.0

getGroupSet

public Set<Group> getGroupSet()
Retrieves the Set of Group using this ACL.

Returns:
a TreeSet of Group (internal variable exposed, do not modify the returned set)
Since:
jcms-7.0.0

getWorkspaceAclSelector

public static AccessControlList.WorkspaceAclSelector getWorkspaceAclSelector()
Retrieve a DataSelector to select only workspace ACL in a collection.

Returns:
a new WorkspaceAclSelector
Since:
jcms-7.0.0

getNameComparator

public static <T extends AccessControlList> Comparator<T> getNameComparator()
Retrieve a Comparator to sort ACL alphabetically using their name.

Returns:
a new NameComparator
Since:
jcms-7.0.0


Copyright © 2001-2010 Jalios SA. All Rights Reserved.