org.apache.wiki.auth.acl
Interface Acl

All Known Implementing Classes:
AclImpl

public interface Acl

Defines an access control list (ACL) for wiki pages. An Access Control List is a data structure used to guard access to resources. An ACL can be thought of as a data structure with multiple ACL entries. Each ACL entry, of interface type AclEntry, contains a set of positive permissions associated with a particular principal. (A principal represents an entity such as an individual user or a group). The ACL Entries in each ACL observe the following rules:

This interface is a highly stripped-down derivation of the java.security.acl.Acl interface. In particular, the notion of an Acl "owner" has been eliminated, since JWPWiki pages do not have owners. An additional simplification compared to the standard Java package is that negative permissions have been eliminated. Instead, JSPWiki assumes a "default-deny" security stance: principals are granted no permissions by default, and posesses only those that have been explicitly granted to them. And finally, the getPermissions() and checkPermission() methods have been eliminated due to the complexities associated with resolving Role principal membership.

Since:
2.3

Method Summary
 boolean addEntry(AclEntry entry)
          Adds an ACL entry to this ACL.
 Enumeration<AclEntry> entries()
          Returns an enumeration of the entries in this ACL.
 Principal[] findPrincipals(Permission permission)
          Returns all Principal objects assigned a given Permission in the access control list.
 AclEntry getEntry(Principal principal)
          Returns an AclEntry for a supplied Principal, or null if the Principal does not have a matching AclEntry.
 boolean isEmpty()
          Returns true, if this Acl is empty.
 boolean removeEntry(AclEntry entry)
          Removes an ACL entry from this ACL.
 String toString()
          Returns a string representation of the contents of this Acl.
 

Method Detail

addEntry

boolean addEntry(AclEntry entry)
Adds an ACL entry to this ACL. An entry associates a principal (e.g., an individual or a group) with a set of permissions. Each principal can have at most one positive ACL entry, specifying permissions to be granted to the principal. If there is already an ACL entry already in the ACL, false is returned.

Parameters:
entry - - the ACL entry to be added to this ACL
Returns:
true on success, false if an entry of the same type (positive or negative) for the same principal is already present in this ACL

entries

Enumeration<AclEntry> entries()
Returns an enumeration of the entries in this ACL. Each element in the enumeration is of type AclEntry.

Returns:
an enumeration of the entries in this ACL.

isEmpty

boolean isEmpty()
Returns true, if this Acl is empty.

Returns:
the result
Since:
2.4.68

findPrincipals

Principal[] findPrincipals(Permission permission)
Returns all Principal objects assigned a given Permission in the access control list. The Princiapls returned are those that have been granted either the supplied permission, or a permission implied by the supplied permission. Principals are not "expanded" if they are a role or group.

Parameters:
permission - the permission to search for
Returns:
an array of Principals posessing the permission

getEntry

AclEntry getEntry(Principal principal)
Returns an AclEntry for a supplied Principal, or null if the Principal does not have a matching AclEntry.

Parameters:
principal - the principal to search for
Returns:
the AclEntry associated with the principal, or null

removeEntry

boolean removeEntry(AclEntry entry)
Removes an ACL entry from this ACL.

Parameters:
entry - the ACL entry to be removed from this ACL
Returns:
true on success, false if the entry is not part of this ACL

toString

String toString()
Returns a string representation of the contents of this Acl.

Overrides:
toString in class Object
Returns:
the string representation


Copyright © {inceptionYear}-2014 The Apache Software Foundation. All rights reserved.