|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface BasicAclEntry
Represents an entry in an access control list.
| Method Summary | |
|---|---|
AclObjectIdentity |
getAclObjectIdentity()
Indicates the domain object instance that is subject of this BasicAclEntry. |
AclObjectIdentity |
getAclObjectParentIdentity()
Indicates any ACL parent of the domain object instance. |
int |
getMask()
Access control lists in this package are based on bit masking. |
Object |
getRecipient()
A domain object instance will usually have multiple BasicAclEntrys. |
boolean |
isPermitted(int permissionToCheck)
Determine if the mask of this entry includes this permission or not |
void |
setAclObjectIdentity(AclObjectIdentity aclObjectIdentity)
This setter should only be used by DAO implementations. |
void |
setAclObjectParentIdentity(AclObjectIdentity aclObjectParentIdentity)
This setter should only be used by DAO implementations. |
void |
setMask(int mask)
This setter should only be used by DAO implementations. |
void |
setRecipient(Object recipient)
This setter should only be used by DAO implementations. |
| Method Detail |
|---|
void setAclObjectIdentity(AclObjectIdentity aclObjectIdentity)
aclObjectIdentity - an object which can be used to uniquely
identify the domain object instance subject of this ACL entryAclObjectIdentity getAclObjectIdentity()
BasicAclEntry. This information may be of interest to
relying classes (voters and business methods) that wish to know the
actual origination of the ACL entry (so as to distinguish individual
ACL entries from others contributed by the inheritance hierarchy).
null)void setAclObjectParentIdentity(AclObjectIdentity aclObjectParentIdentity)
aclObjectParentIdentity - an object which represents the parent of
the domain object instance subject of this ACL entry, or
null if either the domain object instance has no
parent or its parent should be not used to compute an
inheritance hierarchyAclObjectIdentity getAclObjectParentIdentity()
BasicAclProvider to walk the inheritance hierarchy. An
domain object instance need not have a parent.
null if no parent should be consulted)void setMask(int mask)
mask - the integer representing the permissions bit maskint getMask()
void setRecipient(Object recipient)
recipient - a representation of the recipient of this ACL entry
that makes sense to an EffectiveAclsResolver
implementationObject getRecipient()
BasicAclEntrys. Each separate BasicAclEntry
applies to a particular "recipient". Typical examples of recipients
include (but do not necessarily have to include) usernames, role names,
complex granted authorities etc.
It is essential that only one BasicAclEntry exists for a
given recipient. Otherwise conflicts as to the mask that should
apply to a given recipient will occur.
This method indicates which recipient this BasicAclEntry
applies to. The returned object type will vary depending on the type of
recipient. For instance, it might be a String containing a
username, or a GrantedAuthorityImpl containing a complex
granted authority that is being granted the permissions contained in
this access control entry. The EffectiveAclsResolver and BasicAclProvider.getAcls(Object, Authentication) can process the
different recipient types and return only those that apply to a
specified Authentication object.
null)boolean isPermitted(int permissionToCheck)
permissionToCheck -
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||