Package org.apache.sling.jcr.jackrabbit.accessmanager

Class PrivilegesInfo

  • public class PrivilegesInfo
extends Object
    Helper class to assist in the usage of access control from scripts.

    • Constructor Detail

      • PrivilegesInfo

        public PrivilegesInfo()

    • Method Detail

      • getSupportedPrivileges

        public javax.jcr.security.Privilege[] getSupportedPrivileges​(javax.jcr.Node node)
                                                      throws javax.jcr.RepositoryException
        Return the supported Privileges for the specified node.
        Parameters:
        node - the node to check
        Returns:
        array of Privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getSupportedPrivileges

        public javax.jcr.security.Privilege[] getSupportedPrivileges​(javax.jcr.Session session,
                                                             String absPath)
                                                      throws javax.jcr.RepositoryException
        Returns the supported privileges for the specified path.
        Parameters:
        session - the session for the current user
        absPath - the path to get the privileges for
        Returns:
        array of Privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredAccessRights

        public Map<Principal,​PrivilegesInfo.AccessRights> getDeclaredAccessRights​(javax.jcr.Node node)
                                                                         throws javax.jcr.RepositoryException
        Returns the mapping of declared access rights that have been set for the resource at the given path.
        Parameters:
        node - the node to get the access rights for
        Returns:
        map of access rights. Key is the user/group principal, value contains the granted/denied privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredAccessRights

        public Map<Principal,​PrivilegesInfo.AccessRights> getDeclaredAccessRights​(javax.jcr.Session session,
                                                                                String absPath)
                                                                         throws javax.jcr.RepositoryException
        Returns the mapping of declared access rights that have been set for the resource at the given path.
        Parameters:
        session - the current user session.
        absPath - the path of the resource to get the access rights for
        Returns:
        map of access rights. Key is the user/group principal, value contains the granted/denied privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredAccessRightsForPrincipal

        public PrivilegesInfo.AccessRights getDeclaredAccessRightsForPrincipal​(javax.jcr.Node node,
                                                                       String principalId)
                                                                throws javax.jcr.RepositoryException
        Returns the declared access rights for the specified Node for the given principalId.
        Parameters:
        node - the JCR node to retrieve the access rights for
        principalId - the principalId to get the access rights for
        Returns:
        access rights for the specified principal
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredAccessRightsForPrincipal

        public PrivilegesInfo.AccessRights getDeclaredAccessRightsForPrincipal​(javax.jcr.Session session,
                                                                       String absPath,
                                                                       String principalId)
                                                                throws javax.jcr.RepositoryException
        Returns the declared access rights for the resource at the specified path for the given principalId.
        Parameters:
        session - the current JCR session
        absPath - the path of the resource to retrieve the rights for
        principalId - the principalId to get the access rights for
        Returns:
        access rights for the specified principal
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredRestrictionsForPrincipal

        public Map<String,​Object> getDeclaredRestrictionsForPrincipal​(javax.jcr.Node node,
                                                                    String principalId)
                                                             throws javax.jcr.RepositoryException
        Returns the restrictions for the specified path.
        Parameters:
        node - the node to inspect
        principalId - the principalId to get the access rights for
        Returns:
        map of restrictions (key is restriction name, value is Value or Value[])
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getDeclaredRestrictionsForPrincipal

        public Map<String,​Object> getDeclaredRestrictionsForPrincipal​(javax.jcr.Session session,
                                                                    String absPath,
                                                                    String principalId)
                                                             throws javax.jcr.RepositoryException
        Returns the restrictions for the specified path.
        Parameters:
        session - the session for the current user
        absPath - the path to get the privileges for
        principalId - the principalId to get the access rights for
        Returns:
        map of restrictions (key is restriction name, value is Value or Value[])
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getEffectiveAccessRights

        public Map<Principal,​PrivilegesInfo.AccessRights> getEffectiveAccessRights​(javax.jcr.Node node)
                                                                          throws javax.jcr.RepositoryException
        Returns the mapping of effective access rights that have been set for the resource at the given path.
        Parameters:
        node - the node to get the access rights for
        Returns:
        map of access rights. Key is the user/group principal, value contains the granted/denied privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getEffectiveAccessRights

        public Map<Principal,​PrivilegesInfo.AccessRights> getEffectiveAccessRights​(javax.jcr.Session session,
                                                                                 String absPath)
                                                                          throws javax.jcr.RepositoryException
        Returns the mapping of effective access rights that have been set for the resource at the given path.
        Parameters:
        session - the current user session.
        absPath - the path of the resource to get the access rights for
        Returns:
        map of access rights. Key is the user/group principal, value contains the granted/denied privileges
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getEffectiveAccessRightsForPrincipal

        public PrivilegesInfo.AccessRights getEffectiveAccessRightsForPrincipal​(javax.jcr.Node node,
                                                                        String principalId)
                                                                 throws javax.jcr.RepositoryException
        Returns the effective access rights for the specified Node for the given principalId.
        Parameters:
        node - the JCR node to retrieve the access rights for
        principalId - the principalId to get the access rights for
        Returns:
        access rights for the specified principal
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • getEffectiveAccessRightsForPrincipal

        public PrivilegesInfo.AccessRights getEffectiveAccessRightsForPrincipal​(javax.jcr.Session session,
                                                                        String absPath,
                                                                        String principalId)
                                                                 throws javax.jcr.RepositoryException
        Returns the effective access rights for the resource at the specified path for the given principalId.
        Parameters:
        session - the current JCR session
        absPath - the path of the resource to retrieve the rights for
        principalId - the principalId to get the access rights for
        Returns:
        access rights for the specified principal
        Throws:
        javax.jcr.RepositoryException - if any errors reading the information

      • canAddChildren

        public boolean canAddChildren​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to add children to the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canAddChildren

        public boolean canAddChildren​(javax.jcr.Session session,
                              String absPath)
        Checks whether the current user has been granted privileges to add children to the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canDeleteChildren

        public boolean canDeleteChildren​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to delete children to the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canDeleteChildren

        public boolean canDeleteChildren​(javax.jcr.Session session,
                                 String absPath)
        Checks whether the current user has been granted privileges to delete children of the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canDelete

        public boolean canDelete​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to delete the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canDelete

        public boolean canDelete​(javax.jcr.Session session,
                         String absPath)
        Checks whether the current user has been granted privileges to delete the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canModifyProperties

        public boolean canModifyProperties​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to modify properties of the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canModifyProperties

        public boolean canModifyProperties​(javax.jcr.Session session,
                                   String absPath)
        Checks whether the current user has been granted privileges to modify properties of the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canReadAccessControl

        public boolean canReadAccessControl​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to read the access control of the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canReadAccessControl

        public boolean canReadAccessControl​(javax.jcr.Session session,
                                    String absPath)
        Checks whether the current user has been granted privileges to read the access control of the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canModifyAccessControl

        public boolean canModifyAccessControl​(javax.jcr.Node node)
        Checks whether the current user has been granted privileges to modify the access control of the specified node.
        Parameters:
        node - the node to check
        Returns:
        true if the current user has the privileges, false otherwise

      • canModifyAccessControl

        public boolean canModifyAccessControl​(javax.jcr.Session session,
                                      String absPath)
        Checks whether the current user has been granted privileges to modify the access control of the specified path.
        Parameters:
        session - the JCR session of the current user
        absPath - the path of the resource to check
        Returns:
        true if the current user has the privileges, false otherwise