Interface ACLProvider
-
- All Known Implementing Classes:
ACLProviderImpl
,RoleBasedACLProviderImpl
public interface ACLProvider
An
ACLProvider
is responsible for the management of the ACLs associated to the resources being protected. Implementations of this interface will typically interact with some sort of repository, where the ACLs are stored.- Author:
- Stefan Guilhen, Anil.Saldhana@redhat.com
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description <T> Set<T>
getEntitlements(Class<T> clazz, Resource resource, Identity identity)
For a given Resource and an Identity, return all the entitlements Eg: A portal page can consist of say 10 components such as windows, subpages etc.ACLPersistenceStrategy
getPersistenceStrategy()
Obtains theACLPersistenceStrategy
associated with this provider.void
initialize(Map<String,Object> sharedState, Map<String,Object> options)
Initialize the providerboolean
isAccessGranted(Resource resource, Identity identity, ACLPermission permission)
Checks if the given identity has the permissions needed to access the specified resource.void
setPersistenceStrategy(ACLPersistenceStrategy strategy)
Sets the persistence strategy to be used by this provider.boolean
tearDown()
Give an opportunity for the provider to finalize the operations
-
-
-
Method Detail
-
initialize
void initialize(Map<String,Object> sharedState, Map<String,Object> options)
Initialize the provider- Parameters:
sharedState
- Shared Stateoptions
- Options
-
getEntitlements
<T> Set<T> getEntitlements(Class<T> clazz, Resource resource, Identity identity) throws AuthorizationException
For a given Resource and an Identity, return all the entitlements Eg: A portal page can consist of say 10 components such as windows, subpages etc. Now the Portal page can be the resource and for a given identity, the entitlements would be the subset of these 10 components to which the identity has access
- Type Parameters:
T
-- Parameters:
resource
-identity
-- Returns:
- Throws:
AuthorizationException
-
isAccessGranted
boolean isAccessGranted(Resource resource, Identity identity, ACLPermission permission) throws AuthorizationException
Checks if the given identity has the permissions needed to access the specified resource. This involves finding the
ACL
associated with the resource and consulting theACL
to determine if access should be granted or not to the identity.- Parameters:
resource
- theResource
being accessed.identity
- theIdentity
trying to access the resource.permission
- the permissions needed to access the resource.- Returns:
true
if the identity has enough permissions to access the resource;false
otherwise.- Throws:
AuthorizationException
- if noACL
can be found for the specified resource.
-
getPersistenceStrategy
ACLPersistenceStrategy getPersistenceStrategy()
Obtains the
ACLPersistenceStrategy
associated with this provider.- Returns:
- a reference to the
ACLPersistenceStrategy
used by this provider.
-
setPersistenceStrategy
void setPersistenceStrategy(ACLPersistenceStrategy strategy)
Sets the persistence strategy to be used by this provider.
- Parameters:
strategy
- a reference to theACLPersistenceStrategy
to be used.
-
tearDown
boolean tearDown()
Give an opportunity for the provider to finalize the operations- Returns:
-
-