Interface ACL
-
- All Known Implementing Classes:
ACLImpl
public interface ACL
This interface represents an Access Control List (ACL), a data structure used to protect access to resources. It is composed of entries, where each entry is represented by the
ALCEntry
class and represents the permissions assigned to a given identity.When a client attempts to perform an operation on a resource, the ACL associated to the resource is used to verify if the client has enough permissions to perform that operation. In order to do that, the
ACLEntry
corresponding to the client's identity is retrieved and then the permission set contained in the entry is verified to decide if access should be granted or not.- Author:
- Stefan Guilhen
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
addEntry(ACLEntry entry)
Adds an entry to this ACL.Collection<? extends ACLEntry>
getEntries()
Obtains the collection of allACLEntries
in this ACL.ACLEntry
getEntry(String identityOrRole)
Obtains the entry that corresponds to the specified identity or role name.ACLEntry
getEntry(Identity identity)
Obtains the entry that corresponds to the specified identity.Resource
getResource()
Obtains a reference to the resource being protected by this ACL.boolean
isGranted(ACLPermission permission, Identity identity)
Verify if the given permission is assigned to the specifiedIdentity
.boolean
removeEntry(ACLEntry entry)
Removes an entry from this ACL.
-
-
-
Method Detail
-
addEntry
boolean addEntry(ACLEntry entry)
Adds an entry to this ACL. If the ACL already has an
ACLEntry
associated to the new entry's identity, then the new entry will not be added.- Parameters:
entry
- theACLEntry
to be added.- Returns:
true
if the entry was added;false
otherwise.
-
removeEntry
boolean removeEntry(ACLEntry entry)
Removes an entry from this ACL.
- Parameters:
entry
- theACLEntry
to be removed.- Returns:
true
if the entry is removed;false
if the entry can't be found in the ACL.
-
getEntries
Collection<? extends ACLEntry> getEntries()
Obtains the collection of all
ACLEntries
in this ACL.- Returns:
- a
Collection
containing all entries in this ACL.
-
getEntry
ACLEntry getEntry(Identity identity)
Obtains the entry that corresponds to the specified identity. Calling this method is the same as doing
getEntry(identity.getName())
.- Parameters:
identity
- a reference to theIdentity
object.- Returns:
- the
ACLEntry
that corresponds to the identity, ornull
if no entry could be found.
-
getEntry
ACLEntry getEntry(String identityOrRole)
Obtains the entry that corresponds to the specified identity or role name.
- Parameters:
identityOrRole
- aString
representing an identity or role.- Returns:
- the
ACLEntry
that corresponds to the identity or role ornull
if no entry could be found.
-
getResource
Resource getResource()
Obtains a reference to the resource being protected by this ACL.
- Returns:
- a reference to the
Resource
.
-
isGranted
boolean isGranted(ACLPermission permission, Identity identity)
Verify if the given permission is assigned to the specified
Identity
.- Parameters:
permission
- theACLPermission
to be checked for.identity
- theIdentity
being verified.- Returns:
true
if the specified permission is assigned to the identity;false
otherwise.
-
-