Interface ACL

  • All Known Implementing Classes:
    ACLImpl

    public interface ACL

    This interface represents an Access Control List (ACL), a data structure used to protect access to resources. It is composed of entries, where each entry is represented by the ALCEntry class and represents the permissions assigned to a given identity.

    When a client attempts to perform an operation on a resource, the ACL associated to the resource is used to verify if the client has enough permissions to perform that operation. In order to do that, the ACLEntry corresponding to the client's identity is retrieved and then the permission set contained in the entry is verified to decide if access should be granted or not.

    Author:
    Stefan Guilhen
    • Method Detail

      • addEntry

        boolean addEntry​(ACLEntry entry)

        Adds an entry to this ACL. If the ACL already has an ACLEntry associated to the new entry's identity, then the new entry will not be added.

        Parameters:
        entry - the ACLEntry to be added.
        Returns:
        true if the entry was added; false otherwise.
      • removeEntry

        boolean removeEntry​(ACLEntry entry)

        Removes an entry from this ACL.

        Parameters:
        entry - the ACLEntry to be removed.
        Returns:
        true if the entry is removed; false if the entry can't be found in the ACL.
      • getEntries

        Collection<? extends ACLEntry> getEntries()

        Obtains the collection of all ACLEntries in this ACL.

        Returns:
        a Collection containing all entries in this ACL.
      • getEntry

        ACLEntry getEntry​(Identity identity)

        Obtains the entry that corresponds to the specified identity. Calling this method is the same as doing getEntry(identity.getName()).

        Parameters:
        identity - a reference to the Identity object.
        Returns:
        the ACLEntry that corresponds to the identity, or null if no entry could be found.
      • getEntry

        ACLEntry getEntry​(String identityOrRole)

        Obtains the entry that corresponds to the specified identity or role name.

        Parameters:
        identityOrRole - a String representing an identity or role.
        Returns:
        the ACLEntry that corresponds to the identity or role or null if no entry could be found.
      • getResource

        Resource getResource()

        Obtains a reference to the resource being protected by this ACL.

        Returns:
        a reference to the Resource.
      • isGranted

        boolean isGranted​(ACLPermission permission,
                          Identity identity)

        Verify if the given permission is assigned to the specified Identity.

        Parameters:
        permission - the ACLPermission to be checked for.
        identity - the Identity being verified.
        Returns:
        true if the specified permission is assigned to the identity; false otherwise.