|
|||||||||
| Home >> All >> net >> sf >> acegisecurity >> acl >> [ basic overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
net.sf.acegisecurity.acl.basic
Class AbstractBasicAclEntry
java.lang.Objectnet.sf.acegisecurity.acl.basic.AbstractBasicAclEntry
- All Implemented Interfaces:
- net.sf.acegisecurity.acl.AclEntry, BasicAclEntry
- Direct Known Subclasses:
- SimpleAclEntry
- public abstract class AbstractBasicAclEntry
- extends java.lang.Object
- implements BasicAclEntry
- extends java.lang.Object
Abstract implementation of BasicAclEntry.
Provides core bit mask handling methods.
- Version:
- $Id: AbstractBasicAclEntry.java,v 1.3 2005/04/15 01:21:33 luke_t Exp $
| Field Summary | |
private AclObjectIdentity |
aclObjectIdentity
|
private AclObjectIdentity |
aclObjectParentIdentity
|
private static org.apache.commons.logging.Log |
logger
|
private int |
mask
|
private java.lang.Object |
recipient
|
private int[] |
validPermissions
|
| Constructor Summary | |
protected |
AbstractBasicAclEntry()
A protected constructor for use by Hibernate. |
|
AbstractBasicAclEntry(java.lang.Object recipient,
AclObjectIdentity aclObjectIdentity,
AclObjectIdentity aclObjectParentIdentity,
int mask)
|
| Method Summary | |
int |
addPermission(int permissionToAdd)
|
int |
addPermissions(int[] permissionsToAdd)
|
int |
deletePermission(int permissionToDelete)
|
int |
deletePermissions(int[] permissionsToDelete)
|
AclObjectIdentity |
getAclObjectIdentity()
Indicates the domain object instance that is subject of this BasicAclEntry. |
AclObjectIdentity |
getAclObjectParentIdentity()
Indicates any ACL parent of the domain object instance. |
int |
getMask()
Access control lists in this package are based on bit masking. |
java.lang.Object |
getRecipient()
A domain object instance will usually have multiple BasicAclEntrys. |
abstract int[] |
getValidPermissions()
Subclasses must indicate the permissions they support. |
boolean |
isPermitted(int permissionToCheck)
|
protected boolean |
isPermitted(int maskToCheck,
int permissionToCheck)
|
private java.lang.String |
printBinary(int i)
|
java.lang.String |
printPermissionsBlock()
Outputs the permissions in human-friendly format for the current AbstractBasicAclEntry's mask. |
abstract java.lang.String |
printPermissionsBlock(int i)
Outputs the permissions in a human-friendly format. |
void |
setAclObjectIdentity(AclObjectIdentity aclObjectIdentity)
This setter should only be used by DAO implementations. |
void |
setAclObjectParentIdentity(AclObjectIdentity aclObjectParentIdentity)
This setter should only be used by DAO implementations. |
void |
setMask(int mask)
This setter should only be used by DAO implementations. |
void |
setRecipient(java.lang.Object recipient)
This setter should only be used by DAO implementations. |
int |
togglePermission(int permissionToToggle)
|
java.lang.String |
toString()
Convert this Object to a human-readable String. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Field Detail |
logger
private static final org.apache.commons.logging.Log logger
aclObjectIdentity
private AclObjectIdentity aclObjectIdentity
aclObjectParentIdentity
private AclObjectIdentity aclObjectParentIdentity
recipient
private java.lang.Object recipient
validPermissions
private int[] validPermissions
mask
private int mask
| Constructor Detail |
AbstractBasicAclEntry
public AbstractBasicAclEntry(java.lang.Object recipient, AclObjectIdentity aclObjectIdentity, AclObjectIdentity aclObjectParentIdentity, int mask)
AbstractBasicAclEntry
protected AbstractBasicAclEntry()
- A protected constructor for use by Hibernate.
| Method Detail |
setAclObjectIdentity
public void setAclObjectIdentity(AclObjectIdentity aclObjectIdentity)
- Description copied from interface:
BasicAclEntry - This setter should only be used by DAO implementations.
- Specified by:
setAclObjectIdentityin interfaceBasicAclEntry
getAclObjectIdentity
public AclObjectIdentity getAclObjectIdentity()
- Description copied from interface:
BasicAclEntry - Indicates the domain object instance that is subject of this
BasicAclEntry. This information may be of interest to relying classes (voters and business methods) that wish to know the actual origination of the ACL entry (so as to distinguish individual ACL entries from others contributed by the inheritance hierarchy).- Specified by:
getAclObjectIdentityin interfaceBasicAclEntry
setAclObjectParentIdentity
public void setAclObjectParentIdentity(AclObjectIdentity aclObjectParentIdentity)
- Description copied from interface:
BasicAclEntry - This setter should only be used by DAO implementations.
- Specified by:
setAclObjectParentIdentityin interfaceBasicAclEntry
getAclObjectParentIdentity
public AclObjectIdentity getAclObjectParentIdentity()
- Description copied from interface:
BasicAclEntry - Indicates any ACL parent of the domain object instance. This is used by
BasicAclProviderto walk the inheritance hierarchy. An domain object instance need not have a parent.- Specified by:
getAclObjectParentIdentityin interfaceBasicAclEntry
getValidPermissions
public abstract int[] getValidPermissions()
- Subclasses must indicate the permissions they support. Each base
permission should be an integer with a base 2. ie: the first permission
is 2^^0 (1), the second permission is 2^^1 (1), the third permission is
2^^2 (4) etc. Each base permission should be exposed by the subclass as
a
public static final int. It is further recommended that valid combinations of permissions are also exposed aspublic static final ints.This method returns all permission integers that are allowed to be used together. This must include any combinations of valid permissions. So if the permissions indicated by 2^^2 (4) and 2^^1 (2) can be used together, one of the integers returned by this method must be 6 (4 + 2). Otherwise attempts to set the permission will be rejected, as the final resulting mask will be rejected.
Whilst it may seem unduly time onerous to return every valid permission combination, doing so delivers maximum flexibility in ensuring ACLs only reflect logical combinations. For example, it would be inappropriate to grant a "read" and "write" permission along with an "unrestricted" permission, as the latter implies the former permissions.
printPermissionsBlock
public abstract java.lang.String printPermissionsBlock(int i)
- Outputs the permissions in a human-friendly format. For example, this
method may return "CR-D" to indicate the passed integer permits create,
permits read, does not permit update, and permits delete.
setMask
public void setMask(int mask)
- Description copied from interface:
BasicAclEntry - This setter should only be used by DAO implementations.
- Specified by:
setMaskin interfaceBasicAclEntry
getMask
public int getMask()
- Description copied from interface:
BasicAclEntry - Access control lists in this package are based on bit masking. The
integer value of the bit mask can be obtained from this method.
- Specified by:
getMaskin interfaceBasicAclEntry
isPermitted
public boolean isPermitted(int permissionToCheck)
setRecipient
public void setRecipient(java.lang.Object recipient)
- Description copied from interface:
BasicAclEntry - This setter should only be used by DAO implementations.
- Specified by:
setRecipientin interfaceBasicAclEntry
getRecipient
public java.lang.Object getRecipient()
- Description copied from interface:
BasicAclEntry - A domain object instance will usually have multiple
BasicAclEntrys. Each separateBasicAclEntryapplies to a particular "recipient". Typical examples of recipients include (but do not necessarily have to include) usernames, role names, complex granted authorities etc.It is essential that only one
BasicAclEntryexists for a given recipient. Otherwise conflicts as to the mask that should apply to a given recipient will occur.This method indicates which recipient this
BasicAclEntryapplies to. The returned object type will vary depending on the type of recipient. For instance, it might be aStringcontaining a username, or aGrantedAuthorityImplcontaining a complex granted authority that is being granted the permissions contained in this access control entry. The EffectiveAclsResolver andBasicAclProvider.getAcls(Object, Authentication)55 can process the different recipient types and return only those that apply to a specifiedAuthenticationobject.- Specified by:
getRecipientin interfaceBasicAclEntry
addPermission
public int addPermission(int permissionToAdd)
addPermissions
public int addPermissions(int[] permissionsToAdd)
deletePermission
public int deletePermission(int permissionToDelete)
deletePermissions
public int deletePermissions(int[] permissionsToDelete)
printPermissionsBlock
public java.lang.String printPermissionsBlock()
- Outputs the permissions in human-friendly format for the current
AbstractBasicAclEntry's mask.
toString
public java.lang.String toString()
- Description copied from class:
java.lang.Object - Convert this Object to a human-readable String.
There are no limits placed on how long this String
should be or what it should contain. We suggest you
make it as intuitive as possible to be able to place
it into System.out.println() 55
and such.
It is typical, but not required, to ensure that this method never completes abruptly with a java.lang.RuntimeException.
This method will be called when performing string concatenation with this object. If the result is
null, string concatenation will instead use"null".The default implementation returns
getClass().getName() + "@" + Integer.toHexString(hashCode()).
togglePermission
public int togglePermission(int permissionToToggle)
isPermitted
protected boolean isPermitted(int maskToCheck,
int permissionToCheck)
printBinary
private java.lang.String printBinary(int i)
|
|||||||||
| Home >> All >> net >> sf >> acegisecurity >> acl >> [ basic overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||