Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jackrabbit.core.security.user.action
Class AccessControlAction

java.lang.Object
  extended by org.apache.jackrabbit.core.security.user.action.AbstractAuthorizableAction
      extended by org.apache.jackrabbit.core.security.user.action.AccessControlAction
All Implemented Interfaces:
AuthorizableAction
public class AccessControlAction
extends AbstractAuthorizableAction

The AccessControlAction allows to setup permissions upon creation of a new authorizable; namely the privileges the new authorizable should be granted on it's own 'home directory' being represented by the new node associated with that new authorizable.

The following to configuration parameters are available with this implementation:

Example configuration: 

    <UserManager class="org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager">
       <AuthorizableAction class="org.apache.jackrabbit.core.security.user.action.AccessControlAction">
          <param name="groupPrivilegeNames" value="jcr:read"/>
          <param name="userPrivilegeNames" value="jcr:read, rep:write"/>
       </AuthorizableAction>
    </UserManager>

The example configuration will lead to the following content structure upon user or group creation:: 

     UserManager umgr = ((JackrabbitSession) session).getUserManager();
     User user = umgr.createUser("testUser", "t");

     + t                           rep:AuthorizableFolder
       + te                        rep:AuthorizableFolder
         + testUser                rep:User, mix:AccessControllable
           + rep:policy            rep:ACL
             + allow               rep:GrantACE
               - rep:principalName = "testUser"
               - rep:privileges    = ["jcr:read","rep:write"]
           - rep:password
           - rep:principalName     = "testUser"
 
     UserManager umgr = ((JackrabbitSession) session).getUserManager();
     Group group = umgr.createGroup("testGroup");

     + t                           rep:AuthorizableFolder
       + te                        rep:AuthorizableFolder
         + testGroup               rep:Group, mix:AccessControllable
           + rep:policy            rep:ACL
             + allow               rep:GrantACE
               - rep:principalName = "testGroup"
               - rep:privileges    = ["jcr:read"]
           - rep:principalName     = "testGroup"

Constructor Summary
AccessControlAction()
          Create a new instance.
 
Method Summary
 void onCreate(org.apache.jackrabbit.api.security.user.Group group, Session session)
          Doesn't perform any action.
 void onCreate(org.apache.jackrabbit.api.security.user.User user, String password, Session session)
          Doesn't perform any action.
 void setGroupPrivilegeNames(String privilegeNames)
          Sets the privileges a new group will be granted on the group's home directory.
 void setUserPrivilegeNames(String privilegeNames)
          Sets the privileges a new user will be granted on the user's home directory.
 
Methods inherited from class org.apache.jackrabbit.core.security.user.action.AbstractAuthorizableAction
onPasswordChange, onRemove
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessControlAction

public AccessControlAction()
Create a new instance.

Method Detail

onCreate

public void onCreate(org.apache.jackrabbit.api.security.user.Group group,
                     Session session)
              throws RepositoryException
Description copied from class: AbstractAuthorizableAction
Doesn't perform any action.

Specified by:
onCreate in interface AuthorizableAction
Overrides:
onCreate in class AbstractAuthorizableAction
Parameters:
group - The new group that has not yet been persisted; e.g. the associated node is still 'NEW'.
session - The editing session associated with the user manager.
Throws:
RepositoryException - If an error occurs.
See Also:
AuthorizableAction.onCreate(org.apache.jackrabbit.api.security.user.Group, javax.jcr.Session)

onCreate

public void onCreate(org.apache.jackrabbit.api.security.user.User user,
                     String password,
                     Session session)
              throws RepositoryException
Description copied from class: AbstractAuthorizableAction
Doesn't perform any action.

Specified by:
onCreate in interface AuthorizableAction
Overrides:
onCreate in class AbstractAuthorizableAction
Parameters:
user - The new user that has not yet been persisted; e.g. the associated node is still 'NEW'.
password - The password that was specified upon user creation.
session - The editing session associated with the user manager.
Throws:
RepositoryException - If an error occurs.
See Also:
AuthorizableAction.onCreate(org.apache.jackrabbit.api.security.user.User, String, javax.jcr.Session)

setGroupPrivilegeNames

public void setGroupPrivilegeNames(String privilegeNames)
Sets the privileges a new group will be granted on the group's home directory.

Parameters:
privilegeNames - A comma separated list of privilege names.

setUserPrivilegeNames

public void setUserPrivilegeNames(String privilegeNames)
Sets the privileges a new user will be granted on the user's home directory.

Parameters:
privilegeNames - A comma separated list of privilege names.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.