Examples of org.apache.jackrabbit.api.jsr283.security.AccessControlEntry

• org.apache.jackrabbit.api.jsr283.security.AccessControlList
  An AccessControlEntry represents the association of one or more Privilege objects with a specific Principal. @since JCR 2.0

     */
    public void removePolicy(String absPath, AccessControlPolicy policy) throws PathNotFoundException, AccessControlException, AccessDeniedException, RepositoryException {
        checkInitialized();
        checkPrivileges(absPath, PrivilegeRegistry.MODIFY_AC);

        throw new AccessControlException("No AccessControlPolicy has been set through this API -> Cannot be removed.");
    }

     * @see AccessControlList#addAccessControlEntry(Principal, Privilege[])
     */
    public boolean addAccessControlEntry(Principal principal,
                                         Privilege[] privileges)
            throws AccessControlException, RepositoryException {
        throw new AccessControlException("Unmodifiable ACL. Use AccessControlManager#getApplicablePolicies in order to obtain an modifiable ACL.");
    }

    /**
     * @see AccessControlList#removeAccessControlEntry(AccessControlEntry)
     */
    public void removeAccessControlEntry(AccessControlEntry ace)
            throws AccessControlException, RepositoryException {
        throw new AccessControlException("Unmodifiable ACL. Use AccessControlManager#getApplicablePolicies in order to obtain an modifiable ACL.");
    }

    /**
     * @see AccessControlEditor#editAccessControlPolicies(Principal)
     */
    public AccessControlPolicy[] editAccessControlPolicies(Principal principal) throws AccessDeniedException, AccessControlException, RepositoryException {
        if (!session.getPrincipalManager().hasPrincipal(principal.getName())) {
            throw new AccessControlException("Unknown principal.");
        }
        // TODO: impl. missing
        return new AccessControlPolicy[0];
    }

        NodeImpl aclNode = getAclNode(nodePath);
        if (aclNode != null) {
            removeSecurityItem(aclNode);
        } else {
            throw new AccessControlException("No policy to remove at " + nodePath);
        }
    }

     * @throws RepositoryException
     */
    private void checkProtectsNode(String nodePath) throws RepositoryException {
        NodeImpl node = getNode(nodePath);
        if (utils.isAcItem(node)) {
            throw new AccessControlException("Node " + nodePath + " defines ACL or ACE itself.");
        }
    }

     * @param policy
     * @throws AccessControlException
     */
    private static void checkValidPolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException {
        if (policy == null || !(policy instanceof ACLTemplate)) {
            throw new AccessControlException("Attempt to set/remove invalid policy " + policy);
        }
        ACLTemplate acl = (ACLTemplate) policy;
        if (!nodePath.equals(acl.getPath())) {
            throw new AccessControlException("Policy " + policy + " cannot be applied/removed from the node at " + nodePath);
        }
    }

    public Privilege getPrivilege(String privilegeName) throws AccessControlException, RepositoryException {
        Name name = resolver.getQName(privilegeName);
        if (localCache.containsKey(name)) {
            return (Privilege) localCache.get(name);
        } else {
            throw new AccessControlException("Unknown privilege " + privilegeName);
        }
    }

     * @throws AccessControlException If the specified array is null
     * or if it contains an unregistered privilege.
     */
    public static int getBits(Privilege[] privileges) throws AccessControlException {
        if (privileges == null || privileges.length == 0) {
            throw new AccessControlException();
        }
        int bits = NO_PRIVILEGE;
        for (int i = 0; i < privileges.length; i++) {
            Privilege priv = privileges[i];
            if (priv instanceof PrivilegeImpl) {
                bits |= ((PrivilegeImpl) priv).internalPrivilege.getBits();
            } else {
                throw new AccessControlException("Unknown privilege '" + priv.getName() + "'.");
            }
        }
        return bits;
    }

      Set<String> pidSet = new HashSet<String>();
      pidSet.addAll(Arrays.asList(applyTo));

      try {
        AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
        AccessControlList updatedAcl = null;
        AccessControlPolicyIterator applicablePolicies = accessControlManager.getApplicablePolicies(resourcePath);
        while (applicablePolicies.hasNext()) {
          AccessControlPolicy policy = applicablePolicies.nextAccessControlPolicy();
          if (policy instanceof AccessControlList) {
            updatedAcl = (AccessControlList)policy;
            break;
          }
        }
        if (updatedAcl == null) {
          throw new RepositoryException("Unable to find an access control policy to update.");
        }

        //keep track of the existing Aces for the target principal
        AccessControlEntry[] accessControlEntries = updatedAcl.getAccessControlEntries();
        List<AccessControlEntry> oldAces = new ArrayList<AccessControlEntry>();
        for (AccessControlEntry ace : accessControlEntries) {
          if (pidSet.contains(ace.getPrincipal().getName())) {
            oldAces.add(ace);
          }
        }

        //remove the old aces
        if (!oldAces.isEmpty()) {
          for (AccessControlEntry ace : oldAces) {
            updatedAcl.removeAccessControlEntry(ace);
          }
        }

        //apply the changed policy
        accessControlManager.setPolicy(resourcePath, updatedAcl);