Examples of org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl

• org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl
  Simple, immutable implementation of the {@link javax.jcr.security.AccessControlEntry}and the {@link JackrabbitAccessControlEntry} interfaces.

            aclNode = (nodePath == null) ? createRepoAclNode() : createAclNode(nodePath);
        }

        AccessControlEntry[] entries = ((ACLTemplate) policy).getAccessControlEntries();
        for (AccessControlEntry entry : entries) {
            AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;

            Name nodeName = getUniqueNodeName(aclNode, ace.isAllow() ? "allow" : "deny");
            Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
            ValueFactory vf = session.getValueFactory();

            // create the ACE node
            NodeImpl aceNode = addNode(aclNode, nodeName, ntName);

            // write the rep:principalName property
            String principalName = ace.getPrincipal().getName();
            setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(principalName));

            // ... and the rep:privileges property
            Privilege[] pvlgs = ace.getPrivileges();
            Value[] names = getPrivilegeNames(pvlgs, vf);
            setProperty(aceNode, P_PRIVILEGES, names);

            // store the restrictions:
            Set<Name> restrNames = ace.getRestrictions().keySet();
            for (Name restrName : restrNames) {
                Value value = ace.getRestriction(restrName);
                setProperty(aceNode, restrName, value);
            }
        }

        // mark the parent modified.

            // in addition: trivial check if read access is denied somewhere
            canReadAll = canRead(session.getQPath("/"));
            if (canReadAll) {
                for (AccessControlEntry entry : entries) {
                    AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;
                    if (!ace.isAllow() && ace.getPrivilegeBits().includesRead()) {
                        // found an ace that defines read deny for a sub tree
                        // -> canReadAll is false.
                        canReadAll = false;
                        break;
                    }

            // in addition: trivial check if read access is deny somewhere
            // as as shortcut in #canRead(Path)
            canReadAll = canRead(session.getQPath("/"));
            if (canReadAll) {
                for (AccessControlEntry entry : entries) {
                    AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;
                    if (!ace.isAllow() && ((ace.getPrivilegeBits() & readBits) == readBits)) {
                        // found an ace that defines read deny for a sub tree
                        // -> canReadAll is false.
                        canReadAll = false;
                        break;
                    }

            aclNode = createAclNode(nodePath);
        }

        AccessControlEntry[] entries = ((ACLTemplate) policy).getAccessControlEntries();
        for (AccessControlEntry entry : entries) {
            AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;

            Name nodeName = getUniqueNodeName(aclNode, ace.isAllow() ? "allow" : "deny");
            Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
            ValueFactory vf = session.getValueFactory();

            // create the ACE node
            NodeImpl aceNode = addNode(aclNode, nodeName, ntName);

            // write the rep:principalName property
            String principalName = ace.getPrincipal().getName();
            setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(principalName));

            // ... and the rep:privileges property
            Privilege[] pvlgs = ace.getPrivileges();
            Value[] names = getPrivilegeNames(pvlgs, vf);
            setProperty(aceNode, P_PRIVILEGES, names);

            // store the restrictions:
            Set<Name> restrNames = ace.getRestrictions().keySet();
            for (Name restrName : restrNames) {
                Value value = ace.getRestriction(restrName);
                setProperty(aceNode, restrName, value);
            }
        }

        // mark the parent modified.