Examples of org.modeshape.jcr.security.AdvancedAuthorizationProvider

• org.modeshape.jcr.security.AdvancedAuthorizationProvider
  An interface that can authorize access to specific resources within repositories. Unlike the more basic and simpl {@link AuthenticationProvider}, this interface allows an implementation to get at additional information with each call to {@link #hasPermission(Context,Path,String)}.

  In particular, the supplied {@link Context} instance contains the {@link Session} that is calling this provider, allowing theprovider implementation to access authorization-specific content within the repository to determine permissions for other repository content.

  In these cases, calls to the session to access nodes will result in their own calls to {@link #hasPermission(Context,Path,String)}. Therefore, such implementations need to handle these special authorization-specific content permissions in an explicit fashion. It is also adviced that such providers cache as much of the authorization-specifc content as possible, as the {@link #hasPermission(Context,Path,String)} method is called frequently.

                }
            }

            if (sec instanceof AdvancedAuthorizationProvider) {
                // Delegate to the security context ...
                AdvancedAuthorizationProvider authorizer = (AdvancedAuthorizationProvider)sec;
                Path path = pathSupplier != null ? pathSupplier.getAbsolutePath() : null;
                if (path != null) {
                    assert path.isAbsolute() : "The path (if provided) must be absolute";
                    hasPermission = authorizer.hasPermission(authorizerContext, path, actions);

                    if (checkAcl && hasPermission) {
                        hasPermission = acm.hasPermission(path, actions);
                    }
                    return hasPermission;