Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

hudson.security
Class SidACL

java.lang.Object
  extended by hudson.security.ACL
      extended by hudson.security.SidACL
Direct Known Subclasses:
SparseACL
public abstract class SidACL
extends ACL

ACL that checks permissions based on GrantedAuthority of the Authentication.

Author:
Kohsuke Kawaguchi

Field Summary
 
Fields inherited from class hudson.security.ACL
ANONYMOUS, AUTOMATIC_SIDS, EVERYONE, SYSTEM
 
Constructor Summary
SidACL()
           
 
Method Summary
protected  Boolean _hasPermission(org.acegisecurity.Authentication a, Permission permission)
          Implementation that backs up hasPermission(Authentication, Permission).
 boolean hasPermission(org.acegisecurity.Authentication a, Permission permission)
          Checks if the given principle has the given permission.
protected abstract  Boolean hasPermission(org.acegisecurity.acls.sid.Sid p, Permission permission)
          Checks if the given Sid has the given Permission.
 SidACL newInheritingACL(SidACL parent)
          Creates a new SidACL that first consults 'this' SidACL and then delegate to the given parent SidACL.
protected  String toString(org.acegisecurity.acls.sid.Sid p)
           
 
Methods inherited from class hudson.security.ACL
checkPermission, hasPermission, impersonate, impersonate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SidACL

public SidACL()
Method Detail

hasPermission

public boolean hasPermission(org.acegisecurity.Authentication a,
                             Permission permission)
Description copied from class: ACL
Checks if the given principle has the given permission.

Note that ACL.SYSTEM can be passed in as the authentication parameter, in which case you should probably just assume it has every permission.

Specified by:
hasPermission in class ACL

_hasPermission

protected Boolean _hasPermission(org.acegisecurity.Authentication a,
                                 Permission permission)
Implementation that backs up hasPermission(Authentication, Permission).

Returns:
true or false if hasPermission(Sid, Permission) returns it. Otherwise null, indicating that this ACL doesn't have any entry for it.

hasPermission

protected abstract Boolean hasPermission(org.acegisecurity.acls.sid.Sid p,
                                         Permission permission)
Checks if the given Sid has the given Permission.

hasPermission(Authentication, Permission) is implemented by checking authentication's GrantedAuthority by using this method.

It is the implementor's responsibility to recognize Permission.impliedBy and take that into account.

Returns:
true if the access should be granted, false if it should be denied. The null value indicates that the ACL does no rule for this Sid/Permission combination. The caller can decide what to do &mash; such as consulting the higher level ACL, or denying the access (if the model is no-access-by-default.)

toString

protected String toString(org.acegisecurity.acls.sid.Sid p)

newInheritingACL

public final SidACL newInheritingACL(SidACL parent)
Creates a new SidACL that first consults 'this' SidACL and then delegate to the given parent SidACL. By doing this at the SidACL level and not at the ACL level, this allows the child ACLs to have an explicit deny entry. Note that the combined ACL calls hasPermission(Sid,Permission) in the child and parent SidACLs directly, so if these override _hasPermission then this custom behavior will not be applied.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2013. All Rights Reserved.