Package org.apache.sling.jcr.jackrabbit.accessmanager

Class PrivilegesInfo

java.lang.Object
org.apache.sling.jcr.jackrabbit.accessmanager.PrivilegesInfo
public class PrivilegesInfo extends Object
Helper class to assist in the usage of access control from scripts.

  • Constructor Details

    • PrivilegesInfo

      public PrivilegesInfo()

  • Method Details

    • getSupportedPrivileges

      public javax.jcr.security.Privilege[] getSupportedPrivileges(javax.jcr.Node node) throws javax.jcr.RepositoryException
      Return the supported Privileges for the specified node.
      Parameters:
      node - the node to check
      Returns:
      array of Privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getSupportedPrivileges

      public javax.jcr.security.Privilege[] getSupportedPrivileges(javax.jcr.Session session, String absPath) throws javax.jcr.RepositoryException
      Returns the supported privileges for the specified path.
      Parameters:
      session - the session for the current user
      absPath - the path to get the privileges for
      Returns:
      array of Privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getDeclaredAccessRights

      public Map<Principal,PrivilegesInfo.AccessRights> getDeclaredAccessRights(javax.jcr.Node node) throws javax.jcr.RepositoryException
      Returns the mapping of declared access rights that have been set for the resource at the given path.
      Parameters:
      node - the node to get the access rights for
      Returns:
      map of access rights. Key is the user/group principal, value contains the granted/denied privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getDeclaredAccessRights

      public Map<Principal,PrivilegesInfo.AccessRights> getDeclaredAccessRights(javax.jcr.Session session, String absPath) throws javax.jcr.RepositoryException
      Returns the mapping of declared access rights that have been set for the resource at the given path.
      Parameters:
      session - the current user session.
      absPath - the path of the resource to get the access rights for
      Returns:
      map of access rights. Key is the user/group principal, value contains the granted/denied privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • toMap

      protected Map<Principal,PrivilegesInfo.AccessRights> toMap(javax.jcr.Session session, jakarta.json.JsonObject aclJson) throws javax.jcr.RepositoryException
      Convert the JSON acl to a map of Principal to AccessRights
      Parameters:
      session - the jcr session
      aclJson - the acl JSON object
      Returns:
      map of Principal to AccessRights
      Throws:
      javax.jcr.RepositoryException

    • getDeclaredAccessRightsForPrincipal

      public PrivilegesInfo.AccessRights getDeclaredAccessRightsForPrincipal(javax.jcr.Node node, String principalId) throws javax.jcr.RepositoryException
      Returns the declared access rights for the specified Node for the given principalId.
      Parameters:
      node - the JCR node to retrieve the access rights for
      principalId - the principalId to get the access rights for
      Returns:
      access rights for the specified principal
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getDeclaredAccessRightsForPrincipal

      public PrivilegesInfo.AccessRights getDeclaredAccessRightsForPrincipal(javax.jcr.Session session, String absPath, String principalId) throws javax.jcr.RepositoryException
      Returns the declared access rights for the resource at the specified path for the given principalId.
      Parameters:
      session - the current JCR session
      absPath - the path of the resource to retrieve the rights for
      principalId - the principalId to get the access rights for
      Returns:
      access rights for the specified principal
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getEffectiveAccessRights

      public Map<Principal,PrivilegesInfo.AccessRights> getEffectiveAccessRights(javax.jcr.Node node) throws javax.jcr.RepositoryException
      Returns the mapping of effective access rights that have been set for the resource at the given path.
      Parameters:
      node - the node to get the access rights for
      Returns:
      map of access rights. Key is the user/group principal, value contains the granted/denied privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getEffectiveAccessRights

      public Map<Principal,PrivilegesInfo.AccessRights> getEffectiveAccessRights(javax.jcr.Session session, String absPath) throws javax.jcr.RepositoryException
      Returns the mapping of effective access rights that have been set for the resource at the given path.
      Parameters:
      session - the current user session.
      absPath - the path of the resource to get the access rights for
      Returns:
      map of access rights. Key is the user/group principal, value contains the granted/denied privileges
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getEffectiveAccessRightsForPrincipal

      public PrivilegesInfo.AccessRights getEffectiveAccessRightsForPrincipal(javax.jcr.Node node, String principalId) throws javax.jcr.RepositoryException
      Returns the effective access rights for the specified Node for the given principalId.
      Parameters:
      node - the JCR node to retrieve the access rights for
      principalId - the principalId to get the access rights for
      Returns:
      access rights for the specified principal
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • getEffectiveAccessRightsForPrincipal

      public PrivilegesInfo.AccessRights getEffectiveAccessRightsForPrincipal(javax.jcr.Session session, String absPath, String principalId) throws javax.jcr.RepositoryException
      Returns the effective access rights for the resource at the specified path for the given principalId.
      Parameters:
      session - the current JCR session
      absPath - the path of the resource to retrieve the rights for
      principalId - the principalId to get the access rights for
      Returns:
      access rights for the specified principal
      Throws:
      javax.jcr.RepositoryException - if any errors reading the information

    • canAddChildren

      public boolean canAddChildren(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to add children to the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canAddChildren

      public boolean canAddChildren(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to add children to the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canDeleteChildren

      public boolean canDeleteChildren(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to delete children to the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canDeleteChildren

      public boolean canDeleteChildren(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to delete children of the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canDelete

      public boolean canDelete(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to delete the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canDelete

      public boolean canDelete(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to delete the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canModifyProperties

      public boolean canModifyProperties(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to modify properties of the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canModifyProperties

      public boolean canModifyProperties(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to modify properties of the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canReadAccessControl

      public boolean canReadAccessControl(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to read the access control of the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canReadAccessControl

      public boolean canReadAccessControl(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to read the access control of the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canModifyAccessControl

      public boolean canModifyAccessControl(javax.jcr.Node node)
      Checks whether the current user has been granted privileges to modify the access control of the specified node.
      Parameters:
      node - the node to check
      Returns:
      true if the current user has the privileges, false otherwise

    • canModifyAccessControl

      public boolean canModifyAccessControl(javax.jcr.Session session, String absPath)
      Checks whether the current user has been granted privileges to modify the access control of the specified path.
      Parameters:
      session - the JCR session of the current user
      absPath - the path of the resource to check
      Returns:
      true if the current user has the privileges, false otherwise