org.springframework.security.acls.domain
Class AclAuthorizationStrategyImpl

java.lang.Object
  extended by org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
All Implemented Interfaces:
AclAuthorizationStrategy

public class AclAuthorizationStrategyImpl
extends Object
implements AclAuthorizationStrategy

Default implementation of AclAuthorizationStrategy.

Permission will be granted provided the current principal is either the owner (as defined by the ACL), has BasePermission.ADMINISTRATION (as defined by the ACL and via a Sid retrieved for the current principal via sidRetrievalStrategy), or if the current principal holds the relevant system-wide GrantedAuthority and injected into the constructor.


Field Summary
 
Fields inherited from interface org.springframework.security.acls.domain.AclAuthorizationStrategy
CHANGE_AUDITING, CHANGE_GENERAL, CHANGE_OWNERSHIP
 
Constructor Summary
AclAuthorizationStrategyImpl(GrantedAuthority[] auths)
          Constructor.
 
Method Summary
 void securityCheck(Acl acl, int changeType)
           
 void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AclAuthorizationStrategyImpl

public AclAuthorizationStrategyImpl(GrantedAuthority[] auths)
Constructor. The only mandatory parameter relates to the system-wide GrantedAuthority instances that can be held to always permit ACL changes.

Parameters:
auths - an array of GrantedAuthoritys that have special permissions (index 0 is the authority needed to change ownership, index 1 is the authority needed to modify auditing details, index 2 is the authority needed to change other ACL and ACE details) (required)
Method Detail

securityCheck

public void securityCheck(Acl acl,
                          int changeType)
Specified by:
securityCheck in interface AclAuthorizationStrategy

setSidRetrievalStrategy

public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)