Class AclAuthorizationStrategyImpl

  extended by
All Implemented Interfaces:

public class AclAuthorizationStrategyImpl
extends Object
implements AclAuthorizationStrategy

Default implementation of AclAuthorizationStrategy.

Permission will be granted provided the current principal is either the owner (as defined by the ACL), has BasePermission.ADMINISTRATION (as defined by the ACL and via a Sid retrieved for the current principal via sidRetrievalStrategy), or if the current principal holds the relevant system-wide GrantedAuthority and injected into the constructor.

Field Summary
Fields inherited from interface
Constructor Summary
AclAuthorizationStrategyImpl(GrantedAuthority[] auths)
Method Summary
 void securityCheck(Acl acl, int changeType)
 void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail


public AclAuthorizationStrategyImpl(GrantedAuthority[] auths)
Constructor. The only mandatory parameter relates to the system-wide GrantedAuthority instances that can be held to always permit ACL changes.

auths - an array of GrantedAuthoritys that have special permissions (index 0 is the authority needed to change ownership, index 1 is the authority needed to modify auditing details, index 2 is the authority needed to change other ACL and ACE details) (required)
Method Detail


public void securityCheck(Acl acl,
                          int changeType)
Specified by:
securityCheck in interface AclAuthorizationStrategy


public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)