public class AclAuthorizationStrategyImpl extends Object implements AclAuthorizationStrategy
AclAuthorizationStrategy
.
Permission will be granted provided the current principal is either the owner (as defined by the ACL), has
BasePermission.ADMINISTRATION
(as defined by the ACL and via a Sid
retrieved for the current
principal via sidRetrievalStrategy
), or if the current principal holds the relevant system-wide
GrantedAuthority
and injected into the constructor.
CHANGE_AUDITING, CHANGE_GENERAL, CHANGE_OWNERSHIP
Constructor and Description |
---|
AclAuthorizationStrategyImpl(GrantedAuthority... auths)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
void |
securityCheck(Acl acl,
int changeType) |
void |
setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy) |
public AclAuthorizationStrategyImpl(GrantedAuthority... auths)
GrantedAuthority
instances that
can be held to always permit ACL changes.auths
- the GrantedAuthority
s that have
special permissions (index 0 is the authority needed to change
ownership, index 1 is the authority needed to modify auditing details,
index 2 is the authority needed to change other ACL and ACE details) (required)
Alternatively, a single value can be supplied for all three permissions.
public void securityCheck(Acl acl, int changeType)
securityCheck
in interface AclAuthorizationStrategy
public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)