public class AclImpl extends java.lang.Object implements Acl, MutableAcl, AuditableAcl, OwnershipAcl
Acl.| Constructor and Description | 
|---|
| AclImpl(ObjectIdentity objectIdentity,
       java.io.Serializable id,
       AclAuthorizationStrategy aclAuthorizationStrategy,
       AuditLogger auditLogger)Minimal constructor, which should be used
  MutableAclService.createAcl(ObjectIdentity). | 
| AclImpl(ObjectIdentity objectIdentity,
       java.io.Serializable id,
       AclAuthorizationStrategy aclAuthorizationStrategy,
       PermissionGrantingStrategy grantingStrategy,
       Acl parentAcl,
       java.util.List<Sid> loadedSids,
       boolean entriesInheriting,
       Sid owner)Full constructor, which should be used by persistence tools that do not provide
 field-level access features. | 
| Modifier and Type | Method and Description | 
|---|---|
| void | deleteAce(int aceIndex) | 
| boolean | equals(java.lang.Object obj) | 
| java.util.List<AccessControlEntry> | getEntries()Returns all of the entries represented by the present Acl. | 
| java.io.Serializable | getId()Obtains an identifier that represents this MutableAcl. | 
| ObjectIdentity | getObjectIdentity()Obtains the domain object this Acl provides entries for. | 
| Sid | getOwner()Determines the owner of the Acl. | 
| Acl | getParentAcl()A domain object may have a parent for the purpose of ACL inheritance. | 
| int | hashCode() | 
| void | insertAce(int atIndexLocation,
         Permission permission,
         Sid sid,
         boolean granting) | 
| boolean | isEntriesInheriting()Indicates whether the ACL entries from the  Acl.getParentAcl()should flow down
 into the current Acl. | 
| boolean | isGranted(java.util.List<Permission> permission,
         java.util.List<Sid> sids,
         boolean administrativeMode)Delegates to the  PermissionGrantingStrategy. | 
| boolean | isSidLoaded(java.util.List<Sid> sids)For efficiency reasons an Acl may be loaded and not contain
 entries for every Sid in the system. | 
| void | setEntriesInheriting(boolean entriesInheriting)Change the value returned by  Acl.isEntriesInheriting(). | 
| void | setOwner(Sid newOwner)Changes the present owner to a different owner. | 
| void | setParent(Acl newParent)Changes the parent of this ACL. | 
| java.lang.String | toString() | 
| void | updateAce(int aceIndex,
         Permission permission) | 
| void | updateAuditing(int aceIndex,
              boolean auditSuccess,
              boolean auditFailure) | 
public AclImpl(ObjectIdentity objectIdentity, java.io.Serializable id, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)
MutableAclService.createAcl(ObjectIdentity)
 .objectIdentity - the object identity this ACL relates to (required)id - the primary key assigned to this ACL (required)aclAuthorizationStrategy - authorization strategy (required)auditLogger - audit logger (required)public AclImpl(ObjectIdentity objectIdentity, java.io.Serializable id, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy, Acl parentAcl, java.util.List<Sid> loadedSids, boolean entriesInheriting, Sid owner)
objectIdentity - the object identity this ACL relates toid - the primary key assigned to this ACLaclAuthorizationStrategy - authorization strategygrantingStrategy - the PermissionGrantingStrategy which will be used
 by the isGranted() methodparentAcl - the parent (may be may be null)loadedSids - the loaded SIDs if only a subset were loaded (may be null
 )entriesInheriting - if ACEs from the parent should inherit into this ACLowner - the owner (required)public void deleteAce(int aceIndex)
               throws NotFoundException
deleteAce in interface MutableAclNotFoundExceptionpublic void insertAce(int atIndexLocation,
                      Permission permission,
                      Sid sid,
                      boolean granting)
               throws NotFoundException
insertAce in interface MutableAclNotFoundExceptionpublic java.util.List<AccessControlEntry> getEntries()
AclThis method is typically used for administrative purposes.
 The order that entries appear in the array is important for methods declared in the
 MutableAcl interface. Furthermore, some implementations MAY use ordering as
 part of advanced permission checking.
 
 Do NOT use this method for making authorization decisions. Instead use
 Acl.isGranted(List, List, boolean).
 
This method must operate correctly even if the Acl only represents a subset of Sids. The caller is responsible for correctly handling the result if only a subset of Sids is represented.
getEntries in interface Aclpublic java.io.Serializable getId()
MutableAclgetId in interface MutableAclpublic ObjectIdentity getObjectIdentity()
AclgetObjectIdentity in interface Aclpublic boolean isEntriesInheriting()
AclAcl.getParentAcl() should flow down
 into the current Acl.
 The mere link between an Acl and a parent Acl on its own is insufficient to cause ACL entries to inherit down. This is because a domain object may wish to have entirely independent entries, but maintain the link with the parent for navigation purposes. Thus, this method denotes whether or not the navigation relationship also extends to the actual inheritance of entries.
isEntriesInheriting in interface Aclpublic boolean isGranted(java.util.List<Permission> permission, java.util.List<Sid> sids, boolean administrativeMode) throws NotFoundException, UnloadedSidException
PermissionGrantingStrategy.isGranted in interface Aclpermission - the permission or permissions required (at least one entry
 required)sids - the security identities held by the principal (at least one entry
 required)administrativeMode - if true denotes the query is for administrative
 purposes and no logging or auditing (if supported by the implementation) should be
 undertakenUnloadedSidException - if the passed SIDs are unknown to this ACL because the
 ACL was only loaded for a subset of SIDsNotFoundException - MUST be thrown if an implementation cannot make an
 authoritative authorization decision, usually because there is no ACL information
 for this particular permission and/or SIDDefaultPermissionGrantingStrategypublic boolean isSidLoaded(java.util.List<Sid> sids)
AclIt is normal to load an Acl for only particular Sids if read-only authorization decisions are being made. However, if user interface reporting or modification of Acls are desired, an Acl should be loaded with all Sids. This method denotes whether or not the specified Sids have been loaded or not.
isSidLoaded in interface Aclsids - one or more security identities the caller is interest in knowing
 whether this Sid supportspublic void setEntriesInheriting(boolean entriesInheriting)
MutableAclAcl.isEntriesInheriting().setEntriesInheriting in interface MutableAclentriesInheriting - the new valuepublic void setOwner(Sid newOwner)
MutableAclsetOwner in interface MutableAclsetOwner in interface OwnershipAclnewOwner - the new owner (mandatory; cannot be null)public Sid getOwner()
Aclpublic void setParent(Acl newParent)
MutableAclsetParent in interface MutableAclnewParent - the new parentpublic Acl getParentAcl()
Acl
 This method solely represents the presence of a navigation hierarchy between the
 parent Acl and this Acl. For actual inheritance to take place,
 the Acl.isEntriesInheriting() must also be true.
 
This method must operate correctly even if the Acl only represents a subset of Sids. The caller is responsible for correctly handling the result if only a subset of Sids is represented.
getParentAcl in interface Aclpublic void updateAce(int aceIndex,
                      Permission permission)
               throws NotFoundException
updateAce in interface MutableAclNotFoundExceptionpublic void updateAuditing(int aceIndex,
                           boolean auditSuccess,
                           boolean auditFailure)
updateAuditing in interface AuditableAclpublic boolean equals(java.lang.Object obj)
equals in class java.lang.Objectpublic int hashCode()
hashCode in class java.lang.Objectpublic java.lang.String toString()
toString in class java.lang.Object