Authorizable (Unnamed - com.day.cq.wcm:cq-wcm-javadoc:pom:5.1.16 5.1.16 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.day.cq.security
Interface Authorizable

All Superinterfaces:: org.apache.sling.api.adapter.Adaptable

All Known Subinterfaces:: Group, User

All Known Implementing Classes:: CrxAuthorizable, CrxGroup, CrxUser, CRXUserManager.EveryOne

public interface Authorizable
extends org.apache.sling.api.adapter.Adaptable
extends org.apache.sling.api.adapter.Adaptable

Base Class for Objects which act on the Repository. This can be Users, eg. the authenticated subject, or Groups of Users. The Authorizable is related to a Session via the User-ID.
Allow to adapt the Authoirzable to Other resources like its Home, Prferences etc.

See Also:: Adaptable

Field Summary
`static String`	`PROPERTY_DESCRIPTION`
`static String`	`PROPERTY_EMAIL`
`static String`	`PROPERTY_ID`
`static String`	`PROPERTY_NAME`
`static String`	`PROPERTY_PRINCIPAL`

Method Summary
`String`	`getHomePath()`
`String`	`getID()` The ID is a unique identifier within the `UserManager` this User has been acquired from. The following must be true:
`String`	`getName()` A human readable Name.
`Principal`	`getPrincipal()`
`Privilege`	`getPrivilege(String privilege)`
`Collection<Privilege>`	`getPrivileges()`
`String`	`getProperty(String name)` Some property.
`Iterator<String>`	`getPropertyNames()` Returns the names of properties present with `this` Authorizable.
`void`	`grantPrivilege(String privilege)`
`boolean`	`hasPermission(String privilege)`
`boolean`	`hasPermissionOn(String privilege, String resourcePath)`
`boolean`	`isUser()` If an Authorizable is a `User` according this test-method a cast to `User Class` MUST be possible.
`Iterator<Group>`	`memberOf()` The Groups a Authorizable is member of. Transitive membership is not resolved.
`void`	`remove()` delete this Authorizable
`boolean`	`removeProperty(String name)` Removes the property with the given name.
`void`	`revokePrivilege(String privilege)`
`void`	`setProperty(String name, String value)` Set an arbitrary property to this `Authorizable`.

Methods inherited from interface org.apache.sling.api.adapter.Adaptable
`adaptTo`

Field Detail

PROPERTY_PRINCIPAL

static final String PROPERTY_PRINCIPAL

See Also:: Constant Field Values

PROPERTY_ID

static final String PROPERTY_ID

See Also:: Constant Field Values

PROPERTY_NAME

static final String PROPERTY_NAME

See Also:: Constant Field Values

PROPERTY_DESCRIPTION

static final String PROPERTY_DESCRIPTION

See Also:: Constant Field Values

PROPERTY_EMAIL

static final String PROPERTY_EMAIL

See Also:: Constant Field Values

Method Detail

isUser

boolean isUser()

If an Authorizable is a User according this test-method a cast to User Class MUST be possible.

Returns:: true if the Authorizable is a User
See Also:: User

getID

String getID()

The ID is a unique identifier within the UserManager this User has been acquired from.
The following must be true:

  String id = "userId"
  User u = userManger.get(id);
  u.extractID().equals(id);

Returns:: the ID of this User.
See Also:: UserManager.get(String)

getName

String getName()

A human readable Name. E.g. Implementations may return the full name of a User

Returns:: full name of this authorizable

getPrincipal

Principal getPrincipal()

Returns:: this Authorizable holds, if authenticated

getPropertyNames

Iterator<String> getPropertyNames()

Returns the names of properties present with this Authorizable.

Returns:: names of properties.
See Also:: getProperty(String)

getProperty

String getProperty(String name)

Some property. Its open for implementers to provide any Property. See constants of this Interface for commonly used properties

Parameters:: name - of the Property
Returns:: Property or nullif property does not exist or does not have a value

setProperty

void setProperty(String name,
                 String value)
                 throws AccessDeniedException

Set an arbitrary property to this Authorizable.

Parameters:: name - name of the Property to set; value - to set
Throws:: AccessDeniedException - the session, aquireing thie Authroizable is not allowed to write authorizables

removeProperty

boolean removeProperty(String name)
                       throws AccessDeniedException

Removes the property with the given name.

Parameters:: name - of the Property to remove
Returns:: true If the property with the specified name was successfully removed; false if no such property was present.
Throws:: AccessDeniedException - the session, aquireing thie Authroizable is not allowed to write authorizables

memberOf

Iterator<Group> memberOf()

The Groups a Authorizable is member of.
Transitive membership is not resolved. Thus the following is true: if Authorizable A is memebrOf Group G g.getMemebers() contains A.

Returns:: Iterator containing all Groups the Authorizable is direct member of

getHomePath

String getHomePath()

Returns:: an absolute Path, this User may use as Home-Directory

hasPermission

boolean hasPermission(String privilege)

Parameters:: privilege - identifier of the privilege (eg. workflow/privilege/start)
Returns:: true if the privilege is set. false if not or if Privilege.isPathDependent() privilege is pathDependant}
See Also:: grantPrivilege(String)

hasPermissionOn

boolean hasPermissionOn(String privilege,
                        String resourcePath)

Parameters:: privilege - identifier of the privilege (eg. workflow/privilege/start); resourcePath - path of the resource
Returns:: true if the privilege is set. if Privilege.isPathDependent() privilege is pathDependant}. it has additionaly to grant on the given resource-path
See Also:: grantPrivilege(String), Privilege.isGranted(String)

getPrivilege

Privilege getPrivilege(String privilege)
                       throws AccessDeniedException

Parameters:: privilege - identifier of the privilege (eg. workflow/privilege/start)
Returns:: Privilege or null if none set
Throws:: AccessDeniedException - in case the session that acquired this authorizable is not allowed read Privileges
See Also:: grantPrivilege(String)

grantPrivilege

void grantPrivilege(String privilege)
                    throws AccessDeniedException

Parameters:: privilege - identifier to grant the current Authorizable
Throws:: AccessDeniedException - in case the session that acquired this authorizable is not allowed grant Privileges

revokePrivilege

void revokePrivilege(String privilege)
                     throws AccessDeniedException

Parameters:: privilege - identifier of the privilege to remove from this Authorizable
Throws:: AccessDeniedException - in case the session that acquired this authorizable is not allowed revoke Privileges

getPrivileges

Collection<Privilege> getPrivileges()
                                    throws AccessDeniedException

Returns:: collection of Privileges grantet the current Authorizable this includes only the privileges granted explicitly and not those granted by group-membership.
Throws:: AccessDeniedException - in case the session that acquired this authorizable is not allowed read Privileges

remove

void remove()
            throws AccessDeniedException

delete this Authorizable

Throws:: AccessDeniedException - in case the session that acquired this authorizable is not allowed to remove this