All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.modeshape.jcr.ModeShapePermissions Maven / Gradle / Ivy

There is a newer version: 5.4.1.Final
Show newest version
/*
 * ModeShape (http://www.modeshape.org)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.modeshape.jcr;

import java.util.Arrays;
import java.util.List;
import javax.jcr.Session;
import javax.jcr.Workspace;

/**
 * The set of constants that can be used for action literals with the {@link Session#checkPermission(String, String)} method.
 * 

* ModeShape has extended the set of JCR-defined actions ("add_node", "set_property", "remove", and "read") with additional * actions ("register_type", "register_namespace", and "unlock_any"). The {@link #REGISTER_TYPE register_type} and * {@link #REGISTER_NAMESPACE register_namespace} permissions define the ability to register (and unregister) node types and * namespaces, respectively. The {@link #UNLOCK_ANY unlock_any} permission grants the user the ability to unlock any locked node * or branch (as opposed to users without that permission who can only unlock nodes or branches that they have locked themselves * or for which they hold the lock token). *

*

* Permissions to perform these actions are aggregated in {@link ModeShapeRoles roles} that can be assigned to users. *

*/ public interface ModeShapePermissions { /** * The {@link #REGISTER_NAMESPACE register_namespace} permission define the ability to register (and unregister) namespaces. * * @see Session#checkPermission(String, String) */ public static final String REGISTER_NAMESPACE = "register_namespace"; /** * The {@link #REGISTER_TYPE register_type} permission define the ability to register (and unregister) node types. * * @see Session#checkPermission(String, String) */ public static final String REGISTER_TYPE = "register_type"; /** * The {@link #UNLOCK_ANY unlock_any} permission grants the user the ability to unlock any locked node or branch (as opposed * to users without that permission who can only unlock nodes or branches that they have locked themselves or for which they * hold the lock token). * * @see Session#checkPermission(String, String) */ public static final String UNLOCK_ANY = "unlock_any"; /** * A standard JCR-defined permission to grant the user the ability to add nodes. * * @see Session#checkPermission(String, String) */ public static final String ADD_NODE = "add_node"; /** * A standard JCR-defined permission to grant the user the ability to add or change properties. * * @see Session#checkPermission(String, String) */ public static final String SET_PROPERTY = "set_property"; /** * A standard JCR-defined permission to grant the user the ability to remove nodes and/or properties. * * @see Session#checkPermission(String, String) */ public static final String REMOVE = "remove"; /** * The permission that allows to remove child nodes. * * @see Session#checkPermission(String, String) */ public static final String REMOVE_CHILD_NODES = "remove_child_nodes"; /** * A standard JCR-defined permission to grant the user the ability to read nodes and/or properties. * * @see Session#checkPermission(String, String) */ public static final String READ = "read"; /** * The {@link #CREATE_WORKSPACE create_workspace} permission allows the user the ability to * {@link Workspace#createWorkspace(String) create new workspaces}. */ public static final String CREATE_WORKSPACE = "create_workspace"; /** * The {@link #DELETE_WORKSPACE delete_workspace} permission allows the user the ability to * {@link Workspace#deleteWorkspace(String) delete workspaces}. */ public static final String DELETE_WORKSPACE = "delete_workspace"; /** * The {@link #MONITOR monitor} permission allows the user the ability to * {@link org.modeshape.jcr.api.RepositoryManager#getRepositoryMonitor() monitor the repository}. */ public static final String MONITOR = "monitor"; /** * The {@link #INDEX_WORKSPACE index_workspace} permission allows the user the ability to * {@link org.modeshape.jcr.api.Workspace#reindex() re-index all or part of a workspace}. */ public static final String INDEX_WORKSPACE = "index_workspace"; /** * The {@link #BACKUP backup} permission allows the user the ability to * {@link org.modeshape.jcr.api.RepositoryManager#backupRepository(java.io.File) initiate a backup of the entire repository}. */ public static final String BACKUP = "backup"; /** * The {@link #RESTORE store} permission allows the user the ability to * {@link org.modeshape.jcr.api.RepositoryManager#restoreRepository(java.io.File) initiate a restore of the entire repository} * . */ public static final String RESTORE = "restore"; /** * The permission that allows the user ability to read nodes * related to access control. */ public static final String READ_ACCESS_CONTROL = "read_access_control"; /** * The permission that allows the user ability to modify nodes * related to access control. */ public static final String MODIFY_ACCESS_CONTROL = "modify_access_control"; static final String[] ALL_CHANGE_PERMISSIONS = new String[] {REGISTER_NAMESPACE, REGISTER_TYPE, UNLOCK_ANY, ADD_NODE, SET_PROPERTY, REMOVE, CREATE_WORKSPACE, DELETE_WORKSPACE, INDEX_WORKSPACE, BACKUP, RESTORE}; static final String[] ALL_PERMISSIONS = new String[] {REGISTER_NAMESPACE, REGISTER_TYPE, UNLOCK_ANY, ADD_NODE, SET_PROPERTY, REMOVE, READ, CREATE_WORKSPACE, DELETE_WORKSPACE, INDEX_WORKSPACE, MONITOR, BACKUP, RESTORE}; static final List READONLY_EXTERNAL_PATH_PERMISSIONS = Arrays.asList(READ, INDEX_WORKSPACE); }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy