Package com.atlassian.bamboo.security.acegi.acls

Class HibernateAclImpl

java.lang.Object
com.atlassian.bamboo.security.acegi.acls.HibernateAclImpl
All Implemented Interfaces:
HibernateAcl, Serializable, org.acegisecurity.acls.Acl, org.acegisecurity.acls.AuditableAcl, org.acegisecurity.acls.MutableAcl, org.acegisecurity.acls.OwnershipAcl
@Entity public class HibernateAclImpl extends Object implements org.acegisecurity.acls.Acl, org.acegisecurity.acls.MutableAcl, org.acegisecurity.acls.AuditableAcl, org.acegisecurity.acls.OwnershipAcl, HibernateAcl
See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    HibernateAclImpl()
    No-argument constructor for use by reflection-based persistence tools along with field-level access.
    HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, @Nullable org.acegisecurity.acls.Acl parentAcl, boolean entriesInheriting, org.acegisecurity.acls.sid.Sid owner)
    Instantiation of type properties - to be used when creating via MutableAclService.createAcl(ObjectIdentity)
    HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, Serializable id, org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy)
    Minimal constructor, which should be used MutableAclService.createAcl(ObjectIdentity).
    HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, Serializable id, org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy, @Nullable org.acegisecurity.acls.Acl parentAcl, @Nullable org.acegisecurity.acls.sid.Sid[] loadedSids, boolean entriesInheriting, org.acegisecurity.acls.sid.Sid owner)
    Full constructor, which should be used by persistence tools that do not provide field-level access features.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    deleteAce(Serializable aceId)
     
    boolean
    equals(Object o)
     
    List<org.acegisecurity.acls.AccessControlEntry>
    getAces()
     
    org.acegisecurity.acls.AccessControlEntry[]
    getEntries()
     
    Serializable
    getId()
     
    org.acegisecurity.acls.objectidentity.ObjectIdentity
    getObjectIdentity()
     
    org.acegisecurity.acls.sid.Sid
    getOwner()
     
    @Nullable org.acegisecurity.acls.Acl
    getParentAcl()
     
    int
    hashCode()
     
    void
    insertAce(@Nullable Serializable afterAceId, org.acegisecurity.acls.Permission permission, org.acegisecurity.acls.sid.Sid sid, boolean granting)
     
    boolean
    isEntriesInheriting()
     
    boolean
    isGranted(org.acegisecurity.acls.Permission[] permission, org.acegisecurity.acls.sid.Sid[] sids, boolean administrativeMode)
    Determines authorization.
    boolean
    isSidLoaded(org.acegisecurity.acls.sid.Sid[] sids)
     
    void
    setAclAuthorizationStrategy(org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy)
     
    void
    setEntriesInheriting(boolean entriesInheriting)
     
    void
    setId(Serializable id)
     
    void
    setObjectIdentity(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity)
     
    void
    setOwner(org.acegisecurity.acls.sid.Sid newOwner)
     
    void
    setParent(org.acegisecurity.acls.Acl newParent)
     
    void
    setParent(org.acegisecurity.acls.MutableAcl newParent)
     
    void
    setParentAcl(org.acegisecurity.acls.Acl parentAcl)
     
    String
    toString()
     
    void
    updateAce(Serializable aceId, org.acegisecurity.acls.Permission permission)
     
    void
    updateAuditing(Serializable aceId, boolean auditSuccess, boolean auditFailure)
     

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • HibernateAclImpl

      public HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, Serializable id, org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy)
      Minimal constructor, which should be used MutableAclService.createAcl(ObjectIdentity).
      Parameters:
      objectIdentity - the object identity this ACL relates to (required)
      id - the primary key assigned to this ACL (required)
      aclAuthorizationStrategy - authorization strategy (required)

    • HibernateAclImpl

      public HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, Serializable id, org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy, @Nullable @Nullable org.acegisecurity.acls.Acl parentAcl, @Nullable @Nullable org.acegisecurity.acls.sid.Sid[] loadedSids, boolean entriesInheriting, org.acegisecurity.acls.sid.Sid owner)
      Full constructor, which should be used by persistence tools that do not provide field-level access features.
      Parameters:
      objectIdentity - the object identity this ACL relates to (required)
      id - the primary key assigned to this ACL (required)
      aclAuthorizationStrategy - authorization strategy (required)
      parentAcl - the parent (may be null)
      loadedSids - the loaded SIDs if only a subset were loaded (may be null)
      entriesInheriting - if ACEs from the parent should inherit into this ACL
      owner - the owner (required)

    • HibernateAclImpl

      public HibernateAclImpl()
      No-argument constructor for use by reflection-based persistence tools along with field-level access.

    • HibernateAclImpl

      public HibernateAclImpl(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity, @Nullable @Nullable org.acegisecurity.acls.Acl parentAcl, boolean entriesInheriting, org.acegisecurity.acls.sid.Sid owner)
      Instantiation of type properties - to be used when creating via MutableAclService.createAcl(ObjectIdentity)
      Parameters:
      parentAcl -
      objectIdentity -
      owner -
      entriesInheriting -

  • Method Details

    • deleteAce

      public void deleteAce(Serializable aceId) throws org.acegisecurity.acls.NotFoundException
      Specified by:
      deleteAce in interface org.acegisecurity.acls.MutableAcl
      Throws:
      org.acegisecurity.acls.NotFoundException

    • getEntries

      public org.acegisecurity.acls.AccessControlEntry[] getEntries()
      Specified by:
      getEntries in interface org.acegisecurity.acls.Acl
      Specified by:
      getEntries in interface org.acegisecurity.acls.MutableAcl

    • getId

      public Serializable getId()
      Specified by:
      getId in interface org.acegisecurity.acls.MutableAcl

    • getObjectIdentity

      public org.acegisecurity.acls.objectidentity.ObjectIdentity getObjectIdentity()
      Specified by:
      getObjectIdentity in interface org.acegisecurity.acls.Acl

    • getOwner

      public org.acegisecurity.acls.sid.Sid getOwner()
      Specified by:
      getOwner in interface org.acegisecurity.acls.Acl

    • getParentAcl

      @Nullable public @Nullable org.acegisecurity.acls.Acl getParentAcl()
      Specified by:
      getParentAcl in interface org.acegisecurity.acls.Acl

    • insertAce

      public void insertAce(@Nullable @Nullable Serializable afterAceId, org.acegisecurity.acls.Permission permission, org.acegisecurity.acls.sid.Sid sid, boolean granting) throws org.acegisecurity.acls.NotFoundException
      Specified by:
      insertAce in interface org.acegisecurity.acls.MutableAcl
      Throws:
      org.acegisecurity.acls.NotFoundException

    • isEntriesInheriting

      public boolean isEntriesInheriting()
      Specified by:
      isEntriesInheriting in interface org.acegisecurity.acls.Acl

    • isGranted

      public boolean isGranted(org.acegisecurity.acls.Permission[] permission, org.acegisecurity.acls.sid.Sid[] sids, boolean administrativeMode) throws org.acegisecurity.acls.NotFoundException, org.acegisecurity.acls.UnloadedSidException
      Determines authorization. The order of the permission and sid arguments is extremely important! The method will iterate through each of the permissions in the order specified. For each iteration, all of the sids will be considered, again in the order they are presented. A search will then be performed for the first AccessControlEntry object that directly matches that permission:sid combination. When the first full match is found (ie an ACE that has the SID currently being searched for and the exact permission bit mask being search for), the grant or deny flag for that ACE will prevail. If the ACE specifies to grant access, the method will return true. If the ACE specifies to deny access, the loop will stop and the next permission iteration will be performed. If each permission indicates to deny access, the first deny ACE found will be considered the reason for the failure (as it was the first match found, and is therefore the one most logically requiring changes - although not always). If absolutely no matching ACE was found at all for any permission, the parent ACL will be tried (provided that there is a parent and isEntriesInheriting() is true. The parent ACL will also scan its parent and so on. If ultimately no matching ACE is found, a NotFoundException will be thrown and the caller will need to decide how to handle the permission check. Similarly, if any of the SID arguments presented to the method were not loaded by the ACL, UnloadedSidException will be thrown.
      Specified by:
      isGranted in interface org.acegisecurity.acls.Acl
      Parameters:
      permission - the exact permissions to scan for (order is important)
      sids - the exact SIDs to scan for (order is important)
      administrativeMode - if true denotes the query is for administrative purposes and no auditing will be undertaken
      Returns:
      true if one of the permissions has been granted, false if one of the permissions has been specifically revoked
      Throws:
      org.acegisecurity.acls.NotFoundException - if an exact ACE for one of the permission bit masks and SID combination could not be found
      org.acegisecurity.acls.UnloadedSidException - if the passed SIDs are unknown to this ACL because the ACL was only loaded for a subset of SIDs

    • isSidLoaded

      public boolean isSidLoaded(org.acegisecurity.acls.sid.Sid[] sids)
      Specified by:
      isSidLoaded in interface org.acegisecurity.acls.Acl

    • setEntriesInheriting

      public void setEntriesInheriting(boolean entriesInheriting)
      Specified by:
      setEntriesInheriting in interface org.acegisecurity.acls.MutableAcl

    • setOwner

      public void setOwner(org.acegisecurity.acls.sid.Sid newOwner)
      Specified by:
      setOwner in interface org.acegisecurity.acls.OwnershipAcl

    • setParent

      public void setParent(org.acegisecurity.acls.MutableAcl newParent)

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • updateAce

      public void updateAce(Serializable aceId, org.acegisecurity.acls.Permission permission) throws org.acegisecurity.acls.NotFoundException
      Specified by:
      updateAce in interface org.acegisecurity.acls.MutableAcl
      Throws:
      org.acegisecurity.acls.NotFoundException

    • updateAuditing

      public void updateAuditing(Serializable aceId, boolean auditSuccess, boolean auditFailure)
      Specified by:
      updateAuditing in interface org.acegisecurity.acls.AuditableAcl

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • setParentAcl

      public void setParentAcl(org.acegisecurity.acls.Acl parentAcl)

    • setParent

      public void setParent(org.acegisecurity.acls.Acl newParent)
      Specified by:
      setParent in interface org.acegisecurity.acls.MutableAcl

    • setAclAuthorizationStrategy

      public void setAclAuthorizationStrategy(org.acegisecurity.acls.domain.AclAuthorizationStrategy aclAuthorizationStrategy)

    • getAces

      public List<org.acegisecurity.acls.AccessControlEntry> getAces()

    • setObjectIdentity

      public void setObjectIdentity(org.acegisecurity.acls.objectidentity.ObjectIdentity objectIdentity)
      Specified by:
      setObjectIdentity in interface HibernateAcl

    • setId

      public void setId(Serializable id)