ANONYMOUS, ANONYMOUS_USERNAME, AUTOMATIC_SIDS, EVERYONE, SYSTEM, SYSTEM_USERNAME
Constructor and Description |
---|
SidACL() |
Modifier and Type | Method and Description |
---|---|
protected Boolean |
_hasPermission(org.acegisecurity.Authentication a,
Permission permission)
Implementation that backs up
hasPermission(Authentication, Permission) . |
boolean |
hasPermission(org.acegisecurity.Authentication a,
Permission permission)
Checks if the given principle has the given permission.
|
protected abstract Boolean |
hasPermission(org.acegisecurity.acls.sid.Sid p,
Permission permission)
Checks if the given
Sid has the given Permission . |
SidACL |
newInheritingACL(SidACL parent)
|
protected String |
toString(org.acegisecurity.acls.sid.Sid p) |
as, as, checkCreatePermission, checkCreatePermission, checkPermission, hasCreatePermission, hasCreatePermission, hasPermission, impersonate, impersonate, impersonate, isAnonymous, lambda
public boolean hasPermission(@Nonnull org.acegisecurity.Authentication a, Permission permission)
ACL
Note that ACL.SYSTEM
can be passed in as the authentication parameter,
in which case you should probably just assume it has every permission.
hasPermission
in class ACL
protected Boolean _hasPermission(@Nonnull org.acegisecurity.Authentication a, Permission permission)
hasPermission(Authentication, Permission)
.hasPermission(Sid, Permission)
returns it.
Otherwise null, indicating that this ACL doesn't have any entry for it.protected abstract Boolean hasPermission(org.acegisecurity.acls.sid.Sid p, Permission permission)
Sid
has the given Permission
.
hasPermission(Authentication, Permission)
is implemented
by checking authentication's GrantedAuthority
by using
this method.
It is the implementor's responsibility to recognize Permission.impliedBy
and take that into account.
protected String toString(org.acegisecurity.acls.sid.Sid p)
public final SidACL newInheritingACL(SidACL parent)
SidACL
that first consults 'this' SidACL
and then delegate to
the given parent SidACL
. By doing this at the SidACL
level and not at the
ACL
level, this allows the child ACLs to have an explicit deny entry.
Note that the combined ACL calls hasPermission(Sid,Permission) in the child and parent
SidACLs directly, so if these override _hasPermission then this custom behavior will
not be applied.Copyright © 2004–2019. All rights reserved.