org.apache.jena.permissions

Interface SecuredItem

All Known Subinterfaces:

SecuredAlt, SecuredBag, SecuredContainer, SecuredGraph, SecuredLiteral, SecuredModel, SecuredPrefixMapping, SecuredProperty, SecuredRDFList, SecuredRDFNode, SecuredReifiedStatement, SecuredResource, SecuredSeq, SecuredStatement

All Known Implementing Classes:

SecuredAltImpl, SecuredBagImpl, SecuredContainerImpl, SecuredGraphImpl, SecuredItemImpl, SecuredLiteralImpl, SecuredModelImpl, SecuredPrefixMappingImpl, SecuredPropertyImpl, SecuredRDFListImpl, SecuredRDFNodeImpl, SecuredReifiedStatementImpl, SecuredResourceImpl, SecuredSeqImpl, SecuredStatementImpl

public interface SecuredItem

The secured item interface is mixed into instances of secured objects by the proxy. It provides the security context for the security checks as well as several useful shorthand methods for common checks.

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	SecuredItem.Util Utilities for SecuredItem implementations.

Method Summary

Modifier and Type	Method and Description
boolean	canCreate()
boolean	canCreate(FrontsTriple t) Return true if the fronted triple can be created.
boolean	canCreate(Triple t) Return true if the triple can be created.
boolean	canDelete()
boolean	canDelete(FrontsTriple t) Return true if the fronted triple can be deleted.
boolean	canDelete(Triple t) Return true if the triple can be deleted.
boolean	canRead()
boolean	canRead(FrontsTriple t) Return true if the fronted triple can be read.
boolean	canRead(Triple t) Return true if the triple can be read.
boolean	canUpdate()
boolean	canUpdate(FrontsTriple from, FrontsTriple to) Return true if the fronted triple can be updated.
boolean	canUpdate(Triple from, Triple to) Return true if the triple can be updated.
boolean	equals(Object o)
Object	getBaseItem()
String	getModelIRI()
Node	getModelNode()
SecurityEvaluator	getSecurityEvaluator() The SecurityEvaluator implementation that is being used to determine access.
boolean	isEquivalent(SecuredItem securedItem) Return true if this secured item is equivalent to another secured item.

Method Detail

canCreate

boolean canCreate()
           throws AuthenticationRequiredException

Returns:

true if the securedModel allows items to be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canCreate

boolean canCreate(Triple t)
           throws AuthenticationRequiredException

Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Parameters:

t - The triple to check

Returns:

true if the triple can be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canCreate

boolean canCreate(FrontsTriple t)
           throws AuthenticationRequiredException

Return true if the fronted triple can be created. See canRead(Triple t)

Parameters:

t - The fronted triple to check

Returns:

true if the triple can be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

boolean canDelete()
           throws AuthenticationRequiredException

Returns:

true if the securedModel allows items to be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

boolean canDelete(Triple t)
           throws AuthenticationRequiredException

Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Parameters:

t - The triple to check

Returns:

true if the triple can be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

boolean canDelete(FrontsTriple t)
           throws AuthenticationRequiredException

Return true if the fronted triple can be deleted. See canRead(Triple t)

Parameters:

t - The fronted triple to check

Returns:

true if the triple can be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

boolean canRead()
         throws AuthenticationRequiredException

Returns:

true if the securedModel allows items to be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

boolean canRead(Triple t)
         throws AuthenticationRequiredException

Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.

Parameters:

t - The triple to check

Returns:

true if the triple can be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

boolean canRead(FrontsTriple t)
         throws AuthenticationRequiredException

Return true if the fronted triple can be read.

Parameters:

t - The frontedtriple to check

Returns:

true if the triple can be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

boolean canUpdate()
           throws AuthenticationRequiredException

Returns:

true if the securedModel allows items to be updated.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

boolean canUpdate(Triple from,
                  Triple to)
           throws AuthenticationRequiredException

Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Parameters:

from - The triple that will be changed

to - The resulting triple.

Returns:

true if the from triple can be updated as the to triple.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

boolean canUpdate(FrontsTriple from,
                  FrontsTriple to)
           throws AuthenticationRequiredException

Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)

Parameters:

from - The fronted triple that will be changed

to - The resulting fronted triple.

Returns:

true if the from triple can be updated as the to triple.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

equals

boolean equals(Object o)

Overrides:

equals in class Object

getBaseItem

Object getBaseItem()

Returns:

the base item that is being secured.

getModelIRI

String getModelIRI()

Returns:

The IRI of the securedModel that the item belongs to.

getModelNode

Node getModelNode()

Returns:

The node representation of the securedModel IRI.

getSecurityEvaluator

SecurityEvaluator getSecurityEvaluator()

The SecurityEvaluator implementation that is being used to determine access.

Returns:

The SecurityEvaluator implementation.

isEquivalent

boolean isEquivalent(SecuredItem securedItem)

Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent

Parameters:

securedItem - the other secured item.

Returns:

True if they are equivalent, false otherwise.