Package org.apache.jena.permissions
Interface SecuredItem
- All Known Subinterfaces:
SecuredAlt
,SecuredBag
,SecuredContainer
,SecuredGraph
,SecuredLiteral
,SecuredModel
,SecuredPrefixMapping
,SecuredProperty
,SecuredRDFList
,SecuredRDFNode
,SecuredReifiedStatement
,SecuredResource
,SecuredSeq
,SecuredStatement
- All Known Implementing Classes:
SecuredAltImpl
,SecuredBagImpl
,SecuredContainerImpl
,SecuredGraphImpl
,SecuredItemImpl
,SecuredLiteralImpl
,SecuredModelImpl
,SecuredPrefixMappingImpl
,SecuredPropertyImpl
,SecuredRDFListImpl
,SecuredRDFNodeImpl
,SecuredReifiedStatementImpl
,SecuredResourceImpl
,SecuredSeqImpl
,SecuredStatementImpl
public interface SecuredItem
The secured item interface is mixed into instances of secured objects by the
proxy. It provides the security context for the security checks as well as
several useful shorthand methods for common checks.
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic class
Utilities for SecuredItem implementations. -
Method Summary
Modifier and TypeMethodDescriptionboolean
boolean
Return true if the fronted triple can be created.boolean
Return true if the triple can be created.boolean
boolean
Return true if the fronted triple can be deleted.boolean
Return true if the triple can be deleted.boolean
canRead()
boolean
Return true if the fronted triple can be read.boolean
Return true if the triple can be read.boolean
boolean
canUpdate
(FrontsTriple from, FrontsTriple to) Return true if the fronted triple can be updated.boolean
Return true if the triple can be updated.boolean
The SecurityEvaluator implementation that is being used to determine access.boolean
isEquivalent
(SecuredItem securedItem) Return true if this secured item is equivalent to another secured item.
-
Method Details
-
canCreate
- Returns:
- true if the securedModel allows items to be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canCreate
Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Parameters:
t
- The triple to check- Returns:
- true if the triple can be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canCreate
Return true if the fronted triple can be created. See canRead(Triple t)- Parameters:
t
- The fronted triple to check- Returns:
- true if the triple can be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
- Returns:
- true if the securedModel allows items to be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Parameters:
t
- The triple to check- Returns:
- true if the triple can be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
Return true if the fronted triple can be deleted. See canRead(Triple t)- Parameters:
t
- The fronted triple to check- Returns:
- true if the triple can be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
- Returns:
- true if the securedModel allows items to be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.- Parameters:
t
- The triple to check- Returns:
- true if the triple can be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
Return true if the fronted triple can be read.- Parameters:
t
- The frontedtriple to check- Returns:
- true if the triple can be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
- Returns:
- true if the securedModel allows items to be updated.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Parameters:
from
- The triple that will be changedto
- The resulting triple.- Returns:
- true if the from triple can be updated as the to triple.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)- Parameters:
from
- The fronted triple that will be changedto
- The resulting fronted triple.- Returns:
- true if the from triple can be updated as the to triple.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
equals
-
getBaseItem
Object getBaseItem()- Returns:
- the base item that is being secured.
-
getModelIRI
String getModelIRI()- Returns:
- The IRI of the securedModel that the item belongs to.
-
getModelNode
Node getModelNode()- Returns:
- The node representation of the securedModel IRI.
-
getSecurityEvaluator
SecurityEvaluator getSecurityEvaluator()The SecurityEvaluator implementation that is being used to determine access.- Returns:
- The SecurityEvaluator implementation.
-
isEquivalent
Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent- Parameters:
securedItem
- the other secured item.- Returns:
- True if they are equivalent, false otherwise.
-