org.apache.jena.permissions.impl

Class SecuredItemImpl

java.lang.Object

org.apache.jena.permissions.impl.SecuredItemImpl

All Implemented Interfaces:

SecuredItem

Direct Known Subclasses:

SecuredGraphImpl, SecuredModelImpl, SecuredPrefixMappingImpl, SecuredRDFNodeImpl, SecuredStatementImpl

public abstract class SecuredItemImpl
extends Object
implements SecuredItem

An abstract implementation of SecuredItem that caches security checks.

Security checks are performed at multiple locations. This implementation ensures that during a single operation the specific check is only evaluated once by caching the result.

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.jena.permissions.SecuredItem

SecuredItem.Util

Field Summary

Fields

Modifier and Type	Field and Description
static ThreadLocal<org.apache.commons.collections4.map.LRUMap<org.apache.jena.permissions.impl.SecuredItemImpl.CacheKey,Boolean>>	CACHE
static ThreadLocal<Integer>	COUNT
static int	MAX_CACHE

Method Summary

Modifier and Type	Method and Description
boolean	canCreate()
boolean	canCreate(FrontsTriple frontsTriple) Return true if the fronted triple can be created.
boolean	canCreate(Triple triple) Return true if the triple can be created.
boolean	canDelete()
boolean	canDelete(FrontsTriple frontsTriple) Return true if the fronted triple can be deleted.
boolean	canDelete(Triple triple) Return true if the triple can be deleted.
boolean	canRead()
boolean	canRead(FrontsTriple frontsTriple) Return true if the fronted triple can be read.
boolean	canRead(Triple triple) Return true if the triple can be read.
boolean	canUpdate()
boolean	canUpdate(FrontsTriple from, FrontsTriple to) Return true if the fronted triple can be updated.
boolean	canUpdate(Triple f, Triple t) Return true if the triple can be updated.
static void	decrementUse() Decrement the number of instances of SecuredItem.
boolean	equals(Object o)
Object	getBaseItem()
String	getModelIRI()
Node	getModelNode() get the name of the model.
SecurityEvaluator	getSecurityEvaluator() The SecurityEvaluator implementation that is being used to determine access.
int	hashCode()
static void	incrementUse() Increment the number of instances of SecuredItem.
boolean	isEquivalent(SecuredItem securedItem) Return true if this secured item is equivalent to another secured item.
String	toString()

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Field Detail

MAX_CACHE

public static int MAX_CACHE

CACHE

public static final ThreadLocal<org.apache.commons.collections4.map.LRUMap<org.apache.jena.permissions.impl.SecuredItemImpl.CacheKey,Boolean>> CACHE

COUNT

public static final ThreadLocal<Integer> COUNT

Method Detail

decrementUse

public static void decrementUse()

Decrement the number of instances of SecuredItem.

incrementUse

public static void incrementUse()

Increment the number of instances of SecuredItem.

toString

public String toString()
                throws AuthenticationRequiredException

Overrides:

toString in class Object

Throws:

AuthenticationRequiredException

canCreate

public boolean canCreate()
                  throws AuthenticationRequiredException

Specified by:

canCreate in interface SecuredItem

Returns:

true if the securedModel allows items to be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canCreate

public boolean canCreate(Triple triple)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Specified by:

canCreate in interface SecuredItem

Parameters:

triple - The triple to check

Returns:

true if the triple can be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canCreate

public boolean canCreate(FrontsTriple frontsTriple)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the fronted triple can be created. See canRead(Triple t)

Specified by:

canCreate in interface SecuredItem

Parameters:

frontsTriple - The fronted triple to check

Returns:

true if the triple can be created.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

public boolean canDelete()
                  throws AuthenticationRequiredException

Specified by:

canDelete in interface SecuredItem

Returns:

true if the securedModel allows items to be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

public boolean canDelete(Triple triple)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Specified by:

canDelete in interface SecuredItem

Parameters:

triple - The triple to check

Returns:

true if the triple can be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canDelete

public boolean canDelete(FrontsTriple frontsTriple)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the fronted triple can be deleted. See canRead(Triple t)

Specified by:

canDelete in interface SecuredItem

Parameters:

frontsTriple - The fronted triple to check

Returns:

true if the triple can be deleted.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

public boolean canRead()
                throws AuthenticationRequiredException

Specified by:

canRead in interface SecuredItem

Returns:

true if the securedModel allows items to be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

public boolean canRead(Triple triple)
                throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.

Specified by:

canRead in interface SecuredItem

Parameters:

triple - The triple to check

Returns:

true if the triple can be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canRead

public boolean canRead(FrontsTriple frontsTriple)
                throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the fronted triple can be read.

Specified by:

canRead in interface SecuredItem

Parameters:

frontsTriple - The frontedtriple to check

Returns:

true if the triple can be read.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

public boolean canUpdate()
                  throws AuthenticationRequiredException

Specified by:

canUpdate in interface SecuredItem

Returns:

true if the securedModel allows items to be updated.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

public boolean canUpdate(Triple f,
                         Triple t)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)

Specified by:

canUpdate in interface SecuredItem

Parameters:

f - The triple that will be changed

t - The resulting triple.

Returns:

true if the from triple can be updated as the to triple.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

canUpdate

public boolean canUpdate(FrontsTriple from,
                         FrontsTriple to)
                  throws AuthenticationRequiredException

Description copied from interface: SecuredItem

Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)

Specified by:

canUpdate in interface SecuredItem

Parameters:

from - The fronted triple that will be changed

to - The resulting fronted triple.

Returns:

true if the from triple can be updated as the to triple.

Throws:

AuthenticationRequiredException - if user is not authenticated and is required to be.

equals

public boolean equals(Object o)

Specified by:

equals in interface SecuredItem

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

getBaseItem

public Object getBaseItem()

Specified by:

getBaseItem in interface SecuredItem

Returns:

the base item that is being secured.

getModelIRI

public String getModelIRI()

Specified by:

getModelIRI in interface SecuredItem

Returns:

The IRI of the securedModel that the item belongs to.

getModelNode

public Node getModelNode()

get the name of the model.

Specified by:

getModelNode in interface SecuredItem

Returns:

The node representation of the securedModel IRI.

getSecurityEvaluator

public SecurityEvaluator getSecurityEvaluator()

Description copied from interface: SecuredItem

The SecurityEvaluator implementation that is being used to determine access.

Specified by:

getSecurityEvaluator in interface SecuredItem

Returns:

The SecurityEvaluator implementation.

isEquivalent

public boolean isEquivalent(SecuredItem securedItem)

Description copied from interface: SecuredItem

Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent

Specified by:

isEquivalent in interface SecuredItem

Parameters:

securedItem - the other secured item.

Returns:

True if they are equivalent, false otherwise.