Package org.apache.jena.permissions.impl

Class SecuredItemImpl

java.lang.Object
org.apache.jena.permissions.impl.SecuredItemImpl
All Implemented Interfaces:
SecuredItem
Direct Known Subclasses:
SecuredGraphImpl, SecuredModelImpl, SecuredPrefixMappingImpl, SecuredRDFNodeImpl, SecuredStatementImpl
public abstract class SecuredItemImpl extends Object implements SecuredItem
An abstract implementation of SecuredItem that caches security checks.

Security checks are performed at multiple locations. This implementation ensures that during a single operation the specific check is only evaluated once by caching the result.

  • Field Details

  • Method Details

    • decrementUse

      public static void decrementUse()
      Decrement the number of instances of SecuredItem.

    • incrementUse

      public static void incrementUse()
      Increment the number of instances of SecuredItem.

    • toString

      public final String toString() throws AuthenticationRequiredException
      Return a string representation of the resource. Returns the URI of the resource unless the resource is anonymous in which case it returns the id of the resource enclosed in square brackets. If the user can not read the graph the toString() returns the hashcode in hex
      Overrides:
      toString in class Object
      Returns:
      Return a string representation of the resource.
      Throws:
      AuthenticationRequiredException

    • canCreate

      public boolean canCreate() throws AuthenticationRequiredException
      Specified by:
      canCreate in interface SecuredItem
      Returns:
      true if the securedModel allows items to be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canCreate

      public boolean canCreate(Triple triple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Specified by:
      canCreate in interface SecuredItem
      Parameters:
      triple - The triple to check
      Returns:
      true if the triple can be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canCreate

      public boolean canCreate(FrontsTriple frontsTriple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the fronted triple can be created. See canRead(Triple t)
      Specified by:
      canCreate in interface SecuredItem
      Parameters:
      frontsTriple - The fronted triple to check
      Returns:
      true if the triple can be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      public boolean canDelete() throws AuthenticationRequiredException
      Specified by:
      canDelete in interface SecuredItem
      Returns:
      true if the securedModel allows items to be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      public boolean canDelete(Triple triple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Specified by:
      canDelete in interface SecuredItem
      Parameters:
      triple - The triple to check
      Returns:
      true if the triple can be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      public boolean canDelete(FrontsTriple frontsTriple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the fronted triple can be deleted. See canRead(Triple t)
      Specified by:
      canDelete in interface SecuredItem
      Parameters:
      frontsTriple - The fronted triple to check
      Returns:
      true if the triple can be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      public boolean canRead() throws AuthenticationRequiredException
      Specified by:
      canRead in interface SecuredItem
      Returns:
      true if the securedModel allows items to be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      public boolean canRead(Triple triple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.
      Specified by:
      canRead in interface SecuredItem
      Parameters:
      triple - The triple to check
      Returns:
      true if the triple can be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      public boolean canRead(FrontsTriple frontsTriple) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the fronted triple can be read.
      Specified by:
      canRead in interface SecuredItem
      Parameters:
      frontsTriple - The frontedtriple to check
      Returns:
      true if the triple can be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      public boolean canUpdate() throws AuthenticationRequiredException
      Specified by:
      canUpdate in interface SecuredItem
      Returns:
      true if the securedModel allows items to be updated.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      public boolean canUpdate(Triple f, Triple t) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Specified by:
      canUpdate in interface SecuredItem
      Parameters:
      f - The triple that will be changed
      t - The resulting triple.
      Returns:
      true if the from triple can be updated as the to triple.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      public boolean canUpdate(FrontsTriple from, FrontsTriple to) throws AuthenticationRequiredException
      Description copied from interface: SecuredItem
      Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)
      Specified by:
      canUpdate in interface SecuredItem
      Parameters:
      from - The fronted triple that will be changed
      to - The resulting fronted triple.
      Returns:
      true if the from triple can be updated as the to triple.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • equals

      public boolean equals(Object o)
      Specified by:
      equals in interface SecuredItem
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • getBaseItem

      public Object getBaseItem()
      Specified by:
      getBaseItem in interface SecuredItem
      Returns:
      the base item that is being secured.

    • getModelIRI

      public String getModelIRI()
      Specified by:
      getModelIRI in interface SecuredItem
      Returns:
      The IRI of the securedModel that the item belongs to.

    • getModelNode

      public Node getModelNode()
      get the name of the model.
      Specified by:
      getModelNode in interface SecuredItem
      Returns:
      The node representation of the securedModel IRI.

    • getSecurityEvaluator

      public SecurityEvaluator getSecurityEvaluator()
      Description copied from interface: SecuredItem
      The SecurityEvaluator implementation that is being used to determine access.
      Specified by:
      getSecurityEvaluator in interface SecuredItem
      Returns:
      The SecurityEvaluator implementation.

    • isEquivalent

      public boolean isEquivalent(SecuredItem securedItem)
      Description copied from interface: SecuredItem
      Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent
      Specified by:
      isEquivalent in interface SecuredItem
      Parameters:
      securedItem - the other secured item.
      Returns:
      True if they are equivalent, false otherwise.