Package org.apache.jena.permissions.impl
Class SecuredItemImpl
java.lang.Object
org.apache.jena.permissions.impl.SecuredItemImpl
- All Implemented Interfaces:
SecuredItem
- Direct Known Subclasses:
SecuredGraphImpl
,SecuredModelImpl
,SecuredPrefixMappingImpl
,SecuredRDFNodeImpl
,SecuredStatementImpl
An abstract implementation of SecuredItem that caches security checks.
Security checks are performed at multiple locations. This implementation ensures that during a single operation the specific check is only evaluated once by caching the result.
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.apache.jena.permissions.SecuredItem
SecuredItem.Util
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final ThreadLocal<org.apache.commons.collections4.map.LRUMap<org.apache.jena.permissions.impl.SecuredItemImpl.CacheKey,
Boolean>> static final ThreadLocal<Integer>
static int
-
Method Summary
Modifier and TypeMethodDescriptionboolean
boolean
canCreate
(FrontsTriple frontsTriple) Return true if the fronted triple can be created.boolean
Return true if the triple can be created.boolean
boolean
canDelete
(FrontsTriple frontsTriple) Return true if the fronted triple can be deleted.boolean
Return true if the triple can be deleted.boolean
canRead()
boolean
canRead
(FrontsTriple frontsTriple) Return true if the fronted triple can be read.boolean
Return true if the triple can be read.boolean
boolean
canUpdate
(FrontsTriple from, FrontsTriple to) Return true if the fronted triple can be updated.boolean
Return true if the triple can be updated.static void
Decrement the number of instances of SecuredItem.boolean
get the name of the model.The SecurityEvaluator implementation that is being used to determine access.int
hashCode()
static void
Increment the number of instances of SecuredItem.boolean
isEquivalent
(SecuredItem securedItem) Return true if this secured item is equivalent to another secured item.final String
toString()
Return a string representation of the resource.
-
Field Details
-
MAX_CACHE
public static int MAX_CACHE -
CACHE
public static final ThreadLocal<org.apache.commons.collections4.map.LRUMap<org.apache.jena.permissions.impl.SecuredItemImpl.CacheKey,Boolean>> CACHE -
COUNT
-
-
Method Details
-
decrementUse
public static void decrementUse()Decrement the number of instances of SecuredItem. -
incrementUse
public static void incrementUse()Increment the number of instances of SecuredItem. -
toString
Return a string representation of the resource. Returns the URI of the resource unless the resource is anonymous in which case it returns the id of the resource enclosed in square brackets. If the user can not read the graph the toString() returns the hashcode in hex- Overrides:
toString
in classObject
- Returns:
- Return a string representation of the resource.
- Throws:
AuthenticationRequiredException
-
canCreate
- Specified by:
canCreate
in interfaceSecuredItem
- Returns:
- true if the securedModel allows items to be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canCreate
Description copied from interface:SecuredItem
Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Specified by:
canCreate
in interfaceSecuredItem
- Parameters:
triple
- The triple to check- Returns:
- true if the triple can be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canCreate
Description copied from interface:SecuredItem
Return true if the fronted triple can be created. See canRead(Triple t)- Specified by:
canCreate
in interfaceSecuredItem
- Parameters:
frontsTriple
- The fronted triple to check- Returns:
- true if the triple can be created.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
- Specified by:
canDelete
in interfaceSecuredItem
- Returns:
- true if the securedModel allows items to be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
Description copied from interface:SecuredItem
Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Specified by:
canDelete
in interfaceSecuredItem
- Parameters:
triple
- The triple to check- Returns:
- true if the triple can be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canDelete
Description copied from interface:SecuredItem
Return true if the fronted triple can be deleted. See canRead(Triple t)- Specified by:
canDelete
in interfaceSecuredItem
- Parameters:
frontsTriple
- The fronted triple to check- Returns:
- true if the triple can be deleted.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
- Specified by:
canRead
in interfaceSecuredItem
- Returns:
- true if the securedModel allows items to be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
Description copied from interface:SecuredItem
Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.- Specified by:
canRead
in interfaceSecuredItem
- Parameters:
triple
- The triple to check- Returns:
- true if the triple can be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canRead
Description copied from interface:SecuredItem
Return true if the fronted triple can be read.- Specified by:
canRead
in interfaceSecuredItem
- Parameters:
frontsTriple
- The frontedtriple to check- Returns:
- true if the triple can be read.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
- Specified by:
canUpdate
in interfaceSecuredItem
- Returns:
- true if the securedModel allows items to be updated.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
Description copied from interface:SecuredItem
Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)- Specified by:
canUpdate
in interfaceSecuredItem
- Parameters:
f
- The triple that will be changedt
- The resulting triple.- Returns:
- true if the from triple can be updated as the to triple.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
canUpdate
Description copied from interface:SecuredItem
Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)- Specified by:
canUpdate
in interfaceSecuredItem
- Parameters:
from
- The fronted triple that will be changedto
- The resulting fronted triple.- Returns:
- true if the from triple can be updated as the to triple.
- Throws:
AuthenticationRequiredException
- if user is not authenticated and is required to be.
-
equals
- Specified by:
equals
in interfaceSecuredItem
- Overrides:
equals
in classObject
-
hashCode
public int hashCode() -
getBaseItem
- Specified by:
getBaseItem
in interfaceSecuredItem
- Returns:
- the base item that is being secured.
-
getModelIRI
- Specified by:
getModelIRI
in interfaceSecuredItem
- Returns:
- The IRI of the securedModel that the item belongs to.
-
getModelNode
get the name of the model.- Specified by:
getModelNode
in interfaceSecuredItem
- Returns:
- The node representation of the securedModel IRI.
-
getSecurityEvaluator
Description copied from interface:SecuredItem
The SecurityEvaluator implementation that is being used to determine access.- Specified by:
getSecurityEvaluator
in interfaceSecuredItem
- Returns:
- The SecurityEvaluator implementation.
-
isEquivalent
Description copied from interface:SecuredItem
Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent- Specified by:
isEquivalent
in interfaceSecuredItem
- Parameters:
securedItem
- the other secured item.- Returns:
- True if they are equivalent, false otherwise.
-