|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.microsoft.tfs.core.clients.security.SecurityNamespace
public abstract class SecurityNamespace
Class for managing and enforcing security for a set of AccessControlListDetailss.
Constructor Summary | |
---|---|
SecurityNamespace()
|
Method Summary | |
---|---|
abstract SecurityNamespaceDescription |
getDescription()
|
abstract boolean[] |
hasPermission(java.lang.String[] tokens,
IdentityDescriptor descriptor,
int requestedPermissions,
boolean alwaysAllowAdministrators)
Determines whether or not the supplied descriptor has the requested permissions for the given tokens |
abstract boolean[] |
hasPermission(java.lang.String token,
IdentityDescriptor[] descriptors,
int requestedPermissions,
boolean alwaysAllowAdministrators)
Determines whether or not the supplied descriptor have the requested permissions for the given token. |
abstract boolean[] |
hasPermission(java.lang.String token,
IdentityDescriptor descriptor,
int[] requestedPermissions,
boolean alwaysAllowAdministrators)
Determines whether or not the supplied descriptor has the requested permissions for the given token. |
abstract boolean |
hasPermission(java.lang.String token,
IdentityDescriptor descriptor,
int requestedPermissions,
boolean alwaysAllowAdministrators)
Determines whether or not the supplied descriptor has the requested permissions for the given token. |
abstract boolean |
hasWritePermission(java.lang.String token,
int permissionsToChange)
Determines whether or not the current authorized user has permission to change the permissions in permissionsToChange. |
abstract boolean[] |
hasWritePermission(java.lang.String token,
int[] permissionsToChange)
Determines whether or not the current authorized user has permission to write the permissions in permissionsToChange. |
abstract AccessControlListDetails |
queryAccessControlList(java.lang.String token,
IdentityDescriptor[] descriptors,
boolean includeExtendedInfo)
In all cases: This method will query the AccessControlListDetails for the token specified. |
abstract AccessControlListDetails[] |
queryAccessControlLists(java.lang.String token,
IdentityDescriptor[] descriptors,
boolean includeExtendedInfo,
boolean recurse)
In all cases: This method will query the AccessControlListDetails for the token specified. |
abstract int |
queryEffectivePermissions(java.lang.String token,
IdentityDescriptor descriptor)
Returns the effective allowed permissions for the given descriptor. |
abstract boolean |
removeAccessControlEntries(java.lang.String token,
IdentityDescriptor[] descriptors)
Removes all of the AccessControlEntries for the given descriptors that exist on the AccessControlListDetails that is associated with the provided token. |
abstract boolean |
removeAccessControlEntry(java.lang.String token,
IdentityDescriptor descriptor)
Removes the AccessControlEntryDetails for the given descriptor that exists on the AccessControlListDetails that is associated with the provided token. |
abstract boolean |
removeAccessControlLists(java.lang.String[] tokens,
boolean recurse)
Removes the AccessControlListDetails for the specified tokens. |
abstract boolean |
removeAccessControlLists(java.lang.String token,
boolean recurse)
Removes the AccessControlListDetails for the specified token. |
abstract AccessControlEntryDetails |
removePermissions(java.lang.String token,
IdentityDescriptor descriptor,
int permissionsToRemove)
Removes the specified permission bits from the existing allows and denys for this descriptor. |
abstract AccessControlEntryDetails[] |
setAccessControlEntries(java.lang.String token,
AccessControlEntryDetails[] accessControlEntries,
boolean merge)
Sets the provided AccessControlEntries in this SecurityNamespace. |
abstract AccessControlEntryDetails |
setAccessControlEntry(java.lang.String token,
AccessControlEntryDetails AccessControlEntryDetails,
boolean merge)
Sets the provided AccessControlEntryDetails in this SecurityNamespace. |
abstract void |
setAccessControlList(AccessControlListDetails AccessControlListDetails)
Sets the AccessControlListDetails specified in the SecurityNamespace. |
abstract void |
setAccessControlLists(AccessControlListDetails[] AccessControlListDetailss)
Sets the AccessControlListDetailss specified in the SecurityNamespace. |
abstract void |
setInheritFlag(java.lang.String token,
boolean inherit)
Sets whether or not an AccessControlListDetails should inherit permissions from its parents. |
abstract AccessControlEntryDetails |
setPermissions(java.lang.String token,
IdentityDescriptor descriptor,
int allow,
int deny,
boolean merge)
Sets a permission for the descriptor in this SecurityNamespace. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SecurityNamespace()
Method Detail |
---|
public abstract SecurityNamespaceDescription getDescription()
public abstract boolean hasPermission(java.lang.String token, IdentityDescriptor descriptor, int requestedPermissions, boolean alwaysAllowAdministrators)
token
- The security token to perform the check ondescriptor
- The descriptor to perform the security check forrequestedPermissions
- The permissions being requestedalwaysAllowAdministrators
- True if administrators should always be gratned these permissions
public abstract boolean[] hasPermission(java.lang.String[] tokens, IdentityDescriptor descriptor, int requestedPermissions, boolean alwaysAllowAdministrators)
tokens
- The security tokens to perform the check ondescriptor
- The descriptor to perform the security check forrequestedPermissions
- The permissions being requestedalwaysAllowAdministrators
- The permissions being requested
public abstract boolean[] hasPermission(java.lang.String token, IdentityDescriptor[] descriptors, int requestedPermissions, boolean alwaysAllowAdministrators)
token
- The security token to perform the check ondescriptor
- The descriptor to perform the security check forrequestedPermissions
- The permissions being requestedalwaysAllowAdministrators
- The permissions being requested
public abstract boolean[] hasPermission(java.lang.String token, IdentityDescriptor descriptor, int[] requestedPermissions, boolean alwaysAllowAdministrators)
token
- The security token to perform the check on.descriptor
- The descriptor to perform the security check for.requestedPermissions
- The permissions being requested.alwaysAllowAdministrators
- True if administrators should always be gratned these permissions.
public abstract boolean hasWritePermission(java.lang.String token, int permissionsToChange)
token
- The token to check write permissions on.permissionsToChange
- The permission bits that the authorized user may want to change.
public abstract boolean[] hasWritePermission(java.lang.String token, int[] permissionsToChange)
token
- The token to check write permissions on.permissionsToChange
- The permission bits that the authorized user may want to change.
public abstract boolean removeAccessControlLists(java.lang.String token, boolean recurse)
token
- The token whose AccessControlListDetails is to be removed from
this SecurityNamespace.recurse
- True if all of the children below the provided token should also
be removed.
public abstract boolean removeAccessControlLists(java.lang.String[] tokens, boolean recurse)
tokens
- The tokens whose AccessControlListDetailss are to be removed from
this SecurityNamespace.recurse
- True if all of the children below the provided tokens should also
be removed.
public abstract boolean removeAccessControlEntries(java.lang.String token, IdentityDescriptor[] descriptors)
token
- The token for the AccessControlListDetails on which to remove the
AccessControlEntries.descriptors
- Descriptors for the identities that should have their
AccessControlEntryDetails removed.
public abstract boolean removeAccessControlEntry(java.lang.String token, IdentityDescriptor descriptor)
token
- The token for the AccessControlListDetails on which to remove the
AccessControlEntryDetails.descriptor
- Descriptor for the identity that should have its
AccessControlEntryDetails removed.
public abstract AccessControlEntryDetails removePermissions(java.lang.String token, IdentityDescriptor descriptor, int permissionsToRemove)
token
- The token for the AccessControlListDetails to remove the
permissions from.descriptor
- The descriptor to remove the permissions for.permissionsToRemove
- The permission bits to remove.
public abstract AccessControlEntryDetails setPermissions(java.lang.String token, IdentityDescriptor descriptor, int allow, int deny, boolean merge)
token
- The token for the AccessControlListDetails to set the permissions
on.descriptor
- The descriptor to set the permissions for.allow
- The allowed permissions to set.deny
- The denied permissions to set.merge
- If merge is true and a preexisting AccessControlEntryDetails for
the descriptor is found the two permissions will be merged. When
merging permissions, if there is a conflict, the new permissions
will take precedence over the old permissions. If merge is false
and a preexisting AccessControlEntryDetails for the descriptor is
found it will be dropped and the passed in permissions will be the
only permissions that remain for this descriptor on this
AccessControlListDetails.
public abstract AccessControlEntryDetails setAccessControlEntry(java.lang.String token, AccessControlEntryDetails AccessControlEntryDetails, boolean merge)
token
- The token for the AccessControlListDetails to set the permissions
on.AccessControlEntryDetails
- The AccessControlEntryDetails to set in the SecurityNamespace.merge
- If merge is true and a preexisting AccessControlEntryDetails for
the descriptor is found the two permissions will be merged. When
merging permissions, if there is a conflict, the new permissions
will take precedence over the old permissions. If merge is false
and a preexisting AccessControlEntryDetails for the descriptor is
found it will be dropped and the passed in permissions will be the
only permissions that remain for this descriptor on this
AccessControlListDetails.
public abstract AccessControlEntryDetails[] setAccessControlEntries(java.lang.String token, AccessControlEntryDetails[] accessControlEntries, boolean merge)
token
- The token for the AccessControlListDetails to set the
AccessControlEntryDetails on.accessControlEntries
- The AccessControlEntries to set in the SecurityNamespace.merge
- If merge is true and a preexisting AccessControlEntryDetails for
the descriptor is found the two AccessControlEntries will be
merged. When merging AccessControlEntries, if there is a conflict
in permissions, the new permissions will take precedence over the
old permissions. If merge is false and a preexisting
AccessControlEntryDetails for the descriptor is found it will be
dropped and the passed in AccessControlEntryDetails will be the
only AccessControlEntryDetails that remain for this descriptor on
this AccessControlListDetails.
public abstract void setAccessControlList(AccessControlListDetails AccessControlListDetails)
AccessControlListDetails
- The AccessControlListDetails to set in the SecurityNamespace.public abstract void setAccessControlLists(AccessControlListDetails[] AccessControlListDetailss)
AccessControlListDetailss
- The AccessControlListDetailss to set in the SecurityNamespace.public abstract AccessControlListDetails[] queryAccessControlLists(java.lang.String token, IdentityDescriptor[] descriptors, boolean includeExtendedInfo, boolean recurse)
token
- The token for the AccessControlListDetails to query permissions
for.descriptors
- The descriptors that are to have permission information retrieved
about. If this is left null, all descriptors will be considered.includeExtendedInfo
- If includeExtendedInfo is false: All of the ExtendedInfo
properties for the returned AccessControlEntryDetails objects will
be null. If includeExtendedInfo is true: All of the ExtendedInfo
properties for the returned AccessControlEntryDetails objects will
contain references to valid AceExtendedInformation objects. If the
descriptors parameter is null, this function will return
AccessControlEntries for all descriptors that have explicit or
inherited permissions on them.recurse
- If recurse is true and this is a hierarchical namespace:
Information about the tokens that exist below the specified token
passed in the SecurityNamespace will be returned as well.
public abstract AccessControlListDetails queryAccessControlList(java.lang.String token, IdentityDescriptor[] descriptors, boolean includeExtendedInfo)
token
- The token for the AccessControlListDetails to query permissions
for.descriptors
- The descriptors that are to have permission information retrieved
about. If this is left null, all descriptors will be considered.includeExtendedInfo
- If includeExtendedInfo is false: All of the ExtendedInfo
properties for the returned AccessControlEntryDetails objects will
be null. If includeExtendedInfo is true: All of the ExtendedInfo
properties for the returned AccessControlEntryDetails objects will
contain references to valid AceExtendedInformation objects. If the
descriptors parameter is null, this function will return
AccessControlEntries for all descriptors that have explicit or
inherited permissions on them.
public abstract int queryEffectivePermissions(java.lang.String token, IdentityDescriptor descriptor)
token
- The token for the AccessControlListDetails we are querying
permissions on.descriptor
- The descriptor to query permissions for.
public abstract void setInheritFlag(java.lang.String token, boolean inherit)
token
- The token for the AccessControlListDetails to set the inherit flag
on.inherit
- True if it should inherit permissions.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |