com.microsoft.tfs.core.clients.security
Class AccessControlList

java.lang.Object
  extended by com.microsoft.tfs.core.internal.wrappers.WebServiceObjectWrapper
      extended by com.microsoft.tfs.core.clients.security.AccessControlList
Direct Known Subclasses:
AccessControlListDetails

public class AccessControlList
extends com.microsoft.tfs.core.internal.wrappers.WebServiceObjectWrapper

The AccessControlList class is meant to associate a set of AccessControlEntries with a security token and its inheritance settings. It is important to note that the AccessControlList class does not talk to a web service when its methods are called. It provides a staging area for changes to the AccessControlEntries for a secured token. Once changes are made to an AccessControlList it can be saved to the web service by passing it into a SecurityNamespace.


Field Summary
 
Fields inherited from class com.microsoft.tfs.core.internal.wrappers.WebServiceObjectWrapper
webServiceObject
 
Constructor Summary
AccessControlList(ms.ws._AccessControlList webServiceObject)
           
AccessControlList()
           
AccessControlList(AccessControlList existingList)
           Builds an instance of an AccessControlList
AccessControlList(java.lang.String token, boolean inherit)
           Creates a new AccessControlList
AccessControlList(java.lang.String token, boolean inherit, AccessControlEntryDetails[] accessControlEntries)
           Builds an instance of an AccessControlList
 
Method Summary
 AccessControlEntryDetails[] getAccessControlEntries()
          The list of AccessControlEntries that apply to this AccessControlList.
 java.lang.String getToken()
           
 ms.ws._AccessControlList getWebServiceObject()
          Gets the web service object this class wraps.
 boolean isIncludeExtendedInfoForAces()
           
 boolean isInheritPermissions()
           
 void loadAce(AccessControlEntryDetails ace)
           
 AccessControlEntryDetails[] queryAccessControlEntries(IdentityDescriptor[] descriptors)
           Returns the AccessControlEntries for the descriptors provided.
 AccessControlEntryDetails queryAccessControlEntry(IdentityDescriptor descriptor)
           Returns the AccessControlEntry for the descriptor provided.
 boolean removeAccessControlEntry(IdentityDescriptor descriptor)
           Removes the AccessControlEntry from this AccessControlList that applies to the given descriptor.
 AccessControlEntry removePermissions(IdentityDescriptor descriptor, int permissionsToRemove)
           Removes the specified permission bits from the existing allows and denys for this descriptor.
 AccessControlEntryDetails[] setAccessControlEntries(AccessControlEntryDetails[] accessControlEntryDetailsList, boolean merge)
           Sets the provided AccessControlEntry in this AccessControlList.
 AccessControlEntryDetails setAccessControlEntry(AccessControlEntryDetails accessControlEntry, boolean merge)
           Sets the provided AccessControlEntry in this AccessControlList.
 void setIncludeExtendedInfoForAces(boolean value)
           
 void setInheritPermissions(boolean value)
           
 AccessControlEntryDetails setPermissions(IdentityDescriptor descriptor, int allow, int deny, java.lang.Boolean merge)
           Sets a permission for the descriptor on this AccessControlList.
 void setToken(java.lang.String token)
           
 
Methods inherited from class com.microsoft.tfs.core.internal.wrappers.WebServiceObjectWrapper
equals, hashCode, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AccessControlList

public AccessControlList()

AccessControlList

public AccessControlList(ms.ws._AccessControlList webServiceObject)

AccessControlList

public AccessControlList(java.lang.String token,
                         boolean inherit)

Creates a new AccessControlList

Parameters:
token - The token that this AccessControlList is for.
inherit - True if this AccessControlList should inherit permissions from its parents.

AccessControlList

public AccessControlList(java.lang.String token,
                         boolean inherit,
                         AccessControlEntryDetails[] accessControlEntries)

Builds an instance of an AccessControlList

Parameters:
token - The token that this AccessControlList is for.
inherit - True if this AccessControlList should inherit permissions from its parents.
accessControlEntries - The list of AccessControlEntries that apply to this AccessControlList.

AccessControlList

public AccessControlList(AccessControlList existingList)

Builds an instance of an AccessControlList

Parameters:
existingList - The AccessControlList to take its data from.
Method Detail

getWebServiceObject

public ms.ws._AccessControlList getWebServiceObject()
Gets the web service object this class wraps. The returned object should not be modified.

Returns:
the web service object this class wraps.

isInheritPermissions

public boolean isInheritPermissions()
Returns:
True if this AccessControlList inherits permissions from parents.

setInheritPermissions

public void setInheritPermissions(boolean value)

getToken

public java.lang.String getToken()
Returns:
The token that this AccessControlList is for.

setToken

public void setToken(java.lang.String token)

getAccessControlEntries

public AccessControlEntryDetails[] getAccessControlEntries()
The list of AccessControlEntries that apply to this AccessControlList.


removePermissions

public AccessControlEntry removePermissions(IdentityDescriptor descriptor,
                                            int permissionsToRemove)

Removes the specified permission bits from the existing allows and denys for this descriptor. If the descriptor is not found, nothing is done and an empty AccessControlEntry is returned.

Parameters:
descriptor - The descriptor to remove the permissions from.
permissionsToRemove - The permission bits to remove.
Returns:
The updated AccessControlEntry with the permissions removed.

removeAccessControlEntry

public boolean removeAccessControlEntry(IdentityDescriptor descriptor)

Removes the AccessControlEntry from this AccessControlList that applies to the given descriptor.

Parameters:
descriptor - The descriptor for for the AccessControlEntry to remove.
Returns:
True if something was removed.

setPermissions

public AccessControlEntryDetails setPermissions(IdentityDescriptor descriptor,
                                                int allow,
                                                int deny,
                                                java.lang.Boolean merge)

Sets a permission for the descriptor on this AccessControlList.

Parameters:
descriptor - The descriptor to set the permissions for.
allow - The allowed permissions to set.
deny - The denied permissions to set.
merge - If merge is true and a preexisting AccessControlEntry for the descriptor is found the two AccessControlEntries will be merged. When merging permissions in AccessControlEntries, if there is a conflict, the new permissions will take precedence over the old permissions. If merge is false and a preexisting AccessControlEntry for the descriptor is found it will be dropped and the passed in AccessControlEntry will be the only AccessControlEntry that remains for this descriptor on this AccessControlList.
Returns:
The new or updated AccessControlEnty that was set in the AccessControlList.

setAccessControlEntry

public AccessControlEntryDetails setAccessControlEntry(AccessControlEntryDetails accessControlEntry,
                                                       boolean merge)

Sets the provided AccessControlEntry in this AccessControlList.

Parameters:
accessControlEntry - The AccessControlEntry to set in the AccessControlList.
merge - If merge is true and a preexisting AccessControlEntry for the descriptor is found the two AccessControlEntries will be merged. When merging permissions in AccessControlEntries, if there is a conflict, the new permissions will take precedence over the old permissions. If merge is false and a preexisting AccessControlEntry for the descriptor is found it will be dropped and the passed in AccessControlEntry will be the only AccessControlEntry that remains for this descriptor on this AccessControlList.
Returns:
The new or updated AccessControlEntry that was set in the AccessControlList.

setAccessControlEntries

public AccessControlEntryDetails[] setAccessControlEntries(AccessControlEntryDetails[] accessControlEntryDetailsList,
                                                           boolean merge)

Sets the provided AccessControlEntry in this AccessControlList.

Parameters:
accessControlEntryDetailsList - The AccessControlEntries to set in the SecurityNamespace.
merge - If merge is true and a preexisting AccessControlEntry for the descriptor is found the two AccessControlEntries will be merged. When merging permissions in AccessControlEntries, if there is a conflict, the new permissions will take precedence over the old permissions. If merge is false and a preexisting AccessControlEntry for the descriptor is found it will be dropped and the passed in AccessControlEntry will be the only AccessControlEntry that remains for this descriptor on this AccessControlList.
Returns:
The new or updated permissions that were set in the AccessControlList.

queryAccessControlEntry

public AccessControlEntryDetails queryAccessControlEntry(IdentityDescriptor descriptor)

Returns the AccessControlEntry for the descriptor provided. If no AccessControlEntry exists for the provided descriptor in this AccessControlList then an empty AccessControlEntry will be returned.

Parameters:
descriptor - The descriptor to query the AccessControlEntry for. This cannot be null.
Returns:
The AccessControlEntry for the descriptor provided. If no AccessControlEntry exists for the provided descriptor in this AccessControlList then an empty AccessControlEntry will be returned.

queryAccessControlEntries

public AccessControlEntryDetails[] queryAccessControlEntries(IdentityDescriptor[] descriptors)

Returns the AccessControlEntries for the descriptors provided.

Parameters:
descriptors - The descriptors to query AccessControlEntries for. If null is passed in for this, AccessControlEntries for all descriptors will be returned.
Returns:
The AccessControlEntries for the descriptors provided. If no AccessControlEntry exists for a given descriptor in this AccessControlList then an empty AccessControlEntry will be returned. The AccessControlEntries are retuned in the same order that the descriptors are passed in.

loadAce

public void loadAce(AccessControlEntryDetails ace)

isIncludeExtendedInfoForAces

public boolean isIncludeExtendedInfoForAces()

setIncludeExtendedInfoForAces

public void setIncludeExtendedInfoForAces(boolean value)


© 2015 Microsoft. All rights reserved.