com.pushtechnology.diffusion.client.features.control.clients

Interface SecurityControl.ScriptBuilder

Enclosing interface:

SecurityControl

public static interface SecurityControl.ScriptBuilder

A script builder may be used to create a script of commands to apply to the security store at the server.

Each method call on the builder adds a line to the script and then the script may be built using the script method which produces a String script which may be sent to the server using updateStore.

Such a builder may be created using the scriptBuilder method.

From Diffusion 6.5, script builders are no longer immutable. Each builder operation mutates this script builder and returns it.

Method Summary

Modifier and Type	Method and Description
SecurityControl.ScriptBuilder	append(SecurityControl.ScriptBuilder other) Append all the operations of other to this ScriptBuilder.
SecurityControl.ScriptBuilder	deisolatePath(String path) Re-instate inheritance of path permission assignments from parents of the given path.
SecurityControl.ScriptBuilder	isolatePath(String path) Set a path not to inherit path permissions from its parent paths or the default path permissions.
SecurityControl.ScriptBuilder	removePathPermissions(String role, String path) Removes any path permissions previously assigned to a particular path for a given role.
String	script() Create a script.
SecurityControl.ScriptBuilder	setDefaultPathPermissions(String role, Set<PathPermission> permissions) Sets the default path permissions to be assigned to a role.
SecurityControl.ScriptBuilder	setGlobalPermissions(String role, Set<GlobalPermission> permissions) Sets the global permissions to be assigned to a role.
SecurityControl.ScriptBuilder	setPathPermissions(String role, String path, Set<PathPermission> permissions) Sets specific path permissions to be assigned for a role for a path.
SecurityControl.ScriptBuilder	setRoleIncludes(String role, Set<String> includedRoles) Sets the roles that are to be included within a specified role.
SecurityControl.ScriptBuilder	setRoleLockedByPrincipal(String role, String lockingPrincipal) Restrict a role so it can only be edited by a specific principal.
SecurityControl.ScriptBuilder	setRolesForAnonymousSessions(Set<String> roles) Sets the roles to be assigned by default to all anonymous sessions.
SecurityControl.ScriptBuilder	setRolesForNamedSessions(Set<String> roles) Sets the roles to be assigned by default to all named sessions.

Method Detail

setRolesForAnonymousSessions

SecurityControl.ScriptBuilder setRolesForAnonymousSessions(Set<String> roles)

Sets the roles to be assigned by default to all anonymous sessions.

Parameters:

roles - the roles to be assigned to anonymous sessions. This may be empty which would mean that no roles are to be assigned by default to anonymous sessions.

Returns:

this builder, modified to set the roles for anonymous sessions

setRolesForNamedSessions

SecurityControl.ScriptBuilder setRolesForNamedSessions(Set<String> roles)

Sets the roles to be assigned by default to all named sessions.

Parameters:

roles - the roles to be assigned to all named sessions. This may be empty which would mean that no roles are to be assigned by default to named sessions.

Returns:

this builder, modified to set the roles for named sessions

setGlobalPermissions

SecurityControl.ScriptBuilder setGlobalPermissions(String role,
                                                   Set<GlobalPermission> permissions)

Sets the global permissions to be assigned to a role.

Parameters:

role - the role

permissions - the global permissions to assign to the role. This set may be empty, in which case the role will be assigned no global permissions.

Returns:

this builder, modified to set the global permissions for the role

setDefaultPathPermissions

SecurityControl.ScriptBuilder setDefaultPathPermissions(String role,
                                                        Set<PathPermission> permissions)

Sets the default path permissions to be assigned to a role.

The role will have the given permissions for all paths unless specifically overridden by path-scoped assignments.

Parameters:

role - the role

permissions - the default permissions to assigned to the role. This may be empty, in which case the role will be assigned no default path permissions.

Returns:

this builder, modified to set the default path permissions for the role

setPathPermissions

SecurityControl.ScriptBuilder setPathPermissions(String role,
                                                 String path,
                                                 Set<PathPermission> permissions)

Sets specific path permissions to be assigned for a role for a path.

Parameters:

role - the role

path - specifies the point in the path hierarchy at which the permissions are to be applied for the role

permissions - the permissions to assign to the role for the path. This may be empty, in which case the role will have no permissions to the specified path, which is different from not having a permission assignment for the path (see removePathPermissions(String, String)).

Returns:

this builder, modified to set the path permissions for the role at the given path in the path hierarchy

isolatePath

SecurityControl.ScriptBuilder isolatePath(String path)

Set a path not to inherit path permissions from its parent paths or the default path permissions.

By default, a path without specific path permission assignments inherits the permission assignments from the first parent path that has them. If neither the path nor any of its parent paths have permission assignments, the default path permissions are used.

Parameters:

path - the path

Returns:

this builder, modified to isolates the given path in the path hierarchy

Since:

6.5

deisolatePath

SecurityControl.ScriptBuilder deisolatePath(String path)

Re-instate inheritance of path permission assignments from parents of the given path.

Parameters:

path - the path

Returns:

this builder, modified to re-instates the inheritance of path permission assignments from parents of the given path

Since:

6.5

See Also:

isolatePath(String)

removePathPermissions

SecurityControl.ScriptBuilder removePathPermissions(String role,
                                                    String path)

Removes any path permissions previously assigned to a particular path for a given role.

This is different from setting no path permissions for the path and role. By removing permissions set for a particular branch of the path hierarchy, the permissions become inherited from assignments made against parent paths in the hierarchy or from the default path permissions.

Parameters:

role - the role from which to remove path permissions

path - the path for which permissions are to be removed

Returns:

this builder, modified to removes the path permissions for the role at the given point in the path hierarchy

setRoleIncludes

SecurityControl.ScriptBuilder setRoleIncludes(String role,
                                              Set<String> includedRoles)

Sets the roles that are to be included within a specified role.

Parameters:

role - the role

includedRoles - the roles to include. This may be empty, which would mean that the given role should not include any other roles.

Returns:

this builder, modified to set the given role relationship

setRoleLockedByPrincipal

SecurityControl.ScriptBuilder setRoleLockedByPrincipal(String role,
                                                       String lockingPrincipal)

Restrict a role so it can only be edited by a specific principal.

Parameters:

role - the role

lockingPrincipal - the locking principal

Returns:

this builder, modified to locks a role to a single principal that can edit it

append

SecurityControl.ScriptBuilder append(SecurityControl.ScriptBuilder other)

Append all the operations of other to this ScriptBuilder.

Returns:

a combined script builder

Since:

6.0

script

String script()

Create a script.

Returns:

the script