Interface SecurityControl.ScriptBuilder
- Enclosing interface:
- SecurityControl
Each method call on the builder adds a line to the script and then the
script may be built using the script
method which produces a String script which may be sent to the server
using updateStore
.
Such a builder may be created using the
scriptBuilder
method.
From Diffusion 6.5, script builders are no longer immutable. Each builder operation mutates this script builder and returns it.
-
Method Summary
Modifier and TypeMethodDescriptionAppend all the operations ofother
to this ScriptBuilder.deisolatePath
(String path) Re-instate inheritance of path permission assignments from parents of the given path.isolatePath
(String path) Set a path not to inherit path permissions from its parent paths or the default path permissions.removePathPermissions
(String role, String path) Removes any path permissions previously assigned to a particular path for a given role.script()
Create a script.setDefaultPathPermissions
(String role, Set<PathPermission> permissions) Sets the default path permissions to be assigned to a role.setGlobalPermissions
(String role, Set<GlobalPermission> permissions) Sets the global permissions to be assigned to a role.setPathPermissions
(String role, String path, Set<PathPermission> permissions) Sets specific path permissions to be assigned for a role for a path.setRoleIncludes
(String role, Set<String> includedRoles) Sets the roles that are to be included within a specified role.setRoleLockedByPrincipal
(String role, String lockingPrincipal) Restrict a role so it can only be edited by a specific principal.setRolesForAnonymousSessions
(Set<String> roles) Sets the roles to be assigned by default to all anonymous sessions.setRolesForNamedSessions
(Set<String> roles) Sets the roles to be assigned by default to all named sessions.
-
Method Details
-
setRolesForAnonymousSessions
Sets the roles to be assigned by default to all anonymous sessions.- Parameters:
roles
- the roles to be assigned to anonymous sessions. This may be empty which would mean that no roles are to be assigned by default to anonymous sessions.- Returns:
- this builder, modified to set the roles for anonymous sessions
-
setRolesForNamedSessions
Sets the roles to be assigned by default to all named sessions.- Parameters:
roles
- the roles to be assigned to all named sessions. This may be empty which would mean that no roles are to be assigned by default to named sessions.- Returns:
- this builder, modified to set the roles for named sessions
-
setGlobalPermissions
Sets the global permissions to be assigned to a role.- Parameters:
role
- the rolepermissions
- the global permissions to assign to the role. This set may be empty, in which case the role will be assigned no global permissions.- Returns:
- this builder, modified to set the global permissions for the role
-
setDefaultPathPermissions
SecurityControl.ScriptBuilder setDefaultPathPermissions(String role, Set<PathPermission> permissions) Sets the default path permissions to be assigned to a role.The role will have the given permissions for all paths unless specifically overridden by path-scoped assignments.
- Parameters:
role
- the rolepermissions
- the default permissions to assigned to the role. This may be empty, in which case the role will be assigned no default path permissions.- Returns:
- this builder, modified to set the default path permissions for the role
-
setPathPermissions
SecurityControl.ScriptBuilder setPathPermissions(String role, String path, Set<PathPermission> permissions) Sets specific path permissions to be assigned for a role for a path.- Parameters:
role
- the rolepath
- specifies the point in the path hierarchy at which the permissions are to be applied for the rolepermissions
- the permissions to assign to the role for the path. This may be empty, in which case the role will have no permissions to the specified path, which is different from not having a permission assignment for the path (seeremovePathPermissions(String, String)
).- Returns:
- this builder, modified to set the path permissions for the role at the given path in the path hierarchy
-
isolatePath
Set a path not to inherit path permissions from its parent paths or the default path permissions.By default, a path without specific
path permission assignments
inherits the permission assignments from the first parent path that has them. If neither the path nor any of its parent paths have permission assignments, thedefault path permissions are used
.- Parameters:
path
- the path- Returns:
- this builder, modified to isolates the given path in the path hierarchy
- Since:
- 6.5
-
deisolatePath
Re-instate inheritance of path permission assignments from parents of the given path.- Parameters:
path
- the path- Returns:
- this builder, modified to re-instates the inheritance of path permission assignments from parents of the given path
- Since:
- 6.5
- See Also:
-
removePathPermissions
Removes any path permissions previously assigned to a particular path for a given role.This is different from setting no path permissions for the path and role. By removing permissions set for a particular branch of the path hierarchy, the permissions become inherited from assignments made against parent paths in the hierarchy or from the default path permissions.
- Parameters:
role
- the role from which to remove path permissionspath
- the path for which permissions are to be removed- Returns:
- this builder, modified to removes the path permissions for the role at the given point in the path hierarchy
-
setRoleIncludes
Sets the roles that are to be included within a specified role.- Parameters:
role
- the roleincludedRoles
- the roles to include. This may be empty, which would mean that the given role should not include any other roles.- Returns:
- this builder, modified to set the given role relationship
-
setRoleLockedByPrincipal
Restrict a role so it can only be edited by a specific principal.- Parameters:
role
- the rolelockingPrincipal
- the locking principal- Returns:
- this builder, modified to locks a role to a single principal that can edit it
-
append
Append all the operations ofother
to this ScriptBuilder.- Returns:
- a combined script builder
- Since:
- 6.0
-
script
String script()Create a script.- Returns:
- the script
-