Package org.apache.sling.jcr.jackrabbit.accessmanager.post

Class GetEffectiveAclServlet

java.lang.Object

javax.servlet.GenericServlet

org.apache.sling.api.servlets.SlingSafeMethodsServlet

org.apache.sling.api.servlets.SlingAllMethodsServlet

org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessServlet

org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessGetServlet

org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractGetAclServlet

org.apache.sling.jcr.jackrabbit.accessmanager.post.GetEffectiveAclServlet

All Implemented Interfaces:

Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig, GetEffectiveAcl

public class GetEffectiveAclServlet
extends AbstractGetAclServlet
implements GetEffectiveAcl

Sling GET servlet implementation for dumping the declared ACL of a resource to JSON.

Rest Service Description

Mapped to the default resourceType. Gets and Acl for a resource. Get of the form >resource<.acl.json Provided the user has access to the ACL, they get a chunk of JSON of the form.

Transport Details:

Methods

• GET

Response

200

Success.

404

The resource was not found.

500

Failure. HTML explains the failure.

Example Response

{ "principalNameA":{ "permissions": { "permission1":{ "allow":true }, "permission2":{ "allow":true }, "permission5":{ "deny":true } }, "principalNameB":{ "permissions": { "permission1":{ "allow":true }, "permission2":{ "allow":[ "restrictionName1: "restrictionValue1", "restrictionName2: [ "restrictionValue2a", "restrictionValue2b" ] ] }, "permission5":{ "deny":true } } }

See Also:

Serialized Form

Field Summary

Fields inherited from class org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractGetAclServlet

KEY_DENIED, KEY_GRANTED, KEY_ORDER

Constructor Summary

Constructors

Constructor	Description
GetEffectiveAclServlet()

Method Summary

Modifier and Type	Method	Description
protected void	addExtraInfo(javax.json.JsonObjectBuilder principalJson, Principal principal, Map<Principal,Map<DeclarationType,Set<String>>> principalToDeclaredAtPaths)	Overridden to add the declaredAt data to the json
protected Map<String,List<javax.jcr.security.AccessControlEntry>>	getAccessControlEntriesMap(javax.jcr.Session session, String absPath, Map<Principal,Map<DeclarationType,Set<String>>> declaredAtPaths)
javax.json.JsonObject	getEffectiveAcl(javax.jcr.Session jcrSession, String resourcePath)	Gets the effective access control list for a resource.

Methods inherited from class org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractGetAclServlet

addRestrictions, addTo, addTo, convertToJson, getAccessControlEntries, internalGetAcl, internalJson

Methods inherited from class org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessGetServlet

doGet, entriesSortedByEffectivePath, getItemPath, processACE, validateArgs, validateArgs, validateResourcePath

Methods inherited from class org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessServlet

bindRestrictionProvider, getRestrictionProvider, unbindRestrictionProvider

Methods inherited from class org.apache.sling.api.servlets.SlingAllMethodsServlet

doDelete, doPost, doPut, getAllowedRequestMethods, isMethodValid, mayService

Methods inherited from class org.apache.sling.api.servlets.SlingSafeMethodsServlet

doGeneric, doHead, doOptions, doTrace, getServletInfo, handleMethodNotImplemented, service, service

Methods inherited from class javax.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletName, init, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GetEffectiveAclServlet

public GetEffectiveAclServlet()

Method Detail

getEffectiveAcl

public javax.json.JsonObject getEffectiveAcl(javax.jcr.Session jcrSession,
                                             String resourcePath)
                                      throws javax.jcr.RepositoryException

Description copied from interface: GetEffectiveAcl

Gets the effective access control list for a resource.

Specified by:

getEffectiveAcl in interface GetEffectiveAcl

Parameters:

jcrSession - the JCR session of the user updating the user

resourcePath - The path of the resource to get the ACL for (required)

Returns:

the ACL as a JSON object

Throws:

javax.jcr.RepositoryException - if any errors reading the information

addExtraInfo

protected void addExtraInfo(javax.json.JsonObjectBuilder principalJson,
                            Principal principal,
                            Map<Principal,Map<DeclarationType,Set<String>>> principalToDeclaredAtPaths)

Overridden to add the declaredAt data to the json

Overrides:

addExtraInfo in class AbstractGetAclServlet

principal - the current principal

principalToDeclaredAtPaths - a map of principal the paths where ACEs are declared

getAccessControlEntriesMap

protected Map<String,List<javax.jcr.security.AccessControlEntry>> getAccessControlEntriesMap(javax.jcr.Session session,
                                                                                                   String absPath,
                                                                                                   Map<Principal,Map<DeclarationType,Set<String>>> declaredAtPaths)
                                                                                            throws javax.jcr.RepositoryException

Specified by:

getAccessControlEntriesMap in class AbstractGetAclServlet

Throws:

javax.jcr.RepositoryException