public class Aci extends Object implements Comparable<Aci>
Modifier and Type | Field and Description |
---|---|
static int |
ACI_ADD
ACI_ADD is used to set the container rights for a LDAP add operation.
|
static int |
ACI_EXT_OP
Used by the extended operation access check.
|
static int |
ACI_PROXY
ACI_PROXY is used for the PROXY right.
|
static int |
ACI_SELF
ACI_SELF is used for the SELFWRITE right.
|
static int |
ACI_SKIP_PROXY_CHECK
ACI_SKIP_PROXY_CHECK is used to bypass the proxy access check.
|
static String |
ACI_STATEMENT_SEPARATOR
Regular expression matching a ACL statement separator.
|
static int |
ACI_WRITE_DELETE
ACI_WRITE_DELETE is used by the LDAP modify operation.
|
static String |
ALL_OP_ATTRS_WILD_CARD
Regular expression the matches "+".
|
static String |
ALL_USER_ATTRS_WILD_CARD
Regular expression the matches "*".
|
static String |
LDAP_URL
Regular expression matching a LDAP URL.
|
static String |
NULL_LDAP_URL
String used to check for NULL ldap URL.
|
static String |
supportedVersion
Version that we support.
|
static String |
WORD_GROUP
Regular expression matching a word group.
|
static String |
ZERO_OR_MORE_WHITESPACE
Regular expression matching a white space.
|
static String |
ZERO_OR_MORE_WHITESPACE_START_PATTERN
Regular expression matching a white space at the start of a pattern.
|
Modifier and Type | Method and Description |
---|---|
int |
compareTo(Aci aci)
Compares this Aci with the provided Aci based on a natural order.
|
static Aci |
decode(org.forgerock.opendj.ldap.ByteSequence byteString,
org.forgerock.opendj.ldap.Dn dn)
Decode an ACI byte string.
|
static Set<String> |
decodeOID(String expr,
LocalizableMessage msg)
Decode an OIDs expression string.
|
static EnumEvalResult |
evaluate(AciEvalContext evalCtx,
Aci aci)
Static class used to evaluate an ACI and evaluation context.
|
org.forgerock.opendj.ldap.Dn |
getDN()
Return the DN of the entry containing the ACI.
|
String |
getName()
Returns the name string of this ACI.
|
AciTargets |
getTargets()
Returns the targets of the ACI.
|
boolean |
hasAccessType(org.opends.server.authorization.dseecompat.EnumAccessType accessType)
Re-direct has access type to the body's hasAccessType method.
|
boolean |
hasRights(int rights)
Check if the body of the ACI matches the rights specified.
|
static boolean |
isApplicable(Aci aci,
AciTargetMatchContext matchCtx)
Test if the given ACI is applicable using the target match information
provided.
|
String |
toString()
Return the string representation of the ACI.
|
public static final String supportedVersion
public static final String WORD_GROUP
public static final String ZERO_OR_MORE_WHITESPACE
public static final String ZERO_OR_MORE_WHITESPACE_START_PATTERN
public static final String ACI_STATEMENT_SEPARATOR
public static final String LDAP_URL
public static final String NULL_LDAP_URL
public static final String ALL_USER_ATTRS_WILD_CARD
public static final String ALL_OP_ATTRS_WILD_CARD
public static final int ACI_ADD
public static final int ACI_SELF
public static final int ACI_PROXY
public static final int ACI_WRITE_DELETE
public static final int ACI_SKIP_PROXY_CHECK
public static final int ACI_EXT_OP
public static Aci decode(org.forgerock.opendj.ldap.ByteSequence byteString, org.forgerock.opendj.ldap.Dn dn) throws AciException
byteString
- The ByteString containing the ACI string.dn
- DN of the ACI entry.AciException
- If the parsing of the ACI string fails.public String toString()
public AciTargets getTargets()
public org.forgerock.opendj.ldap.Dn getDN()
public static boolean isApplicable(Aci aci, AciTargetMatchContext matchCtx)
aci
- The ACI to test.matchCtx
- The target matching context containing all the info
needed to match ACI targets.public boolean hasRights(int rights)
rights
- Bit mask representing the rights to match.public boolean hasAccessType(org.opends.server.authorization.dseecompat.EnumAccessType accessType)
accessType
- The access type to match.public static EnumEvalResult evaluate(AciEvalContext evalCtx, Aci aci)
evalCtx
- The context to evaluate with.aci
- The ACI to evaluate.public static Set<String> decodeOID(String expr, LocalizableMessage msg) throws AciException
expr
- A string representing the OID expression.msg
- A message to be used if there is an exception.AciException
- If the specified expression string is invalid.public int compareTo(Aci aci)
compareTo
in interface Comparable<Aci>
aci
- The Aci against which to compare this Aci.Copyright © 2010-2017 ForgeRock AS. All Rights Reserved.