GetEffectiveRightsRequestControl (OpenDJ Public API Javadoc 6.5.6 Documentation)

java.lang.Object
- org.forgerock.opendj.ldap.controls.GetEffectiveRightsRequestControl

All Implemented Interfaces:

Control
```
public final class GetEffectiveRightsRequestControl
extends Object
implements Control
```
A partial implementation of the get effective rights request control as defined in draft-ietf-ldapext-acl-model. The main differences are:
- The response control is not supported. Instead the OpenDJ implementation creates attributes containing effective rights information with the entry being returned.
- The attribute type names are dynamically created.
- The set of attributes for which effective rights information is to be requested can be included in the control.
The get effective rights request control value has the following BER encoding:
```
  GetRightsControl ::= SEQUENCE {
    authzId    authzId  -- Only the "dn:DN" form is supported.
    attributes  SEQUENCE OF AttributeType
  }
 
```
You can use the control to retrieve effective rights during a search:
```
 String authDN = ...;

 SearchRequest request =
         Requests.newSearchRequest(
                     "dc=example,dc=com", SearchScope.WHOLE_SUBTREE,
                     "(uid=bjensen)", "cn", "aclRights", "aclRightsInfo")
                     .addControl(GetEffectiveRightsRequestControl.newControl(
                             true, authDN, "cn"));

 ConnectionEntryReader reader = connection.search(request);
 while (reader.hasNext()) {
      if (!reader.isReference()) {
          SearchResultEntry entry = reader.readEntry();
          // Interpret aclRights and aclRightsInfo
      }
 }
 
```
The entries returned by the search hold the aclRights and aclRightsInfo attributes with the effective rights information. You must parse the attribute options and values to interpret the information.
See Also:

draft-ietf-ldapext-acl-model - Access Control Model for LDAPv3

Field Summary

Fields
Modifier and Type	Field and Description
`static ControlDecoder<GetEffectiveRightsRequestControl>`	`DECODER` A decoder which can be used for decoding the get effective rights request control.
`static String`	`OID` The OID for the get effective rights request control.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Collection<AttributeType>`	`getAttributes()` Returns an unmodifiable list of attributes for which effective rights are to be returned, which may be empty indicating that no attribute rights are to be returned.
`Dn`	`getAuthorizationName()` Returns the distinguished name of the user for which effective rights are to be returned, or `null` if the client's authentication ID is to be used.
`String`	`getOid()` Returns the numeric OID associated with this control.
`ByteString`	`getValue()` Returns the value, if any, associated with this control.
`boolean`	`hasValue()` Returns `true` if this control has a value.
`boolean`	`isCritical()` Returns `true` if it is unacceptable to perform the operation without applying the semantics of this control.
`static GetEffectiveRightsRequestControl`	`newControl(boolean isCritical, Dn authorizationName, Collection<AttributeType> attributes)` Creates a new get effective rights request control with the provided criticality, optional authorization name and attribute list.
`static GetEffectiveRightsRequestControl`	`newControl(boolean isCritical, String authorizationName, String... attributes)` Creates a new get effective rights request control with the provided criticality, optional authorization name and attribute list.
`String`	`toString()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - OID
```
public static final String OID
```
    The OID for the get effective rights request control.
    
    See Also:
    
    Constant Field Values
  - DECODER
```
public static final ControlDecoder<GetEffectiveRightsRequestControl> DECODER
```
    A decoder which can be used for decoding the get effective rights request control.
- Method Detail
  - newControl
```
public static GetEffectiveRightsRequestControl newControl(boolean isCritical,
                                                          Dn authorizationName,
                                                          Collection<AttributeType> attributes)
```
    Creates a new get effective rights request control with the provided criticality, optional authorization name and attribute list.
    
    Parameters:
    
    isCritical - true if it is unacceptable to perform the operation without applying the semantics of this control, or false if it can be ignored.
    
    authorizationName - The distinguished name of the user for which effective rights are to be returned, or null if the client's authentication ID is to be used.
    
    attributes - The list of attributes for which effective rights are to be returned, which may be empty indicating that no attribute rights are to be returned.
    
    Returns:
    
    The new control.
    
    Throws:
    
    NullPointerException - If attributes was null.
  - newControl
```
public static GetEffectiveRightsRequestControl newControl(boolean isCritical,
                                                          String authorizationName,
                                                          String... attributes)
```
    Creates a new get effective rights request control with the provided criticality, optional authorization name and attribute list. The authorization name and attributes, if provided, will be decoded using the default schema.
    
    Parameters:
    
    isCritical - true if it is unacceptable to perform the operation without applying the semantics of this control, or false if it can be ignored.
    
    authorizationName - The distinguished name of the user for which effective rights are to be returned, or null if the client's authentication ID is to be used.
    
    attributes - The list of attributes for which effective rights are to be returned, which may be empty indicating that no attribute rights are to be returned.
    
    Returns:
    
    The new control.
    
    Throws:
    
    UnknownSchemaElementException - If the default schema is a strict schema and one or more of the requested attribute types were not recognized.
    
    LocalizedIllegalArgumentException - If authorizationName is not a valid LDAP string representation of a DN.
    
    NullPointerException - If attributes was null.
  - getAttributes
```
public Collection<AttributeType> getAttributes()
```
    Returns an unmodifiable list of attributes for which effective rights are to be returned, which may be empty indicating that no attribute rights are to be returned.
    
    Returns:
    
    The unmodifiable list of attributes for which effective rights are to be returned.
  - getAuthorizationName
```
public Dn getAuthorizationName()
```
    Returns the distinguished name of the user for which effective rights are to be returned, or null if the client's authentication ID is to be used.
    
    Returns:
    
    The distinguished name of the user for which effective rights are to be returned.
  - getOid
```
public String getOid()
```
    Description copied from interface: Control
    
    Returns the numeric OID associated with this control.
    
    Specified by:
    
    getOid in interface Control
    
    Returns:
    
    The numeric OID associated with this control.
  - getValue
```
public ByteString getValue()
```
    Description copied from interface: Control
    
    Returns the value, if any, associated with this control. Its format is defined by the specification of this control.
    
    Specified by:
    
    getValue in interface Control
    
    Returns:
    
    The value associated with this control, or null if there is no value.
  - hasValue
```
public boolean hasValue()
```
    Description copied from interface: Control
    
    Returns true if this control has a value. In some circumstances it may be useful to determine if a control has a value, without actually calculating the value and incurring any performance costs.
    
    Specified by:
    
    hasValue in interface Control
    
    Returns:
    
    true if this control has a value, or false if there is no value.
  - isCritical
```
public boolean isCritical()
```
    Description copied from interface: Control
    
    Returns true if it is unacceptable to perform the operation without applying the semantics of this control.
    The criticality field only has meaning in controls attached to request messages (except UnbindRequest). For controls attached to response messages and the UnbindRequest, the criticality field SHOULD be false, and MUST be ignored by the receiving protocol peer. A value of true indicates that it is unacceptable to perform the operation without applying the semantics of the control.
    
    Specified by:
    
    isCritical in interface Control
    
    Returns:
    
    true if this control must be processed by the Directory Server, or false if it can be ignored.
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class Object

Class GetEffectiveRightsRequestControl

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

OID

DECODER

Method Detail

newControl

newControl

getAttributes

getAuthorizationName

getOid

getValue

hasValue

isCritical

toString