Represents all aspects of access permissions for an uploaded document.
The Access Control List (ACL) contains a list of both users and groups that have either read
access or denied access to an Item
. Additionally, the access can be dependent on an
"inherit from" parent ACL corresponding to the Acl.InheritanceType
value. A parent can also
have multiple ACLs associated with it as defined by its fragments set in setInheritFrom(String, String)
.
Instances are immutable.
Nested Class Summary
class | Acl.Builder | Mutable ACL for creating instances of Acl . |
|
class | Acl.GroupPrincipalParser | Parser used to extract a group principal of either "google" or "external" type. | |
enum | Acl.InheritanceType | The enum that presents the type of inheritance. | |
enum | Acl.PrincipalType | Represents type of a Principal |
|
class | Acl.UserPrincipalParser | Parser used to extract a user principal of either "google" or "external" type. |
Constant Summary
String | GOOGLE_ACCOUNT_PREFIX | Configuration value prefix to indicate Google principal |
String | GROUP_NAME_FORMAT | Format to construct external group principal name |
String | IDENTITY_RESOURCE_NAME_FORMAT | Format to construct identity source ID |
String | IDENTITY_SOURCES_PREFIX | Prefix for identity source ID |
String | USER_RESOURCE_NAME_FORMAT | Format to construct external user principal name |
Field Summary
public static final Acl.GroupPrincipalParser | GROUP_PARSER | Configuration.Parser to parse string value as external group or Google group principal
|
public static final Acl.UserPrincipalParser | USER_PARSER | Configuration.Parser to parse string value as external user or Google user principal
|
Public Method Summary
static boolean |
addResourcePrefixGroup(Principal group, String identitySourceId)
Adds resource prefix "identitysources/identitySourceId/groups/" to
setGroupResourceName(String) . |
static boolean |
addResourcePrefixUser(Principal user, String identitySourceId)
Adds resource prefix "identitysources/identitySourceId/users/" to
setUserResourceName(String) . |
Item | |
static Acl | |
Item |
createFragmentItemOf(String id, String fragment)
Creates an
Item from an id and fragment to be used for its ACL. |
boolean |
equals(Object obj)
|
static String |
fragmentId(String id, String fragment)
Creates a fragment id using the pattern
%s#%s . |
static Principal |
getCustomerPrincipal()
Returns a customer principal instance.
|
Set<Principal> |
getDeniedReaders()
Returns the denied readers.
|
static Principal |
getGoogleGroupPrincipal(String groupId)
Returns a Google group principal.
|
static Principal |
getGoogleUserPrincipal(String userId)
Returns a Google user principal.
|
static Principal |
getGroupPrincipal(String groupId, String identitySourceId)
Returns an external group principal under specified identity source ID.
|
static Principal |
getGroupPrincipal(String groupId)
Returns an external group principal.
|
String |
getInheritFrom()
Returns the "inherit from" parent name.
|
String |
getInheritFromFragment()
Returns the "inherit from" fragment.
|
Acl.InheritanceType |
getInheritanceType()
Returns the
Acl.InheritanceType . |
Set<Principal> |
getOwners()
Returns the owners.
|
static String |
getPrincipalName(String name, String namespace)
Creates principal name with pattern
%s:%s . |
static Acl.PrincipalType |
getPrincipalType(Principal p)
Returns
Acl.PrincipalType for given principal |
Set<Principal> |
getReaders()
Returns the allowed readers.
|
static Principal |
getUserPrincipal(String userId)
Returns an external user principal.
|
static Principal |
getUserPrincipal(String userId, String identitySourceId)
Returns an external user principal under specified identity source ID.
|
int |
hashCode()
|
String |
toString()
|
Inherited Method Summary
Constants
public static final String GOOGLE_ACCOUNT_PREFIX
Configuration value prefix to indicate Google principal
public static final String GROUP_NAME_FORMAT
Format to construct external group principal name
public static final String IDENTITY_RESOURCE_NAME_FORMAT
Format to construct identity source ID
public static final String IDENTITY_SOURCES_PREFIX
Prefix for identity source ID
public static final String USER_RESOURCE_NAME_FORMAT
Format to construct external user principal name
Fields
public static final Acl.GroupPrincipalParser GROUP_PARSER
Configuration.Parser
to parse string value as external group or Google group principal
public static final Acl.UserPrincipalParser USER_PARSER
Configuration.Parser
to parse string value as external user or Google user principal
Public Methods
public static boolean addResourcePrefixGroup (Principal group, String identitySourceId)
Adds resource prefix "identitysources/identitySourceId/groups/" to setGroupResourceName(String)
. This method assumes that getGroupResourceName()
is already encoded for escaping unsupported characters.
Parameters
group | principal to add resource prefix for. |
---|---|
identitySourceId | identity source ID for external group principal. |
Returns
- true if resource prefix is added to principal, false otherwise.
public static boolean addResourcePrefixUser (Principal user, String identitySourceId)
Adds resource prefix "identitysources/identitySourceId/users/" to setUserResourceName(String)
.
Parameters
user | principal to add resource prefix for. |
---|---|
identitySourceId | identity source ID for external user principal. |
Returns
- true if resource prefix is added to principal, false otherwise.
public Item applyTo (Item item)
public static Acl createAcl (String permittedUsers, String permittedGroups, String deniedUsers, String deniedGroups)
public Item createFragmentItemOf (String id, String fragment)
public boolean equals (Object obj)
Parameters
obj |
---|
public static String fragmentId (String id, String fragment)
Creates a fragment id using the pattern %s#%s
.
Parameters
id | - document id |
---|---|
fragment | - fragment name |
Returns
- created name
public static Principal getCustomerPrincipal ()
Returns a customer principal instance.
Returns
Principal
with kind as Customer
public Set<Principal> getDeniedReaders ()
Returns the denied readers.
public static Principal getGoogleGroupPrincipal (String groupId)
Returns a Google group principal.
Parameters
groupId | external group ID |
---|
Returns
Principal
with kind set to Google group
public static Principal getGoogleUserPrincipal (String userId)
Returns a Google user principal.
Parameters
userId | Google user ID |
---|
Returns
Principal
with kind set to Google user
public static Principal getGroupPrincipal (String groupId, String identitySourceId)
Returns an external group principal under specified identity source ID. This method encodes
groupId using encodeGroupId(String)
Parameters
groupId | external user ID |
---|---|
identitySourceId | identity source ID for external group principal |
Returns
Principal
with kind as external group
public static Principal getGroupPrincipal (String groupId)
Returns an external group principal. This method encodes groupId using encodeGroupId(String)
Parameters
groupId | external user ID |
---|
Returns
Principal
with kind as external group
public String getInheritFrom ()
Returns the "inherit from" parent name.
public String getInheritFromFragment ()
Returns the "inherit from" fragment.
See Also
public Set<Principal> getOwners ()
Returns the owners.
public static String getPrincipalName (String name, String namespace)
Creates principal name with pattern %s:%s
.
Parameters
name | - name |
---|---|
namespace | - namespace |
Returns
- created name
public static Acl.PrincipalType getPrincipalType (Principal p)
Returns Acl.PrincipalType
for given principal
Parameters
p | principal to compute Acl.PrincipalType for |
---|
Returns
Acl.PrincipalType
for given principal
public Set<Principal> getReaders ()
Returns the allowed readers.
public static Principal getUserPrincipal (String userId)
Returns an external user principal.
Parameters
userId | external user ID |
---|
Returns
Principal
with kind as external user
public static Principal getUserPrincipal (String userId, String identitySourceId)
Returns an external user principal under specified identity source ID.
Parameters
userId | external user ID |
---|---|
identitySourceId | identity source ID for external user principal |
Returns
Principal
with kind as external user