org.apache.directory.server.core.authz.support
Class MostSpecificProtectedItemFilter
java.lang.Object
org.apache.directory.server.core.authz.support.MostSpecificProtectedItemFilter
- All Implemented Interfaces:
- ACITupleFilter
public class MostSpecificProtectedItemFilter
- extends java.lang.Object
- implements ACITupleFilter
An ACITupleFilter
that chooses the tuples with the most specific
protected item. (18.8.4.3, X.501)
If more than one tuple remains, choose the tuples with the most specific
protected item. If the protected item is an attribute and there are tuples
that specify the attribute type explicitly, discard all other tuples. If
the protected item is an attribute value, and there are tuples that specify
the attribute value explicitly, discard all other tuples. A protected item
which is a rangeOfValues is to be treated as specifying an attribute value
explicitly.
- Version:
- $Rev: 927146 $, $Date: 2010-03-24 19:39:54 +0100 (Wed, 24 Mar 2010) $
- Author:
- Apache Directory Project
Method Summary |
java.util.Collection<org.apache.directory.shared.ldap.aci.ACITuple> |
filter(org.apache.directory.shared.ldap.schema.SchemaManager schemaManager,
java.util.Collection<org.apache.directory.shared.ldap.aci.ACITuple> tuples,
OperationScope scope,
OperationContext opContext,
java.util.Collection<org.apache.directory.shared.ldap.name.DN> userGroupNames,
org.apache.directory.shared.ldap.name.DN userName,
org.apache.directory.shared.ldap.entry.ServerEntry userEntry,
org.apache.directory.shared.ldap.constants.AuthenticationLevel authenticationLevel,
org.apache.directory.shared.ldap.name.DN entryName,
java.lang.String attrId,
org.apache.directory.shared.ldap.entry.Value<?> attrValue,
org.apache.directory.shared.ldap.entry.ServerEntry entry,
java.util.Collection<org.apache.directory.shared.ldap.aci.MicroOperation> microOperations,
org.apache.directory.shared.ldap.entry.ServerEntry entryView)
Returns the collection of the filtered tuples using the specified
extra information. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
MostSpecificProtectedItemFilter
public MostSpecificProtectedItemFilter()
filter
public java.util.Collection<org.apache.directory.shared.ldap.aci.ACITuple> filter(org.apache.directory.shared.ldap.schema.SchemaManager schemaManager,
java.util.Collection<org.apache.directory.shared.ldap.aci.ACITuple> tuples,
OperationScope scope,
OperationContext opContext,
java.util.Collection<org.apache.directory.shared.ldap.name.DN> userGroupNames,
org.apache.directory.shared.ldap.name.DN userName,
org.apache.directory.shared.ldap.entry.ServerEntry userEntry,
org.apache.directory.shared.ldap.constants.AuthenticationLevel authenticationLevel,
org.apache.directory.shared.ldap.name.DN entryName,
java.lang.String attrId,
org.apache.directory.shared.ldap.entry.Value<?> attrValue,
org.apache.directory.shared.ldap.entry.ServerEntry entry,
java.util.Collection<org.apache.directory.shared.ldap.aci.MicroOperation> microOperations,
org.apache.directory.shared.ldap.entry.ServerEntry entryView)
throws javax.naming.NamingException
- Description copied from interface:
ACITupleFilter
- Returns the collection of the filtered tuples using the specified
extra information.
- Specified by:
filter
in interface ACITupleFilter
tuples
- the collection of tuples to filterscope
- the scope of the operation to be performeduserGroupNames
- the collection of group (DN
)s which the current user belongs touserName
- the DN
of the current useruserEntry
- the ServerEntry
of the current user entry in the DITauthenticationLevel
- the level of authentication of the current userentryName
- the DN
of the entry the current user accessesattrId
- the attribute ID the current user accessesattrValue
- the value of the attribute the current user accessesentry
- the ServerEntry
of the entry the current user accessesmicroOperations
- the set of MicroOperation
s the current user will performentryView
- in case of a Modify operation, view of the entry being modified as if the modification permitted and completed
- Returns:
- the collection of filtered tuples
- Throws:
javax.naming.NamingException
- if failed to filter the specific tuples
Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.