[jboss-cvs] JBossAS SVN: r85321 - projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Mar 5 13:57:56 EST 2009 

Author: sguilhen at redhat.com
Date: 2009-03-05 13:57:55 -0500 (Thu, 05 Mar 2009)
New Revision: 85321

Modified:
   projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACL.java
   projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACLEntry.java
Log:
SECURITY-374: merged changes made in Branch_2_0

Modified: projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACL.java
===================================================================
--- projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACL.java	2009-03-05 18:57:05 UTC (rev 85320)
+++ projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACL.java	2009-03-05 18:57:55 UTC (rev 85321)
@@ -28,15 +28,15 @@
 
 /**
  * <p>
- * This interface represents an Access Control List (ACL), a data structure used to protect access 
- * to resources. It is composed of entries, where each entry is represented by the {@code ALCEntry}
- * class and represents the permissions assigned to a given identity.
+ * This interface represents an Access Control List (ACL), a data structure used to protect access to resources. It is
+ * composed of entries, where each entry is represented by the {@code ALCEntry} class and represents the permissions
+ * assigned to a given identity.
  * </p>
  * <p>
- * When a client attempts to perform an operation on a resource, the ACL associated to the resource is used
- * to verify if the client has enough permissions to perform that operation. In order to do that, the
- * {@code ACLEntry} corresponding to the client's identity is retrieved and then the permission set
- * contained in the entry is verified to decide if access should be granted or not. 
+ * When a client attempts to perform an operation on a resource, the ACL associated to the resource is used to verify if
+ * the client has enough permissions to perform that operation. In order to do that, the {@code ACLEntry} corresponding
+ * to the client's identity is retrieved and then the permission set contained in the entry is verified to decide if
+ * access should be granted or not.
  * </p>
  * 
  * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
@@ -46,12 +46,12 @@
 
    /**
     * <p>
-    * Adds an entry to this ACL. If the ACL already has an {@code ACLEntry} associated to the new
-    * entry's identity, then the new entry will not be added.
+    * Adds an entry to this ACL. If the ACL already has an {@code ACLEntry} associated to the new entry's identity, then
+    * the new entry will not be added.
     * </p>
     * 
     * @param entry the {@code ACLEntry} to be added.
-    * @return   {@code true} if the entry was added; {@code false} otherwise.
+    * @return {@code true} if the entry was added; {@code false} otherwise.
     */
    public boolean addEntry(ACLEntry entry);
 
@@ -60,9 +60,8 @@
     * Removes an entry from this ACL.
     * </p>
     * 
-    * @param entry  the {@code ACLEntry} to be removed.
-    * @return   {@code true} if the entry is removed; {@code false} if the entry can't be found
-    * in the ACL.
+    * @param entry the {@code ACLEntry} to be removed.
+    * @return {@code true} if the entry is removed; {@code false} if the entry can't be found in the ACL.
     */
    public boolean removeEntry(ACLEntry entry);
 
@@ -71,22 +70,33 @@
     * Obtains the collection of all {@code ACLEntries} in this ACL.
     * </p>
     * 
-    * @return   a {@code Collection} containing all entries in this ACL.
+    * @return a {@code Collection} containing all entries in this ACL.
     */
    public Collection<? extends ACLEntry> getEntries();
 
    /**
     * <p>
-    * Obtains the entry that corresponds to the specified identity.
+    * Obtains the entry that corresponds to the specified identity. Calling this method is the same as doing
+    * {@code getEntry(identity.getName())}.
     * </p>
     * 
     * @param identity a reference to the {@code Identity} object.
-    * @return   the {@code ACLEntry} that corresponds to the identity, or {@code null} if no entry could be found.
+    * @return the {@code ACLEntry} that corresponds to the identity, or {@code null} if no entry could be found.
     */
    public ACLEntry getEntry(Identity identity);
-   
+
    /**
     * <p>
+    * Obtains the entry that corresponds to the specified identity or role name.
+    * </p>
+    * 
+    * @param identityOrRole a {@code String} representing an identity or role.
+    * @return the {@code ACLEntry} that corresponds to the identity or role or {@code null} if no entry could be found.
+    */
+   public ACLEntry getEntry(String identityOrRole);
+
+   /**
+    * <p>
     * Obtains a reference to the resource being protected by this ACL.
     * </p>
     * 
@@ -100,9 +110,8 @@
     * </p>
     * 
     * @param permission the {@code ACLPermission} to be checked for.
-    * @param identity   the {@code Identity} being verified.
-    * @return   {@code true} if the specified permission is assigned to the identity;
-    * {@code false} otherwise.
+    * @param identity the {@code Identity} being verified.
+    * @return {@code true} if the specified permission is assigned to the identity; {@code false} otherwise.
     */
    public boolean isGranted(ACLPermission permission, Identity identity);
 }

Modified: projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACLEntry.java
===================================================================
--- projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACLEntry.java	2009-03-05 18:57:05 UTC (rev 85320)
+++ projects/security/security-spi/trunk/acl/src/main/org/jboss/security/acl/ACLEntry.java	2009-03-05 18:57:55 UTC (rev 85321)
@@ -35,10 +35,18 @@
 
    /**
     * <p>
-    * Obtains the {@code Identity} for which a permission has been assigned in
-    * this entry.
+    * Obtains the identity or role for which a permission has been assigned in this entry.
     * </p>
     * 
+    * @return a {@code String} representing the identity or role name.
+    */
+   public String getIdentityOrRole();
+
+   /**
+    * <p>
+    * Obtains the {@code Identity} for which a permission has been assigned in this entry.
+    * </p>
+    * 
     * @return a reference to the {@code Identity} contained in this entry.
     */
    public Identity getIdentity();
@@ -58,8 +66,7 @@
     * </p>
     * 
     * @param permission the {@code ACLPermission} to be checked for.
-    * @return {@code true} if the permission is part of this entry's permission; 
-    * {@code false} otherwise.
+    * @return {@code true} if the permission is part of this entry's permission; {@code false} otherwise.
     */
    public boolean checkPermission(ACLPermission permission);
 }

More information about the jboss-cvs-commits mailing list