Package org.apache.jena.permissions

Interface SecuredItem

All Known Subinterfaces:
SecuredAlt, SecuredBag, SecuredContainer, SecuredGraph, SecuredLiteral, SecuredModel, SecuredPrefixMapping, SecuredProperty, SecuredRDFList, SecuredRDFNode, SecuredResource, SecuredSeq, SecuredStatement
All Known Implementing Classes:
SecuredAltImpl, SecuredBagImpl, SecuredContainerImpl, SecuredGraphImpl, SecuredItemImpl, SecuredLiteralImpl, SecuredModelImpl, SecuredPrefixMappingImpl, SecuredPropertyImpl, SecuredRDFListImpl, SecuredRDFNodeImpl, SecuredResourceImpl, SecuredSeqImpl, SecuredStatementImpl
public interface SecuredItem
The secured item interface is mixed into instances of secured objects by the proxy. It provides the security context for the security checks as well as several useful shorthand methods for common checks.

  • Method Details

    • canCreate

      boolean canCreate() throws AuthenticationRequiredException
      Returns:
      true if the securedModel allows items to be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canCreate

      boolean canCreate(Triple t) throws AuthenticationRequiredException
      Return true if the triple can be created. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Parameters:
      t - The triple to check
      Returns:
      true if the triple can be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canCreate

      boolean canCreate(FrontsTriple t) throws AuthenticationRequiredException
      Return true if the fronted triple can be created. See canRead(Triple t)
      Parameters:
      t - The fronted triple to check
      Returns:
      true if the triple can be created.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      boolean canDelete() throws AuthenticationRequiredException
      Returns:
      true if the securedModel allows items to be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      boolean canDelete(Triple t) throws AuthenticationRequiredException
      Return true if the triple can be deleted. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Parameters:
      t - The triple to check
      Returns:
      true if the triple can be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canDelete

      boolean canDelete(FrontsTriple t) throws AuthenticationRequiredException
      Return true if the fronted triple can be deleted. See canRead(Triple t)
      Parameters:
      t - The fronted triple to check
      Returns:
      true if the triple can be deleted.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      boolean canRead() throws AuthenticationRequiredException
      Returns:
      true if the securedModel allows items to be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      boolean canRead(Triple t) throws AuthenticationRequiredException
      Return true if the triple can be read. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. (S, P, O) check if S,P,O can be read. (S, P, ANY) check if there are any S,P,x restrictions. (S, ANY, P) check if there are any S,x,P restrictions. (ANY, ANY, ANY) check if there are any restrictions on reading.
      Parameters:
      t - The triple to check
      Returns:
      true if the triple can be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canRead

      boolean canRead(FrontsTriple t) throws AuthenticationRequiredException
      Return true if the fronted triple can be read.
      Parameters:
      t - The frontedtriple to check
      Returns:
      true if the triple can be read.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      boolean canUpdate() throws AuthenticationRequiredException
      Returns:
      true if the securedModel allows items to be updated.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      boolean canUpdate(Triple from, Triple to) throws AuthenticationRequiredException
      Return true if the triple can be updated. If any s,p or o is SecNode.ANY then this method must return false if there are any restrictions where the remaining nodes and held constant and the ANY node is allowed to vary. See canRead(Triple t)
      Parameters:
      from - The triple that will be changed
      to - The resulting triple.
      Returns:
      true if the from triple can be updated as the to triple.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • canUpdate

      boolean canUpdate(FrontsTriple from, FrontsTriple to) throws AuthenticationRequiredException
      Return true if the fronted triple can be updated. See canUpdate(Triple from, Triple to)
      Parameters:
      from - The fronted triple that will be changed
      to - The resulting fronted triple.
      Returns:
      true if the from triple can be updated as the to triple.
      Throws:
      AuthenticationRequiredException - if user is not authenticated and is required to be.

    • equals

      boolean equals(Object o)
      Overrides:
      equals in class Object

    • getBaseItem

      Object getBaseItem()
      Returns:
      the base item that is being secured.

    • getModelIRI

      String getModelIRI()
      Returns:
      The IRI of the securedModel that the item belongs to.

    • getModelNode

      Node getModelNode()
      Returns:
      The node representation of the securedModel IRI.

    • getSecurityEvaluator

      SecurityEvaluator getSecurityEvaluator()
      The SecurityEvaluator implementation that is being used to determine access.
      Returns:
      The SecurityEvaluator implementation.

    • isEquivalent

      boolean isEquivalent(SecuredItem securedItem)
      Return true if this secured item is equivalent to another secured item. Generally implemented by calling SecuredItem.Util.isEquivalent
      Parameters:
      securedItem - the other secured item.
      Returns:
      True if they are equivalent, false otherwise.