View Javadoc

1   /*
2    * JBoss DNA (http://www.jboss.org/dna)
3    * See the COPYRIGHT.txt file distributed with this work for information
4    * regarding copyright ownership.  Some portions may be licensed
5    * to Red Hat, Inc. under one or more contributor license agreements.
6    * See the AUTHORS.txt file in the distribution for a full listing of 
7    * individual contributors.
8    *
9    * JBoss DNA is free software. Unless otherwise indicated, all code in JBoss DNA
10   * is licensed to you under the terms of the GNU Lesser General Public License as
11   * published by the Free Software Foundation; either version 2.1 of
12   * the License, or (at your option) any later version.
13   * 
14   * JBoss DNA is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17   * Lesser General Public License for more details.
18   *
19   * You should have received a copy of the GNU Lesser General Public
20   * License along with this software; if not, write to the Free
21   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
22   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
23   */
24  package org.modeshape.jcr;
25  
26  import java.security.AccessControlContext;
27  import javax.jcr.Credentials;
28  import javax.jcr.Repository;
29  import javax.security.auth.Subject;
30  
31  /**
32   * ModeShape currently defines three roles: {@link #READONLY readonly}, {@link #READWRITE readwrite}, and {@link #ADMIN admin}. If
33   * the {@link Credentials}; passed into {@link Repository#login(Credentials)} (or the {@link Subject} from the
34   * {@link AccessControlContext}, if one of the no-credential <code>login(...)</code> methods are used) have any of these roles,
35   * the session will have the corresponding access to all workspaces within the repository.
36   * <p>
37   * The mapping from the roles to the actions that they allow is provided below, for any values of <code>path</code>.
38   * </p>
39   * <h3>Role / Action Mapping</h3>
40   * <table border="1" cellspacing="0" cellpadding="2">
41   * <tr>
42   * <td><b>Action Name</b></td>
43   * <td><b>readonly</b></td>
44   * <td><b>readwrite</b></td>
45   * <td><b>admin</b></td>
46   * </tr>
47   * </thead>
48   * <tr>
49   * <td>read</td>
50   * <td>Allows</td>
51   * <td>Allows</td>
52   * <td>Allows</td>
53   * </tr>
54   * <tr>
55   * <td>add_node</td>
56   * <td></td>
57   * <td>Allows</td>
58   * <td>Allows</td>
59   * </tr>
60   * <tr>
61   * <td>set_property</td>
62   * <td></td>
63   * <td>Allows</td>
64   * <td>Allows</td>
65   * </tr>
66   * <tr>
67   * <td>remove</td>
68   * <td></td>
69   * <td>Allows</td>
70   * <td>Allows</td>
71   * </tr>
72   * <tr>
73   * <td>register_namespace</td>
74   * <td></td>
75   * <td></td>
76   * <td>Allows</td>
77   * </tr>
78   * <tr>
79   * <td>register_type</td>
80   * <td></td>
81   * <td></td>
82   * <td>Allows</td>
83   * </tr>
84   * <tr>
85   * <td>unlock_any</td>
86   * <td></td>
87   * <td></td>
88   * <td>Allows</td>
89   * </tr>
90   * <tr>
91   * <td>create_workspace</td>
92   * <td></td>
93   * <td></td>
94   * <td>Allows</td>
95   * </tr>
96   * <tr>
97   * <td>delete_workspace</td>
98   * <td></td>
99   * <td></td>
100  * <td>Allows</td>
101  * </tr>
102  * </table>
103  * </p>
104  */
105 public interface ModeShapeRoles {
106 
107     /**
108      * Constant containing the "readonly" role name.
109      */
110     public static final String READONLY = "readonly";
111     /**
112      * Constant containing the "readwrite" role name.
113      */
114     public static final String READWRITE = "readwrite";
115     /**
116      * Constant containing the "admin" role name.
117      */
118     public static final String ADMIN = "admin";
119 
120 }