@Override
public boolean arePoliciesRestrictingPermission(String permission) {
for (SecurityPolicy policy : getPolicies()) {
if (policy.isRestrictingPermission(permission)) {
return true;
}
}
return false;
}
@Override
public boolean arePoliciesExpressibleInQuery(String repositoryName) {
for (SecurityPolicy policy : getPolicies()) {
if (!policy.isExpressibleInQuery(repositoryName)) {
return false;
}
}
return true;
}
@Override
public Collection<SQLQuery.Transformer> getPoliciesQueryTransformers(String repositoryName) {
List<SQLQuery.Transformer> transformers = new LinkedList<SQLQuery.Transformer>();
for (SecurityPolicy policy : getPolicies()) {
if (policy.isExpressibleInQuery(repositoryName)) {
transformers.add(policy.getQueryTransformer(repositoryName));
}
}
return transformers;
}
@Override
public Access checkPermission(
Document doc,
ACP mergedAcp,
Principal principal,
String permission,
String[] resolvedPermissions,
String[] additionalPrincipals) {
Access access = Access.UNKNOWN;
List<SecurityPolicy> policies = getPolicies();
for (SecurityPolicy policy : policies) {
Access policyAccess =
policy.checkPermission(
doc, mergedAcp, principal, permission, resolvedPermissions, additionalPrincipals);
if (policyAccess != null && !Access.UNKNOWN.equals(policyAccess)) {
access = policyAccess;
break;
}
}
return access;
}
