| <!DOCTYPE HTML> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc (17) --> |
| <title>SecurityEvaluator (Apache Jena - Security Permissions 5.0.0)</title> |
| <meta name="viewport" content="width=device-width, initial-scale=1"> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <meta name="description" content="declaration: package: org.apache.jena.permissions, interface: SecurityEvaluator"> |
| <meta name="generator" content="javadoc/ClassWriterImpl"> |
| <link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style"> |
| <link rel="stylesheet" type="text/css" href="../../../../script-dir/jquery-ui.min.css" title="Style"> |
| <link rel="stylesheet" type="text/css" href="../../../../jquery-ui.overrides.css" title="Style"> |
| <script type="text/javascript" src="../../../../script.js"></script> |
| <script type="text/javascript" src="../../../../script-dir/jquery-3.6.1.min.js"></script> |
| <script type="text/javascript" src="../../../../script-dir/jquery-ui.min.js"></script> |
| </head> |
| <body class="class-declaration-page"> |
| <script type="text/javascript">var evenRowColor = "even-row-color"; |
| var oddRowColor = "odd-row-color"; |
| var tableTab = "table-tab"; |
| var activeTableTab = "active-table-tab"; |
| var pathtoroot = "../../../../"; |
| loadScripts(document, 'script');</script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <div class="flex-box"> |
| <header role="banner" class="flex-header"> |
| <nav role="navigation"> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="top-nav" id="navbar-top"> |
| <div class="skip-nav"><a href="#skip-navbar-top" title="Skip navigation links">Skip navigation links</a></div> |
| <ul id="navbar-top-firstrow" class="nav-list" title="Navigation"> |
| <li><a href="../../../../index.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="nav-bar-cell1-rev">Class</li> |
| <li><a href="class-use/SecurityEvaluator.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../help-doc.html#class">Help</a></li> |
| </ul> |
| </div> |
| <div class="sub-nav"> |
| <div> |
| <ul class="sub-nav-list"> |
| <li>Summary: </li> |
| <li><a href="#nested-class-summary">Nested</a> | </li> |
| <li><a href="#field-summary">Field</a> | </li> |
| <li>Constr | </li> |
| <li><a href="#method-summary">Method</a></li> |
| </ul> |
| <ul class="sub-nav-list"> |
| <li>Detail: </li> |
| <li><a href="#field-detail">Field</a> | </li> |
| <li>Constr | </li> |
| <li><a href="#method-detail">Method</a></li> |
| </ul> |
| </div> |
| <div class="nav-list-search"><label for="search-input">SEARCH:</label> |
| <input type="text" id="search-input" value="search" disabled="disabled"> |
| <input type="reset" id="reset-button" value="reset" disabled="disabled"> |
| </div> |
| </div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <span class="skip-nav" id="skip-navbar-top"></span></nav> |
| </header> |
| <div class="flex-content"> |
| <main role="main"> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="sub-title"><span class="package-label-in-type">Package</span> <a href="package-summary.html">org.apache.jena.permissions</a></div> |
| <h1 title="Interface SecurityEvaluator" class="title">Interface SecurityEvaluator</h1> |
| </div> |
| <section class="class-description" id="class-description"> |
| <dl class="notes"> |
| <dt>All Known Implementing Classes:</dt> |
| <dd><code><a href="impl/CachedSecurityEvaluator.html" title="class in org.apache.jena.permissions.impl">CachedSecurityEvaluator</a></code>, <code><a href="example/ExampleEvaluator.html" title="class in org.apache.jena.permissions.example">ExampleEvaluator</a></code>, <code><a href="example/readonly/ReadOnlyEval.html" title="class in org.apache.jena.permissions.example.readonly">ReadOnlyEval</a></code>, <code><a href="example/ShiroExampleEvaluator.html" title="class in org.apache.jena.permissions.example">ShiroExampleEvaluator</a></code></dd> |
| </dl> |
| <hr> |
| <div class="type-signature"><span class="modifiers">public interface </span><span class="element-name type-name-label">SecurityEvaluator</span></div> |
| <div class="block">SecurityEvaluator. |
| <p> |
| The security evaluator is the link between the graph security system and an |
| external security system. This interface specifies the methods that are |
| required by the graph security system. It is assumed that the implementation |
| will handle tracking the current user and will query some underlying data |
| source to determine what actions the user can and can not take. |
| </p> |
| <p> |
| All questions of white listing or black listing will be handled in the |
| concrete implementation. |
| </p> |
| <p> |
| Implementations of this class should probably cache any evaluate calculations |
| as the evaluate methods are called frequently. However, the underlying |
| classes do cache results within a single method check. |
| </p> |
| <dl> |
| <dt>Secured operations</dt> |
| <dd>The security system recognizes and secures each of the CRUD (Create, |
| Read, Update and Delete) operations as represented by the Action |
| enumeration.</dd> |
| <dt>Levels of security</dt> |
| <dd>The security interfaces operates at two (2) levels: graph (or Model) and |
| triple. |
| <p> |
| At the the graph level the security evaluator may restrict CRUD access to the |
| graph or model as a whole. When evaluating the restriction, if the user it |
| not permitted to perform the operation on the graph or model access is |
| denied. If the user is permitted any triple restrictions are evaluated. |
| </p> |
| <p> |
| At the triple level the security evaluator may restrict CRUD access to |
| specific triples. In order to skip potentially expensive triple security |
| checks the system will generally ask if the user is permitted the CRUD action |
| on any triple. This is represented by the SecTriple |
| <code>(ANY, ANY, ANY)</code>. |
| </p> |
| <ul> |
| <li>If the system does not support triple level security the system should |
| always return <code>true</code>.</li> |
| <li>If the system does support triple level |
| security and is unable to verify that the user can execute the CRUD action |
| against any arbitrary triple the system should return |
| <code>false</code>.</li> |
| <li>See <code>Node.ANY</code>, <code>SecurityEvaluator.FUTURE</code>, and |
| <code>SecurityEvaluator.VARIABLE</code> for discussion of specifics of their |
| respective usages.</li> |
| </ul> |
| </dd> |
| </dl></div> |
| </section> |
| <section class="summary"> |
| <ul class="summary-list"> |
| <!-- ======== NESTED CLASS SUMMARY ======== --> |
| <li> |
| <section class="nested-class-summary" id="nested-class-summary"> |
| <h2>Nested Class Summary</h2> |
| <div class="caption"><span>Nested Classes</span></div> |
| <div class="summary-table three-column-summary"> |
| <div class="table-header col-first">Modifier and Type</div> |
| <div class="table-header col-second">Interface</div> |
| <div class="table-header col-last">Description</div> |
| <div class="col-first even-row-color"><code>static enum </code></div> |
| <div class="col-second even-row-color"><code><a href="SecurityEvaluator.Action.html" class="type-name-link" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a></code></div> |
| <div class="col-last even-row-color"> |
| <div class="block">Identifies a specific CRUD actions.</div> |
| </div> |
| <div class="col-first odd-row-color"><code>static class </code></div> |
| <div class="col-second odd-row-color"><code><a href="SecurityEvaluator.Util.html" class="type-name-link" title="class in org.apache.jena.permissions">SecurityEvaluator.Util</a></code></div> |
| <div class="col-last odd-row-color"> |
| <div class="block">A collection of utility functions for the SecurityEvaluator implementations.</div> |
| </div> |
| </div> |
| </section> |
| </li> |
| <!-- =========== FIELD SUMMARY =========== --> |
| <li> |
| <section class="field-summary" id="field-summary"> |
| <h2>Field Summary</h2> |
| <div class="caption"><span>Fields</span></div> |
| <div class="summary-table three-column-summary"> |
| <div class="table-header col-first">Modifier and Type</div> |
| <div class="table-header col-second">Field</div> |
| <div class="table-header col-last">Description</div> |
| <div class="col-first even-row-color"><code>static final <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a></code></div> |
| <div class="col-second even-row-color"><code><a href="#FUTURE" class="member-name-link">FUTURE</a></code></div> |
| <div class="col-last even-row-color"> |
| <div class="block">This is a blank (anonymous) node that will be created in the future.</div> |
| </div> |
| <div class="col-first odd-row-color"><code>static final <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a></code></div> |
| <div class="col-second odd-row-color"><code><a href="#VARIABLE" class="member-name-link">VARIABLE</a></code></div> |
| <div class="col-last odd-row-color"> |
| <div class="block">Indicates a variable in the triple.</div> |
| </div> |
| </div> |
| </section> |
| </li> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <li> |
| <section class="method-summary" id="method-summary"> |
| <h2>Method Summary</h2> |
| <div id="method-summary-table"> |
| <div class="table-tabs" role="tablist" aria-orientation="horizontal"><button id="method-summary-table-tab0" role="tab" aria-selected="true" aria-controls="method-summary-table.tabpanel" tabindex="0" onkeydown="switchTab(event)" onclick="show('method-summary-table', 'method-summary-table', 3)" class="active-table-tab">All Methods</button><button id="method-summary-table-tab2" role="tab" aria-selected="false" aria-controls="method-summary-table.tabpanel" tabindex="-1" onkeydown="switchTab(event)" onclick="show('method-summary-table', 'method-summary-table-tab2', 3)" class="table-tab">Instance Methods</button><button id="method-summary-table-tab3" role="tab" aria-selected="false" aria-controls="method-summary-table.tabpanel" tabindex="-1" onkeydown="switchTab(event)" onclick="show('method-summary-table', 'method-summary-table-tab3', 3)" class="table-tab">Abstract Methods</button><button id="method-summary-table-tab5" role="tab" aria-selected="false" aria-controls="method-summary-table.tabpanel" tabindex="-1" onkeydown="switchTab(event)" onclick="show('method-summary-table', 'method-summary-table-tab5', 3)" class="table-tab">Default Methods</button></div> |
| <div id="method-summary-table.tabpanel" role="tabpanel"> |
| <div class="summary-table three-column-summary" aria-labelledby="method-summary-table-tab0"> |
| <div class="table-header col-first">Modifier and Type</div> |
| <div class="table-header col-second">Method</div> |
| <div class="table-header col-last">Description</div> |
| <div class="col-first even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#evaluate(java.lang.Object,java.util.Set,org.apache.jena.graph.Node)" class="member-name-link">evaluate</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</code></div> |
| <div class="col-last even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Determine if all actions are allowed on the graph.</div> |
| </div> |
| <div class="col-first odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#evaluate(java.lang.Object,java.util.Set,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)" class="member-name-link">evaluate</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</code></div> |
| <div class="col-last odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Determine if all the actions are allowed on the triple within the graph.</div> |
| </div> |
| <div class="col-first even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code>boolean</code></div> |
| <div class="col-second even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code><a href="#evaluate(java.lang.Object,org.apache.jena.permissions.SecurityEvaluator.Action,org.apache.jena.graph.Node)" class="member-name-link">evaluate</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a> action, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</code></div> |
| <div class="col-last even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"> |
| <div class="block">Determine if the action is allowed on the graph.</div> |
| </div> |
| <div class="col-first odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code>boolean</code></div> |
| <div class="col-second odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code><a href="#evaluate(java.lang.Object,org.apache.jena.permissions.SecurityEvaluator.Action,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)" class="member-name-link">evaluate</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a> action, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</code></div> |
| <div class="col-last odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"> |
| <div class="block">Determine if the action is allowed on the triple within the graph.</div> |
| </div> |
| <div class="col-first even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#evaluateAny(java.lang.Object,java.util.Set,org.apache.jena.graph.Node)" class="member-name-link">evaluateAny</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</code></div> |
| <div class="col-last even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Determine if any of the actions are allowed on the graph.</div> |
| </div> |
| <div class="col-first odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#evaluateAny(java.lang.Object,java.util.Set,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)" class="member-name-link">evaluateAny</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</code></div> |
| <div class="col-last odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Determine if any of the actions are allowed on the triple within the graph.</div> |
| </div> |
| <div class="col-first even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#evaluateUpdate(java.lang.Object,org.apache.jena.graph.Node,org.apache.jena.graph.Triple,org.apache.jena.graph.Triple)" class="member-name-link">evaluateUpdate</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> from, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> to)</code></div> |
| <div class="col-last even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Determine if the user is allowed to update the "from" triple to the "to" |
| triple.</div> |
| </div> |
| <div class="col-first odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a></code></div> |
| <div class="col-second odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code><a href="#getPrincipal()" class="member-name-link">getPrincipal</a>()</code></div> |
| <div class="col-last odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"> |
| <div class="block">returns the current principal or null if there is no current principal.</div> |
| </div> |
| <div class="col-first even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code>default boolean</code></div> |
| <div class="col-second even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"><code><a href="#isHardReadError()" class="member-name-link">isHardReadError</a>()</code></div> |
| <div class="col-last even-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab5"> |
| <div class="block">Returns true if reads blocked by permissions should throw exceptions.</div> |
| </div> |
| <div class="col-first odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code>boolean</code></div> |
| <div class="col-second odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"><code><a href="#isPrincipalAuthenticated(java.lang.Object)" class="member-name-link">isPrincipalAuthenticated</a><wbr>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal)</code></div> |
| <div class="col-last odd-row-color method-summary-table method-summary-table-tab2 method-summary-table-tab3"> |
| <div class="block">Returns true if the principal is recognized as an authenticated principal by |
| the underlying authentication mechanism.</div> |
| </div> |
| </div> |
| </div> |
| </div> |
| </section> |
| </li> |
| </ul> |
| </section> |
| <section class="details"> |
| <ul class="details-list"> |
| <!-- ============ FIELD DETAIL =========== --> |
| <li> |
| <section class="field-details" id="field-detail"> |
| <h2>Field Details</h2> |
| <ul class="member-list"> |
| <li> |
| <section class="detail" id="VARIABLE"> |
| <h3>VARIABLE</h3> |
| <div class="member-signature"><span class="modifiers">static final</span> <span class="return-type"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a></span> <span class="element-name">VARIABLE</span></div> |
| <div class="block">Indicates a variable in the triple. |
| <p> |
| This differs from <code>ANY</code> in that the system is asking if there are |
| any prohibitions not if the user may perform. Thus queries with the VARIABLE |
| type node should return <code>true</code> where <code>ANY</code> returns |
| <code>false</code>. In general this type is used in the query to determine if |
| triple level filtering of results must be performed. |
| <dl> |
| <dt><code>(VARIABLE, X, Y )</code></dt> |
| <dd>Asks if there are any prohibitions against the user seeing all subjects |
| that have property X and object Y.</dd> |
| <dt><code>(X, VARIABLE, Y )</code></dt> |
| <dd>Asks if there are any prohibitions against the user seeing all predicates |
| that have subject X and object Y.</dd> |
| <dt><code>(X, Y, VARIABLE)</code></dt> |
| <dd>Asks if there are any prohibitions against the user seeing all objects |
| that have subject X and predicate Y.</dd> |
| </dl> |
| The <code>VARIABLE</code> may occur multiple times and may occur with the |
| <code>ANY</code> node.</div> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="FUTURE"> |
| <h3>FUTURE</h3> |
| <div class="member-signature"><span class="modifiers">static final</span> <span class="return-type"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a></span> <span class="element-name">FUTURE</span></div> |
| <div class="block">This is a blank (anonymous) node that will be created in the future. |
| <p> |
| FUTURE is used to check that a blank node may be created in as specific |
| position in a triple. |
| <dl> |
| <dt><code>(FUTURE, X, Y )</code></dt> |
| <dd>Asks if there the user may create a blank node that has property X and |
| object Y.</dd> |
| <dt><code>(X, Y, FUTURE)</code></dt> |
| <dd>Asks if there the user may create a blank node that has subject X and |
| property Y.</dd> |
| </dl> |
| The <code>FUTURE</code> may occur multiple times and may occur with the |
| <code>ANY</code> node.</div> |
| </section> |
| </li> |
| </ul> |
| </section> |
| </li> |
| <!-- ============ METHOD DETAIL ========== --> |
| <li> |
| <section class="method-details" id="method-detail"> |
| <h2>Method Details</h2> |
| <ul class="member-list"> |
| <li> |
| <section class="detail" id="evaluate(java.lang.Object,org.apache.jena.permissions.SecurityEvaluator.Action,org.apache.jena.graph.Node)"> |
| <h3>evaluate</h3> |
| <div class="member-signature"><span class="return-type">boolean</span> <span class="element-name">evaluate</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a> action, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if the action is allowed on the graph.</div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>action</code> - The action to perform</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to check</dd> |
| <dt>Returns:</dt> |
| <dd>true if the action is allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluate(java.lang.Object,org.apache.jena.permissions.SecurityEvaluator.Action,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)"> |
| <h3>evaluate</h3> |
| <div class="member-signature"><span class="return-type">boolean</span> <span class="element-name">evaluate</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a> action, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if the action is allowed on the triple within the graph. |
| <p> |
| The evaluation should be performed in the following order: |
| <ol> |
| <li>If the triple contains a <code>VARIABLE</code> then this method must |
| return <code>true</code> if there are any restrictions where the remaining |
| nodes are either constants or <code>ANY</code> nodes. This will force the |
| system to use subsequent checks to verify access by substituting the value of |
| the <code>VARIABLE</code>s. <em>If the system can not quickly verify the |
| solution it is always acceptable to return <code>true</code>.</em> |
| <li>Except as specified in the above check, if the triple contains an |
| <code>ANY</code> then this method must return <code>false</code> if there are |
| any restrictions where the remaining nodes are held constant and the ANY node |
| is allowed to vary. This checks is used to avoid subsequent explicit triple |
| checks. <em>If the system can not quickly verify the solution it is always |
| acceptable to return <code>false</code>.</em></li> |
| <li>All other triples are explicit triples and the system must determine if |
| the user is permitted to perform the action on the triple. If the triple |
| contains a <code>FUTURE</code> node that node should be considered as an |
| anonymous or blank node that is not yet created. It should only be used with |
| <code>Create</code> actions and is asking if the user may create a blank node |
| in that position in the triple.</li> |
| </ol></div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>action</code> - The action to perform</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dd><code>triple</code> - The triple to check</dd> |
| <dt>Returns:</dt> |
| <dd>true if the action is allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluate(java.lang.Object,java.util.Set,org.apache.jena.graph.Node)"> |
| <h3>evaluate</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">evaluate</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if all actions are allowed on the graph.</div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>actions</code> - The set of actions to perform</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dt>Returns:</dt> |
| <dd>true if all the actions are allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluate(java.lang.Object,java.util.Set,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)"> |
| <h3>evaluate</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">evaluate</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if all the actions are allowed on the triple within the graph. |
| <p> |
| See evaluate( Action, Node, Triple ) for discussion of evaluation strategy. |
| </p></div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>actions</code> - The actions to perform.</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dd><code>triple</code> - The triple to check</dd> |
| <dt>Returns:</dt> |
| <dd>true if all the actions are allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluateAny(java.lang.Object,java.util.Set,org.apache.jena.graph.Node)"> |
| <h3>evaluateAny</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">evaluateAny</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if any of the actions are allowed on the graph.</div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>actions</code> - The actions to perform</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dt>Returns:</dt> |
| <dd>true true if any the actions are allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluateAny(java.lang.Object,java.util.Set,org.apache.jena.graph.Node,org.apache.jena.graph.Triple)"> |
| <h3>evaluateAny</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">evaluateAny</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html" title="class or interface in java.util" class="external-link">Set</a><<a href="SecurityEvaluator.Action.html" title="enum in org.apache.jena.permissions">SecurityEvaluator.Action</a>> actions, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> triple)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if any of the actions are allowed on the triple within the graph. |
| <p> |
| See evaluate( Action, Node, Triple ) for discussion of evaluation strategy. |
| </p></div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>actions</code> - The actions to check.</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dd><code>triple</code> - The triple to check</dd> |
| <dt>Returns:</dt> |
| <dd>true if any the actions are allowed, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="evaluateUpdate(java.lang.Object,org.apache.jena.graph.Node,org.apache.jena.graph.Triple,org.apache.jena.graph.Triple)"> |
| <h3>evaluateUpdate</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">evaluateUpdate</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Node.html" title="class or interface in org.apache.jena.graph" class="external-link">Node</a> graphIRI, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> from, |
| <a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/graph/Triple.html" title="class or interface in org.apache.jena.graph" class="external-link">Triple</a> to)</span> |
| throws <span class="exceptions"><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></span></div> |
| <div class="block">Determine if the user is allowed to update the "from" triple to the "to" |
| triple. |
| <p> |
| Update is a special case since it modifies one triple to be another. So the |
| user must have permissions to change the "from" triple into the "to" triple.</div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal that is attempting the action.</dd> |
| <dd><code>graphIRI</code> - The IRI of the graph to the action is being taken upon. May |
| be <code>ANY</code>.</dd> |
| <dd><code>from</code> - The triple to be changed</dd> |
| <dd><code>to</code> - The value to change it to.</dd> |
| <dt>Returns:</dt> |
| <dd>true if the user may make the change, false otherwise.</dd> |
| <dt>Throws:</dt> |
| <dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalArgumentException.html" title="class or interface in java.lang" class="external-link">IllegalArgumentException</a></code> - if any argument is null.</dd> |
| <dd><code><a href="https://jena.apache.org/documentation/javadoc/jena/org.apache.jena.core/org/apache/jena/shared/AuthenticationRequiredException.html" title="class or interface in org.apache.jena.shared" class="external-link">AuthenticationRequiredException</a></code> - if user is not authenticated and is |
| required to be.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="getPrincipal()"> |
| <h3>getPrincipal</h3> |
| <div class="member-signature"><span class="return-type"><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a></span> <span class="element-name">getPrincipal</span>()</div> |
| <div class="block">returns the current principal or null if there is no current principal. |
| |
| All security evaluation methods use this method to determine who the call is |
| being executed as. This allows subsystems (like the listener system) to |
| capture the current user and evaluate later calls in terms of that user.</div> |
| <dl class="notes"> |
| <dt>Returns:</dt> |
| <dd>The current principal</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="isPrincipalAuthenticated(java.lang.Object)"> |
| <h3>isPrincipalAuthenticated</h3> |
| <div class="member-signature"><span class="return-type">boolean</span> <span class="element-name">isPrincipalAuthenticated</span><wbr><span class="parameters">(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html" title="class or interface in java.lang" class="external-link">Object</a> principal)</span></div> |
| <div class="block">Returns true if the principal is recognized as an authenticated principal by |
| the underlying authentication mechanism. |
| |
| This is to handle the case where an authentication mechanism returns a |
| non-null object to indicate a non-authenticated principal. (e.g. Shiro). |
| |
| The principal is guaranteed to have been the return value from an earlier |
| getPrincipal() call.</div> |
| <dl class="notes"> |
| <dt>Parameters:</dt> |
| <dd><code>principal</code> - The principal to check.</dd> |
| <dt>Returns:</dt> |
| <dd>true if authenticated, false if not.</dd> |
| </dl> |
| </section> |
| </li> |
| <li> |
| <section class="detail" id="isHardReadError()"> |
| <h3>isHardReadError</h3> |
| <div class="member-signature"><span class="modifiers">default</span> <span class="return-type">boolean</span> <span class="element-name">isHardReadError</span>()</div> |
| <div class="block">Returns true if reads blocked by permissions should throw exceptions. If set |
| false then: |
| <ul> |
| <li>For iterators return empty iterators.</li> |
| <li>For existential checks return false.</li> |
| <li>For counts return 0.</li> |
| </ul></div> |
| <dl class="notes"> |
| <dt>Returns:</dt> |
| <dd>true if reads blocked by permissions should throw an exception.</dd> |
| </dl> |
| </section> |
| </li> |
| </ul> |
| </section> |
| </li> |
| </ul> |
| </section> |
| <!-- ========= END OF CLASS DATA ========= --> |
| </main> |
| <footer role="contentinfo"> |
| <hr> |
| <p class="legal-copy"><small>Licensed under the Apache License, Version 2.0</small></p> |
| </footer> |
| </div> |
| </div> |
| </body> |
| </html> |