public class MostSpecificProtectedItemFilter extends Object implements ACITupleFilter
ACITupleFilter
that chooses the tuples with the most specific
protected item. (18.8.4.3, X.501)
If more than one tuple remains, choose the tuples with the most specific protected item. If the protected item is an attribute and there are tuples that specify the attribute type explicitly, discard all other tuples. If the protected item is an attribute value, and there are tuples that specify the attribute value explicitly, discard all other tuples. A protected item which is a rangeOfValues is to be treated as specifying an attribute value explicitly.
Constructor and Description |
---|
MostSpecificProtectedItemFilter() |
Modifier and Type | Method and Description |
---|---|
Collection<org.apache.directory.shared.ldap.aci.ACITuple> |
filter(org.apache.directory.shared.ldap.schema.SchemaManager schemaManager,
Collection<org.apache.directory.shared.ldap.aci.ACITuple> tuples,
OperationScope scope,
OperationContext opContext,
Collection<org.apache.directory.shared.ldap.name.DN> userGroupNames,
org.apache.directory.shared.ldap.name.DN userName,
org.apache.directory.shared.ldap.entry.ServerEntry userEntry,
org.apache.directory.shared.ldap.constants.AuthenticationLevel authenticationLevel,
org.apache.directory.shared.ldap.name.DN entryName,
String attrId,
org.apache.directory.shared.ldap.entry.Value<?> attrValue,
org.apache.directory.shared.ldap.entry.ServerEntry entry,
Collection<org.apache.directory.shared.ldap.aci.MicroOperation> microOperations,
org.apache.directory.shared.ldap.entry.ServerEntry entryView)
Returns the collection of the filtered tuples using the specified
extra information.
|
public Collection<org.apache.directory.shared.ldap.aci.ACITuple> filter(org.apache.directory.shared.ldap.schema.SchemaManager schemaManager, Collection<org.apache.directory.shared.ldap.aci.ACITuple> tuples, OperationScope scope, OperationContext opContext, Collection<org.apache.directory.shared.ldap.name.DN> userGroupNames, org.apache.directory.shared.ldap.name.DN userName, org.apache.directory.shared.ldap.entry.ServerEntry userEntry, org.apache.directory.shared.ldap.constants.AuthenticationLevel authenticationLevel, org.apache.directory.shared.ldap.name.DN entryName, String attrId, org.apache.directory.shared.ldap.entry.Value<?> attrValue, org.apache.directory.shared.ldap.entry.ServerEntry entry, Collection<org.apache.directory.shared.ldap.aci.MicroOperation> microOperations, org.apache.directory.shared.ldap.entry.ServerEntry entryView) throws NamingException
ACITupleFilter
filter
in interface ACITupleFilter
tuples
- the collection of tuples to filterscope
- the scope of the operation to be performeduserGroupNames
- the collection of group (DN
)s which the current user belongs touserName
- the DN
of the current useruserEntry
- the ServerEntry
of the current user entry in the DITauthenticationLevel
- the level of authentication of the current userentryName
- the DN
of the entry the current user accessesattrId
- the attribute ID the current user accessesattrValue
- the value of the attribute the current user accessesentry
- the ServerEntry
of the entry the current user accessesmicroOperations
- the set of MicroOperation
s the current user will performentryView
- in case of a Modify operation, view of the entry being modified as if the modification permitted and completedNamingException
- if failed to filter the specific tuplesCopyright © 2003-2013 The Apache Software Foundation. All Rights Reserved.