| java.lang.Object org.jasig.portal.security.provider.AnyUnblockedGrantPermissionPolicy
AnyUnblockedGrantPermissionPolicy | public class AnyUnblockedGrantPermissionPolicy implements IPermissionPolicy(Code) | | If there exists a GRANT explicitly for the Principal for the Activity under consideration,
this permission policy will GRANT permission.
If there exists a GRANT for a group containing the Principal for the Activity
under consideration, and there is a path up the groups tree from the Principal
to that GRANTed group that is not interrupted by a Deny for an intervening
group in the tree, then this permission policy will GRANT permission.
Otherwise, this permission policy will DENY permission.
Examples:
Principal (GRANT) -- Small group -- Bigger group -- Huge group
Results in GRANT because the Principal has an explicit permission.
Principal -- Small group -- Bigger group (GRANT) -- Huge group
Results in GRANT because there is an unblocked path to a containing group
with GRANT.
Principal -- Small group (DENY) -- Bigger group (GRANT) -- Huge group
Results in DENY because there is no unblocked path to a grant --
the "Bigger group"'s GRANT does not apply because of the intervening DENY.
Principal -- Small group (DENY) -- Bigger group -- Huge group
Principal -- Some other group -- Bigger other group (GRANT) -- Huge group
Results in GRANT because there is an unblocked path to a GRANT.
|
Field Summary | |
final protected Log | log |
log | final protected Log log(Code) | | |
|
|