SQLAccessControlContext (Acciente OACC 2.0.0-rc.8 API)

java.lang.Object
- com.acciente.oacc.sql.internal.SQLAccessControlContext

All Implemented Interfaces:: AccessControlContext, Serializable

public class SQLAccessControlContext
extends Object
implements AccessControlContext, Serializable

See Also:: Serialized Form

Field Summary
- Fields inherited from interface com.acciente.oacc.AccessControlContext
  SYSTEM_DOMAIN, SYSTEM_RESOURCE_CLASS

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`assertDomainCreatePermissions(Resource accessorResource, DomainCreatePermission domainCreatePermission, DomainCreatePermission... domainCreatePermissions)` Checks if the specified accessor resource has the specified domain create permissions.
`void`	`assertDomainCreatePermissions(Resource accessorResource, Set<DomainCreatePermission> domainCreatePermissions)` Checks if the specified accessor resource has the specified domain create permissions.
`void`	`assertDomainPermissions(Resource accessorResource, String domainName, DomainPermission domainPermission, DomainPermission... domainPermissions)` Checks if the specified accessor resource has the specified domain permissions on the specified domain.
`void`	`assertDomainPermissions(Resource accessorResource, String domainName, Set<DomainPermission> domainPermissions)` Checks if the specified accessor resource has the specified domain permissions on the specified domain.
`void`	`assertGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain.
`void`	`assertGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain.
`void`	`assertPostCreateDomainPermissions(Resource accessorResource, DomainPermission domainPermission, DomainPermission... domainPermissions)` Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain.
`void`	`assertPostCreateDomainPermissions(Resource accessorResource, Set<DomainPermission> domainPermissions)` Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain.
`void`	`assertPostCreateResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object.
`void`	`assertPostCreateResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object.
`void`	`assertResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourceCreatePermission resourceCreatePermission, ResourceCreatePermission... resourceCreatePermissions)` Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain.
`void`	`assertResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourceCreatePermission> resourceCreatePermissions)` Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain.
`void`	`assertResourcePermissions(Resource accessorResource, Resource accessedResource, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource.
`void`	`assertResourcePermissions(Resource accessorResource, Resource accessedResource, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource.
`void`	`authenticate(Resource resource)` Authenticates this security session against an `AuthenticationProvider` without specifying authentication credentials, if that AuthenticationProvider supports such an operation.
`void`	`authenticate(Resource resource, Credentials credentials)` Authenticates this security session.
`void`	`createDomain(String domainName)` Creates a new domain (at the root level of the domain hierarchy).
`void`	`createDomain(String domainName, String parentDomainName)` Creates a new domain under the specified parent domain.
`Resource`	`createResource(String resourceClassName, String domainName)` Creates a new resource of the specified resource class within the specified domain.
`Resource`	`createResource(String resourceClassName, String domainName, Credentials credentials)` Creates a new authenticatable resource of the specified resource class within the specified domain.
`Resource`	`createResource(String resourceClassName, String domainName, String externalId)` Creates a new resource of the specified resource class within the specified domain, with the specified external id.
`Resource`	`createResource(String resourceClassName, String domainName, String externalId, Credentials credentials)` Creates a new authenticatable resource of the specified resource class within the specified domain, with the specified external id.
`void`	`createResourceClass(String resourceClassName, boolean authenticatable, boolean unauthenticatedCreateAllowed)` Creates a new resource class.
`void`	`createResourcePermission(String resourceClassName, String permissionName)` Creates a new resource permission that may be applied to objects of the specified resource class.
`boolean`	`deleteDomain(String domainName)` Deletes the specified domain (and any nested child domains).
`boolean`	`deleteResource(Resource obsoleteResource)` Deletes the specified resource.
`static AccessControlContext`	`getAccessControlContext(Connection connection, String schemaName, SQLProfile sqlProfile, AuthenticationProvider authenticationProvider)`
`static AccessControlContext`	`getAccessControlContext(Connection connection, String schemaName, SQLProfile sqlProfile, PasswordEncryptor passwordEncryptor)`
`static AccessControlContext`	`getAccessControlContext(DataSource dataSource, String schemaName, SQLProfile sqlProfile, AuthenticationProvider authenticationProvider)`
`static AccessControlContext`	`getAccessControlContext(DataSource dataSource, String schemaName, SQLProfile sqlProfile, PasswordEncryptor passwordEncryptor)`
`Set<Resource>`	`getAccessorResourcesByResourcePermissions(Resource accessedResource, String resourceClassName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Returns a set of resources that have the specified permissions to the specified accessed resource.
`Set<Resource>`	`getAccessorResourcesByResourcePermissions(Resource accessedResource, String resourceClassName, Set<ResourcePermission> resourcePermissions)` Returns a set of resources that have the specified permissions to the specified accessed resource.
`Resource`	`getAuthenticatedResource()` Returns the resource that is currently authenticated in this session.
`Set<DomainCreatePermission>`	`getDomainCreatePermissions(Resource accessorResource)` Gets all direct domain create permissions the specified accessor resource has.
`Set<String>`	`getDomainDescendants(String domainName)` Returns the domains which are descendants of the specified domain.
`String`	`getDomainNameByResource(Resource resource)` Returns the domain to which the specified resource belongs.
`Set<DomainPermission>`	`getDomainPermissions(Resource accessorResource, String domainName)` Gets all domain permissions the accessor resource has directly to the specified domain.
`Map<String,Set<DomainPermission>>`	`getDomainPermissionsMap(Resource accessorResource)` Gets all domain permissions the accessor resource has directly to any domain, mapped by domain name.
`Set<DomainCreatePermission>`	`getEffectiveDomainCreatePermissions(Resource accessorResource)` Gets all effective domain create permissions the specified accessor resource has, both directly and inherited (from other resources).
`Set<DomainPermission>`	`getEffectiveDomainPermissions(Resource accessorResource, String domainName)` Gets all effective domain permissions the accessor resource has to the specified domain.
`Map<String,Set<DomainPermission>>`	`getEffectiveDomainPermissionsMap(Resource accessorResource)` Gets all effective domain permissions the accessor resource has to any domain, mapped by domain name.
`Set<ResourcePermission>`	`getEffectiveGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName)` Gets the effective global resource permissions the specified accessor resource has to the resources of the specified resource class in the specified domain.
`Map<String,Map<String,Set<ResourcePermission>>>`	`getEffectiveGlobalResourcePermissionsMap(Resource accessorResource)` Gets all effective global resource permissions the specified accessor resource has to the resources of the any resource class in any domain, mapped by domain name and resource class name.
`Set<ResourceCreatePermission>`	`getEffectiveResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName)` Gets all effective resource create permissions the accessor resource has to the specified resource class in the specified domain (which effectively define the resource permissions the accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain).
`Map<String,Map<String,Set<ResourceCreatePermission>>>`	`getEffectiveResourceCreatePermissionsMap(Resource accessorResource)` Gets all effective resource create permissions the accessor resource has to any resource class in any domain, mapped by domain name and resource class name.
`Set<ResourcePermission>`	`getEffectiveResourcePermissions(Resource accessorResource, Resource accessedResource)` Gets the effective resource permissions that the specified accessor resource has to the specified accessed resource.
`Set<ResourcePermission>`	`getGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName)` Gets the global resource permissions the specified accessor resource has directly to the resources of the specified resource class in the specified domain.
`Map<String,Map<String,Set<ResourcePermission>>>`	`getGlobalResourcePermissionsMap(Resource accessorResource)` Gets all global resource permissions the specified accessor resource has directly to any resources of any resource class in any domain, mapped by domain name and resource class name.
`ResourceClassInfo`	`getResourceClassInfo(String resourceClassName)` Returns information about the specified resource class.
`ResourceClassInfo`	`getResourceClassInfoByResource(Resource resource)` Returns information about the resource class to which the specified resource belongs.
`List<String>`	`getResourceClassNames()` Returns the list of names of all resource classes defined in the system
`Set<ResourceCreatePermission>`	`getResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName)` Gets all direct resource create permissions the accessor resource has to the specified resource class in the specified domain (which define a subset of the resource permissions the accessor resource would receive directly, if it created a resource of the specified resource class in the specified domain).
`Map<String,Map<String,Set<ResourceCreatePermission>>>`	`getResourceCreatePermissionsMap(Resource accessorResource)` Gets all direct resource create permissions the accessor resource has to any resource class in any domain, mapped by domain name and resource class name.
`List<String>`	`getResourcePermissionNames(String resourceClassName)` Returns the list of all resource permission names defined for the specified resource class name, including the applicable system permissions as well as any custom permissions
`Set<ResourcePermission>`	`getResourcePermissions(Resource accessorResource, Resource accessedResource)` Gets the resource permissions that the specified accessor resource has directly to the specified accessed resource.
`Set<Resource>`	`getResourcesByResourcePermissions(Resource accessorResource, String resourceClassName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, regardless of domain.
`Set<Resource>`	`getResourcesByResourcePermissions(Resource accessorResource, String resourceClassName, Set<ResourcePermission> resourcePermissions)` Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, regardless of domain.
`Set<Resource>`	`getResourcesByResourcePermissionsAndDomain(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, within the specified domain or within any descendant domains.
`Set<Resource>`	`getResourcesByResourcePermissionsAndDomain(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, within the specified domain or within any descendant domains.
`Resource`	`getSessionResource()` Returns the session resource, that is, the resource whose security credentials are associated with this session.
`void`	`grantDomainCreatePermissions(Resource accessorResource, DomainCreatePermission domainCreatePermission, DomainCreatePermission... domainCreatePermissions)` Adds to the set of domain permissions the specified accessor resource will receive if it created a domain.
`void`	`grantDomainCreatePermissions(Resource accessorResource, Set<DomainCreatePermission> domainCreatePermissions)` Adds to the set of domain permissions the specified accessor resource will receive if it created a domain.
`void`	`grantDomainPermissions(Resource accessorResource, String domainName, DomainPermission domainPermission, DomainPermission... domainPermissions)` Adds to the direct domain permissions the specified accessor resource has on the specified domain.
`void`	`grantDomainPermissions(Resource accessorResource, String domainName, Set<DomainPermission> domainPermissions)` Adds to the direct domain permissions the specified accessor resource has on the specified domain.
`void`	`grantGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Adds the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
`void`	`grantGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Adds the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
`void`	`grantResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourceCreatePermission resourceCreatePermission, ResourceCreatePermission... resourceCreatePermissions)` Adds to the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
`void`	`grantResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourceCreatePermission> resourceCreatePermissions)` Adds to the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
`void`	`grantResourcePermissions(Resource accessorResource, Resource accessedResource, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Adds the specified resource permissions to the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
`void`	`grantResourcePermissions(Resource accessorResource, Resource accessedResource, Set<ResourcePermission> resourcePermissions)` Adds the specified resource permissions to the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
`boolean`	`hasDomainCreatePermissions(Resource accessorResource, DomainCreatePermission domainCreatePermission, DomainCreatePermission... domainCreatePermissions)` Checks if the specified accessor resource has the specified domain create permissions.
`boolean`	`hasDomainCreatePermissions(Resource accessorResource, Set<DomainCreatePermission> domainCreatePermissions)` Checks if the specified accessor resource has the specified domain create permissions.
`boolean`	`hasDomainPermissions(Resource accessorResource, String domainName, DomainPermission domainPermission, DomainPermission... domainPermissions)` Checks if the specified accessor resource has the specified domain permissions on the specified domain.
`boolean`	`hasDomainPermissions(Resource accessorResource, String domainName, Set<DomainPermission> domainPermissions)` Checks if the specified accessor resource has the specified domain permissions on the specified domain.
`boolean`	`hasGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain.
`boolean`	`hasGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain.
`boolean`	`hasPostCreateDomainPermissions(Resource accessorResource, DomainPermission domainPermission, DomainPermission... domainPermissions)` Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain.
`boolean`	`hasPostCreateDomainPermissions(Resource accessorResource, Set<DomainPermission> domainPermissions)` Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain.
`boolean`	`hasPostCreateResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object.
`boolean`	`hasPostCreateResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object.
`boolean`	`hasResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourceCreatePermission resourceCreatePermission, ResourceCreatePermission... resourceCreatePermissions)` Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain.
`boolean`	`hasResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourceCreatePermission> resourceCreatePermissions)` Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain.
`boolean`	`hasResourcePermissions(Resource accessorResource, Resource accessedResource, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource.
`boolean`	`hasResourcePermissions(Resource accessorResource, Resource accessedResource, Set<ResourcePermission> resourcePermissions)` Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource.
`void`	`impersonate(Resource resource)` Switches the security credentials of this session to those of the specified resource.
`static void`	`postDeserialize(AccessControlContext accessControlContext, Connection connection)`
`static void`	`postDeserialize(AccessControlContext accessControlContext, DataSource dataSource)`
`static void`	`preSerialize(AccessControlContext accessControlContext)` Deprecated. As of v2.0.0-rc.6; no replacement method necessary because unserializable fields are now marked as transient
`void`	`revokeDomainCreatePermissions(Resource accessorResource, DomainCreatePermission domainCreatePermission, DomainCreatePermission... domainCreatePermissions)` Revokes the specified direct domain permissions from set the specified accessor resource will receive if it created a domain.
`void`	`revokeDomainCreatePermissions(Resource accessorResource, Set<DomainCreatePermission> domainCreatePermissions)` Revokes the specified direct domain permissions from set the specified accessor resource will receive if it created a domain.
`void`	`revokeDomainPermissions(Resource accessorResource, String domainName, DomainPermission domainPermission, DomainPermission... domainPermissions)` Revokes the direct domain permissions from set the specified accessor resource has on the specified domain.
`void`	`revokeDomainPermissions(Resource accessorResource, String domainName, Set<DomainPermission> domainPermissions)` Revokes the direct domain permissions from set the specified accessor resource has on the specified domain.
`void`	`revokeGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Revokes the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
`void`	`revokeGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Revokes the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
`void`	`revokeResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, ResourceCreatePermission resourceCreatePermission, ResourceCreatePermission... resourceCreatePermissions)` Revokes the specified permissions from the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
`void`	`revokeResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourceCreatePermission> resourceCreatePermissions)` Revokes the specified permissions from the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
`void`	`revokeResourcePermissions(Resource accessorResource, Resource accessedResource, ResourcePermission resourcePermission, ResourcePermission... resourcePermissions)` Revokes the specified resource permissions from the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
`void`	`revokeResourcePermissions(Resource accessorResource, Resource accessedResource, Set<ResourcePermission> resourcePermissions)` Revokes the specified resource permissions from the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
`void`	`setCredentials(Resource resource, Credentials newCredentials)` Sets the authentication credentials of the specified authenticatable resource (= a resource of a resource class that has been defined with the `isAuthenticatable` flag set to true).
`void`	`setDomainCreatePermissions(Resource accessorResource, Set<DomainCreatePermission> domainCreatePermissions)` Sets the domain permissions the specified accessor resource will receive if it created a domain.
`void`	`setDomainPermissions(Resource accessorResource, String domainName, Set<DomainPermission> permissions)` Sets the direct domain permissions the specified accessor resource has on the specified domain.
`Resource`	`setExternalId(Resource resource, String externalId)` Sets the external id of the specified resource as an alternative resource identifier, if none was previously set.
`void`	`setGlobalResourcePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourcePermission> resourcePermissions)` Sets the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
`void`	`setResourceCreatePermissions(Resource accessorResource, String resourceClassName, String domainName, Set<ResourceCreatePermission> resourceCreatePermissions)` Sets the resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
`void`	`setResourcePermissions(Resource accessorResource, Resource accessedResource, Set<ResourcePermission> resourcePermissions)` Sets the specified resource permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
`void`	`unauthenticate()` Logs out of this session, to be specific, disassociates any security credentials from this session.
`void`	`unimpersonate()` Unimpersonates the currently impersonated resource.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - getAccessControlContext
```
public static AccessControlContext getAccessControlContext(Connection connection,
                                           String schemaName,
                                           SQLProfile sqlProfile,
                                           PasswordEncryptor passwordEncryptor)
```
  - getAccessControlContext
```
public static AccessControlContext getAccessControlContext(DataSource dataSource,
                                           String schemaName,
                                           SQLProfile sqlProfile,
                                           PasswordEncryptor passwordEncryptor)
```
  - getAccessControlContext
```
public static AccessControlContext getAccessControlContext(Connection connection,
                                           String schemaName,
                                           SQLProfile sqlProfile,
                                           AuthenticationProvider authenticationProvider)
```
  - getAccessControlContext
```
public static AccessControlContext getAccessControlContext(DataSource dataSource,
                                           String schemaName,
                                           SQLProfile sqlProfile,
                                           AuthenticationProvider authenticationProvider)
```
  - preSerialize
```
@Deprecated
public static void preSerialize(AccessControlContext accessControlContext)
```
    Deprecated. As of v2.0.0-rc.6; no replacement method necessary because unserializable fields are now marked as transient
  - postDeserialize
```
public static void postDeserialize(AccessControlContext accessControlContext,
                   Connection connection)
```
  - postDeserialize
```
public static void postDeserialize(AccessControlContext accessControlContext,
                   DataSource dataSource)
```
  - authenticate
```
public void authenticate(Resource resource,
                Credentials credentials)
```
    Description copied from interface: AccessControlContext
    
    Authenticates this security session.
    The security credentials for this session will be those of the specified and authenticated resource.
    Note: Unless a session is authenticated, all attempts to call any other methods (except authenticate) will fail.
    
    Specified by:
    
    authenticate in interface AccessControlContext
    
    Parameters:
    resource - the resource to be authenticated
    credentials - the credentials to authenticate the resource
  - authenticate
```
public void authenticate(Resource resource)
```
    Description copied from interface: AccessControlContext
    
    Authenticates this security session against an AuthenticationProvider without specifying authentication credentials, if that AuthenticationProvider supports such an operation.
    The security credentials for this session will be those of the specified and authenticated resource.
    Note: Unless a session is authenticated, all attempts to call any other methods (except authenticate) will fail.
    
    Specified by:
    
    authenticate in interface AccessControlContext
    
    Parameters:
    resource - the resource to be authenticated
  - unauthenticate
```
public void unauthenticate()
```
    Description copied from interface: AccessControlContext
    
    Logs out of this session, to be specific, disassociates any security credentials from this session.
    If no resource is currently authenticated, this call has no effect.
    
    Specified by:
    
    unauthenticate in interface AccessControlContext
  - impersonate
```
public void impersonate(Resource resource)
```
    Description copied from interface: AccessControlContext
    
    Switches the security credentials of this session to those of the specified resource.
    The currently authenticated resource has to have IMPERSONATE permissions to the specified resource.
    Note that this method is idempotent and will use the authorization credentials of the originally authenticated resource, and not those of any currently impersonated resource.
    
    Specified by:
    
    impersonate in interface AccessControlContext
    
    Parameters:
    resource - the resource to be impersonated
  - unimpersonate
```
public void unimpersonate()
```
    Description copied from interface: AccessControlContext
    
    Unimpersonates the currently impersonated resource.
    Restores the session to the credentials of the authenticated resource.
    If no resource is currently being impersonated, this call has no effect.
    
    Specified by:
    
    unimpersonate in interface AccessControlContext
  - setCredentials
```
public void setCredentials(Resource resource,
                  Credentials newCredentials)
```
    Description copied from interface: AccessControlContext
    Sets the authentication credentials of the specified authenticatable resource (= a resource of a resource class that has been defined with the isAuthenticatable flag set to true).
    One of the following has to be true for this method to succeed:
    - the specified resource has to either be the currently authenticated resource or
    - the currently authenticated resource has to have SUPER-USER permission on the domain that contains the specified resource or
    - the currently authenticated resource has to have RESET-CREDENTIALS permission on the specified resource.
    Note that this method uses the permissions granted to the originally authenticated resource - and not those of any currently impersonated resource - to check the items listed above. This method will actually throw an exception if called while impersonating another resource, in order to prevent any way of setting another resource's credentials without having the explicit RESET-CREDENTIALS or SUPER-USER permissions.
    Specified by:
    
    setCredentials in interface AccessControlContext
    
    Parameters:
    resource - the resource for which the credentials should be updated. The resource for which the credentials are to be changed must be the current auth resource, or the current auth resource must have SUPER-USER permissions to the domain containing the resource whose credentials are to be changed or must have RESET-CREDENTIALS permissions to the resource whose credentials are to be changed, otherwise an exception is thrown.
    newCredentials - the new credentials for the resource
  - createResourceClass
```
public void createResourceClass(String resourceClassName,
                       boolean authenticatable,
                       boolean unauthenticatedCreateAllowed)
```
    Description copied from interface: AccessControlContext
    
    Creates a new resource class.
    Note that creating a resource is only allowed when this session is authenticated with the system-resource (resourceId=0)
    
    Specified by:
    
    createResourceClass in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    authenticatable - indicates if resources of this resource class are authenticatable. Typically only resource classes that represent users will be marked as authenticatable.
    unauthenticatedCreateAllowed - if true, a resource of this resource class may be created from an unauthenticated session, otherwise the session must be authenticated to create resources of this class.
  - createResourcePermission
```
public void createResourcePermission(String resourceClassName,
                            String permissionName)
```
    Description copied from interface: AccessControlContext
    
    Creates a new resource permission that may be applied to objects of the specified resource class.
    Note that creating a resource permission is only allowed when this session is authenticated with the system-resource (resourceId=0) and that the new permissionName may not start with an asterisk ('*')
    
    Specified by:
    
    createResourcePermission in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    permissionName - the string representing the name of this permission. Samples of typical permission names: READ, WRITE, UPDATE, VIEW, POST, EDIT, etc.
  - createDomain
```
public void createDomain(String domainName)
```
    Description copied from interface: AccessControlContext
    
    Creates a new domain (at the root level of the domain hierarchy).
    
    Specified by:
    
    createDomain in interface AccessControlContext
    
    Parameters:
    domainName - a string domain name
  - createDomain
```
public void createDomain(String domainName,
                String parentDomainName)
```
    Description copied from interface: AccessControlContext
    
    Creates a new domain under the specified parent domain.
    
    Specified by:
    
    createDomain in interface AccessControlContext
    
    Parameters:
    domainName - a string domain name
    parentDomainName - the domain name of the parent domain
  - deleteDomain
```
public boolean deleteDomain(String domainName)
```
    Description copied from interface: AccessControlContext
    
    Deletes the specified domain (and any nested child domains).
    Note this method performs a cascading delete of any permissions any resource has as an accessor resource to this domain or to a resource class-domain tuple, before the specified domain is itself deleted.
    
    Specified by:
    
    deleteDomain in interface AccessControlContext
    
    Parameters:
    domainName - a string domain name
    
    Returns:
    true if the domain was deleted as a result of this call, false if the specified domain did not exist
  - createResource
```
public Resource createResource(String resourceClassName,
                      String domainName)
```
    Description copied from interface: AccessControlContext
    
    Creates a new resource of the specified resource class within the specified domain.
    Note that a custom AuthenticationProvider implementation is required to support creation of an authenticatable resource without providing explicit credentials
    
    Specified by:
    
    createResource in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    domainName - a string domain name
    
    Returns:
    the resource reference of the newly created resource
  - createResource
```
public Resource createResource(String resourceClassName,
                      String domainName,
                      Credentials credentials)
```
    Description copied from interface: AccessControlContext
    
    Creates a new authenticatable resource of the specified resource class within the specified domain.
    
    Specified by:
    
    createResource in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    domainName - a string domain name
    credentials - the credentials to authenticate the new resource
    
    Returns:
    the resource reference of the newly created resource
  - createResource
```
public Resource createResource(String resourceClassName,
                      String domainName,
                      String externalId)
```
    Description copied from interface: AccessControlContext
    
    Creates a new resource of the specified resource class within the specified domain, with the specified external id.
    Note that a custom AuthenticationProvider implementation is required to support creation of an authenticatable resource without providing explicit credentials
    
    Specified by:
    
    createResource in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    domainName - a string domain name
    externalId - a unique string identifier for the new resource
    
    Returns:
    the resource reference of the newly created resource
  - createResource
```
public Resource createResource(String resourceClassName,
                      String domainName,
                      String externalId,
                      Credentials credentials)
```
    Description copied from interface: AccessControlContext
    
    Creates a new authenticatable resource of the specified resource class within the specified domain, with the specified external id.
    
    Specified by:
    
    createResource in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name
    domainName - a string domain name
    externalId - a unique string identifier for the new resource
    credentials - the credentials to authenticate the new resource
    
    Returns:
    the resource reference of the newly created resource
  - setExternalId
```
public Resource setExternalId(Resource resource,
                     String externalId)
```
    Description copied from interface: AccessControlContext
    
    Sets the external id of the specified resource as an alternative resource identifier, if none was previously set.
    The externalId has to be globally unique, i.e. it has to be unique across all resource classes and domains.
    
    Specified by:
    
    setExternalId in interface AccessControlContext
    
    Parameters:
    resource - the resource for which to set the alternative identifier
    externalId - a globally unique string identifier for the resource
    
    Returns:
    the fully resolved resource reference of the updated resource, i.e. with both resourceId and externalId
  - deleteResource
```
public boolean deleteResource(Resource obsoleteResource)
```
    Description copied from interface: AccessControlContext
    
    Deletes the specified resource.
    Note this method performs a cascading delete of any permissions the obsolete resource has as an accessor resource OR as an accessed resource, before the specified resource is itself deleted.
    
    Specified by:
    
    deleteResource in interface AccessControlContext
    
    Parameters:
    obsoleteResource - the resource to be deleted
    
    Returns:
    true if the resource was deleted as a result of this call, false if the specified resource did not exist
  - setDomainPermissions
```
public void setDomainPermissions(Resource accessorResource,
                        String domainName,
                        Set<DomainPermission> permissions)
```
    Description copied from interface: AccessControlContext
    
    Sets the direct domain permissions the specified accessor resource has on the specified domain.
    Note that this method overwrites any direct domain permissions to the specified domain that the accessor has, including permissions granted by other resources.
    This call does not change inherited domain permissions the specified accessor resource has on the specified domain, or any domain permissions already granted on ancestors of the domain.
    
    Specified by:
    
    setDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainName - a string domain name
    permissions - the permissions to be granted on the specified domain
  - grantDomainPermissions
```
public void grantDomainPermissions(Resource accessorResource,
                          String domainName,
                          Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the direct domain permissions the specified accessor resource has on the specified domain.
    This call does not change inherited domain permissions the specified accessor resource has on the specified domain, or any domain permissions already granted on ancestors of the domain. This method does not replace any domain permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setDomainPermissions(com.acciente.oacc.Resource, java.lang.String, java.util.Set<com.acciente.oacc.DomainPermission>) to specify all direct permissions
    
    Specified by:
    
    grantDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainName - a string domain name
    domainPermissions - the permissions to be granted on the specified domain
  - grantDomainPermissions
```
public void grantDomainPermissions(Resource accessorResource,
                          String domainName,
                          DomainPermission domainPermission,
                          DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the direct domain permissions the specified accessor resource has on the specified domain.
    This call does not change inherited domain permissions the specified accessor resource has on the specified domain, or any domain permissions already granted on ancestors of the domain. This method does not replace any domain permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setDomainPermissions(com.acciente.oacc.Resource, java.lang.String, java.util.Set<com.acciente.oacc.DomainPermission>) to specify all direct permissions
    
    Specified by:
    
    grantDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainName - a string domain name
    domainPermission - the permission to be granted on the specified domain
    domainPermissions - the other (optional) permissions to be granted on the specified domain
  - revokeDomainPermissions
```
public void revokeDomainPermissions(Resource accessorResource,
                           String domainName,
                           Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the direct domain permissions from set the specified accessor resource has on the specified domain.
    This call does not change inherited domain permissions the specified accessor resource has on the specified domain, or any domain permissions already granted on ancestors of the domain. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has on the accessed resource! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    domainName - a string domain name
    domainPermissions - the permission to be revoked on the specified domain
  - revokeDomainPermissions
```
public void revokeDomainPermissions(Resource accessorResource,
                           String domainName,
                           DomainPermission domainPermission,
                           DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the direct domain permissions from set the specified accessor resource has on the specified domain.
    This call does not change inherited domain permissions the specified accessor resource has on the specified domain, or any domain permissions already granted on ancestors of the domain. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has on the accessed resource! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    domainName - a string domain name
    domainPermission - the permission to be revoked on the specified domain
    domainPermissions - the other (optional) permissions to be revoked on the specified domain
  - getDomainPermissions
```
public Set<DomainPermission> getDomainPermissions(Resource accessorResource,
                                         String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets all domain permissions the accessor resource has directly to the specified domain.
    This method only takes into account direct domain permissions, but not any inherited domain permissions and not any domain permissions the accessor may have to ancestors of the specified domain.
    
    Specified by:
    
    getDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    domainName - a string domain name
    
    Returns:
    the set of all direct domain permission the accessor resource has to the domain
  - getDomainPermissionsMap
```
public Map<String,Set<DomainPermission>> getDomainPermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all domain permissions the accessor resource has directly to any domain, mapped by domain name.
    This method only takes into account direct domain permissions, but not any inherited domain permissions and not any domain permissions the accessor may have to ancestors of each domain. The result is returned as a map keyed by the domain name, where each value is the set of direct permissions for the domain name of the key.
    
    Specified by:
    
    getDomainPermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    the sets of direct domain permission the accessor resource has to any domain, mapped by domain name
  - getEffectiveDomainPermissions
```
public Set<DomainPermission> getEffectiveDomainPermissions(Resource accessorResource,
                                                  String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective domain permissions the accessor resource has to the specified domain.
    This method takes into account direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges. In other words, this method will return the domain permissions the specified accessor resource has to the specified domain as a result of the permissions the accessor has on any ancestor (parent, or grandparent, etc.) of that domain.
    
    Specified by:
    
    getEffectiveDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    domainName - a string domain name
    
    Returns:
    the set of all effective domain permission the accessor resource has to the domain
  - getEffectiveDomainPermissionsMap
```
public Map<String,Set<DomainPermission>> getEffectiveDomainPermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective domain permissions the accessor resource has to any domain, mapped by domain name.
    This method takes into account direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of each domain, as well as any super-user privileges. The result is returned as a map keyed by the domain name, where each value is the set of permissions for the domain name of the key.
    
    Specified by:
    
    getEffectiveDomainPermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    the sets of effective domain permission the accessor resource has to any domain, mapped by domain name
  - setDomainCreatePermissions
```
public void setDomainCreatePermissions(Resource accessorResource,
                              Set<DomainCreatePermission> domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Sets the domain permissions the specified accessor resource will receive if it created a domain.
    Note that the system-defined CREATE permission needs to be included in the specified set of domain create permissions, unless all permissions should be revoked.
    Also note that this method replaces any direct domain create permissions previously granted, but does not affect any domain create permissions the specified accessor resource receives via inheritance.
    
    Specified by:
    
    setDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainCreatePermissions - the permissions to be granted to the specified domain
  - grantDomainCreatePermissions
```
public void grantDomainCreatePermissions(Resource accessorResource,
                                Set<DomainCreatePermission> domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the set of domain permissions the specified accessor resource will receive if it created a domain.
    Note that the system-defined CREATE permission needs to be included in the specified set of domain create permissions, unless the accessor has already been directly granted that privilege beforehand.
    This method does not replace any domain create permissions previously granted, but can only add to the set, or upgrade an existing permission's granting rights. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setDomainCreatePermissions(com.acciente.oacc.Resource, java.util.Set<com.acciente.oacc.DomainCreatePermission>) to specify all direct create permissions.
    If the accessor resource already has privileges that exceed the requested permission, the requested grant has no effect on the existing permission. If the accessor resource has an existing permission that is incompatible with the requested permission - a request for an ungrantable create permission with grantable post-create "(perm /G)" when accessor already has grantable create permission with ungrantable post-create "(perm) /G", or vice versa - this method will throw an IllegalArgumentException.
    
    Specified by:
    
    grantDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainCreatePermissions - the permissions to be granted to the specified domain
  - grantDomainCreatePermissions
```
public void grantDomainCreatePermissions(Resource accessorResource,
                                DomainCreatePermission domainCreatePermission,
                                DomainCreatePermission... domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the set of domain permissions the specified accessor resource will receive if it created a domain.
    Note that the system-defined CREATE permission needs to be included in the specified set of domain create permissions, unless the accessor has already been directly granted that privilege beforehand.
    This method does not replace any domain create permissions previously granted, but can only add to the set, or upgrade an existing permission's granting rights. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setDomainCreatePermissions(com.acciente.oacc.Resource, java.util.Set<com.acciente.oacc.DomainCreatePermission>) to specify all direct create permissions.
    If the accessor resource already has privileges that exceed the requested permission, the requested grant has no effect on the existing permission. If the accessor resource has an existing permission that is incompatible with the requested permission - a request for an ungrantable create permission with grantable post-create "(perm /G)" when accessor already has grantable create permission with ungrantable post-create "(perm) /G", or vice versa - this method will throw an IllegalArgumentException.
    
    Specified by:
    
    grantDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    domainCreatePermission - the permission to be granted to the specified domain
    domainCreatePermissions - the other (optional) permissions to be granted to the specified domain
  - revokeDomainCreatePermissions
```
public void revokeDomainCreatePermissions(Resource accessorResource,
                                 Set<DomainCreatePermission> domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified direct domain permissions from set the specified accessor resource will receive if it created a domain.
    This call does not change inherited domain create permissions the specified accessor resource currently is privileged to. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has for the permission currently!
    Also note that after revoking the specified permissions, the remaining set of direct permissions must still contain the *CREATE system permission. Attempting to revoke a proper subset of the current direct permissions that includes the *CREATE permission will result in an IllegalArgumentException.
    This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    domainCreatePermissions - the create permissions to be revoked
  - revokeDomainCreatePermissions
```
public void revokeDomainCreatePermissions(Resource accessorResource,
                                 DomainCreatePermission domainCreatePermission,
                                 DomainCreatePermission... domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified direct domain permissions from set the specified accessor resource will receive if it created a domain.
    This call does not change inherited domain create permissions the specified accessor resource currently is privileged to. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has for the permission currently!
    Also note that after revoking the specified permissions, the remaining set of direct permissions must still contain the *CREATE system permission. Attempting to revoke a proper subset of the current direct permissions that includes the *CREATE permission will result in an IllegalArgumentException.
    This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    domainCreatePermission - the create permission to be revoked
    domainCreatePermissions - the other (optional) create permissions to be revoked
  - getDomainCreatePermissions
```
public Set<DomainCreatePermission> getDomainCreatePermissions(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all direct domain create permissions the specified accessor resource has.
    This method only takes into account direct domain create permissions and does not return the domain create permissions the specified accessor resource inherits from another resource.
    
    Specified by:
    
    getDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    a set of direct domain create permission the accessor resource has
  - getEffectiveDomainCreatePermissions
```
public Set<DomainCreatePermission> getEffectiveDomainCreatePermissions(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective domain create permissions the specified accessor resource has, both directly and inherited (from other resources).
    
    Specified by:
    
    getEffectiveDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    a set of effective domain create permission the accessor resource has
  - setResourceCreatePermissions
```
public void setResourceCreatePermissions(Resource accessorResource,
                                String resourceClassName,
                                String domainName,
                                Set<ResourceCreatePermission> resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Sets the resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
    Note that the system-defined CREATE permission must be included in the specified set of resource create permissions, unless all permissions should be revoked.
    Including the CREATE permission allows the accessor resource to create resources of the specified resource class and domain. But if the CREATE permission is the only one specified, then the accessor would not receive any direct permissions on the newly created resource. This is appropriate, for example, if the accessor would already obtain privileges to the newly created resource via global resource permissions, or if indeed the accessor should not receive any direct access to the newly created resource.
    Also note that this method replaces any direct resource create permissions previously granted, but does not affect any resource create permissions the specified accessor resource receives via inheritance or from the specified domain's ancestors.
    
    Specified by:
    
    setResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    resourceCreatePermissions - a set of resource create permissions to be granted
  - grantResourceCreatePermissions
```
public void grantResourceCreatePermissions(Resource accessorResource,
                                  String resourceClassName,
                                  String domainName,
                                  Set<ResourceCreatePermission> resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
    Note that the system-defined CREATE permission must be included in the specified set of resource create permissions, unless the accessor has already been directly granted that privilege beforehand.
    Granting the CREATE permission allows the accessor resource to create resources of the specified resource class and domain. But if the CREATE permission is the only directly granted one, then the accessor would not receive any direct permissions on the newly created resource. This is appropriate, for example, if the accessor would already obtain privileges to the newly created resource via global resource permissions, or if indeed the accessor should not receive any direct access to the newly created resource.
    This method does not replace any resource create permissions previously granted, but can only add to the set, or upgrade an existing permission's granting rights. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setResourceCreatePermissions(com.acciente.oacc.Resource, java.lang.String, java.lang.String, java.util.Set<com.acciente.oacc.ResourceCreatePermission>) to specify all direct create permissions
    If the accessor resource already has privileges that exceed the requested permission, the requested grant has no effect on the existing permission. If the accessor resource has an existing permission that is incompatible with the requested permission - a request for an ungrantable create permission with grantable post-create "(perm /G)" when accessor already has grantable create permission with ungrantable post-create "(perm) /G", or vice versa - this method will throw an IllegalArgumentException.
    
    Specified by:
    
    grantResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    resourceCreatePermissions - the resource create permissions to be granted
  - grantResourceCreatePermissions
```
public void grantResourceCreatePermissions(Resource accessorResource,
                                  String resourceClassName,
                                  String domainName,
                                  ResourceCreatePermission resourceCreatePermission,
                                  ResourceCreatePermission... resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds to the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
    Note that the system-defined CREATE permission must be included in the specified set of resource create permissions, unless the accessor has already been directly granted that privilege beforehand.
    Granting the CREATE permission allows the accessor resource to create resources of the specified resource class and domain. But if the CREATE permission is the only directly granted one, then the accessor would not receive any direct permissions on the newly created resource. This is appropriate, for example, if the accessor would already obtain privileges to the newly created resource via global resource permissions, or if indeed the accessor should not receive any direct access to the newly created resource.
    This method does not replace any resource create permissions previously granted, but can only add to the set, or upgrade an existing permission's granting rights. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setResourceCreatePermissions(com.acciente.oacc.Resource, java.lang.String, java.lang.String, java.util.Set<com.acciente.oacc.ResourceCreatePermission>) to specify all direct create permissions
    If the accessor resource already has privileges that exceed the requested permission, the requested grant has no effect on the existing permission. If the accessor resource has an existing permission that is incompatible with the requested permission - a request for an ungrantable create permission with grantable post-create "(perm /G)" when accessor already has grantable create permission with ungrantable post-create "(perm) /G", or vice versa - this method will throw an IllegalArgumentException.
    
    Specified by:
    
    grantResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    resourceCreatePermission - the resource create permission to be granted
    resourceCreatePermissions - the other (optional) resource create permissions to be granted
  - revokeResourceCreatePermissions
```
public void revokeResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourceCreatePermission> resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified permissions from the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
    This call does not change inherited resource create permissions the specified accessor resource currently is privileged to. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has for the permission currently!
    Also note that after revoking the specified permissions, the remaining set of direct permissions must still contain the *CREATE system permission. Attempting to revoke a proper subset of the current direct permissions that includes the *CREATE permission will result in an IllegalArgumentException.
    This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    resourceCreatePermissions - the resource create permissions to be revoked
  - revokeResourceCreatePermissions
```
public void revokeResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourceCreatePermission resourceCreatePermission,
                                   ResourceCreatePermission... resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified permissions from the set of resource permissions the specified accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain.
    This call does not change inherited resource create permissions the specified accessor resource currently is privileged to. Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has for the permission currently!
    Also note that after revoking the specified permissions, the remaining set of direct permissions must still contain the *CREATE system permission. Attempting to revoke a proper subset of the current direct permissions that includes the *CREATE permission will result in an IllegalArgumentException.
    This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    resourceCreatePermission - the resource create permission to be revoked
    resourceCreatePermissions - the other (optional) resource create permissions to be revoked
  - getResourceCreatePermissions
```
public Set<ResourceCreatePermission> getResourceCreatePermissions(Resource accessorResource,
                                                         String resourceClassName,
                                                         String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets all direct resource create permissions the accessor resource has to the specified resource class in the specified domain (which define a subset of the resource permissions the accessor resource would receive directly, if it created a resource of the specified resource class in the specified domain).
    This method only takes into account direct resource create permissions, but not inherited resource create permissions and not any resource create permissions the accessor may have to ancestors of the specified domain.
    
    Specified by:
    
    getResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    
    Returns:
    a set of direct resource create permissions
  - getResourceCreatePermissionsMap
```
public Map<String,Map<String,Set<ResourceCreatePermission>>> getResourceCreatePermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all direct resource create permissions the accessor resource has to any resource class in any domain, mapped by domain name and resource class name.
    Direct resource create permissions make up a subset of the resource permissions the accessor resource will receive directly, if it created a resource of a resource class in a domain.
    This method only takes into account direct resource create permissions, but not inherited resource create permissions and not any resource create permissions the accessor may have to ancestors of each domain.
    The result is returned as a map keyed by the domain name, where each value is another map keyed by resource class name, in which each value is the set of direct resource create permissions for the resource class and domain name of the respective keys.
    
    Specified by:
    
    getResourceCreatePermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    a map of maps of direct resource create permissions, keyed by domain name and resource class name
  - getEffectiveResourceCreatePermissions
```
public Set<ResourceCreatePermission> getEffectiveResourceCreatePermissions(Resource accessorResource,
                                                                  String resourceClassName,
                                                                  String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective resource create permissions the accessor resource has to the specified resource class in the specified domain (which effectively define the resource permissions the accessor resource will receive directly, if it created a resource of the specified resource class in the specified domain).
    This method takes into account direct resource create permissions, inherited resource create permissions and any resource create permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    getEffectiveResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    resourceClassName - a string resource class name
    domainName - a string representing a valid domain name
    
    Returns:
    a set of effective resource create permissions
  - getEffectiveResourceCreatePermissionsMap
```
public Map<String,Map<String,Set<ResourceCreatePermission>>> getEffectiveResourceCreatePermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective resource create permissions the accessor resource has to any resource class in any domain, mapped by domain name and resource class name.
    Resource create permissions effectively define the resource permissions the accessor resource will receive directly, if it created a resource of a resource class in a domain.
    This method takes into account direct resource create permissions, inherited resource create permissions and any resource create permissions the accessor may have to ancestors of each domain, as well as any super-user privileges.
    The result is returned as a map keyed by the domain name, where each value is another map keyed by resource class name, in which each value is the set of resource create permissions for the resource class and domain name of the respective keys.
    
    Specified by:
    
    getEffectiveResourceCreatePermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the accessor resource relative which permissions should be returned
    
    Returns:
    a map of maps of effective resource create permissions, keyed by domain name and resource class name
  - setResourcePermissions
```
public void setResourcePermissions(Resource accessorResource,
                          Resource accessedResource,
                          Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Sets the specified resource permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
    This method replaces any direct resource permissions previously granted, but does not affect any resource permissions the specified accessor resource receives via inheritance.
    
    Specified by:
    
    setResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    accessedResource - the resource on which the privilege is granted
    resourcePermissions - a set of resource permissions to be granted
  - grantResourcePermissions
```
public void grantResourcePermissions(Resource accessorResource,
                            Resource accessedResource,
                            Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds the specified resource permissions to the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
    This method does not replace any direct resource permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setResourcePermissions(com.acciente.oacc.Resource, com.acciente.oacc.Resource, java.util.Set<com.acciente.oacc.ResourcePermission>) to specify all direct permissions
    
    Specified by:
    
    grantResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    accessedResource - the resource on which the privilege is granted
    resourcePermissions - the resource permission to be granted
  - grantResourcePermissions
```
public void grantResourcePermissions(Resource accessorResource,
                            Resource accessedResource,
                            ResourcePermission resourcePermission,
                            ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds the specified resource permissions to the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
    This method does not replace any direct resource permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setResourcePermissions(com.acciente.oacc.Resource, com.acciente.oacc.Resource, java.util.Set<com.acciente.oacc.ResourcePermission>) to specify all direct permissions
    
    Specified by:
    
    grantResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    accessedResource - the resource on which the privilege is granted
    resourcePermission - the resource permission to be granted
    resourcePermissions - the other (optional) resource permissions to be granted
  - revokeResourcePermissions
```
public void revokeResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified resource permissions from the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
    Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has on the accessed resource! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    accessedResource - the resource on which the privilege was originally granted
    resourcePermissions - the resource permissions to be revoked
  - revokeResourcePermissions
```
public void revokeResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             ResourcePermission resourcePermission,
                             ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the specified resource permissions from the set of permissions that the specified accessor resource has to the specified accessed resource directly, that is not via inheritance or globally.
    Note that this method revokes the specified permission regardless of any specified granting right and regardless of the granting right the accessor has on the accessed resource! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    accessedResource - the resource on which the privilege was originally granted
    resourcePermission - the resource permission to be revoked
    resourcePermissions - the other (optional) resource permissions to be revoked
  - getResourcePermissions
```
public Set<ResourcePermission> getResourcePermissions(Resource accessorResource,
                                             Resource accessedResource)
```
    Description copied from interface: AccessControlContext
    
    Gets the resource permissions that the specified accessor resource has directly to the specified accessed resource.
    This method only takes into account direct permissions, but not inherited and not global permissions of the specified accessor resource.
    
    Specified by:
    
    getResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    accessedResource - the resource on which the privileges were granted
    
    Returns:
    a set of direct resource permissions
  - getEffectiveResourcePermissions
```
public Set<ResourcePermission> getEffectiveResourcePermissions(Resource accessorResource,
                                                      Resource accessedResource)
```
    Description copied from interface: AccessControlContext
    
    Gets the effective resource permissions that the specified accessor resource has to the specified accessed resource.
    This method takes into account direct, inherited and global permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    getEffectiveResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    accessedResource - the resource on which the privileges were granted
    
    Returns:
    a set of effective resource permissions
  - setGlobalResourcePermissions
```
public void setGlobalResourcePermissions(Resource accessorResource,
                                String resourceClassName,
                                String domainName,
                                Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Sets the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
    Global resource permissions are resource permissions that are defined on a resource class for a given domain and thus apply to any and all resources of that resource class and domain. They are not associated directly with every individual resource of that resource class and domain!
    Note that the system-defined CREATE resource permission can NOT be set as a global resource permission, because it would be nonsensical. Currently the system-defined INHERIT resource permission may also not be set as a global resource permission.
    This method replaces any direct global resource permissions previously granted, but does not affect any global resource permissions the specified accessor resource receives via inheritance or from the specified domain's ancestors.
    
    Specified by:
    
    setGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string domain name
    resourcePermissions - the set of resource permissions to be granted globally to the specified resource class and domain
  - grantGlobalResourcePermissions
```
public void grantGlobalResourcePermissions(Resource accessorResource,
                                  String resourceClassName,
                                  String domainName,
                                  Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
    Global resource permissions are resource permissions that are defined on a resource class for a given domain and thus apply to any and all resources of that resource class and domain. They are not associated directly with every individual resource of that resource class and domain!
    Note that the system-defined CREATE resource permission can NOT be set as a global resource permission, because it would be nonsensical. Currently the system-defined INHERIT resource permission may also not be set as a global resource permission.
    This method does not replace any global resource permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setGlobalResourcePermissions(com.acciente.oacc.Resource, java.lang.String, java.lang.String, java.util.Set<com.acciente.oacc.ResourcePermission>) to specify all direct permissions
    
    Specified by:
    
    grantGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string domain name
    resourcePermissions - the resource permission to be granted globally to the specified resource class and domain
  - grantGlobalResourcePermissions
```
public void grantGlobalResourcePermissions(Resource accessorResource,
                                  String resourceClassName,
                                  String domainName,
                                  ResourcePermission resourcePermission,
                                  ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Adds the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
    Global resource permissions are resource permissions that are defined on a resource class for a given domain and thus apply to any and all resources of that resource class and domain. They are not associated directly with every individual resource of that resource class and domain!
    Note that the system-defined CREATE resource permission can NOT be set as a global resource permission, because it would be nonsensical. Currently the system-defined INHERIT resource permission may also not be set as a global resource permission.
    This method does not replace any global resource permissions previously granted, but can only add to the set. Furthermore, removing the 'withGrant' option from an existing permission is not possible with this method alone - revoke the permission first, then re-grant without the 'withGrant' option, or use AccessControlContext.setGlobalResourcePermissions(com.acciente.oacc.Resource, java.lang.String, java.lang.String, java.util.Set<com.acciente.oacc.ResourcePermission>) to specify all direct permissions
    
    Specified by:
    
    grantGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource to which the privilege should be granted
    resourceClassName - a string resource class name
    domainName - a string domain name
    resourcePermission - the resource permission to be granted globally to the specified resource class and domain
    resourcePermissions - the other (optional) resource permissions to be granted globally
  - revokeGlobalResourcePermissions
```
public void revokeGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
    Note that this method revokes the specified permission(s) regardless of any specified granting right and regardless of the granting right the accessor currently has on the specified global permission! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    resourceClassName - a string resource class name
    domainName - a string domain name
    resourcePermissions - the resource permissions to be revoked globally from the specified resource class and domain
  - revokeGlobalResourcePermissions
```
public void revokeGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourcePermission resourcePermission,
                                   ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Revokes the global resource permissions a resource has on any resource of the specified resource class in the specified domain.
    Note that this method revokes the specified permission(s) regardless of any specified granting right and regardless of the granting right the accessor currently has on the specified global permission! This method is idempotent, that is, when a specified permission is no longer granted, repeated calls to this method will have no effect.
    
    Specified by:
    
    revokeGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource from which the privilege should be revoked
    resourceClassName - a string resource class name
    domainName - a string domain name
    resourcePermission - the resource permission to be revoked globally from the specified resource class and domain
    resourcePermissions - the other (optional) resource permissions to be revoked globally
  - getGlobalResourcePermissions
```
public Set<ResourcePermission> getGlobalResourcePermissions(Resource accessorResource,
                                                   String resourceClassName,
                                                   String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets the global resource permissions the specified accessor resource has directly to the resources of the specified resource class in the specified domain.
    This method only takes into account direct global resource permissions, but not inherited global resource permissions and not any global resource permissions the accessor may have to ancestors of the specified domain.
    
    Specified by:
    
    getGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    resourceClassName - a string resource class name
    domainName - a string domain name
    
    Returns:
    a set of direct global resource permissions the accessor resource has to resources in the specified resource class and domain
  - getEffectiveGlobalResourcePermissions
```
public Set<ResourcePermission> getEffectiveGlobalResourcePermissions(Resource accessorResource,
                                                            String resourceClassName,
                                                            String domainName)
```
    Description copied from interface: AccessControlContext
    
    Gets the effective global resource permissions the specified accessor resource has to the resources of the specified resource class in the specified domain.
    This method takes into account direct global resource permissions, inherited global resource permissions and any global resource permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    getEffectiveGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    resourceClassName - a string resource class name
    domainName - a string domain name
    
    Returns:
    a set of effective global resource permissions the accessor resource has to resources in the specified resource class and domain
  - getGlobalResourcePermissionsMap
```
public Map<String,Map<String,Set<ResourcePermission>>> getGlobalResourcePermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all global resource permissions the specified accessor resource has directly to any resources of any resource class in any domain, mapped by domain name and resource class name.
    This method only takes into account direct global resource permissions, but not inherited global resource permissions and not any global resource permissions the accessor may have to ancestors of each domain.
    The result is returned as a map keyed by the domain name, where each value is another map keyed by resource class name, in which each value is the set of global resource permissions for the resource class and domain name of the respective keys.
    
    Specified by:
    
    getGlobalResourcePermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    
    Returns:
    a map of maps of all direct global resource permissions the accessor resource has, keyed by domain name and resource class name
  - getEffectiveGlobalResourcePermissionsMap
```
public Map<String,Map<String,Set<ResourcePermission>>> getEffectiveGlobalResourcePermissionsMap(Resource accessorResource)
```
    Description copied from interface: AccessControlContext
    
    Gets all effective global resource permissions the specified accessor resource has to the resources of the any resource class in any domain, mapped by domain name and resource class name.
    This method takes into account direct global resource permissions, inherited global resource permissions and any global resource permissions the accessor may have to ancestors of each domain, as well as any super-user privileges.
    The result is returned as a map keyed by the domain name, where each value is another map keyed by resource class name, in which each value is the set of global resource permissions for the resource class and domain name of the respective keys.
    
    Specified by:
    
    getEffectiveGlobalResourcePermissionsMap in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the permissions should be returned
    
    Returns:
    a map of maps of all effective global resource permissions the accessor resource has, keyed by domain name and resource class name
  - getDomainNameByResource
```
public String getDomainNameByResource(Resource resource)
```
    Description copied from interface: AccessControlContext
    
    Returns the domain to which the specified resource belongs.
    
    Specified by:
    
    getDomainNameByResource in interface AccessControlContext
    
    Parameters:
    resource - the resource for which to retrieve the domain name
    
    Returns:
    a string domain name
  - getDomainDescendants
```
public Set<String> getDomainDescendants(String domainName)
```
    Description copied from interface: AccessControlContext
    
    Returns the domains which are descendants of the specified domain. The returned set includes the specified domain (unless the specified domain does not exist); in other words, a domain is considered its own descendant
    Note that this returns not just the names of direct first-level descendant domains, but the names of all descendant domains, regardless of level
    
    Specified by:
    
    getDomainDescendants in interface AccessControlContext
    
    Parameters:
    domainName - a domain name for which to retrieve the descendants
    
    Returns:
    a set of unique string domain names, including the domain queried about, or an empty set if the specified domain does not exist
  - getResourceClassInfo
```
public ResourceClassInfo getResourceClassInfo(String resourceClassName)
```
    Description copied from interface: AccessControlContext
    
    Returns information about the specified resource class.
    
    Specified by:
    
    getResourceClassInfo in interface AccessControlContext
    
    Parameters:
    resourceClassName - a string resource class name about which to retrieve information
    
    Returns:
    a ResourceClassInfo object containing information about the resource class
  - getResourceClassInfoByResource
```
public ResourceClassInfo getResourceClassInfoByResource(Resource resource)
```
    Description copied from interface: AccessControlContext
    
    Returns information about the resource class to which the specified resource belongs.
    
    Specified by:
    
    getResourceClassInfoByResource in interface AccessControlContext
    
    Parameters:
    resource - a resource about whose resource class to retrieve information
    
    Returns:
    returns a ResourceClassInfo object containing information about the resource class of the specified resource
  - getAuthenticatedResource
```
public Resource getAuthenticatedResource()
```
    Description copied from interface: AccessControlContext
    
    Returns the resource that is currently authenticated in this session.
    
    Specified by:
    
    getAuthenticatedResource in interface AccessControlContext
    
    Returns:
    a resource
  - getSessionResource
```
public Resource getSessionResource()
```
    Description copied from interface: AccessControlContext
    
    Returns the session resource, that is, the resource whose security credentials are associated with this session.
    The session resource is the same as the authenticated resource, unless another resource is being impersonated.
    
    Specified by:
    
    getSessionResource in interface AccessControlContext
    
    Returns:
    a resource
  - assertPostCreateDomainPermissions
```
public void assertPostCreateDomainPermissions(Resource accessorResource,
                                     Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain. The method takes into account any direct and inherited domain create permissions the accessor might have, as well as any super-user privileges.
    
    Specified by:
    
    assertPostCreateDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    domainPermissions - the permissions to be checked
  - assertPostCreateDomainPermissions
```
public void assertPostCreateDomainPermissions(Resource accessorResource,
                                     DomainPermission domainPermission,
                                     DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain. The method takes into account any direct and inherited domain create permissions the accessor might have, as well as any super-user privileges.
    
    Specified by:
    
    assertPostCreateDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    domainPermission - the permission to be checked
    domainPermissions - the other (optional) permissions to be checked
  - hasPostCreateDomainPermissions
```
public boolean hasPostCreateDomainPermissions(Resource accessorResource,
                                     Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain. The method takes into account any direct and inherited domain create permissions the accessor might have, as well as any super-user privileges.
    
    Specified by:
    
    hasPostCreateDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    domainPermissions - the permissions to be checked
    
    Returns:
    true if the accessor resource would receive the specified permissions after creating a domain
  - hasPostCreateDomainPermissions
```
public boolean hasPostCreateDomainPermissions(Resource accessorResource,
                                     DomainPermission domainPermission,
                                     DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified domain permissions, if the accessor were to create a domain. The method takes into account any direct and inherited domain create permissions the accessor might have, as well as any super-user privileges.
    
    Specified by:
    
    hasPostCreateDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    domainPermission - the permission to be checked
    domainPermissions - the other (optional) permissions to be checked
    
    Returns:
    true if the accessor resource would receive the specified permissions after creating a domain
  - assertDomainPermissions
```
public void assertDomainPermissions(Resource accessorResource,
                           String domainName,
                           Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain permissions on the specified domain. This method takes into account any direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    assertDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainName - the domain for which the permission should be checked
    domainPermissions - the permissions to be checked
  - assertDomainPermissions
```
public void assertDomainPermissions(Resource accessorResource,
                           String domainName,
                           DomainPermission domainPermission,
                           DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain permissions on the specified domain. This method takes into account any direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    assertDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainName - the domain for which the permission should be checked
    domainPermission - the permission to be checked
    domainPermissions - the other (optional) permissions to be checked
  - hasDomainPermissions
```
public boolean hasDomainPermissions(Resource accessorResource,
                           String domainName,
                           Set<DomainPermission> domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain permissions on the specified domain. This method takes into account any direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    hasDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainName - the domain for which the permission should be checked
    domainPermissions - the permissions to be checked
    
    Returns:
    true if the accessor resource has the specified domain permissions, false otherwise or if the accessor resource does not exist
  - hasDomainPermissions
```
public boolean hasDomainPermissions(Resource accessorResource,
                           String domainName,
                           DomainPermission domainPermission,
                           DomainPermission... domainPermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain permissions on the specified domain. This method takes into account any direct domain permissions, inherited domain permissions and any domain permissions the accessor may have to ancestors of the specified domain, as well as any super-user privileges.
    
    Specified by:
    
    hasDomainPermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainName - the domain for which the permission should be checked
    domainPermission - the permission to be checked
    domainPermissions - the other (optional) permissions to be checked
    
    Returns:
    true if the accessor resource has the specified domain permissions, false otherwise or if the accessor resource does not exist
  - assertDomainCreatePermissions
```
public void assertDomainCreatePermissions(Resource accessorResource,
                                 Set<DomainCreatePermission> domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain create permissions. This method takes into account any direct and inherited domain create permissions.
    
    Specified by:
    
    assertDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainCreatePermissions - the domain create permissions to be checked
  - assertDomainCreatePermissions
```
public void assertDomainCreatePermissions(Resource accessorResource,
                                 DomainCreatePermission domainCreatePermission,
                                 DomainCreatePermission... domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain create permissions. This method takes into account any direct and inherited domain create permissions.
    
    Specified by:
    
    assertDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainCreatePermission - the domain create permission to be checked
    domainCreatePermissions - the other (optional) domain create permissions to be checked
  - hasDomainCreatePermissions
```
public boolean hasDomainCreatePermissions(Resource accessorResource,
                                 Set<DomainCreatePermission> domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain create permissions. This method takes into account any direct and inherited domain create permissions.
    
    Specified by:
    
    hasDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainCreatePermissions - the domain create permissions to be checked
    
    Returns:
    true if the accessor resource has the specified domain create permissions, false otherwise
  - hasDomainCreatePermissions
```
public boolean hasDomainCreatePermissions(Resource accessorResource,
                                 DomainCreatePermission domainCreatePermission,
                                 DomainCreatePermission... domainCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified domain create permissions. This method takes into account any direct and inherited domain create permissions.
    
    Specified by:
    
    hasDomainCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    domainCreatePermission - the domain create permission to be checked
    domainCreatePermissions - the other (optional) domain create permissions to be checked
    
    Returns:
    true if the accessor resource has the specified domain create permissions, false otherwise
  - assertPostCreateResourcePermissions
```
public void assertPostCreateResourcePermissions(Resource accessorResource,
                                       String resourceClassName,
                                       String domainName,
                                       Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object. The method takes into account any resource create permissions and global resource permissions of the specified accessor resource.
    
    Specified by:
    
    assertPostCreateResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermissions - the permissions to be checked
  - assertPostCreateResourcePermissions
```
public void assertPostCreateResourcePermissions(Resource accessorResource,
                                       String resourceClassName,
                                       String domainName,
                                       ResourcePermission resourcePermission,
                                       ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object. The method takes into account any resource create permissions and global resource permissions of the specified accessor resource, as well as any super-user privileges, as well as any super-user privileges.
    
    Specified by:
    
    assertPostCreateResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
  - hasPostCreateResourcePermissions
```
public boolean hasPostCreateResourcePermissions(Resource accessorResource,
                                       String resourceClassName,
                                       String domainName,
                                       Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object. The method takes into account any resource create permissions and global resource permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasPostCreateResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermissions - the permissions to be checked
    
    Returns:
    true if the accessor resource would receive the specified permissions after creating a resource of the specified class in the specified domain, false otherwise
  - hasPostCreateResourcePermissions
```
public boolean hasPostCreateResourcePermissions(Resource accessorResource,
                                       String resourceClassName,
                                       String domainName,
                                       ResourcePermission resourcePermission,
                                       ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource would receive the specified permissions on an object of the specified class in the specified domain, if it were to create such an object. The method takes into account any resource create permissions and global resource permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasPostCreateResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
    
    Returns:
    true if the accessor resource would receive the specified permissions after creating a resource of the specified class in the specified domain, false otherwise
  - assertGlobalResourcePermissions
```
public void assertGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain. This method takes into account any global permissions that the accessor resource may have, as well as any super-user privileges.
    
    Specified by:
    
    assertGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermissions - the permissions to be checked
  - assertGlobalResourcePermissions
```
public void assertGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourcePermission resourcePermission,
                                   ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain. This method takes into account any global permissions that the accessor resource may have, as well as any super-user privileges.
    
    Specified by:
    
    assertGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
  - hasGlobalResourcePermissions
```
public boolean hasGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain. This method takes into account any global permissions that the accessor resource may have, as well as any super-user privileges.
    
    Specified by:
    
    hasGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermissions - the permissions to be checked
    
    Returns:
    true if the accessor resource has the specified global permissions, false otherwise
  - hasGlobalResourcePermissions
```
public boolean hasGlobalResourcePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourcePermission resourcePermission,
                                   ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified global resource permissions on the specified resource class in the specified domain. This method takes into account any global permissions that the accessor resource may have, as well as any super-user privileges.
    
    Specified by:
    
    hasGlobalResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource on which access is being checked
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
    
    Returns:
    true if the accessor resource has the specified global permissions, false otherwise
  - assertResourcePermissions
```
public void assertResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource. This method takes into account direct, inherited and global permissions of accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    assertResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    accessedResource - the resource on which access is being requested
    resourcePermissions - the permissions to be checked
  - assertResourcePermissions
```
public void assertResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             ResourcePermission resourcePermission,
                             ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource. This method takes into account direct, inherited and global permissions of accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    assertResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    accessedResource - the resource on which access is being requested
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
  - hasResourcePermissions
```
public boolean hasResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource. This method takes into account direct, inherited and global permissions of accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    accessedResource - the resource on which access is being requested
    resourcePermissions - the permissions to be checked
    
    Returns:
    true if the accessor resource has the specified permissions
  - hasResourcePermissions
```
public boolean hasResourcePermissions(Resource accessorResource,
                             Resource accessedResource,
                             ResourcePermission resourcePermission,
                             ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified resource permissions to the specified accessed resource. This method takes into account direct, inherited and global permissions of accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    accessedResource - the resource on which access is being requested
    resourcePermission - the permission to be checked
    resourcePermissions - the other (optional) permissions to be checked
    
    Returns:
    true if the accessor resource has the specified permissions
  - assertResourceCreatePermissions
```
public void assertResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourceCreatePermission> resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain. The method takes into account any any direct and inherited resource create permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    assertResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourceCreatePermissions - the create permissions to be checked
  - assertResourceCreatePermissions
```
public void assertResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourceCreatePermission resourceCreatePermission,
                                   ResourceCreatePermission... resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain. The method takes into account any any direct and inherited resource create permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    assertResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourceCreatePermission - the create permission to be checked
    resourceCreatePermissions - the other (optional) create permissions to be checked
  - hasResourceCreatePermissions
```
public boolean hasResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   Set<ResourceCreatePermission> resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain. The method takes into account any any direct and inherited resource create permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourceCreatePermissions - the create permissions to be checked
    
    Returns:
    true if the accessor resource has the specified resource create permissions for the specified resource class in the specified domain, false otherwise
  - hasResourceCreatePermissions
```
public boolean hasResourceCreatePermissions(Resource accessorResource,
                                   String resourceClassName,
                                   String domainName,
                                   ResourceCreatePermission resourceCreatePermission,
                                   ResourceCreatePermission... resourceCreatePermissions)
```
    Description copied from interface: AccessControlContext
    
    Checks if the specified accessor resource has the specified create permissions on an object of the specified class in the specified domain. The method takes into account any any direct and inherited resource create permissions of the specified accessor resource, as well as any super-user privileges.
    
    Specified by:
    
    hasResourceCreatePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource requesting the access
    resourceClassName - a string resource class name
    domainName - the domain in which the permissions should be checked
    resourceCreatePermission - the create permission to be checked
    resourceCreatePermissions - the other (optional) create permissions to be checked
    
    Returns:
    true if the accessor resource has the specified resource create permissions for the specified resource class in the specified domain, false otherwise
  - getResourcesByResourcePermissions
```
public Set<Resource> getResourcesByResourcePermissions(Resource accessorResource,
                                              String resourceClassName,
                                              Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, regardless of domain.
    The method takes into account direct, inherited and global permissions, as well as resources that are reachable as a result of SUPER-USER permissions.
    
    Specified by:
    
    getResourcesByResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the set of accessible resources is computed
    resourceClassName - a string resource class name
    resourcePermissions - the permissions to check
    
    Returns:
    a set of resources
  - getResourcesByResourcePermissions
```
public Set<Resource> getResourcesByResourcePermissions(Resource accessorResource,
                                              String resourceClassName,
                                              ResourcePermission resourcePermission,
                                              ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, regardless of domain.
    The method takes into account direct, inherited and global permissions, as well as resources that are reachable as a result of SUPER-USER permissions.
    
    Specified by:
    
    getResourcesByResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the set of accessible resources is computed
    resourceClassName - a string resource class name
    resourcePermission - the permission to check
    resourcePermissions - the other (optional) permissions to check
    
    Returns:
    a set of resources
  - getResourcesByResourcePermissionsAndDomain
```
public Set<Resource> getResourcesByResourcePermissionsAndDomain(Resource accessorResource,
                                                       String resourceClassName,
                                                       String domainName,
                                                       Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, within the specified domain or within any descendant domains.
    The method takes into account direct, inherited and global permissions, as well as resources that are reachable as a result of SUPER-USER permissions.
    
    Specified by:
    
    getResourcesByResourcePermissionsAndDomain in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the set of accessible resources is computed
    resourceClassName - a string resource class name
    domainName - a domain name
    resourcePermissions - the permissions to check
    
    Returns:
    a set of resources
  - getResourcesByResourcePermissionsAndDomain
```
public Set<Resource> getResourcesByResourcePermissionsAndDomain(Resource accessorResource,
                                                       String resourceClassName,
                                                       String domainName,
                                                       ResourcePermission resourcePermission,
                                                       ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources (of the specified resource class) on which the specified accessor resource has the specified permissions, within the specified domain or within any descendant domains.
    The method takes into account direct, inherited and global permissions, as well as resources that are reachable as a result of SUPER-USER permissions.
    
    Specified by:
    
    getResourcesByResourcePermissionsAndDomain in interface AccessControlContext
    
    Parameters:
    accessorResource - the resource relative to which the set of accessible resources is computed
    resourceClassName - a string resource class name
    domainName - a domain name
    resourcePermission - the permission to check
    resourcePermissions - the other (optional) permissions to check
    
    Returns:
    a set of resources
  - getAccessorResourcesByResourcePermissions
```
public Set<Resource> getAccessorResourcesByResourcePermissions(Resource accessedResource,
                                                      String resourceClassName,
                                                      Set<ResourcePermission> resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources that have the specified permissions to the specified accessed resource.
    This method works in the reverse direction of the AccessControlContext.getResourcesByResourcePermissions(com.acciente.oacc.Resource, java.lang.String, java.util.Set<com.acciente.oacc.ResourcePermission>) method, but unlike getResourcesByResourcePermissions it only takes into account direct permissions. In other words, this method ignores accessors that can reach the specified accessed resource via inherited permissions, global permissions and SUPER-USER privileges.
    
    Specified by:
    
    getAccessorResourcesByResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessedResource - the resource relative to which accessor resources are sought
    resourceClassName - a string resource class name
    resourcePermissions - the permissions to check
    
    Returns:
    a set of accessor resources to the accessedResource
  - getAccessorResourcesByResourcePermissions
```
public Set<Resource> getAccessorResourcesByResourcePermissions(Resource accessedResource,
                                                      String resourceClassName,
                                                      ResourcePermission resourcePermission,
                                                      ResourcePermission... resourcePermissions)
```
    Description copied from interface: AccessControlContext
    
    Returns a set of resources that have the specified permissions to the specified accessed resource.
    This method works in the reverse direction of the AccessControlContext.getResourcesByResourcePermissions(com.acciente.oacc.Resource, java.lang.String, java.util.Set<com.acciente.oacc.ResourcePermission>) method, but unlike getResourcesByResourcePermissions it only takes into account direct permissions. In other words, this method ignores accessors that can reach the specified accessed resource via inherited permissions, global permissions and SUPER-USER privileges.
    
    Specified by:
    
    getAccessorResourcesByResourcePermissions in interface AccessControlContext
    
    Parameters:
    accessedResource - the resource relative to which accessor resources are sought
    resourceClassName - a string resource class name
    resourcePermission - the permission to check
    resourcePermissions - the other (optional) permissions to check
    
    Returns:
    a set of accessor resources to the accessedResource
  - getResourceClassNames
```
public List<String> getResourceClassNames()
```
    Description copied from interface: AccessControlContext
    
    Returns the list of names of all resource classes defined in the system
    
    Specified by:
    
    getResourceClassNames in interface AccessControlContext
    
    Returns:
    a list of string resource class names
  - getResourcePermissionNames
```
public List<String> getResourcePermissionNames(String resourceClassName)
```
    Description copied from interface: AccessControlContext
    
    Returns the list of all resource permission names defined for the specified resource class name, including the applicable system permissions as well as any custom permissions
    
    Specified by:
    
    getResourcePermissionNames in interface AccessControlContext
    
    Parameters:
    resourceClassName - the resource class name for which the permissions should be retrieved
    
    Returns:
    a list of string permission names

Class SQLAccessControlContext

Field Summary

Fields inherited from interface com.acciente.oacc.AccessControlContext

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getAccessControlContext

getAccessControlContext

getAccessControlContext

getAccessControlContext

preSerialize

postDeserialize

postDeserialize

authenticate

authenticate

unauthenticate

impersonate

unimpersonate

setCredentials

createResourceClass

createResourcePermission

createDomain

createDomain

deleteDomain

createResource

createResource

createResource

createResource

setExternalId

deleteResource

setDomainPermissions

grantDomainPermissions

grantDomainPermissions

revokeDomainPermissions

revokeDomainPermissions

getDomainPermissions

getDomainPermissionsMap

getEffectiveDomainPermissions

getEffectiveDomainPermissionsMap

setDomainCreatePermissions

grantDomainCreatePermissions

grantDomainCreatePermissions

revokeDomainCreatePermissions

revokeDomainCreatePermissions

getDomainCreatePermissions

getEffectiveDomainCreatePermissions

setResourceCreatePermissions

grantResourceCreatePermissions

grantResourceCreatePermissions

revokeResourceCreatePermissions

revokeResourceCreatePermissions

getResourceCreatePermissions

getResourceCreatePermissionsMap

getEffectiveResourceCreatePermissions

getEffectiveResourceCreatePermissionsMap

setResourcePermissions

grantResourcePermissions

grantResourcePermissions

revokeResourcePermissions

revokeResourcePermissions

getResourcePermissions

getEffectiveResourcePermissions

setGlobalResourcePermissions

grantGlobalResourcePermissions

grantGlobalResourcePermissions

revokeGlobalResourcePermissions

revokeGlobalResourcePermissions

getGlobalResourcePermissions

getEffectiveGlobalResourcePermissions

getGlobalResourcePermissionsMap

getEffectiveGlobalResourcePermissionsMap

getDomainNameByResource

getDomainDescendants

getResourceClassInfo

getResourceClassInfoByResource

getAuthenticatedResource

getSessionResource

assertPostCreateDomainPermissions

assertPostCreateDomainPermissions

hasPostCreateDomainPermissions