54  * principal is considered to have a null (empty) permission set.<p>
57  * particular permission, and a negative entry that denies the
58  * principal the same permission, the result is as though the
59  * permission was never granted or denied. <p>
167      * specified principal, an empty permission set is returned.<p>
169      * <li>Otherwise, the principal's group permission sets are determined.
172      * The group positive permission set is the union of all
174      * The group negative permission set is the union of all
176      * If there is a specific permission that occurs in both
177      * the positive permission set and the negative permission set,
180      * The individual positive and negative permission sets are also
181      * determined. The positive permission set contains the permissions
183      * Similarly, the negative permission set contains the permissions
185      * The individual positive (or negative) permission set is considered
192      * permission set (specific denial of permissions) overrides the group
193      * positive permission set, and the principal's individual positive
194      * permission set overrides the group negative permission set.
198      * @param user the principal whose permission set is to be returned.
200      * @return the permission set specifying the permissions the principal
215      * permission. If it does, true is returned, otherwise false is returned.
217      * More specifically, this method checks whether the passed permission
218      * is a member of the allowed permission set of the specified principal.
219      * The allowed permission set is determined by the same algorithm as is
225      * @param permission the permission to be checked for.
227      * @return true if the principal has the specified permission, false
232     public boolean checkPermission(Principal principal, Permission permission);

Indexes created Tue Jul 24 14:28:13 CEST 2018