1 package org.apache.fulcrum.security.model.dynamic; 2 3 /* 4 * Licensed to the Apache Software Foundation (ASF) under one 5 * or more contributor license agreements. See the NOTICE file 6 * distributed with this work for additional information 7 * regarding copyright ownership. The ASF licenses this file 8 * to you under the Apache License, Version 2.0 (the 9 * "License"); you may not use this file except in compliance 10 * with the License. You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, 15 * software distributed under the License is distributed on an 16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 17 * KIND, either express or implied. See the License for the 18 * specific language governing permissions and limitations 19 * under the License. 20 */ 21 22 import java.io.Serializable; 23 24 import org.apache.fulcrum.security.acl.AccessControlList; 25 import org.apache.fulcrum.security.entity.Group; 26 import org.apache.fulcrum.security.entity.Permission; 27 import org.apache.fulcrum.security.entity.Role; 28 import org.apache.fulcrum.security.util.GroupSet; 29 import org.apache.fulcrum.security.util.PermissionSet; 30 import org.apache.fulcrum.security.util.RoleSet; 31 32 /** 33 * This interface describes a control class that makes it easy to find out if a 34 * particular User has a given Permission. It also determines if a User has a a 35 * particular Role. 36 * 37 * @author <a href="mailto:epugh@upstate.com">Eric Pugh</a> 38 * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a> 39 * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a> 40 * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a> 41 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> 42 * @author <a href="mailto:marco@intermeta.de">Marco Knüttel</a> 43 * @version $Id$ 44 */ 45 public interface DynamicAccessControlList extends Serializable, AccessControlList 46 { 47 48 /** 49 * Retrieves a set of Roles an user is assigned in a Group. 50 * 51 * @param group 52 * the Group 53 * @return the set of Roles this user has within the Group. 54 */ 55 RoleSet getRoles(Group group); 56 57 /** 58 * Retrieves all roles for a user 59 * 60 * @return the set of Roles this user has 61 */ 62 RoleSet getRoles(); 63 64 /** 65 * Retrieves a set of Permissions an user is assigned in a Group. 66 * 67 * @param group 68 * the Group 69 * @return the set of Permissions this user has within the Group. 70 */ 71 PermissionSet getPermissions(Group group); 72 73 /** 74 * Retrieves a set of Permissions an user is assigned 75 * 76 * @return the set of Permissions this user has. 77 */ 78 PermissionSet getPermissions(); 79 80 /** 81 * Checks if the user is assigned a specific Role in the Group. 82 * 83 * @param role 84 * the Role 85 * @param group 86 * the Group 87 * @return <code>true</code> if the user is assigned the Role in the Group. 88 */ 89 boolean hasRole(Role role, Group group); 90 91 /** 92 * Checks if the user is assigned a specific Role in any of the given Groups 93 * 94 * @param role 95 * the Role 96 * @param groupset 97 * a Groupset 98 * @return <code>true</code> if the user is assigned the Role in any of the 99 * given Groups. 100 */ 101 boolean hasRole(Role role, GroupSet groupset); 102 103 /** 104 * Checks if the user is assigned a specific Role in the Group. 105 * 106 * @param role 107 * the Role 108 * @param group 109 * the Group 110 * @return <code>true</code> if the user is assigned the Role in the Group. 111 */ 112 boolean hasRole(String role, String group); 113 114 /** 115 * Checks if the user is assigned a specifie Role in any of the given Groups 116 * 117 * @param rolename 118 * the name of the Role 119 * @param groupset 120 * a Groupset 121 * @return <code>true</code> if the user is assigned the Role in any of the 122 * given Groups. 123 */ 124 boolean hasRole(String rolename, GroupSet groupset); 125 126 /** 127 * Checks if the user is assigned a specific Role in the global Group. 128 * 129 * @param role 130 * the Role 131 * @return <code>true</code> if the user is assigned the Role in the global 132 * Group. 133 */ 134 boolean hasRole(Role role); 135 136 /** 137 * Checks if the user is assigned a specific Role. 138 * 139 * @param role 140 * the Role 141 * @return <code>true</code> if the user is assigned the Role. 142 */ 143 boolean hasRole(String role); 144 145 /** 146 * Checks if the user is assigned a specific Permission in the Group. 147 * 148 * @param permission 149 * the Permission 150 * @param group 151 * the Group 152 * @return <code>true</code> if the user is assigned the Permission in the 153 * Group. 154 */ 155 boolean hasPermission(Permission permission, Group group); 156 157 /** 158 * Checks if the user is assigned a specific Permission in any of the given 159 * Groups 160 * 161 * @param permission 162 * the Permission 163 * @param groupset 164 * a Groupset 165 * @return <code>true</code> if the user is assigned the Permission in any 166 * of the given Groups. 167 */ 168 boolean hasPermission(Permission permission, GroupSet groupset); 169 170 /** 171 * Checks if the user is assigned a specific Permission in the Group. 172 * 173 * @param permission 174 * the Permission 175 * @param group 176 * the Group 177 * @return <code>true</code> if the user is assigned the Permission in the 178 * Group. 179 */ 180 boolean hasPermission(String permission, String group); 181 182 /** 183 * Checks if the user is assigned a specific Permission in the Group. 184 * 185 * @param permission 186 * the Permission 187 * @param group 188 * the Group 189 * @return <code>true</code> if the user is assigned the Permission in the 190 * Group. 191 */ 192 boolean hasPermission(String permission, Group group); 193 194 /** 195 * Checks if the user is assigned a specifie Permission in any of the given 196 * Groups 197 * 198 * @param permissionName 199 * the name of the Permission 200 * @param groupset 201 * a Groupset 202 * @return <code>true</code> if the user is assigned the Permission in any 203 * of the given Groups. 204 */ 205 boolean hasPermission(String permissionName, GroupSet groupset); 206 207 /** 208 * Checks if the user is assigned a specific Permission in the global Group. 209 * 210 * @param permission 211 * the Permission 212 * @return <code>true</code> if the user is assigned the Permission in the 213 * global Group. 214 */ 215 boolean hasPermission(Permission permission); 216 217 /** 218 * Checks if the user is assigned a specific Permission in the global Group. 219 * 220 * @param permission 221 * the Permission 222 * @return <code>true</code> if the user is assigned the Permission in the 223 * global Group. 224 */ 225 boolean hasPermission(String permission); 226 227 }