View Javadoc
1   package org.apache.fulcrum.security.model.dynamic;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import java.io.Serializable;
23  
24  import org.apache.fulcrum.security.acl.AccessControlList;
25  import org.apache.fulcrum.security.entity.Group;
26  import org.apache.fulcrum.security.entity.Permission;
27  import org.apache.fulcrum.security.entity.Role;
28  import org.apache.fulcrum.security.util.GroupSet;
29  import org.apache.fulcrum.security.util.PermissionSet;
30  import org.apache.fulcrum.security.util.RoleSet;
31  
32  /**
33   * This interface describes a control class that makes it easy to find out if a
34   * particular User has a given Permission. It also determines if a User has a a
35   * particular Role.
36   * 
37   * @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
38   * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
39   * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
40   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
41   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
42   * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
43   * @version $Id$
44   */
45  public interface DynamicAccessControlList extends Serializable, AccessControlList
46  {
47  
48      /**
49       * Retrieves a set of Roles an user is assigned in a Group.
50       * 
51       * @param group
52       *            the Group
53       * @return the set of Roles this user has within the Group.
54       */
55      RoleSet getRoles(Group group);
56  
57      /**
58       * Retrieves all roles for a user
59       * 
60       * @return the set of Roles this user has
61       */
62      RoleSet getRoles();
63  
64      /**
65       * Retrieves a set of Permissions an user is assigned in a Group.
66       * 
67       * @param group
68       *            the Group
69       * @return the set of Permissions this user has within the Group.
70       */
71      PermissionSet getPermissions(Group group);
72  
73      /**
74       * Retrieves a set of Permissions an user is assigned
75       * 
76       * @return the set of Permissions this user has.
77       */
78      PermissionSet getPermissions();
79  
80      /**
81       * Checks if the user is assigned a specific Role in the Group.
82       * 
83       * @param role
84       *            the Role
85       * @param group
86       *            the Group
87       * @return <code>true</code> if the user is assigned the Role in the Group.
88       */
89      boolean hasRole(Role role, Group group);
90  
91      /**
92       * Checks if the user is assigned a specific Role in any of the given Groups
93       * 
94       * @param role
95       *            the Role
96       * @param groupset
97       *            a Groupset
98       * @return <code>true</code> if the user is assigned the Role in any of the
99       *         given Groups.
100      */
101     boolean hasRole(Role role, GroupSet groupset);
102 
103     /**
104      * Checks if the user is assigned a specific Role in the Group.
105      * 
106      * @param role
107      *            the Role
108      * @param group
109      *            the Group
110      * @return <code>true</code> if the user is assigned the Role in the Group.
111      */
112     boolean hasRole(String role, String group);
113 
114     /**
115      * Checks if the user is assigned a specifie Role in any of the given Groups
116      * 
117      * @param rolename
118      *            the name of the Role
119      * @param groupset
120      *            a Groupset
121      * @return <code>true</code> if the user is assigned the Role in any of the
122      *         given Groups.
123      */
124     boolean hasRole(String rolename, GroupSet groupset);
125 
126     /**
127      * Checks if the user is assigned a specific Role in the global Group.
128      * 
129      * @param role
130      *            the Role
131      * @return <code>true</code> if the user is assigned the Role in the global
132      *         Group.
133      */
134     boolean hasRole(Role role);
135 
136     /**
137      * Checks if the user is assigned a specific Role.
138      * 
139      * @param role
140      *            the Role
141      * @return <code>true</code> if the user is assigned the Role.
142      */
143     boolean hasRole(String role);
144 
145     /**
146      * Checks if the user is assigned a specific Permission in the Group.
147      * 
148      * @param permission
149      *            the Permission
150      * @param group
151      *            the Group
152      * @return <code>true</code> if the user is assigned the Permission in the
153      *         Group.
154      */
155     boolean hasPermission(Permission permission, Group group);
156 
157     /**
158      * Checks if the user is assigned a specific Permission in any of the given
159      * Groups
160      * 
161      * @param permission
162      *            the Permission
163      * @param groupset
164      *            a Groupset
165      * @return <code>true</code> if the user is assigned the Permission in any
166      *         of the given Groups.
167      */
168     boolean hasPermission(Permission permission, GroupSet groupset);
169 
170     /**
171      * Checks if the user is assigned a specific Permission in the Group.
172      * 
173      * @param permission
174      *            the Permission
175      * @param group
176      *            the Group
177      * @return <code>true</code> if the user is assigned the Permission in the
178      *         Group.
179      */
180     boolean hasPermission(String permission, String group);
181 
182     /**
183      * Checks if the user is assigned a specific Permission in the Group.
184      * 
185      * @param permission
186      *            the Permission
187      * @param group
188      *            the Group
189      * @return <code>true</code> if the user is assigned the Permission in the
190      *         Group.
191      */
192     boolean hasPermission(String permission, Group group);
193 
194     /**
195      * Checks if the user is assigned a specifie Permission in any of the given
196      * Groups
197      * 
198      * @param permissionName
199      *            the name of the Permission
200      * @param groupset
201      *            a Groupset
202      * @return <code>true</code> if the user is assigned the Permission in any
203      *         of the given Groups.
204      */
205     boolean hasPermission(String permissionName, GroupSet groupset);
206 
207     /**
208      * Checks if the user is assigned a specific Permission in the global Group.
209      * 
210      * @param permission
211      *            the Permission
212      * @return <code>true</code> if the user is assigned the Permission in the
213      *         global Group.
214      */
215     boolean hasPermission(Permission permission);
216 
217     /**
218      * Checks if the user is assigned a specific Permission in the global Group.
219      * 
220      * @param permission
221      *            the Permission
222      * @return <code>true</code> if the user is assigned the Permission in the
223      *         global Group.
224      */
225     boolean hasPermission(String permission);
226 
227 }