1 package org.apache.fulcrum.security.model.dynamic; 2 3 /* 4 * Licensed to the Apache Software Foundation (ASF) under one 5 * or more contributor license agreements. See the NOTICE file 6 * distributed with this work for additional information 7 * regarding copyright ownership. The ASF licenses this file 8 * to you under the Apache License, Version 2.0 (the 9 * "License"); you may not use this file except in compliance 10 * with the License. You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, 15 * software distributed under the License is distributed on an 16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 17 * KIND, either express or implied. See the License for the 18 * specific language governing permissions and limitations 19 * under the License. 20 */ 21 22 import org.apache.fulcrum.security.ModelManager; 23 import org.apache.fulcrum.security.entity.Group; 24 import org.apache.fulcrum.security.entity.Permission; 25 import org.apache.fulcrum.security.entity.Role; 26 import org.apache.fulcrum.security.entity.User; 27 import org.apache.fulcrum.security.util.DataBackendException; 28 import org.apache.fulcrum.security.util.UnknownEntityException; 29 30 /** 31 * Describes all the relationships between entities in the "Dynamic" model. 32 * 33 * @author <a href="mailto:epugh@upstate.com">Eric Pugh</a> 34 * @author <a href="mailto:ben@gidley.co.uk">Ben Gidley</a> 35 * @version $Id$ 36 */ 37 public interface DynamicModelManager extends ModelManager 38 { 39 /** 40 * Puts a role into a group 41 * 42 * This method is used when adding a role to a group. 43 * 44 * @param group 45 * the group to use 46 * @param role 47 * the role that will join the group 48 * @throws DataBackendException 49 * if there was an error accessing the data backend. 50 * @throws UnknownEntityException 51 * if the group or role is not present. 52 */ 53 void grant(Group group, Role role) throws DataBackendException, UnknownEntityException; 54 55 /** 56 * Remove a role from a group 57 * 58 * This method is used when removeing a role to a group. 59 * 60 * @param group 61 * the group to use 62 * @param role 63 * the role that will join the group 64 * @throws DataBackendException 65 * if there was an error accessing the data backend. 66 * @throws UnknownEntityException 67 * if the group or role is not present. 68 */ 69 void revoke(Group group, Role role) throws DataBackendException, UnknownEntityException; 70 71 /** 72 * Puts a permission in a role 73 * 74 * This method is used when adding a permission to a role 75 * 76 * @param role the Role 77 * @param permission the Permission 78 * 79 * @throws DataBackendException 80 * if there was an error accessing the data backend. 81 * @throws UnknownEntityException 82 * if the account is not present. 83 */ 84 void grant(Role role, Permission permission) throws DataBackendException, UnknownEntityException; 85 86 /** 87 * Removes a permission from a role 88 * 89 * @param role the Role 90 * @param permission the Permission 91 * 92 * @throws DataBackendException 93 * if there was an error accessing the data backend. 94 * @throws UnknownEntityException 95 * if the user or group is not present. 96 */ 97 void revoke(Role role, Permission permission) throws DataBackendException, UnknownEntityException; 98 99 /** 100 * Puts a user in a group. 101 * 102 * This method is used when adding a user to a group 103 * 104 * @param user the User 105 * @param group the Group 106 * 107 * @throws DataBackendException 108 * if there was an error accessing the data backend. 109 * @throws UnknownEntityException 110 * if the account is not present. 111 */ 112 void grant(User user, Group group) throws DataBackendException, UnknownEntityException; 113 114 /** 115 * Removes a user from a group 116 * 117 * @param user the User 118 * @param group the Group 119 * 120 * @throws DataBackendException 121 * if there was an error accessing the data backend. 122 * @throws UnknownEntityException 123 * if the user or group is not present. 124 */ 125 void revoke(User user, Group group) throws DataBackendException, UnknownEntityException; 126 127 /** 128 * Revokes all roles from an User. 129 * 130 * This method is typically used when deleting an account. 131 * 132 * @param user the User 133 * 134 * @throws DataBackendException 135 * if there was an error accessing the data backend. 136 * @throws UnknownEntityException 137 * if the account is not present. 138 */ 139 void revokeAll(User user) throws DataBackendException, UnknownEntityException; 140 141 /** 142 * Revoke from a permission all roles 143 * 144 * This method is typically used when deleting a Permission 145 * 146 * @param permission 147 * the Permission. 148 * @throws DataBackendException 149 * if there was an error accessing the data backend. 150 * @throws UnknownEntityException 151 * if the permission is not present. 152 */ 153 void revokeAll(Permission permission) throws DataBackendException, UnknownEntityException; 154 155 /** 156 * Revokes all permissions from a Role. 157 * 158 * This method is typically used when deleting a Role. 159 * 160 * @param role 161 * the Role 162 * @throws DataBackendException 163 * if there was an error accessing the data backend. 164 * @throws UnknownEntityException 165 * if the Role is not present. 166 */ 167 void revokeAll(Role role) throws DataBackendException, UnknownEntityException; 168 169 /** 170 * Revokes all roles and users from a Group 171 * 172 * This method is typically used when deleting a Group. 173 * 174 * @param group 175 * the Group 176 * @throws DataBackendException 177 * if there was an error accessing the data backend. 178 * @throws UnknownEntityException 179 * if the Group is not present. 180 */ 181 void revokeAll(Group group) throws DataBackendException, UnknownEntityException; 182 183 /** 184 * Allow B to assumes A's roles, groups and permissions 185 * 186 * @param delegator 187 * A 188 * @param delegatee 189 * B 190 * 191 * @throws DataBackendException 192 * if there was an error accessing the data backend. 193 * @throws UnknownEntityException 194 * if the Group is not present. 195 */ 196 void addDelegate(User"../../../../../../org/apache/fulcrum/security/entity/User.html#User">User delegator, User delegatee) throws DataBackendException, UnknownEntityException; 197 198 /** 199 * Stop A having B's roles, groups and permissions 200 * 201 * @param delegator 202 * A 203 * @param delegatee 204 * B 205 * 206 * @throws DataBackendException 207 * if there was an error accessing the data backend. 208 * @throws UnknownEntityException 209 * if the Group is not present. 210 */ 211 void removeDelegate(User"../../../../../../org/apache/fulcrum/security/entity/User.html#User">User delegator, User delegatee) throws DataBackendException, UnknownEntityException; 212 }