View Javadoc

1   package org.apache.turbine.util.security;
2   
3   /*
4    * Copyright 2001-2005 The Apache Software Foundation.
5    *
6    * Licensed under the Apache License, Version 2.0 (the "License")
7    * you may not use this file except in compliance with the License.
8    * You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  import java.io.Serializable;
20  
21  import org.apache.turbine.om.security.Group;
22  import org.apache.turbine.om.security.Permission;
23  import org.apache.turbine.om.security.Role;
24  
25  /***
26   * This interface describes a control class that makes it
27   * easy to find out if a particular User has a given Permission.
28   * It also determines if a User has a a particular Role.
29   *
30   * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
31   * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
32   * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
33   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
34   * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
35   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
36   * @version $Id: AccessControlList.java 264152 2005-08-29 14:50:22Z henning $
37   */
38  public interface AccessControlList
39          extends Serializable
40  {
41      /*** The default Session key for the Access Control List */
42      String SESSION_KEY = "turbine.AccessControlList";
43  
44      /***
45       * Retrieves a set of Roles an user is assigned in a Group.
46       *
47       * @param group the Group
48       * @return the set of Roles this user has within the Group.
49       */
50      RoleSet getRoles(Group group);
51  
52      /***
53       * Retrieves a set of Roles an user is assigned in the global Group.
54       *
55       * @return the set of Roles this user has within the global Group.
56       */
57      RoleSet getRoles();
58  
59      /***
60       * Retrieves a set of Permissions an user is assigned in a Group.
61       *
62       * @param group the Group
63       * @return the set of Permissions this user has within the Group.
64       */
65      PermissionSet getPermissions(Group group);
66  
67      /***
68       * Retrieves a set of Permissions an user is assigned in the global Group.
69       *
70       * @return the set of Permissions this user has within the global Group.
71       */
72      PermissionSet getPermissions();
73  
74      /***
75       * Checks if the user is assigned a specific Role in the Group.
76       *
77       * @param role the Role
78       * @param group the Group
79       * @return <code>true</code> if the user is assigned the Role in the Group.
80       */
81      boolean hasRole(Role role, Group group);
82  
83      /***
84       * Checks if the user is assigned a specific Role in any of the given
85       * Groups
86       *
87       * @param role the Role
88       * @param groupset a Groupset
89       * @return <code>true</code> if the user is assigned the Role in any of
90       *         the given Groups.
91       */
92      boolean hasRole(Role role, GroupSet groupset);
93  
94      /***
95       * Checks if the user is assigned a specific Role in the Group.
96       *
97       * @param role the Role
98       * @param group the Group
99       * @return <code>true</code> if the user is assigned the Role in the Group.
100      */
101     boolean hasRole(String role, String group);
102 
103     /***
104      * Checks if the user is assigned a specifie Role in any of the given
105      * Groups
106      *
107      * @param rolename the name of the Role
108      * @param groupset a Groupset
109      * @return <code>true</code> if the user is assigned the Role in any of
110      *         the given Groups.
111      */
112     boolean hasRole(String rolename, GroupSet groupset);
113 
114     /***
115      * Checks if the user is assigned a specific Role in the global Group.
116      *
117      * @param role the Role
118      * @return <code>true</code> if the user is assigned the Role in the global Group.
119      */
120     boolean hasRole(Role role);
121 
122     /***
123      * Checks if the user is assigned a specific Role in the global Group.
124      *
125      * @param role the Role
126      * @return <code>true</code> if the user is assigned the Role in the global Group.
127      */
128     boolean hasRole(String role);
129 
130     /***
131      * Checks if the user is assigned a specific Permission in the Group.
132      *
133      * @param permission the Permission
134      * @param group the Group
135      * @return <code>true</code> if the user is assigned the Permission in the Group.
136      */
137     boolean hasPermission(Permission permission, Group group);
138 
139     /***
140      * Checks if the user is assigned a specific Permission in any of the given
141      * Groups
142      *
143      * @param permission the Permission
144      * @param groupset a Groupset
145      * @return <code>true</code> if the user is assigned the Permission in any
146      *         of the given Groups.
147      */
148     boolean hasPermission(Permission permission, GroupSet groupset);
149 
150     /***
151      * Checks if the user is assigned a specific Permission in the Group.
152      *
153      * @param permission the Permission
154      * @param group the Group
155      * @return <code>true</code> if the user is assigned the Permission in the Group.
156      */
157     boolean hasPermission(String permission, String group);
158 
159     /***
160      * Checks if the user is assigned a specific Permission in the Group.
161      *
162      * @param permission the Permission
163      * @param group the Group
164      * @return <code>true</code> if the user is assigned the Permission in the Group.
165      */
166     boolean hasPermission(String permission, Group group);
167 
168     /***
169      * Checks if the user is assigned a specifie Permission in any of the given
170      * Groups
171      *
172      * @param permissionName the name of the Permission
173      * @param groupset a Groupset
174      * @return <code>true</code> if the user is assigned the Permission in any
175      *         of the given Groups.
176      */
177     boolean hasPermission(String permissionName, GroupSet groupset);
178 
179     /***
180      * Checks if the user is assigned a specific Permission in the global Group.
181      *
182      * @param permission the Permission
183      * @return <code>true</code> if the user is assigned the Permission in the global Group.
184      */
185     boolean hasPermission(Permission permission);
186 
187     /***
188      * Checks if the user is assigned a specific Permission in the global Group.
189      *
190      * @param permission the Permission
191      * @return <code>true</code> if the user is assigned the Permission in the global Group.
192      */
193     boolean hasPermission(String permission);
194 
195     /***
196      * Returns all groups definded in the system.
197      *
198      * @return An Array of all defined Groups
199      *
200      * This is useful for debugging, when you want to display all roles
201      * and permissions an user is assigned. This method is needed
202      * because you can't call static methods of TurbineSecurity class
203      * from within WebMacro/Velocity template
204      */
205     Group[] getAllGroups();
206 }