01: /*
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: *
17: */
18:
19: package org.apache.lenya.ac;
20:
21: import org.apache.avalon.framework.component.Component;
22:
23: /**
24: * A policy manager.
25: *
26: * @version $Id: PolicyManager.java 479620 2006-11-27 14:02:13Z andreas $
27: */
28: public interface PolicyManager extends Component {
29:
30: /**
31: * The Avalon role.
32: */
33: String ROLE = PolicyManager.class.getName();
34:
35: /**
36: * Returns the policy for a given page.
37: * @param controller The access controller.
38: * @param url The url inside the web application.
39: * @return The policy.
40: * @throws AccessControlException when something went wrong.
41: */
42: Policy getPolicy(AccreditableManager controller, String url)
43: throws AccessControlException;
44:
45: /**
46: * Returns all granted roles for a certain identity on a certain URL.
47: * @param accreditableManager The accreditable manager.
48: * @param identity The identity.
49: * @param url The URL.
50: * @return An array of roles.
51: * @throws AccessControlException if an error occurs.
52: */
53: Role[] getGrantedRoles(AccreditableManager accreditableManager,
54: Identity identity, String url)
55: throws AccessControlException;
56:
57: /**
58: * Return all credentials for this url
59: *
60: * @param controller The Accreditable Manager
61: * @param url The AC url
62: * @return An array of credentials
63: * @throws AccessControlException when something went wrong.
64: */
65: Credential[] getCredentials(AccreditableManager controller,
66: String url) throws AccessControlException;
67:
68: /**
69: * Called when an accreditable was added. Used to create the admin interface
70: * policy. This method get invoked, when e.g. a new user is added. The user
71: * always should be able to edit her profile. Therefore the method normally
72: * grant inherit edit rights to the user profile page.
73: *
74: * @param manager The accreditable manager the accreditable belonged to.
75: * @param accreditable The accreditable that was removed.
76: * @throws AccessControlException when something went wrong.
77: */
78: void accreditableAdded(AccreditableManager manager,
79: Accreditable accreditable) throws AccessControlException;
80:
81: /**
82: * Called when an accreditable was removed. Used to clean up the policies
83: * and to remove the admin interface policy.
84: *
85: * @param manager The accreditable manager the accreditable belonged to.
86: * @param accreditable The accreditable that was removed.
87: * @throws AccessControlException when something went wrong.
88: */
89: void accreditableRemoved(AccreditableManager manager,
90: Accreditable accreditable) throws AccessControlException;
91:
92: }
|