001: /**********************************************************************************
002: * $URL: https://source.sakaiproject.org/svn/authz/tags/sakai_2-4-1/authz-api/api/src/java/org/sakaiproject/authz/api/Role.java $
003: * $Id: Role.java 21432 2007-02-14 17:00:23Z jholtzman@berkeley.edu $
004: ***********************************************************************************
005: *
006: * Copyright (c) 2003, 2004, 2005, 2006 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the "License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.sakaiproject.authz.api;
021:
022: import java.io.Serializable;
023: import java.util.Collection;
024: import java.util.Set;
025:
026: /**
027: * <p>
028: * Role is part of an AuthzGroup, to which users can be assingned, and which is given permissions to various functions.
029: * </p>
030: */
031: public interface Role extends Comparable, Serializable {
032: /**
033: * Access the Role id.
034: *
035: * @return The role id.
036: */
037: String getId();
038:
039: /**
040: * Access the Role description.
041: *
042: * @return The role description.
043: */
044: String getDescription();
045:
046: /**
047: * Whether this Role is assignable only by a provider (true) or if the role can
048: * be manipulated by users (false).
049: *
050: * @return Whether the role is assignable only by a provider.
051: */
052: boolean isProviderOnly();
053:
054: /**
055: * Test if users with this role are allowed to perform this named function.
056: *
057: * @param function
058: * The function name.
059: * @return true if users with this role are allowed to perform this named function, false if not.
060: */
061: boolean isAllowed(String function);
062:
063: /**
064: * Access the set of functions that users with this role are allowed to perform.
065: *
066: * @return The Set of function names (String) that users with this role are allowed to perform.
067: */
068: Set getAllowedFunctions();
069:
070: /**
071: * Set the role description.
072: *
073: * @param description
074: * The role description.
075: */
076: void setDescription(String description);
077:
078: /**
079: * Sets the provider only flag.
080: *
081: * @param providerOnly
082: */
083: void setProviderOnly(boolean providerOnly);
084:
085: /**
086: * Add this function to the set of functions that users with this role are allowed to perform.
087: *
088: * @param function
089: * The function name to add to the allowed set.
090: */
091: void allowFunction(String lock);
092:
093: /**
094: * Add these functions to the set of functions that users with this role are allowed to perform.
095: *
096: * @param functions
097: * The Collection (String) of function names to add to the allowed set.
098: */
099: void allowFunctions(Collection functions);
100:
101: /**
102: * Remove this function from the set of functions that users with this role are allowed to perform.
103: *
104: * @param function
105: * The function name to disallow.
106: */
107: void disallowFunction(String lock);
108:
109: /**
110: * Remove these functions from the set of functions that users with this role are allowed to perform.
111: *
112: * @param function
113: * The Collection (String) of function names to remove from the allowed set.
114: */
115: void disallowFunctions(Collection functions);
116:
117: /**
118: * Remove all functions from the set of functions that users with this role are allowed to perform.
119: */
120: void disallowAll();
121:
122: /**
123: * Check if the Role has no functons in the set of functions that users with this role are allowed to perform.
124: *
125: * @return true if the role has no allowed functions, false if it does.
126: */
127: boolean allowsNoFunctions();
128: }
|