001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: LibraryRights.java,v $
031: * Revision 1.4 2005/04/29 02:48:16 colinmacleod
032: * Data bugfixes.
033: * Changed primary key back to Integer.
034: *
035: * Revision 1.3 2005/04/10 20:09:45 colinmacleod
036: * Added new themes.
037: * Changed id type to String.
038: * Changed i tag to em and b tag to strong.
039: * Improved PicoContainerFactory with NanoContainer scripts.
040: *
041: * Revision 1.2 2005/04/09 17:19:46 colinmacleod
042: * Changed copyright text to GPL v2 explicitly.
043: *
044: * Revision 1.1.1.1 2005/03/10 17:51:59 colinmacleod
045: * Restructured ivata op around Hibernate/PicoContainer.
046: * Renamed ivata groupware.
047: *
048: * Revision 1.3 2004/11/12 18:16:05 colinmacleod
049: * Ordered imports.
050: *
051: * Revision 1.2 2004/11/12 15:57:16 colinmacleod
052: * Removed dependencies on SSLEXT.
053: * Moved Persistence classes to ivata masks.
054: *
055: * Revision 1.1 2004/07/13 19:47:29 colinmacleod
056: * Moved project to POJOs from EJBs.
057: * Applied PicoContainer to services layer (replacing session EJBs).
058: * Applied Hibernate to persistence layer (replacing entity EJBs).
059: * -----------------------------------------------------------------------------
060: */
061: package com.ivata.groupware.business.library.right;
062:
063: import java.util.Collection;
064:
065: import com.ivata.groupware.admin.security.server.SecuritySession;
066: import com.ivata.groupware.business.library.comment.CommentDO;
067: import com.ivata.mask.util.SystemException;
068:
069: /**
070: * <p>
071: * TODO: add a comment for this type.
072: * </p>
073: *
074: * @author Colin MacLeod
075: * <a href='mailto:colin.macleod@ivata.com'>colin.macleod@ivata.com</a>
076: * @since Jun 19, 2004
077: * @version $Revision: 1.4 $
078: */
079:
080: public interface LibraryRights {
081:
082: /**
083: * <p>
084: * This method changes ADD rights. Users in the specified groups will be
085: * able to add ITEMS with this TOPIC.
086: * </p>
087: *
088: * <p>
089: * It's works only with those groups which can be seen by the user.
090: * if I am adding ADD right for a group and the user has not VIEW right
091: * -> also create a VIEW right for that group.
092: * </p>
093: *
094: * @param id of TOPIC
095: * @param userName user vhich is goin to change rights
096: * @param rights collection of groups for which we will set up ADD right
097: */
098: public abstract void amendAddRightsForItem(
099: SecuritySession securitySession, Integer id,
100: Collection rights) throws SystemException;
101:
102: /**
103: * <p>This method changing AMEND rights. Users in those groups will be able to amend ITEMS with this TOPIC.
104: * It's working only with those groups which can be see by user.
105: * if I am adding AMEND right for group and there is not VIEW right -> so create VIEW right for that group.</p>
106: *
107: * @param id of TOPIC
108: * @param userName user vhich is goin to change rights
109: * @param rights collection of groups for which we will set up AMEND right
110: */
111: public abstract void amendAmendRightsForItem(
112: SecuritySession securitySession, Integer id,
113: Collection rights) throws SystemException;
114:
115: /**
116: * <p>This method changing AMEND rights of TOPIC. It's working only with those groups which can be see by user.
117: * if I am adding AMEND right for group and there is not VIEW right -> so create VIEW right for that group.</p>
118: *
119: * @param id of TOPIC
120: * @param userName user which is chaning
121: * @param rights collection of groups for which we will set up AMEND right
122: */
123: public abstract void amendAmendRightsForTopic(
124: SecuritySession securitySession, Integer id,
125: Collection rights) throws SystemException;
126:
127: /**
128: * <p>This method changing REMOVE rights. Users in those groups will be able to remove ITEMS with this TOPIC.
129: * It's working only with those groups which can be see by user.
130: * if I am adding REMOVE right for group and there is not VIEW right -> so create VIEW right for that group.</p>
131: *
132: * @param id of TOPIC
133: * @param userName user vhich is goin to change rights
134: * @param rights collection of groups for which we will set up REMOVE right
135: */
136: public abstract void amendRemoveRightsForItem(
137: SecuritySession securitySession, Integer id,
138: Collection rights) throws SystemException;
139:
140: /**
141: * <p>This method changing REMOVE rights of TOPIC. It's working only with those groups which can be see by user.
142: * if I am adding REMOVE right for group and there is not VIEW right -> so create VIEW right for that group.</p>
143: *
144: * @param id of TOPIC
145: * @param userName user vhich is going to change
146: * @param rights collection of groups for which we will set up REMOVE right
147: */
148: public abstract void amendRemoveRightsForTopic(
149: SecuritySession securitySession, Integer id,
150: Collection rights) throws SystemException;
151:
152: /**
153: * <p>This method changing VIEW rights of ITEMS. Users in those groups will be albe to see ITEMS with this TOPIC.
154: * It's working only with those groups which can be see by user.</p>
155: *
156: * @param id of TOPIC
157: * @param userName user vhich is goin to change rights
158: * @param rights collection of groups for which we will set up VIEW right
159: */
160: public abstract void amendViewRightsForItem(
161: SecuritySession securitySession, Integer id,
162: Collection rights) throws SystemException;
163:
164: /**
165: * <p>This method changing VIEW rights of TOPIC. It's working only with those groups which can be see by user.</p>
166: *
167: * @param id of TOPIC
168: * @param userName user which is changing
169: * @param rights collection of groupIds for which we will set up VIEW right
170: */
171: public abstract void amendViewRightsForTopic(
172: SecuritySession securitySession, Integer id,
173: Collection rights) throws SystemException;
174:
175: /**
176: * <p>Find out if a user is allowed to add a new comment.</p>
177: *
178: * @param userName the name of the user to check the user rights for.
179: * @param comment the comment check.
180: * @return <code>true</code> if the user is entitled to add this comment,
181: * otherwise <code>false</code>.
182: */
183: public abstract boolean canAddComment(
184: SecuritySession securitySession, CommentDO comment)
185: throws SystemException;
186:
187: /**
188: * <p>Find out if a user is allowed to add a new topic.</p>
189: *
190: * @param userName the name of the user to check the user rights for.
191: * @param topicId the unique identifier of the topic to check.
192: * @return <code>true</code> if the user is entitled to add new topics,
193: * otherwise <code>false</code>.
194: */
195: public abstract boolean canAddTopic(SecuritySession securitySession)
196: throws SystemException;
197:
198: /**
199: * <p>Find out if a user is allowed to add items to a given topic.</p>
200: *
201: * @param userName the name of the user to check the user rights for.
202: * @param topicId the unique identifier of the topic to check.
203: * @return <code>true</code> if the user is entitled to add items to the
204: * topic, otherwise <code>false</code>.
205: */
206: public abstract boolean canAddToTopic(
207: SecuritySession securitySession, Integer topicId)
208: throws SystemException;
209:
210: /**
211: * <p>Find out if a user is allowed to change an existing comment.</p>
212: *
213: * @param userName the name of the user to check the user rights for.
214: * @param comment the comment check.
215: * @return <code>true</code> if the user is entitled to change this comment,
216: * otherwise <code>false</code>.
217: */
218: public abstract boolean canAmendComment(
219: SecuritySession securitySession, CommentDO comment)
220: throws SystemException;
221:
222: /**
223: * <p>Find out if a user is allowed to amend items in a given topic.</p>
224: *
225: * @param userName the name of the user to check the user rights for.
226: * @param integerParam the unique identifier of the topic to check.
227: * @return <code>true</code> if the user is entitled to amend items in the
228: * topic, otherwise <code>false</code>.
229: */
230: public abstract boolean canAmendInTopic(
231: SecuritySession securitySession, Integer integerParam)
232: throws SystemException;
233:
234: /**
235: * <p>Find out if a user is allowed to amend an existing new topic.</p>
236: *
237: * @param userName the name of the user to check the user rights for.
238: * @param topicId the unique identifier of the topic to check.
239: * @return <code>true</code> if the user is entitled to amend the
240: * topic, otherwise <code>false</code>.
241: */
242: public abstract boolean canAmendTopic(
243: SecuritySession securitySession, Integer id)
244: throws SystemException;
245:
246: /**
247: * <p>Find out if a user is allowed to remove an existing comment.</p>
248: *
249: * @param userName the name of the user to check the user rights for.
250: * @param comment the comment check.
251: * @return <code>true</code> if the user is entitled to remove this comment,
252: * otherwise <code>false</code>.
253: */
254: public abstract boolean canRemoveComment(
255: SecuritySession securitySession, CommentDO comment)
256: throws SystemException;
257:
258: /**
259: * <p>Find out if a user is allowed to remove items from a given topic.</p>
260: *
261: * @param userName the name of the user to check the user rights for.
262: * @param topicId the unique identifier of the topic to check.
263: * @return <code>true</code> if the user is entitled to remove items from
264: * the topic, otherwise <code>false</code>.
265: */
266: public abstract boolean canRemoveFromTopic(
267: SecuritySession securitySession, Integer topicId)
268: throws SystemException;
269:
270: /**
271: * <p>Find out if a user is allowed to remove a topic.</p>
272: *
273: * @param userName the name of the user to check the user rights for.
274: * @param topicId the unique identifier of the topic to check.
275: * @return <code>true</code> if the user is entitled to remove the
276: * topic, otherwise <code>false</code>.
277: */
278: public abstract boolean canRemoveTopic(
279: SecuritySession securitySession, Integer id)
280: throws SystemException;
281:
282: /**
283: * <p>Internal helper method. Find out if a user is allowed to access
284: * entries in a given group.</p>
285: *
286: * @param securitySession Security session to check the rights for.
287: * @param topicId Unique identifier of the topic to check.
288: * @param access The access level as defined in {@link
289: * com.ivata.groupware.business.addressbook.person.group.right.RightConstants
290: * RightConstants}.
291: * @return <code>true</code> if the user is entitled to access entries in the
292: * topic, otherwise <code>false</code>.
293: */
294: public abstract boolean canUser(SecuritySession securitySession,
295: Integer topicId, Integer detail, Integer access)
296: throws SystemException;
297:
298: /**
299: * <p>Find out if a user is allowed to view items to a given topic.</p>
300: *
301: * @param userName the name of the user to check the user rights for.
302: * @param topicId the unique identifier of the topic to check.
303: * @return <code>true</code> if the user is entitled to view items in the
304: * topic, otherwise <code>false</code>.
305: */
306: public abstract boolean canViewInTopic(
307: SecuritySession securitySession, Integer topicId)
308: throws SystemException;
309:
310: /**
311: * <p>Find groups which have <code>access</code> to items with topic.
312: * Return only those groups which can be see by that user.</p>
313: *
314: * @param id of TOPIC
315: * @param userName user which is trying to find rights
316: * @param access find rights with this access
317: * @return Collection of IDS of groups which have <code>access</code> to that items wuth that topic
318: */
319: public abstract Collection findRightsForItemsInTopic(
320: SecuritySession securitySession, Integer id, Integer access)
321: throws SystemException;
322:
323: /**
324: * <p>Find groups which have <code>access</code> to topic.
325: * Return only those groups which can be see by that user.</p>
326: *
327: * @param id of TOPIC
328: * @param userName user which is trying to find rights
329: * @param access find rights with this access
330: * @return Collection of IDS of groups which have <code>access</code> to that topic
331: */
332: public abstract Collection findRightsForTopic(
333: SecuritySession securitySession, Integer id, Integer access)
334: throws SystemException;
335:
336: /**
337: * <p>Find the unique identifiers of all library topics for which the items
338: * can be accessed by the group specified, with the access level given.</p>
339: *
340: * @param groupId unique identifier of the group for which to search for
341: * library topics.
342: * @param access the access level as defined in {@link
343: * com.ivata.groupware.business.addressbook.person.group.right.RightConstants
344: * RightConstants}.
345: * @return a <code>Collection</code> of <code>Integer</code> instances,
346: * matching all topics which can be access with this level of access
347: * by the group specified.
348: */
349: public abstract Collection findTopicsByGroupAccess(
350: SecuritySession securitySession, Integer groupId,
351: Integer access) throws SystemException;
352: }
|