001: /* Copyright 2001 The JA-SIG Collaborative. All rights reserved.
002: * See license distributed with this file and
003: * available online at http://www.uportal.org/license.html
004: */
005:
006: package org.jasig.portal.security;
007:
008: import java.util.Vector;
009:
010: import org.jasig.portal.AuthorizationException;
011: import org.jasig.portal.groups.GroupsException;
012: import org.jasig.portal.groups.IGroupMember;
013:
014: /**
015: * @author Bernie Durfee, bdurfee@interactivebusiness.com
016: * @author Dan Ellentuck, de3@columbia.edu
017: * @version $Revision: 34783 $
018: *
019: * An <code>IAuthorizationService</code> represents the portal's authorization service.
020: * All requests for authorization activities ultimately come here.
021: */
022: public interface IAuthorizationService {
023: /**
024: * Adds <code>IPermissions</code> to the service.
025: * @param permissions IPermission[]
026: * @exception AuthorizationException
027: */
028: public void addPermissions(IPermission[] permissions)
029: throws AuthorizationException;
030:
031: /**
032: * I'm not sure what this means (Dan). Publish what?
033: * @param principal IAuthorizationPrincipal
034: * @return boolean
035: * @exception AuthorizationException
036: */
037: public boolean canPrincipalPublish(IAuthorizationPrincipal principal)
038: throws AuthorizationException;
039:
040: /**
041: * Answers if the principal has permission to render this Channel.
042: * @return boolean
043: * @param principal IAuthorizationPrincipal
044: * @param channelPublishId int
045: * @exception AuthorizationException indicates authorization information could not be retrieved.
046: */
047: public boolean canPrincipalRender(
048: IAuthorizationPrincipal principal, int channelPublishId)
049: throws AuthorizationException;
050:
051: /**
052: * Answers if the principal has permission to subscribe to this Channel.
053: * @return boolean
054: * @param principal IAuthorizationPrincipal
055: * @param channelPublishId int
056: * @exception AuthorizationException indicates authorization information could not be retrieved.
057: */
058: public boolean canPrincipalSubscribe(
059: IAuthorizationPrincipal principal, int channelPublishId)
060: throws AuthorizationException;
061:
062: /**
063: * Answers if the owner has given the principal permission to perform the activity on
064: * the target. Params <code>owner</code> and <code>activity</code> must be non-null.
065: * If <code>target</code> is null, then target is not checked.
066: *
067: * @return boolean
068: * @param principal IAuthorizationPrincipal
069: * @param owner java.lang.String
070: * @param activity java.lang.String
071: * @param target java.lang.String
072: * @exception AuthorizationException indicates authorization information could not
073: * be retrieved.
074: */
075: public boolean doesPrincipalHavePermission(
076: IAuthorizationPrincipal principal, String owner,
077: String activity, String target)
078: throws AuthorizationException;
079:
080: /**
081: * Returns the <code>IPermissions</code> owner has granted this <code>Principal</code> for
082: * the specified activity and target. This includes inherited <code>IPermissions</code>.
083: * Null parameters will be ignored, that is, all <code>IPermissions</code> matching the
084: * non-null parameters are retrieved. So, <code>getPermissions(principal,null, null, null)</code>
085: * should retrieve all <code>IPermissions</code> for a <code>Principal</code>.
086: *
087: * @return org.jasig.portal.security.IPermission[]
088: * @param principal IAuthorizationPrincipal
089: * @param owner java.lang.String
090: * @param activity java.lang.String
091: * @param target java.lang.String
092: * @exception AuthorizationException indicates authorization information could not
093: * be retrieved.
094: */
095: public IPermission[] getAllPermissionsForPrincipal(
096: IAuthorizationPrincipal principal, String owner,
097: String activity, String target)
098: throws AuthorizationException;
099:
100: /**
101: * Does this mean all channels the principal could conceivably subscribe
102: * to or all channels principal is specifically authorized to subscribe to,
103: * or what?
104: *
105: * @param principal IAuthorizationPrincipal
106: * @return Vector (of channels?)
107: * @exception AuthorizationException indicates authorization information could not
108: */
109: public Vector getAuthorizedChannels(
110: IAuthorizationPrincipal principal)
111: throws AuthorizationException;
112:
113: /**
114: * @return org.jasig.portal.groups.IGroupMember
115: * @param principal org.jasig.portal.security.IAuthorizationPrincipal
116: */
117: public IGroupMember getGroupMember(IAuthorizationPrincipal principal)
118: throws GroupsException;
119:
120: /**
121: * Returns the <code>IPermissions</code> owner has granted for the specified activity
122: * and target. Null parameters will be ignored, that is, all <code>IPermissions</code>
123: * matching the non-null parameters are retrieved.
124: *
125: * @return org.jasig.portal.security.IPermission[]
126: * @param owner java.lang.String
127: * @param activity java.lang.String
128: * @param target java.lang.String
129: * @exception AuthorizationException indicates authorization information could not
130: * be retrieved.
131: */
132: public IPermission[] getPermissionsForOwner(String owner,
133: String activity, String target)
134: throws AuthorizationException;
135:
136: /**
137: * Returns the <code>IPermissions</code> owner has granted this <code>Principal</code> for
138: * the specified activity and target. Null parameters will be ignored, that is, all
139: * <code>IPermissions</code> matching the non-null parameters are retrieved. So,
140: * <code>getPermissions(principal,null, null, null)</code> should retrieve all <code>IPermissions</code>
141: * for a <code>Principal</code>.
142: *
143: * @return org.jasig.portal.security.IPermission[]
144: * @param principal IAuthorizationPrincipal
145: * @param owner java.lang.String
146: * @param activity java.lang.String
147: * @param target java.lang.String
148: * @exception AuthorizationException indicates authorization information could not
149: * be retrieved.
150: */
151: public IPermission[] getPermissionsForPrincipal(
152: IAuthorizationPrincipal principal, String owner,
153: String activity, String target)
154: throws AuthorizationException;
155:
156: /**
157: * Creates a new <code>IPermission</code> for the <code>principal</code> on behalf of the
158: * <code>owner</code>.
159: *
160: * @param owner String
161: * @param principal IAuthorizationPrincipal
162: */
163: public IPermission newPermission(String owner,
164: IAuthorizationPrincipal principal)
165: throws AuthorizationException;
166:
167: /**
168: * @param key java.lang.String
169: * @return org.jasig.portal.security.IPermissionManager
170: * @exception org.jasig.portal.AuthorizationException
171: */
172: public IPermissionManager newPermissionManager(String key)
173: throws AuthorizationException;
174:
175: /**
176: * Factory method for an <code>IAuthorizationPrincipal</code>. This type wraps an underlying
177: * entity so that the authorization system can treat all principals alike.
178: * @param key String
179: * @param type Class
180: * @return IAuthorizationPrincipal
181: */
182: public IAuthorizationPrincipal newPrincipal(String key, Class type);
183:
184: /**
185: * Converts an <code>IGroupMember</code> into an <code>IAuthorizationPrincipal</code>.
186: * @return org.jasig.portal.security.IAuthorizationPrincipal
187: * @param groupMember org.jasig.portal.groups.IGroupMember
188: */
189: public IAuthorizationPrincipal newPrincipal(IGroupMember groupMember)
190: throws GroupsException;
191:
192: /**
193: * @return org.jasig.portal.security.IUpdatingPermissionManager
194: * @param key java.lang.String
195: * @exception org.jasig.portal.AuthorizationException
196: */
197: public IUpdatingPermissionManager newUpdatingPermissionManager(
198: String key) throws AuthorizationException;
199:
200: /**
201: * Removes <code>IPermissions</code> from the service.
202: * @param permissions IPermission[]
203: * @exception AuthorizationException
204: */
205: public void removePermissions(IPermission[] permissions)
206: throws AuthorizationException;
207:
208: /**
209: * Updates <code>IPermissions</code> in the service.
210: * @param permissions IPermission[]
211: * @exception AuthorizationException
212: */
213: public void updatePermissions(IPermission[] permissions)
214: throws AuthorizationException;
215:
216: /**
217: * Returns the <code>IAuthorizationPrincipal</code> associated with the <code>IPermission</code>.
218: * @param permission IPermission
219: */
220: public IAuthorizationPrincipal getPrincipal(IPermission permission)
221: throws AuthorizationException;
222:
223: /**
224: * Returns a <code>String</code> used to represent the <code>IAuthorizationPrincipal</code>.
225: * @param principal IAuthorizationPrincipal
226: */
227: public String getPrincipalString(IAuthorizationPrincipal principal);
228:
229: /**
230: * Answers if the owner has given the principal permission to perform the activity on
231: * the target, as evaluated by the policy. Params <code>policy</code>, <code>owner</code>
232: * and <code>activity</code> must be non-null. If <code>target</code> is null, then
233: * target is not checked.
234: *
235: * @return boolean
236: * @param principal IAuthorizationPrincipal
237: * @param owner java.lang.String
238: * @param activity java.lang.String
239: * @param target java.lang.String
240: * @exception AuthorizationException indicates authorization information could not
241: * be retrieved.
242: */
243: public boolean doesPrincipalHavePermission(
244: IAuthorizationPrincipal principal, String owner,
245: String activity, String target, IPermissionPolicy policy)
246: throws AuthorizationException;
247: }
|