001: package org.apache.turbine.util.security;
002:
003: /*
004: * Copyright 2001-2005 The Apache Software Foundation.
005: *
006: * Licensed under the Apache License, Version 2.0 (the "License")
007: * you may not use this file except in compliance with the License.
008: * You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing, software
013: * distributed under the License is distributed on an "AS IS" BASIS,
014: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015: * See the License for the specific language governing permissions and
016: * limitations under the License.
017: */
018:
019: import java.io.Serializable;
020:
021: import org.apache.turbine.om.security.Group;
022: import org.apache.turbine.om.security.Permission;
023: import org.apache.turbine.om.security.Role;
024:
025: /**
026: * This interface describes a control class that makes it
027: * easy to find out if a particular User has a given Permission.
028: * It also determines if a User has a a particular Role.
029: *
030: * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
031: * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
032: * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
033: * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
034: * @author <a href="mailto:marco@intermeta.de">Marco Knüttel</a>
035: * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
036: * @version $Id: AccessControlList.java 264152 2005-08-29 14:50:22Z henning $
037: */
038: public interface AccessControlList extends Serializable {
039: /** The default Session key for the Access Control List */
040: String SESSION_KEY = "turbine.AccessControlList";
041:
042: /**
043: * Retrieves a set of Roles an user is assigned in a Group.
044: *
045: * @param group the Group
046: * @return the set of Roles this user has within the Group.
047: */
048: RoleSet getRoles(Group group);
049:
050: /**
051: * Retrieves a set of Roles an user is assigned in the global Group.
052: *
053: * @return the set of Roles this user has within the global Group.
054: */
055: RoleSet getRoles();
056:
057: /**
058: * Retrieves a set of Permissions an user is assigned in a Group.
059: *
060: * @param group the Group
061: * @return the set of Permissions this user has within the Group.
062: */
063: PermissionSet getPermissions(Group group);
064:
065: /**
066: * Retrieves a set of Permissions an user is assigned in the global Group.
067: *
068: * @return the set of Permissions this user has within the global Group.
069: */
070: PermissionSet getPermissions();
071:
072: /**
073: * Checks if the user is assigned a specific Role in the Group.
074: *
075: * @param role the Role
076: * @param group the Group
077: * @return <code>true</code> if the user is assigned the Role in the Group.
078: */
079: boolean hasRole(Role role, Group group);
080:
081: /**
082: * Checks if the user is assigned a specific Role in any of the given
083: * Groups
084: *
085: * @param role the Role
086: * @param groupset a Groupset
087: * @return <code>true</code> if the user is assigned the Role in any of
088: * the given Groups.
089: */
090: boolean hasRole(Role role, GroupSet groupset);
091:
092: /**
093: * Checks if the user is assigned a specific Role in the Group.
094: *
095: * @param role the Role
096: * @param group the Group
097: * @return <code>true</code> if the user is assigned the Role in the Group.
098: */
099: boolean hasRole(String role, String group);
100:
101: /**
102: * Checks if the user is assigned a specifie Role in any of the given
103: * Groups
104: *
105: * @param rolename the name of the Role
106: * @param groupset a Groupset
107: * @return <code>true</code> if the user is assigned the Role in any of
108: * the given Groups.
109: */
110: boolean hasRole(String rolename, GroupSet groupset);
111:
112: /**
113: * Checks if the user is assigned a specific Role in the global Group.
114: *
115: * @param role the Role
116: * @return <code>true</code> if the user is assigned the Role in the global Group.
117: */
118: boolean hasRole(Role role);
119:
120: /**
121: * Checks if the user is assigned a specific Role in the global Group.
122: *
123: * @param role the Role
124: * @return <code>true</code> if the user is assigned the Role in the global Group.
125: */
126: boolean hasRole(String role);
127:
128: /**
129: * Checks if the user is assigned a specific Permission in the Group.
130: *
131: * @param permission the Permission
132: * @param group the Group
133: * @return <code>true</code> if the user is assigned the Permission in the Group.
134: */
135: boolean hasPermission(Permission permission, Group group);
136:
137: /**
138: * Checks if the user is assigned a specific Permission in any of the given
139: * Groups
140: *
141: * @param permission the Permission
142: * @param groupset a Groupset
143: * @return <code>true</code> if the user is assigned the Permission in any
144: * of the given Groups.
145: */
146: boolean hasPermission(Permission permission, GroupSet groupset);
147:
148: /**
149: * Checks if the user is assigned a specific Permission in the Group.
150: *
151: * @param permission the Permission
152: * @param group the Group
153: * @return <code>true</code> if the user is assigned the Permission in the Group.
154: */
155: boolean hasPermission(String permission, String group);
156:
157: /**
158: * Checks if the user is assigned a specific Permission in the Group.
159: *
160: * @param permission the Permission
161: * @param group the Group
162: * @return <code>true</code> if the user is assigned the Permission in the Group.
163: */
164: boolean hasPermission(String permission, Group group);
165:
166: /**
167: * Checks if the user is assigned a specifie Permission in any of the given
168: * Groups
169: *
170: * @param permissionName the name of the Permission
171: * @param groupset a Groupset
172: * @return <code>true</code> if the user is assigned the Permission in any
173: * of the given Groups.
174: */
175: boolean hasPermission(String permissionName, GroupSet groupset);
176:
177: /**
178: * Checks if the user is assigned a specific Permission in the global Group.
179: *
180: * @param permission the Permission
181: * @return <code>true</code> if the user is assigned the Permission in the global Group.
182: */
183: boolean hasPermission(Permission permission);
184:
185: /**
186: * Checks if the user is assigned a specific Permission in the global Group.
187: *
188: * @param permission the Permission
189: * @return <code>true</code> if the user is assigned the Permission in the global Group.
190: */
191: boolean hasPermission(String permission);
192:
193: /**
194: * Returns all groups definded in the system.
195: *
196: * @return An Array of all defined Groups
197: *
198: * This is useful for debugging, when you want to display all roles
199: * and permissions an user is assigned. This method is needed
200: * because you can't call static methods of TurbineSecurity class
201: * from within WebMacro/Velocity template
202: */
203: Group[] getAllGroups();
204: }
|