01: /*
02: * Copyright 2005-2007 The Kuali Foundation.
03: *
04: * Licensed under the Educational Community License, Version 1.0 (the "License");
05: * you may not use this file except in compliance with the License.
06: * You may obtain a copy of the License at
07: *
08: * http://www.opensource.org/licenses/ecl1.php
09: *
10: * Unless required by applicable law or agreed to in writing, software
11: * distributed under the License is distributed on an "AS IS" BASIS,
12: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13: * See the License for the specific language governing permissions and
14: * limitations under the License.
15: */
16: package org.kuali.core.service;
17:
18: import java.util.Set;
19:
20: import org.kuali.core.bo.user.UniversalUser;
21: import org.kuali.core.datadictionary.DocumentEntry;
22:
23: /**
24: * Service used to control user access to classes which implement AuthorizationTarget
25: */
26: public interface AuthorizationService {
27: /**
28: * @param user
29: * @param action
30: * @param targetType
31: * @return true if the given user is a member of a group which is allowed to take the given action on objects matching the given
32: * targetType
33: */
34: public boolean isAuthorized(UniversalUser user, String action,
35: String targetType);
36:
37: /**
38: * @param user
39: * @param action
40: * @param targetType
41: * @return Set containing the names of the workgroups authorized for the action on the target type.
42: */
43: public Set getAuthorizedWorkgroups(String action, String targetType);
44:
45: /**
46: * Checks security of field. If field is secured by a workgroup, checks user is in workgroup.
47: *
48: * @return true if user is authorized to view attribute
49: */
50: public boolean isAuthorizedToViewAttribute(UniversalUser user,
51: String entryName, String attributeName);
52:
53: // public void completeInitialization( DataDictionary dataDictionary );
54:
55: public void setupAuthorizations(DocumentEntry documentEntry);
56: }
|