/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.om.registry;
// Java imports
import java.util.Vector;
// Jetspeed imports
import org.apache.jetspeed.om.SecurityReference;
import org.apache.jetspeed.om.registry.MetaInfo;
/**
* Interface for manipulatin the security entries on the registry entries
*
*
* @author <a href="mailto:paulsp@apache.org">Paul Spencer</a>
* @author <a href="mailto:weaver@apache.org">Scott T. Weaver</a>
* @author <a href="mailto:morciuch@apache.org">Mark Orciuch</a>
* @version $Id: SecurityEntry.java,v 1.6 2004/02/23 03:11:39 jford Exp $
*/
public interface SecurityEntry {
/** Getter for property accesses.
* @return Value of property accesses.
*/
public Vector getAccesses();
/** Setter for property accesses.
* @param accesses New value of property accesses.
*/
public void setAccesses(Vector accesses);
/** Getter for property name.
* @return Value of property name.
*/
public String getName();
/** Setter for property name.
* @param name New value of property name.
*/
public void setName(String name);
/** Getter for property description.
* @return Value of property description.
*/
public String getDescription();
/** Setter for property description.
* @param description New value of property description.
*/
public void setDescription(String description);
/** Getter for property securityRef.
* @return Value of property securityRef.
*/
public SecurityReference getSecurityRef();
/** Setter for property securityRef.
* @param securityRef New value of property securityRef.
*/
public void setSecurityRef(SecurityReference securityRef);
/** Getter for property title.
* @return Value of property title.
*/
public String getTitle();
/** Setter for property title.
* @param title New value of property title.
*/
public void setTitle(String title);
/** Getter for property metaInfo.
* @return Value of property metaInfo.
*/
public MetaInfo getMetaInfo();
/** Setter for property metaInfo.
* @param metaInfo New value of property metaInfo.
*/
public void setMetaInfo(MetaInfo metaInfo);
/** Getter for property hidden.
* @return Value of property hidden.
*/
public boolean isHidden();
/** Setter for property hidden.
* @param hidden New value of property hidden.
*/
public void setHidden(boolean hidden);
/** Getter for property id.
* @return Value of property id.
*/
public long getId();
/**
* Aututhorizes action for a role
*
* @param role requesting action
* @param action being requested
* @return <CODE>true</CODE> if action is allowed for role
*/
public boolean allowsRole(String role, String action);
/**
* Authorizes action for a group
*
* @param group requesting action
* @param action being requested
* @return <CODE>true</CODE> if action is allowed for role
*/
public boolean allowsGroup(String group, String action);
/**
* Authorizes action for a group role
*
* @param group requesting action
* @param role requesting action
* @param action being requested
* @return <CODE>true</CODE> if action is allowed for role
*/
public boolean allowsGroupRole(String group, String role, String action);
/**
* Aututhorizes action for a named user
*
* @param userName requesting action
* @param action being requested
* @return <CODE>true</CODE> if action is allowed for named user
*/
public boolean allowsUser(String userName, String action);
/**
* Aututhorizes action for a named user
*
* @param userName requesting action
* @param action being requested
* @param ownerUserName Onwers username
* @return <CODE>true</CODE> if action is allowed for named user
*/
boolean allowsUser(String userName, String action, String ownerUserName);
/**
* Grants access for a specific action to a specific role
* for this SecurityEntry. This grants specific access ignores
* "*" action, if it exists.
* @param String action The action we are granting access to.
* @param String role The role that will receive access to this action.
* @return boolean Whether or not the access was granted. Basically,
* a <code>false</code> means that this role already has specific access.
*/
boolean grantRoleAccess(String action, String role);
/**
* Checks whether a role is specifically allowed to access the request action
* This method ignores the "*" action and is here to play a maintenance role.
* @param String action name of action to check
* @param String role name of role to verify access for
* @return boolean whether or not the <code>role</code> has access
* to this specific action.
*/
boolean allowsSpecificRole(String action, String role);
/**
* Grants access for a specific action to a specific group
* for this SecurityEntry. This grants specific access ignores
* "*" action, if it exists.
* @param String action The action we are granting access to.
* @param String group The group that will receive access to this action.
* @return boolean Whether or not the access was granted. Basically,
* a <code>false</code> means that this group already has specific access.
*/
boolean grantGroupAccess(String action, String group);
/**
* Checks whether a group is specifically allowed to access the request action
* This method ignores the "*" action and is here to play a maintenance role.
* @param String action name of action to check
* @param String group name of group to verify access for
* @return boolean whether or not the <code>group</code> has access
* to this specific action.
*/
boolean allowsSpecificGroup(String action, String group);
/**
* Grants access for a specific action to a specific group role
* for this SecurityEntry. This grants specific access ignores
* "*" action, if it exists.
* @param String action The action we are granting access to.
* @param String group The group that will receive access to this action.
* @param String role The role that will receive access to this action.
* @return boolean Whether or not the access was granted. Basically,
* a <code>false</code> means that this group role already has specific access.
*/
boolean grantGroupRoleAccess(String action, String group, String role);
/**
* Checks whether a group role is specifically allowed to access the request action
* This method ignores the "*" action and is here to play a maintenance role.
* @param String action name of action to check
* @param String group name of group to verify access for
* @param String role name of group to verify access for
* @return boolean whether or not the <code>group role</code> has access
* to this specific action.
*/
boolean allowsSpecificGroupRole(String action, String group, String role);
/**
* Returns the SecurityAccess object for the <code>action</code>
* requested or null if no specific access is defined for this action.
* The "*" does change this, if an action is not specifically defined
* in the registry, null is returned
* @param SecurityEntry entry SecurityEntry to check against
* @param String action The action we want the access for.
* @return SecurityAccess that is defined for this action or
* <code>null</code> if one is not <strong>specifically defined</strong>
*/
SecurityAccess getAccess(String action);
/**
* Checks whether a user is specifically allowed to access the request action
* This method ignores the "*" action and is here to play a maintenance role.
* @param String action name of action to check
* @param String user name of user to verify access for
* @return boolean whether or not the <code>user</code> has access
* to this specific action.
*/
boolean allowsSpecificUser(String action, String user);
/**
* Grants access for a specific action to a specific user
* for this SecurityEntry. This grants specific access ignores
* "*" action, if it exists.
* @param String action The action we are granting access to.
* @param String user The user that will receive access to this action.
* @return boolean Whether or not the access was granted. Basically,
* a <code>false</code> means that this role already has specific access.
*/
boolean grantUserAccess(String action, String user);
/**
* Removes a security access for the named action.
* This does not take into account the "*" action when
* the "*" is not the named action.
* @param String access name of access to remove in its entirety
*/
void revokeAccess(String action);
/**
* Removes a user's access to a specific action.
* @param action Action to remove access from.
* @param role The role whose access we are revoking.
* @return boolean Whehter or not the access existed and
* was removed.
*/
boolean revokeUserAccess(String action, String user);
/**
* Removes a role's access to a specific action.
* @param action Action to remove access from.
* @param role The role whose access we are revoking.
* @return boolean Whehter or not the access existed and
* was removed.
*/
boolean revokeRoleAccess(String action, String role);
/**
* Removes a group's access to a specific action.
* @param action Action to remove access from.
* @param group The group whose access we are revoking.
* @return boolean Whether or not the access existed and
* was removed.
*/
boolean revokeGroupAccess(String action, String group);
/**
* Removes a group role's access to a specific action.
* @param action Action to remove access from.
* @param group The group whose access we are revoking.
* @param role The role whose access we are revoking.
* @return boolean Whether or not the access existed and
* was removed.
*/
boolean revokeGroupRoleAccess(String action, String group, String role);
}