Authorized.java

/**
 * The contents of this file are subject to the OpenMRS Public License
 * Version 1.0 (the "License"); you may not use this file except in
 * compliance with the License. You may obtain a copy of the License at
 * http://license.openmrs.org
 *
 * Software distributed under the License is distributed on an "AS IS"
 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
 * License for the specific language governing rights and limitations
 * under the License.
 *
 * Copyright (C) OpenMRS, LLC.  All Rights Reserved.
 */
package org.openmrs.annotation;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * Annotation used to describe service layer authorization attributes.
 * <p>
 * For example, to require that the user have <i>either<i> View or Add privileges:
 * 
 * <pre>
 *     @Authorized ({"View Users", "Add User"})
 *     public void getUsersByName(String name);
 * </pre>
 * or to require that they have all privileges
 * 
 * <pre>
 *     @Authorized (value = {"Add Users", "Edit Users"}, requireAll=true)
 *     public void getUsersByName(String name);
 * </pre>
 * or to just require that they be authenticated:
 * 
 * <pre>
 *     @Authorized ()
 *     public void getUsersByName(String name);
 * </pre>
 */
@Target( { ElementType.METHOD, ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface Authorized {
	
	/**
	 * Returns the list of privileges needed to access a method. (i.e. "View Users"). Multiple
	 * privileges are compared with an "or" unless <code>requireAll</code> is set to true
	 * 
	 * @return String[] The secure method attributes
	 */
	public String[] value() default {};
	
	/**
	 * If set to true, will require that the user have <i>all</i> privileges listed in
	 * <code>value</code>. if false, user only has to have one of the privileges. Defaults to false
	 * 
	 * @return boolean true/false whether the privileges should be "and"ed together
	 */
	public boolean requireAll() default false;
	
}