/*******************************************************************************
* Copyright (c) 2012-2017 Codenvy, S.A.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
* Codenvy, S.A. - initial API and implementation
*******************************************************************************/
package org.eclipse.che.commons.subject;
import org.eclipse.che.api.core.ForbiddenException;
/**
* Subject represents authenticated user
*
* @author andrew00x
* @author Sergii Leschenko
*/
public interface Subject {
/** Unidentified subject */
Subject ANONYMOUS = new Subject() {
@Override
public String getUserId() {
return "0000-00-0000";
}
@Override
public String getUserName() {
return "Anonymous";
}
@Override
public boolean hasPermission(String domain, String instance, String action) {
return false;
}
@Override
public void checkPermission(String domain, String instance, String action) throws ForbiddenException {
throw new ForbiddenException("User is not authorized to perform " + action + " of " + domain + " with id '" + instance + "'");
}
@Override
public String getToken() {
return null;
}
@Override
public boolean isAnonymous() {
return true;
}
@Override
public boolean isTemporary() {
return false;
}
};
/**
* Get user unique identifier.
*
* <p>Note: In comparison with name id never changes for the given user.
*
* @return unique identifier of user.
*/
String getUserId();
/**
* @return name of user
*/
String getUserName();
/**
* Checks does subject have specified permission.
*
* @return {@code true} if subject has permission to perform given action and {@code false} otherwise
*/
boolean hasPermission(String domain, String instance, String action);
/**
* Ensures this Subject has specified permission.
*
* @throws ForbiddenException
* if subject doesn't have specified permission
*/
void checkPermission(String domain, String instance, String action) throws ForbiddenException;
/**
* @return subject auth token to be able to execute request as subject
*/
String getToken();
/**
* Return {@code true} if subject is anonymous, {@code false} if this is a real authenticated subject.
*/
default boolean isAnonymous() {
return false;
}
/**
* @return - true if subject is temporary, false if this is a real persistent subject.
*/
boolean isTemporary();
}