*/
package org.wamblee.security.authorization;
-import org.wamblee.persistence.Persistent;
+import org.wamblee.usermgt.UserAccessor;
/**
* Service to determine if access to a certain resource is allowed.
*
* @author Erik Brakkee
*/
-public interface AuthorizationService extends Persistent {
+public interface AuthorizationService {
+
/**
* Checks whether an operation is allowed on a resource.
*
*/
boolean isAllowed(Object aResource, Operation aOperation);
+ /**
+ * Checks if the given operation is allowed on the resource.
+ * @param <T> Type of resource
+ * @param aResource Resource.
+ * @param aOperation Operation.
+ * @return Resource passed in in case access is allowed
+ * @throws AuthorizationException In case access is denied.
+ */
<T> T check(T aResource, Operation aOperation);
/**
* Rule to insert.
*/
void insertRuleAfter(int aIndex, AuthorizationRule aRule);
-}
+
+ /**
+ * Sets the user accessor so that the authorization service can get access
+ * to the logged in user.
+ *
+ * @param aUserAccessor
+ * User accessor.
+ */
+ void setUserAccessor(UserAccessor aUserAccessor);
+
+}
\ No newline at end of file
git://wamblee.org / utils / blobdiff