X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=security%2Fusermgt%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;fp=security%2Fusermgt%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;h=bfbe0f8443ac3706fb68f6a341dbb9a0e7b8a799;hb=9449ea0f360f6e9c14057db57f3ee0bfba947ab4;hp=0000000000000000000000000000000000000000;hpb=e8b988e92306a4aea2f047af1b48588147288831;p=utils diff --git a/security/usermgt/src/main/java/org/wamblee/security/authorization/AuthorizationService.java b/security/usermgt/src/main/java/org/wamblee/security/authorization/AuthorizationService.java new file mode 100644 index 00000000..bfbe0f84 --- /dev/null +++ b/security/usermgt/src/main/java/org/wamblee/security/authorization/AuthorizationService.java @@ -0,0 +1,105 @@ +/* + * Copyright 2005-2010 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.wamblee.security.authorization; + +import org.wamblee.security.authentication.UserAccessor; +import org.wamblee.security.authentication.UserAdministration; + +/** + * Service to determine if access to a certain resource is allowed. + * + * @author Erik Brakkee + */ +public interface AuthorizationService { + + /** + * Checks whether an operation is allowed on a resource. + * + * @param aResource + * Resource. + * @param aOperation + * Operation. + * + * @return Checks whether the operation is allowed on a resource. + */ + boolean isAllowed(Object aResource, Operation aOperation); + + /** + * Checks if the given operation is allowed on the resource. + * + * @param + * Type of resource + * @param aResource + * Resource. + * @param aOperation + * Operation. + * @return Resource passed in in case access is allowed + * @throws AuthorizationException + * In case access is denied. + */ + T check(T aResource, Operation aOperation); + + /** + * Gets the authorization rules. + * + * @return Rules. + */ + AuthorizationRule[] getRules(); + + /** + * Appends a new authorization rule to the end. + * + * @param aRule + * Rule to append. + */ + void appendRule(AuthorizationRule aRule); + + /** + * Removes a rule. + * + * @param aIndex + * Index of the rule to remove. + */ + void removeRule(int aIndex); + + /** + * Inserts a rule. + * + * @param aIndex + * Index of the position of the rule after insertion. + * @param aRule + * Rule to insert. + */ + void insertRuleAfter(int aIndex, AuthorizationRule aRule); + + /** + * Sets the user accessor so that the authorization service can get access + * to the logged in user. + * + * @param aUserAccessor + * User accessor. + */ + void setUserAccessor(UserAccessor aUserAccessor); + + /** + * Sets the user administration so that the authorization service can check + * information for the the current user. + * + * @param aUserAdmin User administration. + */ + void setUserAdministration(UserAdministration aUserAdmin); + +} \ No newline at end of file