X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;h=bfbe0f8443ac3706fb68f6a341dbb9a0e7b8a799;hb=aa0df19349b7edbc4aedb150862c95fc5ce3910b;hp=13f4a105a085e9435f51f2688967c5daa2a1ab1e;hpb=1092f4c2e75cabd49c41a087f9dc67cd966d11fa;p=utils

diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java
index 13f4a105..bfbe0f84 100644
--- a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java
+++ b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java
@@ -12,58 +12,19 @@
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
- */ 
+ */
 package org.wamblee.security.authorization;
 
-import javax.persistence.DiscriminatorColumn;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Inheritance;
-import javax.persistence.InheritanceType;
-import javax.persistence.NamedQueries;
-import javax.persistence.NamedQuery;
-import javax.persistence.Table;
-import javax.persistence.Version;
-
-import org.wamblee.usermgt.UserAccessor;
+import org.wamblee.security.authentication.UserAccessor;
+import org.wamblee.security.authentication.UserAdministration;
 
 /**
  * Service to determine if access to a certain resource is allowed.
  * 
  * @author Erik Brakkee
  */
-@Entity
-@Table(name = "SEC_AUTH_SVC")
-@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
-@DiscriminatorColumn(name = "TYPE")
-@NamedQueries( 
-    @NamedQuery(name = AuthorizationService.QUERY_FIND_BY_NAME, 
-        query = "select s from AuthorizationService s where s.name = :" +
-        AuthorizationService.NAME_PARAM)
-        )
-public abstract class AuthorizationService {
- 
-    public static final String QUERY_FIND_BY_NAME = "AuthorizationService.findByName";
-    public static final String NAME_PARAM = "name";
-    
-    @Id
-    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Long primaryKey;
+public interface AuthorizationService {
 
-    @Version
-    private int version;
-    
-    public AuthorizationService() { 
-        // Empty. 
-    }
-    
-    public AuthorizationService(AuthorizationService aSvc) { 
-        primaryKey = aSvc.primaryKey;
-        version = aSvc.version;
-    }
-    
     /**
      * Checks whether an operation is allowed on a resource.
      * 
@@ -74,16 +35,29 @@ public abstract class AuthorizationService {
      * 
      * @return Checks whether the operation is allowed on a resource.
      */
-    public abstract boolean isAllowed(Object aResource, Operation aOperation);
+    boolean isAllowed(Object aResource, Operation aOperation);
 
-    public abstract <T> T check(T aResource, Operation aOperation);
+    /**
+     * Checks if the given operation is allowed on the resource.
+     * 
+     * @param <T>
+     *            Type of resource
+     * @param aResource
+     *            Resource.
+     * @param aOperation
+     *            Operation.
+     * @return Resource passed in in case access is allowed
+     * @throws AuthorizationException
+     *             In case access is denied.
+     */
+    <T> T check(T aResource, Operation aOperation);
 
     /**
      * Gets the authorization rules.
      * 
      * @return Rules.
      */
-    public abstract AuthorizationRule[] getRules();
+    AuthorizationRule[] getRules();
 
     /**
      * Appends a new authorization rule to the end.
@@ -91,7 +65,7 @@ public abstract class AuthorizationService {
      * @param aRule
      *            Rule to append.
      */
-    public abstract void appendRule(AuthorizationRule aRule);
+    void appendRule(AuthorizationRule aRule);
 
     /**
      * Removes a rule.
@@ -99,7 +73,7 @@ public abstract class AuthorizationService {
      * @param aIndex
      *            Index of the rule to remove.
      */
-    public abstract void removeRule(int aIndex);
+    void removeRule(int aIndex);
 
     /**
      * Inserts a rule.
@@ -109,12 +83,23 @@ public abstract class AuthorizationService {
      * @param aRule
      *            Rule to insert.
      */
-    public abstract void insertRuleAfter(int aIndex, AuthorizationRule aRule);
+    void insertRuleAfter(int aIndex, AuthorizationRule aRule);
 
     /**
-     * Sets the user accessor so that the authorization service can get access to the logged in 
-     * user. 
-     * @param aUserAccessor User accessor.
+     * Sets the user accessor so that the authorization service can get access
+     * to the logged in user.
+     * 
+     * @param aUserAccessor
+     *            User accessor.
      */
-    public abstract void setUserAccessor(UserAccessor aUserAccessor);
-}
+    void setUserAccessor(UserAccessor aUserAccessor);
+    
+    /**
+     * Sets the user administration so that the authorization service can check 
+     * information for the the current user.
+     *  
+     * @param aUserAdmin User administration. 
+     */
+    void setUserAdministration(UserAdministration aUserAdmin); 
+
+}
\ No newline at end of file