X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;fp=security%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;h=867242a54fa17ebdaca367cb3cc2642777db098e;hb=162af365e45e54e5e8d656be276914df2005eaec;hp=0000000000000000000000000000000000000000;hpb=cf25a3646c663c5aadbd2de8c23840550b18125b;p=utils

diff --git a/security/src/main/java/org/wamblee/security/authorization/AuthorizationService.java b/security/src/main/java/org/wamblee/security/authorization/AuthorizationService.java
new file mode 100644
index 00000000..867242a5
--- /dev/null
+++ b/security/src/main/java/org/wamblee/security/authorization/AuthorizationService.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2005 the original author or authors.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */ 
+
+package org.wamblee.security.authorization;
+
+import org.wamblee.persistence.Persistent;
+
+/**
+ * Service to determine if access to a certain resource is allowed. 
+ */
+public interface AuthorizationService extends Persistent {
+
+    /**
+     * Checks whether an operation is allowed on a resource. 
+     * @param aResource Resource. 
+     * @param aOperation Operation. 
+     * @return Checks whether the operation is allowed on a resource. 
+     */
+    boolean isAllowed(Object aResource, Operation aOperation);
+    
+    /**
+     * Same as {@link #isAllowed(Object, Operation)} but throws a 
+     * <code>RuntimeException</code> in case access is not allowed. 
+     * @param aResource Resource to check. 
+     * @param aOperation Operation to perform.
+     * @return Resource that was checked. 
+     */
+    <T> T check(T aResource, Operation aOperation); 
+    
+    /**
+     * Gets the authorization rules. 
+     * @return Rules. 
+     */
+    AuthorizationRule[] getRules(); 
+    
+    /**
+     * Appends a new authorization rule to the end. 
+     * @param aRule Rule to append. 
+     */
+    void appendRule(AuthorizationRule aRule); 
+    
+    /**
+     * Removes a rule. 
+     * @param aRule Index of the rule to remove.  
+     */
+    void removeRule(int aIndex); 
+        
+    /**
+     * Inserts a rule. 
+     * @param aIndex Index of the position of the rule after insertion. 
+     * @param aRule Rule to insert. 
+     */
+    void insertRuleAfter(int aIndex, AuthorizationRule aRule);
+}