1 /**
2 * Copyright 2005-2006 the original author or authors.
3 *
4 * Licensed under the Gnu General Pubic License, Version 2.0 (the
5 * "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.opensource.org/licenses/gpl-license.php
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 * See the Gnu General Public License for more details.
14 */
15 package org.figure8.join.businessfacades.security;
16
17 import org.figure8.join.core.DuplicateEntityException;
18 import org.figure8.join.businessobjects.security.User;
19 import org.figure8.join.businessobjects.security.Role;
20 import org.figure8.join.businessobjects.security.Permission;
21
22 import java.util.List;
23 /**
24 * Provides method for managing security roles and permissions.
25 * @author <a href="mailto:laurent.broudoux@free.fr">Laurent Broudoux</a>
26 * @version $Revision: 1.1 $
27 */
28 public interface PermissionManager{
29
30
31
32 /**
33 * Save or update a given security <b>role</b> into datastore. This is
34 * indeedd a create or update method.
35 * @param role The security role to save
36 * @throws DuplicateEntityException if a role with same name already exists
37 */
38 public abstract void saveRole(Role role) throws DuplicateEntityException;
39
40 /**
41 * Remove a given security <b>role</b> from datastore
42 * @param role The role to remove
43 */
44 public abstract void removeRole(Role role);
45
46 /**
47 * Retrieve the available security roles within application
48 * @return A List of {@code org.figure8.join.businessobjects.security.Role}
49 */
50 public abstract List getRoles();
51
52 /**
53 * Retrieve an application security Role using its unique identifier
54 * @param id Unique identifier of role within datastore
55 * @return The corresponding role or null if no role has this id
56 */
57 public abstract Role getRole(long id);
58
59 /**
60 * Retrieve an application security Role using its name
61 * @param name The name of security role to retrieve
62 * @return The corresponding role or null if no role has this name
63 */
64 public abstract Role getRole(String name);
65
66 /**
67 * Save or update a given <b>permission</b> into datastore
68 * @param permission The permission to save
69 */
70 public abstract void savePermission(Permission permission);
71
72 /**
73 * Remove a given <b>permission</b> from datastore
74 * @param permission The permission to remove
75 */
76 public abstract void removePermission(Permission permission);
77
78 /**
79 * Remove all permissions assigned to a specific user
80 * @param user The user to remove permissions for
81 */
82 public abstract void removeAllUserPermissions(User user);
83
84 /**
85 * Tells if a user has permission to endorse this security role
86 * @param role Security role that has to be endorsed by user
87 * @param userId Id of user for whom permission test is done
88 * @return true is user as permission corresponding to role, false otherwise
89 */
90 public abstract boolean hasPermission(Role role, String userId);
91
92 /**
93 * Tells if a user has permission to endorse this security role for this resource
94 * @param resource Entity for whom user should have permission
95 * @param role Security role that has to be endorsed by user
96 * @param userId Id of user for whom permission test is done
97 * @return true is user as permission corresponding to role for resource, false otherwise
98 */
99 public abstract boolean hasPermissionForResource(Object resource, Role role, String userId);
100
101 /**
102 * Retrieves all the permission acquired by a specified User
103 * @param user The user to retrieve permissions for
104 * @return A list of <code>org.figure8.join.businessobjects.security.Permission</code>
105 */
106 public abstract List getUserPermissions(User user);
107 }