KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > james > imapserver > ACL


1 /***********************************************************************
2  * Copyright (c) 2000-2004 The Apache Software Foundation. *
3  * All rights reserved. *
4  * ------------------------------------------------------------------- *
5  * Licensed under the Apache License, Version 2.0 (the "License"); you *
6  * may not use this file except in compliance with the License. You *
7  * may obtain a copy of the License at: *
8  * *
9  * http://www.apache.org/licenses/LICENSE-2.0 *
10  * *
11  * Unless required by applicable law or agreed to in writing, software *
12  * distributed under the License is distributed on an "AS IS" BASIS, *
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or *
14  * implied. See the License for the specific language governing *
15  * permissions and limitations under the License. *
16  ***********************************************************************/

17
18 package org.apache.james.imapserver;
19
20 import org.apache.james.imapserver.AccessControlException;
21 import org.apache.james.imapserver.AuthorizationException;
22
23 import java.io.Serializable JavaDoc;
24 import java.util.Set JavaDoc;
25
26 /**
27  * Interface for objects representing for an IMAP4rev1 Access Control List.
28  * There should be one instance of this class per open mailbox. An Access
29  * control list, for IMAP purposes, is a list of <identifier, rights> pairs.
30  *
31  * <p>The standard rights in RFC2086 are:
32  * <br>l - lookup (mailbox is visible to LIST/LSUB commands)
33  * <br>r - read (SELECT the mailbox, perform CHECK, FETCH, PARTIAL, SEARCH,
34  * COPY from mailbox)
35  * <br>s - keep seen/unseen information across sessions (STORE SEEN flag)
36  * <br>w - write (STORE flags other than SEEN and DELETED)
37  * <br>i - insert (perform APPEND, COPY into mailbox)
38  * <br>p - post (send mail to submission address for mailbox, not enforced by
39  * IMAP4 itself)
40  * <br>c - create (CREATE new sub-mailboxes in any implementation-defined
41  * hierarchy)
42  * <br>d - delete (STORE DELETED flag, perform EXPUNGE)
43  * <br>a - administer (perform SETACL)
44  *
45  *
46  * <p>References: rfc 2060, rfc 2086
47  * @version 0.1 on 14 Dec 2000
48  */

49 public interface ACL
50     extends Serializable JavaDoc {
51
52     char LOOKUP_RIGHTS = 'l';
53     char READ_RIGHTS = 'r';
54     char KEEP_SEEN_RIGHTS = 's';
55     char WRITE_RIGHTS = 'w';
56     char INSERT_RIGHTS = 'i';
57     char POST_RIGHTS = 'p';
58     char CREATE_RIGHTS = 'c';
59     char DELETE_RIGHTS = 'd';
60     char ADMIN_RIGHTS = 'a';
61     char ADD_RIGHTS = '+';
62     char REMOVE_RIGHTS = '-';
63     char[] RIGHTS =
64     {
65         LOOKUP_RIGHTS, READ_RIGHTS, KEEP_SEEN_RIGHTS, WRITE_RIGHTS,
66         INSERT_RIGHTS, POST_RIGHTS, CREATE_RIGHTS, DELETE_RIGHTS,
67         ADMIN_RIGHTS
68     };
69
70     /**
71      * Store access rights for a given identity.
72      * The setter is the user setting the rights, the identifier is the user
73      * whose rights are affected.
74      * The setter and identifier arguments must be non-null and non-empty.
75      * The modification argument must be non-null and follow the syntax of the
76      * third argument to a SETACL command.
77      * If the modification argument is an empty string, that identifier is
78      * removed from the ACL, if currently present.
79      *
80      * @param setter String representing user attempting to set rights, must
81      * be non-null and non-empty
82      * @param identity String representing user whose rights are being set,
83      * must be non-null and non-empty
84      * @param modification String representing the change in rights, following
85      * the syntax specified in rfc 2086
86      * @return true if requested modification succeeded. A return value of
87      * false means an error other than an AccessControlException or
88      * AuthorizationException.
89      * @throws AccessControlException if setter does not have lookup rights for
90      * this mailbox (ie they should not know this mailbox exists).
91      * @throws AuthorizationException if specified setter does not have the
92      * administer right (ie the right to write ACL rights), or if the result
93      * of this method would leave no identities with admin rights.
94      */

95     boolean setRights( String JavaDoc setter,
96                        String JavaDoc identifier,
97                        String JavaDoc modification)
98         throws AccessControlException, AuthorizationException;
99
100     /**
101      * Retrieve access rights for a specific identity.
102      *
103      * @param getter String representing user attempting to get the rights,
104      * must be non-null and non-empty
105      * @param identity String representing user whose rights are being got,
106      * must be non-null and non-empty
107      * @return String of rights usingrfc2086 syntax, empty if identity has no
108      * rights in this mailbox.
109      * @throws AccessControlException if getter does not have lookup rights for
110      * this mailbox (ie they should not know this mailbox exists).
111      * @throws AuthorizationException if implementation does not wish to expose
112      * ACL for this identity to this getter.
113      */

114     String JavaDoc getRights( String JavaDoc getter, String JavaDoc identity )
115         throws AccessControlException, AuthorizationException;
116
117     /**
118      * Retrieves a String of one or more <identity space rights> who have
119      * rights in this ACL
120      *
121      * @param getter String representing user attempting to get the rights,
122      * must be non-null and non-empty
123      * @return String of rights sets usingrfc2086 syntax
124      * @throws AccessControlException if getter does not have lookup rights for
125      * this mailbox (ie they should not know this mailbox exists).
126      * @throws AuthorizationException if implementation does not wish to expose
127      * ACL to this getter.
128      */

129     String JavaDoc getAllRights( String JavaDoc getter )
130         throws AccessControlException, AuthorizationException;
131
132     /**
133      * Retrieve rights which will always be granted to the specified identity.
134      *
135      * @param getter String representing user attempting to get the rights,
136      * must be non-null and non-empty
137      * @param identity String representing user whose rights are being got,
138      * must be non-null and non-empty
139      * @return String of rights usingrfc2086 syntax, empty if identity has no
140      * guaranteed rights in this mailbox.
141      * @throws AccessControlException if getter does not have lookup rights for
142      * this mailbox (ie they should not know this mailbox exists).
143      * @throws AuthorizationException if implementation does not wish to expose
144      * ACL for this identity to this getter.
145      */

146     String JavaDoc getRequiredRights( String JavaDoc getter, String JavaDoc identity )
147         throws AccessControlException, AuthorizationException;
148
149     /**
150      * Retrieve rights which may be granted to the specified identity.
151      * @param getter String representing user attempting to get the rights,
152      * must be non-null and non-empty
153      * @param identity String representing user whose rights are being got,
154      * must be non-null and non-empty
155      * @return String of rights usingrfc2086 syntax, empty if identity has no
156      * guaranteed rights in this mailbox.
157      * @throws AccessControlException if getter does not have lookup rights for
158      * this mailbox (ie they should not know this mailbox exists).
159      * @throws AuthorizationException if implementation does not wish to expose
160      * ACL for this identity to this getter.
161      */

162     String JavaDoc getOptionalRights( String JavaDoc getter, String JavaDoc identity )
163         throws AccessControlException, AuthorizationException;
164
165     /**
166      * Helper boolean methods.
167      * Provided for cases where you need to check the ACL before selecting the
168      * mailbox.
169      *
170      * @param username String representing user
171      * @return true if user has the requested right.
172      * &throws AccessControlException if username does not have lookup rights.
173      * (Except for hasLookupRights which just returns false.
174      */

175     boolean hasReadRights( String JavaDoc username )
176         throws AccessControlException;
177     boolean hasKeepSeenRights( String JavaDoc username )
178         throws AccessControlException;
179     boolean hasWriteRights( String JavaDoc username )
180         throws AccessControlException;
181     boolean hasInsertRights( String JavaDoc username )
182         throws AccessControlException;
183     boolean hasDeleteRights( String JavaDoc username )
184         throws AccessControlException;
185     boolean hasAdminRights( String JavaDoc username )
186         throws AccessControlException;
187
188     Set JavaDoc getUsersWithLookupRights();
189
190     Set JavaDoc getUsersWithReadRights();
191 }
192
193
Popular Tags