Java > Open Source Codes > org > apache > james > imapserver > ACL


1   /***********************************************************************
2    * Copyright (c) 2000-2004 The Apache Software Foundation.             *
3    * All rights reserved.                                                *
4    * ------------------------------------------------------------------- *
5    * Licensed under the Apache License, Version 2.0 (the "License"); you *
6    * may not use this file except in compliance with the License. You    *
7    * may obtain a copy of the License at:                                *
8    *                                                                     *
9    *     http://www.apache.org/licenses/LICENSE-2.0                      *
10   *                                                                     *
11   * Unless required by applicable law or agreed to in writing, software *
12   * distributed under the License is distributed on an "AS IS" BASIS,   *
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or     *
14   * implied.  See the License for the specific language governing       *
15   * permissions and limitations under the License.                      *
16   ***********************************************************************/
17  
18  package org.apache.james.imapserver;
19  
20  import org.apache.james.imapserver.AccessControlException;
21  import org.apache.james.imapserver.AuthorizationException;
22  
23  import java.io.Serializable  ;
24  import java.util.Set  ;
25  
26  /**
27   * Interface for objects representing for an IMAP4rev1 Access Control List.
28   * There should be one instance of this class per open mailbox. An Access
29   * control list, for IMAP purposes, is a list of <identifier, rights> pairs.
30   *
31   * <p>The standard rights in RFC2086 are:
32   * <br>l - lookup (mailbox is visible to LIST/LSUB commands)
33   * <br>r - read (SELECT the mailbox, perform CHECK, FETCH, PARTIAL, SEARCH,
34   * COPY from mailbox)
35   * <br>s - keep seen/unseen information across sessions (STORE SEEN flag)
36   * <br>w - write (STORE flags other than SEEN and DELETED)
37   * <br>i - insert (perform APPEND, COPY into mailbox)
38   * <br>p - post (send mail to submission address for mailbox, not enforced by
39   * IMAP4 itself)
40   * <br>c - create (CREATE new sub-mailboxes in any implementation-defined
41   * hierarchy)
42   * <br>d - delete (STORE DELETED flag, perform EXPUNGE)
43   * <br>a - administer (perform SETACL)
44   *
45   *
46   * <p>References: rfc 2060, rfc 2086
47   * @version 0.1  on 14 Dec 2000
48   */
49  public interface ACL 
50      extends Serializable   {
51  
52      char LOOKUP_RIGHTS = 'l';
53      char READ_RIGHTS = 'r';
54      char KEEP_SEEN_RIGHTS = 's';
55      char WRITE_RIGHTS = 'w';
56      char INSERT_RIGHTS = 'i';
57      char POST_RIGHTS = 'p';
58      char CREATE_RIGHTS = 'c';
59      char DELETE_RIGHTS = 'd';
60      char ADMIN_RIGHTS = 'a';
61      char ADD_RIGHTS = '+';
62      char REMOVE_RIGHTS = '-';
63      char[] RIGHTS = 
64      {
65          LOOKUP_RIGHTS, READ_RIGHTS, KEEP_SEEN_RIGHTS, WRITE_RIGHTS,
66          INSERT_RIGHTS, POST_RIGHTS, CREATE_RIGHTS, DELETE_RIGHTS,
67          ADMIN_RIGHTS
68      };
69  
70      /**
71       * Store access rights for a given identity.
72       * The setter is the user setting the rights, the identifier is the user
73       * whose rights are affected.
74       * The setter and identifier arguments must be non-null and non-empty.
75       * The modification argument must be non-null and follow the syntax of the
76       * third argument to a SETACL command.
77       * If the modification argument is an empty string, that identifier is
78       * removed from the ACL, if currently present.
79       *
80       * @param setter String representing user attempting to set rights, must
81       * be non-null and non-empty
82       * @param identity String representing user whose rights are being set,
83       * must be non-null and non-empty
84       * @param modification String representing the change in rights, following
85       * the syntax specified in rfc 2086
86       * @return true if requested modification succeeded. A return value of
87       * false means an error other than an AccessControlException or
88       * AuthorizationException.
89       * @throws AccessControlException if setter does not have lookup rights for
90       * this mailbox (ie they should not know this mailbox exists).
91       * @throws AuthorizationException if specified setter does not have the
92       * administer right (ie the right to write ACL rights), or if the result
93       * of this method would leave no identities with admin rights.
94       */
95      boolean setRights( String   setter, 
96                         String   identifier,
97                         String   modification)
98          throws AccessControlException, AuthorizationException;
99  
100     /**
101      * Retrieve access rights for a specific identity.
102      *
103      * @param getter String representing user attempting to get the rights,
104      * must be non-null and non-empty
105      * @param identity String representing user whose rights are being got,
106      * must be non-null and non-empty
107      * @return String of rights usingrfc2086 syntax, empty if identity has no
108      * rights in this mailbox.
109      * @throws AccessControlException if getter does not have lookup rights for
110      * this mailbox (ie they should not know this mailbox exists).
111      * @throws AuthorizationException if implementation does not wish to expose
112      * ACL for this identity to this getter.
113      */
114     String   getRights( String   getter, String   identity )
115         throws AccessControlException, AuthorizationException;
116 
117     /**
118      * Retrieves a String of one or more <identity space rights> who have
119      * rights in this ACL
120      *
121      * @param getter String representing user attempting to get the rights,
122      * must be non-null and non-empty
123      * @return String of rights sets usingrfc2086 syntax
124      * @throws AccessControlException if getter does not have lookup rights for
125      * this mailbox (ie they should not know this mailbox exists).
126      * @throws AuthorizationException if implementation does not wish to expose
127      * ACL to this getter.
128      */
129     String   getAllRights( String   getter )
130         throws AccessControlException, AuthorizationException;
131 
132     /**
133      * Retrieve rights which will always be granted to the specified identity.
134      *
135      * @param getter String representing user attempting to get the rights,
136      * must be non-null and non-empty
137      * @param identity String representing user whose rights are being got,
138      * must be non-null and non-empty
139      * @return String of rights usingrfc2086 syntax, empty if identity has no
140      * guaranteed rights in this mailbox.
141      * @throws AccessControlException if getter does not have lookup rights for
142      * this mailbox (ie they should not know this mailbox exists).
143      * @throws AuthorizationException if implementation does not wish to expose
144      * ACL for this identity to this getter.
145      */
146     String   getRequiredRights( String   getter, String   identity )
147         throws AccessControlException, AuthorizationException;
148 
149     /**
150      * Retrieve rights which may be granted to the specified identity.
151      * @param getter String representing user attempting to get the rights,
152      * must be non-null and non-empty
153      * @param identity String representing user whose rights are being got,
154      * must be non-null and non-empty
155      * @return String of rights usingrfc2086 syntax, empty if identity has no
156      * guaranteed rights in this mailbox.
157      * @throws AccessControlException if getter does not have lookup rights for
158      * this mailbox (ie they should not know this mailbox exists).
159      * @throws AuthorizationException if implementation does not wish to expose
160      * ACL for this identity to this getter.
161      */
162     String   getOptionalRights( String   getter, String   identity )
163         throws AccessControlException, AuthorizationException;
164 
165     /**
166      * Helper boolean methods.
167      * Provided for cases where you need to check the ACL before selecting the
168      * mailbox.
169      *
170      * @param username String representing user
171      * @return true if user has the requested right.
172      * &throws AccessControlException if username does not have lookup rights.
173      * (Except for hasLookupRights which just returns false.
174      */
175     boolean hasReadRights( String   username )
176         throws AccessControlException;
177     boolean hasKeepSeenRights( String   username )
178         throws AccessControlException;
179     boolean hasWriteRights( String   username )
180         throws AccessControlException;
181     boolean hasInsertRights( String   username )
182         throws AccessControlException;
183     boolean hasDeleteRights( String   username )
184         throws AccessControlException;
185     boolean hasAdminRights( String   username )
186         throws AccessControlException;
187 
188     Set   getUsersWithLookupRights();
189 
190     Set   getUsersWithReadRights();
191 }
192 
193
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags