Security


1   /*
2    * $Header: /home/cvs/jakarta-slide/src/share/org/apache/slide/security/Security.java,v 1.28 2004/07/28 09:34:48 ib Exp $
3    * $Revision: 1.28 $
4    * $Date: 2004/07/28 09:34:48 $
5    *
6    * ====================================================================
7    *
8    * Copyright 1999-2002 The Apache Software Foundation 
9    *
10   * Licensed under the Apache License, Version 2.0 (the "License");
11   * you may not use this file except in compliance with the License.
12   * You may obtain a copy of the License at
13   *
14   *     http://www.apache.org/licenses/LICENSE-2.0
15   *
16   * Unless required by applicable law or agreed to in writing, software
17   * distributed under the License is distributed on an "AS IS" BASIS,
18   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19   * See the License for the specific language governing permissions and
20   * limitations under the License.
21   *
22   */
23  
24  package org.apache.slide.security;
25  
26  import java.util.Enumeration  ;
27  
28  import org.apache.slide.common.Namespace;
29  import org.apache.slide.common.NamespaceConfig;
30  import org.apache.slide.common.ServiceAccessException;
31  import org.apache.slide.common.SlideToken;
32  import org.apache.slide.structure.ActionNode;
33  import org.apache.slide.structure.ObjectNode;
34  import org.apache.slide.structure.ObjectNotFoundException;
35  import org.apache.slide.structure.SubjectNode;
36  import org.apache.slide.event.VetoException;
37  
38  /**
39   * Security helper.
40   *
41   * @version $Revision: 1.28 $
42   */
43  public interface Security {
44      
45      
46      // ------------------------------------------------------ Interface Methods
47      
48      /** initialises the security if it has been loaded via reflection
49       *
50       * @param namespace Namespace
51       * @param namespaceConfig Namespace configuration
52       **/
53      void init (Namespace namespace, NamespaceConfig namespaceConfig);
54      
55      /**
56       * Enumerates permissions on an object.
57       *
58       * @param token Credentials token
59       * @param object Object on which permission is granted
60       * @exception ServiceAccessException DataSource access error
61       * @exception ObjectNotFoundException Specified object was not found
62       * in the DataSource
63       * @exception AccessDeniedException Insufficent credentials
64       */
65      Enumeration   enumeratePermissions(SlideToken token, ObjectNode object)
66          throws ServiceAccessException, ObjectNotFoundException,
67          AccessDeniedException;
68      
69      /**
70       * Enumerates permissions on an object.
71       *
72       * @param    token               a  SlideToken
73       * @param    object              an ObjectNode
74       * @param    includeInherited    if true, includes inherited permissions
75       * @return   an Enumeration
76       * @throws   ServiceAccessException
77       * @throws   ObjectNotFoundException
78       * @throws   AccessDeniedException
79       */
80      Enumeration   enumeratePermissions(SlideToken token, ObjectNode object, boolean includeInherited)
81          throws ServiceAccessException, ObjectNotFoundException,
82          AccessDeniedException;
83      
84      
85      /**
86       * Enumerates permissions on an object.
87       *
88       * @param token Credentials token
89       * @param object Object on which permission is granted
90       * @exception ServiceAccessException DataSource access error
91       * @exception ObjectNotFoundException Specified object was not found
92       * in the DataSource
93       * @exception AccessDeniedException Insufficent credentials
94       */
95      Enumeration   enumeratePermissions(SlideToken token, String   object)
96          throws ServiceAccessException, ObjectNotFoundException,
97          AccessDeniedException;
98      
99      /**
100      * Enumerates permissions on an object.
101      *
102      * @param    token               a  SlideToken
103      * @param    object              a  String
104      * @param    includeInherited    if true, includes inherited permissions
105      * @return   an Enumeration
106      * @throws   ServiceAccessException
107      * @throws   ObjectNotFoundException
108      * @throws   AccessDeniedException
109      */
110     Enumeration   enumeratePermissions(SlideToken token, String   object, boolean includeInherited)
111         throws ServiceAccessException, ObjectNotFoundException,
112         AccessDeniedException;
113     
114     
115     /**
116      * Set a new set of permissions on an object.
117      *
118      * @param token Credentials token
119      * @param object Object on which permission is granted
120      * @exception ServiceAccessException DataSource access error
121      * @exception ObjectNotFoundException Specified object was not found
122      * in the DataSource
123      * @exception AccessDeniedException Insufficent credentials
124      */
125     void setPermissions(SlideToken token, String   object,
126                         Enumeration   permissions)
127         throws ServiceAccessException, ObjectNotFoundException,
128         AccessDeniedException;
129     
130     
131     /**
132      * Grants a new permission.
133      *
134      * @param token Credentials token
135      * @param object Object on which permission is granted
136      * @param subject The actor, which can perform a action
137      * @param action Activity which the actor can perform
138      * @exception ServiceAccessException DataSource access error
139      * @exception ObjectNotFoundException Specified object was not found
140      * in the DataSource
141      * @exception AccessDeniedException Insufficent credentials
142      */
143     void grantPermission(SlideToken token, ObjectNode object,
144                          SubjectNode subject, ActionNode action)
145         throws ServiceAccessException, ObjectNotFoundException,
146         AccessDeniedException, VetoException;
147     
148     
149     /**
150      * Grants a new permission.
151      *
152      * @param token Credentials token
153      * @param permission New permission
154      * @exception ServiceAccessException DataSource access error
155      * @exception ObjectNotFoundException Specified object was not found
156      * in the DataSource
157      * @exception AccessDeniedException Insufficent credentials
158      */
159     void grantPermission(SlideToken token, NodePermission permission)
160         throws ServiceAccessException, ObjectNotFoundException,
161         AccessDeniedException, VetoException;
162     
163     
164     /**
165      * Grants a new permission.
166      *
167      * @param token Credentials token
168      * @param object Object on which permission is granted
169      * @param subject Subject who can perform the action
170      * @param action Action which can be performed
171      * @param inheritable Create an inheritable permission
172      * @exception ServiceAccessException DataSource access error
173      * @exception ObjectNotFoundException Specified object was not found
174      * in the DataSource
175      * @exception AccessDeniedException Insufficent credentials
176      */
177     void grantPermission(SlideToken token, ObjectNode object,
178                          SubjectNode subject, ActionNode action,
179                          boolean inheritable)
180         throws ServiceAccessException, ObjectNotFoundException,
181         AccessDeniedException, VetoException;
182     
183     
184     /**
185      * Deny a new permission.
186      *
187      * @param token Credentials token
188      * @param object Object on which permission is granted
189      * @param subject Thee actor which can perform the specified action
190      * @param action Activity which the actor can can not perform    
191      * @exception ServiceAccessException DataSource access error
192      * @exception ObjectNotFoundException Specified object was not found
193      * in the DataSource
194      * @exception AccessDeniedException Insufficent credentials
195      */
196     void denyPermission(SlideToken token, ObjectNode object,
197                         SubjectNode subject, ActionNode action)
198         throws ServiceAccessException, ObjectNotFoundException,
199         AccessDeniedException, VetoException;
200     
201     
202     /**
203      * Deny a new permission.
204      *
205      * @param token Credentials token
206      * @param permission New permission
207      * @exception ServiceAccessException DataSource access error
208      * @exception ObjectNotFoundException Specified object was not found
209      * in the DataSource
210      * @exception AccessDeniedException Insufficent credentials
211      */
212     void denyPermission(SlideToken token, NodePermission permission)
213         throws ServiceAccessException, ObjectNotFoundException,
214         AccessDeniedException, VetoException;
215     
216     
217     /**
218      * Deny a new permission.
219      *
220      * @param token Credentials token
221      * @param object Object on which permission is granted
222      * @param subject Subject who can perform the action
223      * @param action Action which can be performed
224      * @param inheritable Create an inheritable permission
225      * @exception ServiceAccessException DataSource access error
226      * @exception ObjectNotFoundException Specified object was not found
227      * in the DataSource
228      * @exception AccessDeniedException Insufficent credentials
229      */
230     void denyPermission(SlideToken token, ObjectNode object,
231                         SubjectNode subject, ActionNode action,
232                         boolean inheritable)
233         throws ServiceAccessException, ObjectNotFoundException,
234         AccessDeniedException, VetoException;
235     
236     
237     /**
238      * Revokes a permission.
239      *
240      * @param token Credentials token
241      * @param object Object on which permission is revoked
242      * @param subject Subject who can perform the action
243      * @param action Action which can be performed
244      * @exception ServiceAccessException DataSource access error
245      * @exception ObjectNotFoundException Specified object was not found
246      * in the DataSource
247      * @exception AccessDeniedException Insufficent credentials
248      */
249     void revokePermission(SlideToken token, ObjectNode object,
250                           SubjectNode subject, ActionNode action)
251         throws ServiceAccessException, ObjectNotFoundException,
252         AccessDeniedException, VetoException;
253     
254     
255     /**
256      * Revokes a permission.
257      *
258      * @param token Credentials token
259      * @param permission Permission to be removed
260      * @exception ServiceAccessException DataSource access error
261      * @exception ObjectNotFoundException Specified object was not found
262      * in the DataSource
263      * @exception AccessDeniedException Insufficent credentials
264      */
265     public void revokePermission(SlideToken token, NodePermission permission)
266         throws ServiceAccessException, ObjectNotFoundException,
267         AccessDeniedException, VetoException;
268             
269     
270      
271     
272     /**
273      * Check if the credentials given grants permission to perform
274      * the specified action on the specified subject.
275      *
276      * @param token Credentials token
277      * @param object Object on which the action is performed
278      * @param action Action performed
279      * @exception ServiceAccessException DataSource access error
280      * @exception AccessDeniedException The credentials does not grant
281      * the permission to perform the specified action
282      */
283     void checkCredentials(SlideToken token, ObjectNode object,
284                           ActionNode action)
285         throws ServiceAccessException, AccessDeniedException;
286     
287     
288     /**
289      * Check whether or not an actor can perform the specified activity
290      * on a collection.
291      *
292      * @param object Object on which access is tested
293      * @param subject Subject who seeks to perform the action
294      * @param action Action which is to be performed
295      * @exception ServiceAccessException DataSource access error
296      * @exception ObjectNotFoundException Specified object was not found
297      * in the DataSource
298      * @exception AccessDeniedException Insufficent credentials
299      * @deprecated use signature with SlideToken instead
300      */
301     void checkPermission(ObjectNode object, SubjectNode subject,
302                          ActionNode action)
303         throws ServiceAccessException, AccessDeniedException,
304         ObjectNotFoundException;
305     
306     /**
307      * Check whether or not an actor (principal) can perform the specified activity
308      * on the specified resource.
309      *
310      * @param    token               a  SlideToken
311      * @param    object              Object on which access is tested
312      * @param    action              Action which is to be performed
313      *
314      * @throws   ServiceAccessException
315      * @throws   AccessDeniedException
316      * @throws   ObjectNotFoundException
317      */
318     void checkPermission(SlideToken token, ObjectNode object, ActionNode action)
319         throws ServiceAccessException, AccessDeniedException,
320         ObjectNotFoundException;
321     
322     /**
323      * Check whether or not an actor can perform the specified activity
324      * on a collection.
325      *
326      * @param object Object on which access is tested
327      * @param subject Subject who seeks to perform the action
328      * @param action Action which is to be performed
329      * @return true if the action can be performed
330      * @exception ServiceAccessException DataSource access error
331      * @exception ObjectNotFoundException Specified object was not found
332      * in the DataSource
333      * @deprecated use signature with SlideToken instead
334      */
335     boolean hasPermission(ObjectNode object, SubjectNode subject,
336                           ActionNode action)
337         throws ServiceAccessException, ObjectNotFoundException;
338     
339     /**
340      * Check whether or not an actor (principal) can perform the specified activity
341      * on the specified resource.
342      *
343      * @param    token               a  SlideToken
344      * @param    object              Object on which access is tested
345      * @param    action              Action which is to be performed
346      *
347      * @return   true if the action can be performed
348      *
349      * @throws   ServiceAccessException
350      * @throws   ObjectNotFoundException
351      */
352     boolean hasPermission(SlideToken token, ObjectNode object, ActionNode action)
353         throws ServiceAccessException, ObjectNotFoundException;
354     
355     /**
356      * Check whether or not the current user has the specified role.
357      *
358      * @param token Credentials token
359      * @param role Role
360      * @exception ServiceAccessException DataSource access error
361      * @exception ObjectNotFoundException Specified object was not found
362      * in the DataSource
363      */
364     boolean hasRole(SlideToken token, String   role)
365         throws ServiceAccessException, ObjectNotFoundException;
366     
367     
368     /**
369      * Check whether or not the current user has the specified role.
370      *
371      * @param object Object node
372      * @param role Role
373      * @exception ServiceAccessException DataSource access error
374      * @exception ObjectNotFoundException Specified object was not found
375      * in the DataSource
376      */
377     boolean hasRole(ObjectNode object, String   role)
378         throws ServiceAccessException, ObjectNotFoundException;
379     
380     
381     /**
382      * Return the list of roles the specified node has.
383      *
384      * @param object Object node
385      */
386     Enumeration   getRoles(ObjectNode object);
387     
388     
389     /**
390      * Return the list of roles the specified token has.
391      *
392      * @param token Credentials token
393      */
394     Enumeration   getRoles(SlideToken token)
395         throws ServiceAccessException, ObjectNotFoundException;
396     
397     Enumeration   getRoles(SlideToken token, SubjectNode subjectNode)
398         throws ServiceAccessException, ObjectNotFoundException;
399     
400     /**
401      * Get the principal associated with the credentials token.
402      *
403      * @param token Creadentials token
404      */
405     ObjectNode getPrincipal(SlideToken token)
406         throws ServiceAccessException, ObjectNotFoundException;
407     
408     /**
409      * Return true, if-and-only-if checkAction matches permAction.
410      *
411      * @param    slideToken          a  SlideToken
412      * @param    checkAction         an ActionNode
413      * @param    permAction          an ActionNode
414      * @return   a boolean
415      * @throws   ServiceAccessException
416      */
417     boolean matchAction(SlideToken slideToken, ActionNode checkAction, ActionNode permAction) throws ServiceAccessException;
418     
419     /**
420      * Return true, if-and-only-if checkSubject matches permSubject.
421      *
422      * @param    token               a  SlideToken
423      * @param    checkSubject        the "current" principal
424      * @param    permSubject         the principal to check against (e.g. user
425      *                               or group from NodePermission or NodeLock)
426      *
427      * @return   a boolean
428      *
429      * @throws   ServiceAccessException
430      *
431      */
432     boolean matchPrincipal(SlideToken token, SubjectNode checkSubject, SubjectNode permSubject) throws ServiceAccessException;
433 }
434
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags