1 package org.apache.turbine.util.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import java.io.Serializable;
20
21 import org.apache.turbine.om.security.Group;
22 import org.apache.turbine.om.security.Permission;
23 import org.apache.turbine.om.security.Role;
24
25 /***
26 * This interface describes a control class that makes it
27 * easy to find out if a particular User has a given Permission.
28 * It also determines if a User has a a particular Role.
29 *
30 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
31 * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
32 * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
33 * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
34 * @author <a href="mailto:marco@intermeta.de">Marco Knüttel</a>
35 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
36 * @version $Id: AccessControlList.java 264152 2005-08-29 14:50:22Z henning $
37 */
38 public interface AccessControlList
39 extends Serializable
40 {
41 /*** The default Session key for the Access Control List */
42 String SESSION_KEY = "turbine.AccessControlList";
43
44 /***
45 * Retrieves a set of Roles an user is assigned in a Group.
46 *
47 * @param group the Group
48 * @return the set of Roles this user has within the Group.
49 */
50 RoleSet getRoles(Group group);
51
52 /***
53 * Retrieves a set of Roles an user is assigned in the global Group.
54 *
55 * @return the set of Roles this user has within the global Group.
56 */
57 RoleSet getRoles();
58
59 /***
60 * Retrieves a set of Permissions an user is assigned in a Group.
61 *
62 * @param group the Group
63 * @return the set of Permissions this user has within the Group.
64 */
65 PermissionSet getPermissions(Group group);
66
67 /***
68 * Retrieves a set of Permissions an user is assigned in the global Group.
69 *
70 * @return the set of Permissions this user has within the global Group.
71 */
72 PermissionSet getPermissions();
73
74 /***
75 * Checks if the user is assigned a specific Role in the Group.
76 *
77 * @param role the Role
78 * @param group the Group
79 * @return <code>true</code> if the user is assigned the Role in the Group.
80 */
81 boolean hasRole(Role role, Group group);
82
83 /***
84 * Checks if the user is assigned a specific Role in any of the given
85 * Groups
86 *
87 * @param role the Role
88 * @param groupset a Groupset
89 * @return <code>true</code> if the user is assigned the Role in any of
90 * the given Groups.
91 */
92 boolean hasRole(Role role, GroupSet groupset);
93
94 /***
95 * Checks if the user is assigned a specific Role in the Group.
96 *
97 * @param role the Role
98 * @param group the Group
99 * @return <code>true</code> if the user is assigned the Role in the Group.
100 */
101 boolean hasRole(String role, String group);
102
103 /***
104 * Checks if the user is assigned a specifie Role in any of the given
105 * Groups
106 *
107 * @param rolename the name of the Role
108 * @param groupset a Groupset
109 * @return <code>true</code> if the user is assigned the Role in any of
110 * the given Groups.
111 */
112 boolean hasRole(String rolename, GroupSet groupset);
113
114 /***
115 * Checks if the user is assigned a specific Role in the global Group.
116 *
117 * @param role the Role
118 * @return <code>true</code> if the user is assigned the Role in the global Group.
119 */
120 boolean hasRole(Role role);
121
122 /***
123 * Checks if the user is assigned a specific Role in the global Group.
124 *
125 * @param role the Role
126 * @return <code>true</code> if the user is assigned the Role in the global Group.
127 */
128 boolean hasRole(String role);
129
130 /***
131 * Checks if the user is assigned a specific Permission in the Group.
132 *
133 * @param permission the Permission
134 * @param group the Group
135 * @return <code>true</code> if the user is assigned the Permission in the Group.
136 */
137 boolean hasPermission(Permission permission, Group group);
138
139 /***
140 * Checks if the user is assigned a specific Permission in any of the given
141 * Groups
142 *
143 * @param permission the Permission
144 * @param groupset a Groupset
145 * @return <code>true</code> if the user is assigned the Permission in any
146 * of the given Groups.
147 */
148 boolean hasPermission(Permission permission, GroupSet groupset);
149
150 /***
151 * Checks if the user is assigned a specific Permission in the Group.
152 *
153 * @param permission the Permission
154 * @param group the Group
155 * @return <code>true</code> if the user is assigned the Permission in the Group.
156 */
157 boolean hasPermission(String permission, String group);
158
159 /***
160 * Checks if the user is assigned a specific Permission in the Group.
161 *
162 * @param permission the Permission
163 * @param group the Group
164 * @return <code>true</code> if the user is assigned the Permission in the Group.
165 */
166 boolean hasPermission(String permission, Group group);
167
168 /***
169 * Checks if the user is assigned a specifie Permission in any of the given
170 * Groups
171 *
172 * @param permissionName the name of the Permission
173 * @param groupset a Groupset
174 * @return <code>true</code> if the user is assigned the Permission in any
175 * of the given Groups.
176 */
177 boolean hasPermission(String permissionName, GroupSet groupset);
178
179 /***
180 * Checks if the user is assigned a specific Permission in the global Group.
181 *
182 * @param permission the Permission
183 * @return <code>true</code> if the user is assigned the Permission in the global Group.
184 */
185 boolean hasPermission(Permission permission);
186
187 /***
188 * Checks if the user is assigned a specific Permission in the global Group.
189 *
190 * @param permission the Permission
191 * @return <code>true</code> if the user is assigned the Permission in the global Group.
192 */
193 boolean hasPermission(String permission);
194
195 /***
196 * Returns all groups definded in the system.
197 *
198 * @return An Array of all defined Groups
199 *
200 * This is useful for debugging, when you want to display all roles
201 * and permissions an user is assigned. This method is needed
202 * because you can't call static methods of TurbineSecurity class
203 * from within WebMacro/Velocity template
204 */
205 Group[] getAllGroups();
206 }