Google Git
Sign in
apache / directory-fortress-core / refs/tags/v1.0-RC32 / . / src / main / java / us / jts / fortress / DelAccessMgr.java
blob: ebcabb7bae0f59d0926fee3d3e87f31ac2f6a299 [file] [log] [blame]
/*
* Copyright (c) 2009-2013, JoshuaTree. All Rights Reserved.
*/
package us.jts.fortress;
import us.jts.fortress.rbac.UserAdminRole;
import us.jts.fortress.rbac.Permission;
import us.jts.fortress.rbac.Role;
import us.jts.fortress.rbac.Session;
import us.jts.fortress.rbac.User;
import java.util.List;
import java.util.Set;
/**
* This interface prescribes the API for performing runtime delegated access control operations on objects that are provisioned Fortress ARBAC entities
* that reside in LDAP directory.
* These APIs map directly to similar named APIs specified by ARBAC02 functions. The ARBAC Functional specification describes delegated administrative
* operations for the creation and maintenance of ARBAC element sets and relations. Delegated administrative review functions for performing administrative queries
* and system functions for creating and managing ARBAC attributes on user sessions and making delegated administrative access control decisions.
* <h3>Administrative Role Based Access Control (ARBAC)</h3>
* <img src="./doc-files/ARbac.png">
* <p/>
* Fortress fully supports the Oh/Sandhu/Zhang ARBAC02 model for delegated administration. ARBAC provides large enterprises the capability to delegate administrative authority to users that reside outside of the security admin group.
* Decentralizing administration helps because it provides security provisioning capability to work groups without sacrificing regulations for accountability or traceability.
* <p/>
* This interface's implementer will NOT be thread safe if parent instance variables ({@link Manageable#setContextId(String)} or {@link Manageable#setAdmin(us.jts.fortress.rbac.Session)}) are set.
*
* @author Shawn McKinney
*/
public interface DelAccessMgr extends Manageable
{
/**
* This function will determine if the user contains an AdminRole that is authorized assignment control over
* User-Role Assignment (URA). This adheres to the ARBAC02 functional specification for can-assign URA.
*
* @param session This object must be instantiated by calling {@link AccessMgr#createSession(us.jts.fortress.rbac.User, boolean)} before passing into the method. No variables need to be set by client after returned from createSession.
* @param user Instantiated User entity requires only valid userId attribute set.
* @param role Instantiated Role entity requires only valid role name attribute set.
* @return boolean value true indicates access allowed.
* @throws us.jts.fortress.SecurityException
* In the event of data validation error (i.e. invalid userId or role name) or system error.
*/
public boolean canAssign(Session session, User user, Role role)
throws SecurityException;
/**
* This function will determine if the user contains an AdminRole that is authorized revoke control over
* User-Role Assignment (URA). This adheres to the ARBAC02 functional specification for can-revoke URA.
*
* @param session This object must be instantiated by calling {@link AccessMgr#createSession} method before passing into the method. No variables need to be set by client after returned from createSession. * @param user Instantiated User entity requires only valid userId attribute set.
* @param role Instantiated Role entity requires only valid role name attribute set.
* @return boolean value true indicates access allowed.
* @throws us.jts.fortress.SecurityException
* In the event of data validation error (i.e. invalid userId or role name) or system error.
*/
public boolean canDeassign(Session session, User user, Role role)
throws SecurityException;
/**
* This function will determine if the user contains an AdminRole that is authorized assignment control over
* Permission-Role Assignment (PRA). This adheres to the ARBAC02 functional specification for can-assign-p PRA.
*
* @param session This object must be instantiated by calling {@link AccessMgr#createSession} method before passing into the method. No variables need to be set by client after returned from createSession. * @param perm Instantiated Permission entity requires valid object name and operation name attributes set.
* @param role Instantiated Role entity requires only valid role name attribute set.
* @return boolean value true indicates access allowed.
* @throws us.jts.fortress.SecurityException
* In the event of data validation error (i.e. invalid perm or role name) or system error.
*/
public boolean canGrant(Session session, Role role, Permission perm)
throws SecurityException;
/**
* This function will determine if the user contains an AdminRole that is authorized revoke control over
* Permission-Role Assignment (PRA). This adheres to the ARBAC02 functional specification for can-revoke-p PRA.
*
* @param session This object must be instantiated by calling {@link AccessMgr#createSession} method before passing into the method. No variables need to be set by client after returned from createSession. * @param perm Instantiated Permission entity requires valid object name and operation name attributes set.
* @param role Instantiated Role entity requires only valid role name attribute set.
* @return boolean value true indicates access allowed.
* @throws SecurityException In the event of data validation error (i.e. invalid perm or role name) or system error.
*/
public boolean canRevoke(Session session, Role role, Permission perm)
throws SecurityException;
/**
* This function returns a Boolean value meaning whether the subject of a given session is
* allowed or not to perform a given operation on a given object. The function is valid if and
* only if the session is a valid Fortress session, the object is a member of the OBJS data set,
* and the operation is a member of the OPS data set. The session's subject has the permission
* to perform the operation on that object if and only if that permission is assigned to (at least)
* one of the session's active roles. This implementation will verify the roles or userId correspond
* to the subject's active roles are registered in the object's access control list.
*
* @param perm object contains obj attribute which is a String and contains the name of the object user is trying to access;
* perm object contains operation attribute which is also a String and contains the operation name for the object.
* @param session This object must be instantiated by calling {@link AccessMgr#createSession} method before passing into the method. No variables need to be set by client after returned from createSession.
* @return True of user has access, false otherwise.
* @throws us.jts.fortress.SecurityException
* is thrown if runtime error occurs with system.
*/
public boolean checkAccess(Session session, Permission perm)
throws us.jts.fortress.SecurityException;
/**
* This function adds an adminRole as an active role of a session whose owner is a given user.
* <p>
* The function is valid if and only if:
* <ul>
* <li> the user is a member of the USERS data set
* <li> the role is a member of the ADMIN ROLES data set
* <li> the session is a valid Fortress session
* <li> the user is authorized to that admin role
* <li> the session is owned by that user.
* </ul>
* </p>
*
* @param session object contains the user's returned RBAC and ARBAC sessions from the createSession method.
* @param role object contains the adminRole name to be activated into session.
* @throws us.jts.fortress.SecurityException
* is thrown if user is not allowed to activate or runtime error occurs with system.
*/
public void addActiveRole(Session session, UserAdminRole role)
throws us.jts.fortress.SecurityException;
/**
* This function deactivates adminRole from the active adminRole set of a session owned by a given user.
* The function is valid if and only if the user is a member of the USERS data set, the
* session object contains a valid Fortress session, the session is owned by the user,
* and the adminRole is an active adminRole of that session.
*
* @param session object contains the user's returned RBAC and ARBAC sessions from the createSession method.
* @param role object contains the adminRole name to be deactivated.
* @throws SecurityException is thrown if user is not allowed to deactivate or runtime error occurs with system.
*/
public void dropActiveRole(Session session, UserAdminRole role)
throws SecurityException;
/**
* This function returns the active admin roles associated with a session. The function is valid if
* and only if the session is a valid Fortress session.
*
* @param session object contains the user's returned ARBAC session from the createSession method.
* @return List<UserAdminRole> containing all adminRoles active in user's session. This will NOT contain inherited roles.
* @throws us.jts.fortress.SecurityException
* is thrown if session invalid or system. error.
*/
public List<UserAdminRole> sessionAdminRoles(Session session)
throws SecurityException;
/**
* This function returns the authorized admin roles associated with a session based on hierarchical relationships. The function is valid if
* and only if the session is a valid Fortress session.
*
* @param session object contains the user's returned ARBAC session from the createSession method.
* @return Set<String> containing all adminRoles authorized in user's session. This will contain inherited roles.
* @throws SecurityException is thrown if session invalid or system. error.
*/
public Set<String> authorizedAdminRoles(Session session)
throws SecurityException;
/**
* This function returns the ARBAC (administrative) permissions of the session, i.e., the permissions assigned
* to its authorized admin roles. The function is valid if and only if the session is a valid Fortress session.
*
* @param session object contains the user's returned ARBAC session from the createSession method.
* @return List<Permission> containing admin permissions (op, obj) active for user's session.
* @throws SecurityException in the event runtime error occurs with system.
*/
public List<Permission> sessionPermissions(Session session)
throws SecurityException;
}