Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.10.1 / apidocs / src-html / org / apache / shiro / authz / Authorizer.html
blob: 21d2cf04daee7b59e32fc5d13c14b99a5b59c2f2 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Source code</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
</head>
<body>
<main role="main">
<div class="sourceContainer">
<pre><span class="sourceLineNo">001</span><a id="line.1">/*</a>
<span class="sourceLineNo">002</span><a id="line.2"> * Licensed to the Apache Software Foundation (ASF) under one</a>
<span class="sourceLineNo">003</span><a id="line.3"> * or more contributor license agreements. See the NOTICE file</a>
<span class="sourceLineNo">004</span><a id="line.4"> * distributed with this work for additional information</a>
<span class="sourceLineNo">005</span><a id="line.5"> * regarding copyright ownership. The ASF licenses this file</a>
<span class="sourceLineNo">006</span><a id="line.6"> * to you under the Apache License, Version 2.0 (the</a>
<span class="sourceLineNo">007</span><a id="line.7"> * "License"); you may not use this file except in compliance</a>
<span class="sourceLineNo">008</span><a id="line.8"> * with the License. You may obtain a copy of the License at</a>
<span class="sourceLineNo">009</span><a id="line.9"> *</a>
<span class="sourceLineNo">010</span><a id="line.10"> * http://www.apache.org/licenses/LICENSE-2.0</a>
<span class="sourceLineNo">011</span><a id="line.11"> *</a>
<span class="sourceLineNo">012</span><a id="line.12"> * Unless required by applicable law or agreed to in writing,</a>
<span class="sourceLineNo">013</span><a id="line.13"> * software distributed under the License is distributed on an</a>
<span class="sourceLineNo">014</span><a id="line.14"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a>
<span class="sourceLineNo">015</span><a id="line.15"> * KIND, either express or implied. See the License for the</a>
<span class="sourceLineNo">016</span><a id="line.16"> * specific language governing permissions and limitations</a>
<span class="sourceLineNo">017</span><a id="line.17"> * under the License.</a>
<span class="sourceLineNo">018</span><a id="line.18"> */</a>
<span class="sourceLineNo">019</span><a id="line.19">package org.apache.shiro.authz;</a>
<span class="sourceLineNo">020</span><a id="line.20"></a>
<span class="sourceLineNo">021</span><a id="line.21">import org.apache.shiro.subject.PrincipalCollection;</a>
<span class="sourceLineNo">022</span><a id="line.22"></a>
<span class="sourceLineNo">023</span><a id="line.23">import java.util.Collection;</a>
<span class="sourceLineNo">024</span><a id="line.24">import java.util.List;</a>
<span class="sourceLineNo">025</span><a id="line.25"></a>
<span class="sourceLineNo">026</span><a id="line.26">/**</a>
<span class="sourceLineNo">027</span><a id="line.27"> * An &lt;tt&gt;Authorizer&lt;/tt&gt; performs authorization (access control) operations for any given Subject</a>
<span class="sourceLineNo">028</span><a id="line.28"> * (aka 'application user').</a>
<span class="sourceLineNo">029</span><a id="line.29"> *</a>
<span class="sourceLineNo">030</span><a id="line.30"> * &lt;p&gt;Each method requires a subject principal to perform the action for the corresponding Subject/user.</a>
<span class="sourceLineNo">031</span><a id="line.31"> *</a>
<span class="sourceLineNo">032</span><a id="line.32"> * &lt;p&gt;This principal argument is usually an object representing a user database primary key or a String username or</a>
<span class="sourceLineNo">033</span><a id="line.33"> * something similar that uniquely identifies an application user. The runtime value of the this principal</a>
<span class="sourceLineNo">034</span><a id="line.34"> * is application-specific and provided by the application's configured Realms.</a>
<span class="sourceLineNo">035</span><a id="line.35"> *</a>
<span class="sourceLineNo">036</span><a id="line.36"> * &lt;p&gt;Note that there are many *Permission methods in this interface overloaded to accept String arguments instead of</a>
<span class="sourceLineNo">037</span><a id="line.37"> * {@link Permission Permission} instances. They are a convenience allowing the caller to use a String representation of</a>
<span class="sourceLineNo">038</span><a id="line.38"> * a {@link Permission Permission} if desired. Most implementations of this interface will simply convert these</a>
<span class="sourceLineNo">039</span><a id="line.39"> * String values to {@link Permission Permission} instances and then just call the corresponding type-safe method.</a>
<span class="sourceLineNo">040</span><a id="line.40"> * (Shiro's default implementations do String-to-Permission conversion for these methods using</a>
<span class="sourceLineNo">041</span><a id="line.41"> * {@link org.apache.shiro.authz.permission.PermissionResolver PermissionResolver}s.)</a>
<span class="sourceLineNo">042</span><a id="line.42"> *</a>
<span class="sourceLineNo">043</span><a id="line.43"> * &lt;p&gt;These overloaded *Permission methods &lt;em&gt;do&lt;/em&gt; forego type-safety for the benefit of convenience and simplicity,</a>
<span class="sourceLineNo">044</span><a id="line.44"> * so you should choose which ones to use based on your preferences and needs.</a>
<span class="sourceLineNo">045</span><a id="line.45"> *</a>
<span class="sourceLineNo">046</span><a id="line.46"> * @since 0.1</a>
<span class="sourceLineNo">047</span><a id="line.47"> */</a>
<span class="sourceLineNo">048</span><a id="line.48">public interface Authorizer {</a>
<span class="sourceLineNo">049</span><a id="line.49"></a>
<span class="sourceLineNo">050</span><a id="line.50"> /**</a>
<span class="sourceLineNo">051</span><a id="line.51"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding subject/user is permitted to perform an action or access a resource</a>
<span class="sourceLineNo">052</span><a id="line.52"> * summarized by the specified permission string.</a>
<span class="sourceLineNo">053</span><a id="line.53"> *</a>
<span class="sourceLineNo">054</span><a id="line.54"> * &lt;p&gt;This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.</a>
<span class="sourceLineNo">055</span><a id="line.55"> * Please see the class-level JavaDoc for more information on these String-based permission methods.</a>
<span class="sourceLineNo">056</span><a id="line.56"> *</a>
<span class="sourceLineNo">057</span><a id="line.57"> * @param principals the application-specific subject/user identifier.</a>
<span class="sourceLineNo">058</span><a id="line.58"> * @param permission the String representation of a Permission that is being checked.</a>
<span class="sourceLineNo">059</span><a id="line.59"> * @return true if the corresponding Subject/user is permitted, false otherwise.</a>
<span class="sourceLineNo">060</span><a id="line.60"> * @see #isPermitted(PrincipalCollection principals,Permission permission)</a>
<span class="sourceLineNo">061</span><a id="line.61"> * @since 0.9</a>
<span class="sourceLineNo">062</span><a id="line.62"> */</a>
<span class="sourceLineNo">063</span><a id="line.63"> boolean isPermitted(PrincipalCollection principals, String permission);</a>
<span class="sourceLineNo">064</span><a id="line.64"></a>
<span class="sourceLineNo">065</span><a id="line.65"> /**</a>
<span class="sourceLineNo">066</span><a id="line.66"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding subject/user is permitted to perform an action or access a resource</a>
<span class="sourceLineNo">067</span><a id="line.67"> * summarized by the specified permission.</a>
<span class="sourceLineNo">068</span><a id="line.68"> *</a>
<span class="sourceLineNo">069</span><a id="line.69"> * &lt;p&gt;More specifically, this method determines if any &lt;tt&gt;Permission&lt;/tt&gt;s associated</a>
<span class="sourceLineNo">070</span><a id="line.70"> * with the subject {@link Permission#implies(Permission) imply} the specified permission.</a>
<span class="sourceLineNo">071</span><a id="line.71"> *</a>
<span class="sourceLineNo">072</span><a id="line.72"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">073</span><a id="line.73"> * @param permission the permission that is being checked.</a>
<span class="sourceLineNo">074</span><a id="line.74"> * @return true if the corresponding Subject/user is permitted, false otherwise.</a>
<span class="sourceLineNo">075</span><a id="line.75"> */</a>
<span class="sourceLineNo">076</span><a id="line.76"> boolean isPermitted(PrincipalCollection subjectPrincipal, Permission permission);</a>
<span class="sourceLineNo">077</span><a id="line.77"></a>
<span class="sourceLineNo">078</span><a id="line.78"> /**</a>
<span class="sourceLineNo">079</span><a id="line.79"> * Checks if the corresponding Subject implies the given permission strings and returns a boolean array</a>
<span class="sourceLineNo">080</span><a id="line.80"> * indicating which permissions are implied.</a>
<span class="sourceLineNo">081</span><a id="line.81"> *</a>
<span class="sourceLineNo">082</span><a id="line.82"> * &lt;p&gt;This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.</a>
<span class="sourceLineNo">083</span><a id="line.83"> * Please see the class-level JavaDoc for more information on these String-based permission methods.</a>
<span class="sourceLineNo">084</span><a id="line.84"> *</a>
<span class="sourceLineNo">085</span><a id="line.85"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">086</span><a id="line.86"> * @param permissions the String representations of the Permissions that are being checked.</a>
<span class="sourceLineNo">087</span><a id="line.87"> * @return an array of booleans whose indices correspond to the index of the</a>
<span class="sourceLineNo">088</span><a id="line.88"> * permissions in the given list. A true value at an index indicates the user is permitted for</a>
<span class="sourceLineNo">089</span><a id="line.89"> * for the associated &lt;tt&gt;Permission&lt;/tt&gt; string in the list. A false value at an index</a>
<span class="sourceLineNo">090</span><a id="line.90"> * indicates otherwise.</a>
<span class="sourceLineNo">091</span><a id="line.91"> * @since 0.9</a>
<span class="sourceLineNo">092</span><a id="line.92"> */</a>
<span class="sourceLineNo">093</span><a id="line.93"> boolean[] isPermitted(PrincipalCollection subjectPrincipal, String... permissions);</a>
<span class="sourceLineNo">094</span><a id="line.94"></a>
<span class="sourceLineNo">095</span><a id="line.95"> /**</a>
<span class="sourceLineNo">096</span><a id="line.96"> * Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating</a>
<span class="sourceLineNo">097</span><a id="line.97"> * which permissions are implied.</a>
<span class="sourceLineNo">098</span><a id="line.98"> *</a>
<span class="sourceLineNo">099</span><a id="line.99"> * &lt;p&gt;More specifically, this method should determine if each &lt;tt&gt;Permission&lt;/tt&gt; in</a>
<span class="sourceLineNo">100</span><a id="line.100"> * the array is {@link Permission#implies(Permission) implied} by permissions</a>
<span class="sourceLineNo">101</span><a id="line.101"> * already associated with the subject.</a>
<span class="sourceLineNo">102</span><a id="line.102"> *</a>
<span class="sourceLineNo">103</span><a id="line.103"> * &lt;p&gt;This is primarily a performance-enhancing method to help reduce the number of</a>
<span class="sourceLineNo">104</span><a id="line.104"> * {@link #isPermitted} invocations over the wire in client/server systems.</a>
<span class="sourceLineNo">105</span><a id="line.105"> *</a>
<span class="sourceLineNo">106</span><a id="line.106"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">107</span><a id="line.107"> * @param permissions the permissions that are being checked.</a>
<span class="sourceLineNo">108</span><a id="line.108"> * @return an array of booleans whose indices correspond to the index of the</a>
<span class="sourceLineNo">109</span><a id="line.109"> * permissions in the given list. A true value at an index indicates the user is permitted for</a>
<span class="sourceLineNo">110</span><a id="line.110"> * for the associated &lt;tt&gt;Permission&lt;/tt&gt; object in the list. A false value at an index</a>
<span class="sourceLineNo">111</span><a id="line.111"> * indicates otherwise.</a>
<span class="sourceLineNo">112</span><a id="line.112"> */</a>
<span class="sourceLineNo">113</span><a id="line.113"> boolean[] isPermitted(PrincipalCollection subjectPrincipal, List&lt;Permission&gt; permissions);</a>
<span class="sourceLineNo">114</span><a id="line.114"></a>
<span class="sourceLineNo">115</span><a id="line.115"> /**</a>
<span class="sourceLineNo">116</span><a id="line.116"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding Subject/user implies all of the specified permission strings,</a>
<span class="sourceLineNo">117</span><a id="line.117"> * &lt;tt&gt;false&lt;/tt&gt; otherwise.</a>
<span class="sourceLineNo">118</span><a id="line.118"> *</a>
<span class="sourceLineNo">119</span><a id="line.119"> * &lt;p&gt;This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.</a>
<span class="sourceLineNo">120</span><a id="line.120"> * Please see the class-level JavaDoc for more information on these String-based permission methods.</a>
<span class="sourceLineNo">121</span><a id="line.121"> *</a>
<span class="sourceLineNo">122</span><a id="line.122"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">123</span><a id="line.123"> * @param permissions the String representations of the Permissions that are being checked.</a>
<span class="sourceLineNo">124</span><a id="line.124"> * @return true if the user has all of the specified permissions, false otherwise.</a>
<span class="sourceLineNo">125</span><a id="line.125"> * @see #isPermittedAll(PrincipalCollection,Collection)</a>
<span class="sourceLineNo">126</span><a id="line.126"> * @since 0.9</a>
<span class="sourceLineNo">127</span><a id="line.127"> */</a>
<span class="sourceLineNo">128</span><a id="line.128"> boolean isPermittedAll(PrincipalCollection subjectPrincipal, String... permissions);</a>
<span class="sourceLineNo">129</span><a id="line.129"></a>
<span class="sourceLineNo">130</span><a id="line.130"> /**</a>
<span class="sourceLineNo">131</span><a id="line.131"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding Subject/user implies all of the specified permissions, &lt;tt&gt;false&lt;/tt&gt;</a>
<span class="sourceLineNo">132</span><a id="line.132"> * otherwise.</a>
<span class="sourceLineNo">133</span><a id="line.133"> *</a>
<span class="sourceLineNo">134</span><a id="line.134"> * &lt;p&gt;More specifically, this method determines if all of the given &lt;tt&gt;Permission&lt;/tt&gt;s are</a>
<span class="sourceLineNo">135</span><a id="line.135"> * {@link Permission#implies(Permission) implied by} permissions already associated with the subject.</a>
<span class="sourceLineNo">136</span><a id="line.136"> *</a>
<span class="sourceLineNo">137</span><a id="line.137"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">138</span><a id="line.138"> * @param permissions the permissions to check.</a>
<span class="sourceLineNo">139</span><a id="line.139"> * @return true if the user has all of the specified permissions, false otherwise.</a>
<span class="sourceLineNo">140</span><a id="line.140"> */</a>
<span class="sourceLineNo">141</span><a id="line.141"> boolean isPermittedAll(PrincipalCollection subjectPrincipal, Collection&lt;Permission&gt; permissions);</a>
<span class="sourceLineNo">142</span><a id="line.142"></a>
<span class="sourceLineNo">143</span><a id="line.143"> /**</a>
<span class="sourceLineNo">144</span><a id="line.144"> * Ensures the corresponding Subject/user implies the specified permission String.</a>
<span class="sourceLineNo">145</span><a id="line.145"> *</a>
<span class="sourceLineNo">146</span><a id="line.146"> * &lt;p&gt;If the subject's existing associated permissions do not {@link Permission#implies(Permission)} imply}</a>
<span class="sourceLineNo">147</span><a id="line.147"> * the given permission, an {@link AuthorizationException} will be thrown.</a>
<span class="sourceLineNo">148</span><a id="line.148"> *</a>
<span class="sourceLineNo">149</span><a id="line.149"> * &lt;p&gt;This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.</a>
<span class="sourceLineNo">150</span><a id="line.150"> * Please see the class-level JavaDoc for more information on these String-based permission methods.</a>
<span class="sourceLineNo">151</span><a id="line.151"> *</a>
<span class="sourceLineNo">152</span><a id="line.152"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">153</span><a id="line.153"> * @param permission the String representation of the Permission to check.</a>
<span class="sourceLineNo">154</span><a id="line.154"> * @throws AuthorizationException</a>
<span class="sourceLineNo">155</span><a id="line.155"> * if the user does not have the permission.</a>
<span class="sourceLineNo">156</span><a id="line.156"> * @since 0.9</a>
<span class="sourceLineNo">157</span><a id="line.157"> */</a>
<span class="sourceLineNo">158</span><a id="line.158"> void checkPermission(PrincipalCollection subjectPrincipal, String permission) throws AuthorizationException;</a>
<span class="sourceLineNo">159</span><a id="line.159"></a>
<span class="sourceLineNo">160</span><a id="line.160"> /**</a>
<span class="sourceLineNo">161</span><a id="line.161"> * Ensures a subject/user {@link Permission#implies(Permission)} implies} the specified &lt;tt&gt;Permission&lt;/tt&gt;.</a>
<span class="sourceLineNo">162</span><a id="line.162"> * If the subject's existing associated permissions do not {@link Permission#implies(Permission)} imply}</a>
<span class="sourceLineNo">163</span><a id="line.163"> * the given permission, an {@link AuthorizationException} will be thrown.</a>
<span class="sourceLineNo">164</span><a id="line.164"> *</a>
<span class="sourceLineNo">165</span><a id="line.165"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">166</span><a id="line.166"> * @param permission the Permission to check.</a>
<span class="sourceLineNo">167</span><a id="line.167"> * @throws AuthorizationException</a>
<span class="sourceLineNo">168</span><a id="line.168"> * if the user does not have the permission.</a>
<span class="sourceLineNo">169</span><a id="line.169"> */</a>
<span class="sourceLineNo">170</span><a id="line.170"> void checkPermission(PrincipalCollection subjectPrincipal, Permission permission) throws AuthorizationException;</a>
<span class="sourceLineNo">171</span><a id="line.171"></a>
<span class="sourceLineNo">172</span><a id="line.172"> /**</a>
<span class="sourceLineNo">173</span><a id="line.173"> * Ensures the corresponding Subject/user</a>
<span class="sourceLineNo">174</span><a id="line.174"> * {@link Permission#implies(Permission) implies} all of the</a>
<span class="sourceLineNo">175</span><a id="line.175"> * specified permission strings.</a>
<span class="sourceLineNo">176</span><a id="line.176"> *</a>
<span class="sourceLineNo">177</span><a id="line.177"> * If the subject's existing associated permissions do not</a>
<span class="sourceLineNo">178</span><a id="line.178"> * {@link Permission#implies(Permission) imply} all of the given permissions,</a>
<span class="sourceLineNo">179</span><a id="line.179"> * an {@link AuthorizationException} will be thrown.</a>
<span class="sourceLineNo">180</span><a id="line.180"> *</a>
<span class="sourceLineNo">181</span><a id="line.181"> * &lt;p&gt;This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.</a>
<span class="sourceLineNo">182</span><a id="line.182"> * Please see the class-level JavaDoc for more information on these String-based permission methods.</a>
<span class="sourceLineNo">183</span><a id="line.183"> *</a>
<span class="sourceLineNo">184</span><a id="line.184"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">185</span><a id="line.185"> * @param permissions the string representations of Permissions to check.</a>
<span class="sourceLineNo">186</span><a id="line.186"> * @throws AuthorizationException if the user does not have all of the given permissions.</a>
<span class="sourceLineNo">187</span><a id="line.187"> * @since 0.9</a>
<span class="sourceLineNo">188</span><a id="line.188"> */</a>
<span class="sourceLineNo">189</span><a id="line.189"> void checkPermissions(PrincipalCollection subjectPrincipal, String... permissions) throws AuthorizationException;</a>
<span class="sourceLineNo">190</span><a id="line.190"></a>
<span class="sourceLineNo">191</span><a id="line.191"> /**</a>
<span class="sourceLineNo">192</span><a id="line.192"> * Ensures the corresponding Subject/user</a>
<span class="sourceLineNo">193</span><a id="line.193"> * {@link Permission#implies(Permission) implies} all of the</a>
<span class="sourceLineNo">194</span><a id="line.194"> * specified permission strings.</a>
<span class="sourceLineNo">195</span><a id="line.195"> *</a>
<span class="sourceLineNo">196</span><a id="line.196"> * If the subject's existing associated permissions do not</a>
<span class="sourceLineNo">197</span><a id="line.197"> * {@link Permission#implies(Permission) imply} all of the given permissions,</a>
<span class="sourceLineNo">198</span><a id="line.198"> * an {@link AuthorizationException} will be thrown.</a>
<span class="sourceLineNo">199</span><a id="line.199"> *</a>
<span class="sourceLineNo">200</span><a id="line.200"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">201</span><a id="line.201"> * @param permissions the Permissions to check.</a>
<span class="sourceLineNo">202</span><a id="line.202"> * @throws AuthorizationException if the user does not have all of the given permissions.</a>
<span class="sourceLineNo">203</span><a id="line.203"> */</a>
<span class="sourceLineNo">204</span><a id="line.204"> void checkPermissions(PrincipalCollection subjectPrincipal, Collection&lt;Permission&gt; permissions) throws AuthorizationException;</a>
<span class="sourceLineNo">205</span><a id="line.205"></a>
<span class="sourceLineNo">206</span><a id="line.206"> /**</a>
<span class="sourceLineNo">207</span><a id="line.207"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding Subject/user has the specified role, &lt;tt&gt;false&lt;/tt&gt; otherwise.</a>
<span class="sourceLineNo">208</span><a id="line.208"> *</a>
<span class="sourceLineNo">209</span><a id="line.209"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">210</span><a id="line.210"> * @param roleIdentifier the application-specific role identifier (usually a role id or role name).</a>
<span class="sourceLineNo">211</span><a id="line.211"> * @return &lt;tt&gt;true&lt;/tt&gt; if the corresponding subject has the specified role, &lt;tt&gt;false&lt;/tt&gt; otherwise.</a>
<span class="sourceLineNo">212</span><a id="line.212"> */</a>
<span class="sourceLineNo">213</span><a id="line.213"> boolean hasRole(PrincipalCollection subjectPrincipal, String roleIdentifier);</a>
<span class="sourceLineNo">214</span><a id="line.214"></a>
<span class="sourceLineNo">215</span><a id="line.215"> /**</a>
<span class="sourceLineNo">216</span><a id="line.216"> * Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating</a>
<span class="sourceLineNo">217</span><a id="line.217"> * which roles are associated with the given subject.</a>
<span class="sourceLineNo">218</span><a id="line.218"> *</a>
<span class="sourceLineNo">219</span><a id="line.219"> * &lt;p&gt;This is primarily a performance-enhancing method to help reduce the number of</a>
<span class="sourceLineNo">220</span><a id="line.220"> * {@link #hasRole} invocations over the wire in client/server systems.</a>
<span class="sourceLineNo">221</span><a id="line.221"> *</a>
<span class="sourceLineNo">222</span><a id="line.222"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">223</span><a id="line.223"> * @param roleIdentifiers the application-specific role identifiers to check (usually role ids or role names).</a>
<span class="sourceLineNo">224</span><a id="line.224"> * @return an array of booleans whose indices correspond to the index of the</a>
<span class="sourceLineNo">225</span><a id="line.225"> * roles in the given identifiers. A true value indicates the user has the</a>
<span class="sourceLineNo">226</span><a id="line.226"> * role at that index. False indicates the user does not have the role at that index.</a>
<span class="sourceLineNo">227</span><a id="line.227"> */</a>
<span class="sourceLineNo">228</span><a id="line.228"> boolean[] hasRoles(PrincipalCollection subjectPrincipal, List&lt;String&gt; roleIdentifiers);</a>
<span class="sourceLineNo">229</span><a id="line.229"></a>
<span class="sourceLineNo">230</span><a id="line.230"> /**</a>
<span class="sourceLineNo">231</span><a id="line.231"> * Returns &lt;tt&gt;true&lt;/tt&gt; if the corresponding Subject/user has all of the specified roles, &lt;tt&gt;false&lt;/tt&gt; otherwise.</a>
<span class="sourceLineNo">232</span><a id="line.232"> *</a>
<span class="sourceLineNo">233</span><a id="line.233"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">234</span><a id="line.234"> * @param roleIdentifiers the application-specific role identifiers to check (usually role ids or role names).</a>
<span class="sourceLineNo">235</span><a id="line.235"> * @return true if the user has all the roles, false otherwise.</a>
<span class="sourceLineNo">236</span><a id="line.236"> */</a>
<span class="sourceLineNo">237</span><a id="line.237"> boolean hasAllRoles(PrincipalCollection subjectPrincipal, Collection&lt;String&gt; roleIdentifiers);</a>
<span class="sourceLineNo">238</span><a id="line.238"></a>
<span class="sourceLineNo">239</span><a id="line.239"> /**</a>
<span class="sourceLineNo">240</span><a id="line.240"> * Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an</a>
<span class="sourceLineNo">241</span><a id="line.241"> * {@link AuthorizationException} if they do not.</a>
<span class="sourceLineNo">242</span><a id="line.242"> *</a>
<span class="sourceLineNo">243</span><a id="line.243"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">244</span><a id="line.244"> * @param roleIdentifier the application-specific role identifier (usually a role id or role name ).</a>
<span class="sourceLineNo">245</span><a id="line.245"> * @throws AuthorizationException</a>
<span class="sourceLineNo">246</span><a id="line.246"> * if the user does not have the role.</a>
<span class="sourceLineNo">247</span><a id="line.247"> */</a>
<span class="sourceLineNo">248</span><a id="line.248"> void checkRole(PrincipalCollection subjectPrincipal, String roleIdentifier) throws AuthorizationException;</a>
<span class="sourceLineNo">249</span><a id="line.249"></a>
<span class="sourceLineNo">250</span><a id="line.250"> /**</a>
<span class="sourceLineNo">251</span><a id="line.251"> * Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or</a>
<span class="sourceLineNo">252</span><a id="line.252"> * throwing an {@link AuthorizationException} if they do not.</a>
<span class="sourceLineNo">253</span><a id="line.253"> *</a>
<span class="sourceLineNo">254</span><a id="line.254"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">255</span><a id="line.255"> * @param roleIdentifiers the application-specific role identifiers to check (usually role ids or role names).</a>
<span class="sourceLineNo">256</span><a id="line.256"> * @throws AuthorizationException</a>
<span class="sourceLineNo">257</span><a id="line.257"> * if the user does not have all of the specified roles.</a>
<span class="sourceLineNo">258</span><a id="line.258"> */</a>
<span class="sourceLineNo">259</span><a id="line.259"> void checkRoles(PrincipalCollection subjectPrincipal, Collection&lt;String&gt; roleIdentifiers) throws AuthorizationException;</a>
<span class="sourceLineNo">260</span><a id="line.260"></a>
<span class="sourceLineNo">261</span><a id="line.261"> /**</a>
<span class="sourceLineNo">262</span><a id="line.262"> * Same as {@link #checkRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)</a>
<span class="sourceLineNo">263</span><a id="line.263"> * checkRoles(PrincipalCollection subjectPrincipal, Collection&amp;lt;String&amp;gt; roleIdentifiers)} but doesn't require a collection</a>
<span class="sourceLineNo">264</span><a id="line.264"> * as an argument.</a>
<span class="sourceLineNo">265</span><a id="line.265"> * Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or</a>
<span class="sourceLineNo">266</span><a id="line.266"> * throwing an {@link AuthorizationException} if they do not.</a>
<span class="sourceLineNo">267</span><a id="line.267"> *</a>
<span class="sourceLineNo">268</span><a id="line.268"> * @param subjectPrincipal the application-specific subject/user identifier.</a>
<span class="sourceLineNo">269</span><a id="line.269"> * @param roleIdentifiers the application-specific role identifiers to check (usually role ids or role names).</a>
<span class="sourceLineNo">270</span><a id="line.270"> * @throws AuthorizationException</a>
<span class="sourceLineNo">271</span><a id="line.271"> * if the user does not have all of the specified roles.</a>
<span class="sourceLineNo">272</span><a id="line.272"> * </a>
<span class="sourceLineNo">273</span><a id="line.273"> * @since 1.1.0</a>
<span class="sourceLineNo">274</span><a id="line.274"> */</a>
<span class="sourceLineNo">275</span><a id="line.275"> void checkRoles(PrincipalCollection subjectPrincipal, String... roleIdentifiers) throws AuthorizationException;</a>
<span class="sourceLineNo">276</span><a id="line.276"> </a>
<span class="sourceLineNo">277</span><a id="line.277">}</a>
<span class="sourceLineNo">278</span><a id="line.278"></a>
</pre>
</div>
</main>
</body>
</html>