src/main/java/org/apache/sling/api/security/ResourceAccessSecurity.java - sling-org-apache-sling-api - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.sling.api.security;

 import javax.annotation.CheckForNull;
 import javax.annotation.Nonnull;

 import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceResolver;

 import org.osgi.annotation.versioning.ProviderType;

 /**
  * The <code>ResourceAccessSecurity</code> defines a service API which is
  * used in two different context: for securing resource providers which
  * have no own access control and on the application level to further
  * restrict the access to resources in general.
  *
  * A resource access security service is registered with the service
  * property {@link #CONTEXT}. Allowed values are {@link #APPLICATION_CONTEXT}
  * and {@link #PROVIDER_CONTEXT}. If the value is missing or invalid,
  * the service will be ignored.
  *
  * In the context of resource providers, this service might be used
  * for implementations of resource providers where the underlying persistence
  * layer does not implement access control. The goal is to make it easy to implement
  * a lightweight access control for such providers. For example, a JCR resource
  * providers should *not* use the provider context resource access security - in a
  * JCR context, security is fully delegated to the underlying repository, and
  * mixing security models would be a bad idea.
  *
  * In the context of the application, this service might be used to add
  * additional or temporary constraints across the whole resource tree.
  *
  * It is expected to only have a single service per context in the
  * framework/application (much like the OSGi LogService or ConfigurationAdmin Service).
  * In the case of multiple services per context, the one with the highest
  * service ranking is used.
  */
 @ProviderType
 public interface ResourceAccessSecurity {

     /**
      * The name of the service registration property containing the context
      * of this service. Allowed values are {@link #APPLICATION_CONTEXT} and
      * {@link #PROVIDER_CONTEXT}.
      * This property is required and has no default value.
      * (value is "access.context")
      */
     String CONTEXT = "access.context";

     /**
      * Allowed value for the {@link #CONTEXT} service registration property.
      * Services marked with this context are applied to all resources.
      */
     String APPLICATION_CONTEXT = "application";

     /**
      * Allowed value for the {@link #CONTEXT} service registration property.
      * Services marked with this context are only applied to resource
      * providers which indicate the additional checks with the
      * {@link org.apache.sling.api.resource.ResourceProvider#USE_RESOURCE_ACCESS_SECURITY}
      * property.
      */
     String PROVIDER_CONTEXT = "provider";

     /**
      * If supplied Resource can be read, return it (or a wrapped
      * variant of it). The returned Resource should then be used
      * instead of the one that was passed into the method.
      * @param resource The resource to test.
      * @return null if {@link Resource} cannot be read
      */
     @CheckForNull Resource getReadableResource(Resource resource);

     /**
      * Check whether a resource can be created at the path.
      * @param absPathName The path to create
      * @param resourceResolver The resource resolver
      * @return true if a {@link Resource} can be created at the supplied
      *  absolute path.
      */
     boolean canCreate(@Nonnull String absPathName, @Nonnull ResourceResolver resourceResolver);

     /**
      * Check whether a resource can be updated at the path.
      * @param resource The resource to test.
      * @return true if supplied {@link Resource} can be updated
      */
     boolean canUpdate(@Nonnull Resource resource);

     /**
      * Check whether a resource can be deleted at the path.
      * @param resource The resource to test.
      * @return true if supplied {@link Resource} can be deleted
      */
     boolean canDelete(@Nonnull Resource resource);

     /**
      * Check whether a resource can be executed at the path.
      * @param resource The resource to test.
      * @return true if supplied {@link Resource} can be executed as a script
      */
     boolean canExecute(@Nonnull Resource resource);

     /**
      * Check whether a value can be read
      * @param resource The resource to test.
      * @param valueName The name of the value
      * @return true if the "valueName" value of supplied {@link Resource} can be read
      */
     boolean canReadValue(@Nonnull Resource resource, @Nonnull String valueName);

     /**
      * Check whether a value can be set
      * @param resource The resource to test.
      * @param valueName The name of the value
      * @return true if the "valueName" value of supplied {@link Resource} can be set
      */
     boolean canSetValue(@Nonnull Resource resource, @Nonnull String valueName);

     /**
      * Check whether a value can be deleted
      * @param resource The resource to test.
      * @param valueName The name of the value
      * @return true if the "valueName" value of supplied {@link Resource} can be deleted
      */
     boolean canDeleteValue(@Nonnull Resource resource, @Nonnull String valueName);

     /**
      * Optionally transform a query based on the current
      * user's credentials. Can be used to narrow down queries to omit results
      * that the current user is not allowed to see anyway, to speed up
      * downstream access control.
      *
      * Query transformations are not critical with respect to access control as results
      * are filtered downstream using the canRead.. methods.
      *
      * @param query the query
      * @param language the language in which the query is expressed
      * @param resourceResolver the resource resolver which resolves the query
      * @return the transformed query
      * @throws AccessSecurityException If access is denied
      */
     @Nonnull String transformQuery(@Nonnull String query, @Nonnull String language, @Nonnull ResourceResolver resourceResolver)
     throws AccessSecurityException;

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.sling.api.security;

	import javax.annotation.CheckForNull;
	import javax.annotation.Nonnull;

	import org.apache.sling.api.resource.Resource;
	import org.apache.sling.api.resource.ResourceResolver;

	import org.osgi.annotation.versioning.ProviderType;

	/**
	* The <code>ResourceAccessSecurity</code> defines a service API which is
	* used in two different context: for securing resource providers which
	* have no own access control and on the application level to further
	* restrict the access to resources in general.
	*
	* A resource access security service is registered with the service
	* property {@link #CONTEXT}. Allowed values are {@link #APPLICATION_CONTEXT}
	* and {@link #PROVIDER_CONTEXT}. If the value is missing or invalid,
	* the service will be ignored.
	*
	* In the context of resource providers, this service might be used
	* for implementations of resource providers where the underlying persistence
	* layer does not implement access control. The goal is to make it easy to implement
	* a lightweight access control for such providers. For example, a JCR resource
	* providers should not use the provider context resource access security - in a
	* JCR context, security is fully delegated to the underlying repository, and
	* mixing security models would be a bad idea.
	*
	* In the context of the application, this service might be used to add
	* additional or temporary constraints across the whole resource tree.
	*
	* It is expected to only have a single service per context in the
	* framework/application (much like the OSGi LogService or ConfigurationAdmin Service).
	* In the case of multiple services per context, the one with the highest
	* service ranking is used.
	*/
	@ProviderType
	public interface ResourceAccessSecurity {

	/**
	* The name of the service registration property containing the context
	* of this service. Allowed values are {@link #APPLICATION_CONTEXT} and
	* {@link #PROVIDER_CONTEXT}.
	* This property is required and has no default value.
	* (value is "access.context")
	*/
	String CONTEXT = "access.context";

	/**
	* Allowed value for the {@link #CONTEXT} service registration property.
	* Services marked with this context are applied to all resources.
	*/
	String APPLICATION_CONTEXT = "application";

	/**
	* Allowed value for the {@link #CONTEXT} service registration property.
	* Services marked with this context are only applied to resource
	* providers which indicate the additional checks with the
	* {@link org.apache.sling.api.resource.ResourceProvider#USE_RESOURCE_ACCESS_SECURITY}
	* property.
	*/
	String PROVIDER_CONTEXT = "provider";

	/**
	* If supplied Resource can be read, return it (or a wrapped
	* variant of it). The returned Resource should then be used
	* instead of the one that was passed into the method.
	* @param resource The resource to test.
	* @return null if {@link Resource} cannot be read
	*/
	@CheckForNull Resource getReadableResource(Resource resource);

	/**
	* Check whether a resource can be created at the path.
	* @param absPathName The path to create
	* @param resourceResolver The resource resolver
	* @return true if a {@link Resource} can be created at the supplied
	* absolute path.
	*/
	boolean canCreate(@Nonnull String absPathName, @Nonnull ResourceResolver resourceResolver);

	/**
	* Check whether a resource can be updated at the path.
	* @param resource The resource to test.
	* @return true if supplied {@link Resource} can be updated
	*/
	boolean canUpdate(@Nonnull Resource resource);

	/**
	* Check whether a resource can be deleted at the path.
	* @param resource The resource to test.
	* @return true if supplied {@link Resource} can be deleted
	*/
	boolean canDelete(@Nonnull Resource resource);

	/**
	* Check whether a resource can be executed at the path.
	* @param resource The resource to test.
	* @return true if supplied {@link Resource} can be executed as a script
	*/
	boolean canExecute(@Nonnull Resource resource);

	/**
	* Check whether a value can be read
	* @param resource The resource to test.
	* @param valueName The name of the value
	* @return true if the "valueName" value of supplied {@link Resource} can be read
	*/
	boolean canReadValue(@Nonnull Resource resource, @Nonnull String valueName);

	/**
	* Check whether a value can be set
	* @param resource The resource to test.
	* @param valueName The name of the value
	* @return true if the "valueName" value of supplied {@link Resource} can be set
	*/
	boolean canSetValue(@Nonnull Resource resource, @Nonnull String valueName);

	/**
	* Check whether a value can be deleted
	* @param resource The resource to test.
	* @param valueName The name of the value
	* @return true if the "valueName" value of supplied {@link Resource} can be deleted
	*/
	boolean canDeleteValue(@Nonnull Resource resource, @Nonnull String valueName);

	/**
	* Optionally transform a query based on the current
	* user's credentials. Can be used to narrow down queries to omit results
	* that the current user is not allowed to see anyway, to speed up
	* downstream access control.
	*
	* Query transformations are not critical with respect to access control as results
	* are filtered downstream using the canRead.. methods.
	*
	* @param query the query
	* @param language the language in which the query is expressed
	* @param resourceResolver the resource resolver which resolves the query
	* @return the transformed query
	* @throws AccessSecurityException If access is denied
	*/
	@Nonnull String transformQuery(@Nonnull String query, @Nonnull String language, @Nonnull ResourceResolver resourceResolver)
	throws AccessSecurityException;

	}