src/java/org/apache/turbine/util/security/AccessControlList.java - turbine-core - Git at Google

 package org.apache.turbine.util.security;

 /* ====================================================================
  * The Apache Software License, Version 1.1
  *
  * Copyright (c) 2001-2003 The Apache Software Foundation.  All rights
  * reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
  *
  * 3. The end-user documentation included with the redistribution,
  *    if any, must include the following acknowledgment:
  *       "This product includes software developed by the
  *        Apache Software Foundation (http://www.apache.org/)."
  *    Alternately, this acknowledgment may appear in the software itself,
  *    if and wherever such third-party acknowledgments normally appear.
  *
  * 4. The names "Apache" and "Apache Software Foundation" and
  *    "Apache Turbine" must not be used to endorse or promote products
  *    derived from this software without prior written permission. For
  *    written permission, please contact apache@apache.org.
  *
  * 5. Products derived from this software may not be called "Apache",
  *    "Apache Turbine", nor may "Apache" appear in their name, without
  *    prior written permission of the Apache Software Foundation.
  *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  * ====================================================================
  *
  * This software consists of voluntary contributions made by many
  * individuals on behalf of the Apache Software Foundation.  For more
  * information on the Apache Software Foundation, please see
  * <http://www.apache.org/>.
  */

 import java.io.Serializable;

 import org.apache.turbine.om.security.Group;
 import org.apache.turbine.om.security.Permission;
 import org.apache.turbine.om.security.Role;

 /**
  * This interface describes a control class that makes it
  * easy to find out if a particular User has a given Permission.
  * It also determines if a User has a a particular Role.
  *
  * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
  * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
  * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
  * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
  * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
  * @version $Id$
  */
 public interface AccessControlList
         extends Serializable
 {
     /** The default Session key for the Access Control List */
     public static final java.lang.String SESSION_KEY = "turbine.AccessControlList";

     /**
      * Retrieves a set of Roles an user is assigned in a Group.
      *
      * @param group the Group
      * @return the set of Roles this user has within the Group.
      */
     RoleSet getRoles(Group group);

     /**
      * Retrieves a set of Roles an user is assigned in the global Group.
      *
      * @return the set of Roles this user has within the global Group.
      */
     RoleSet getRoles();

     /**
      * Retrieves a set of Permissions an user is assigned in a Group.
      *
      * @param group the Group
      * @return the set of Permissions this user has within the Group.
      */
     PermissionSet getPermissions(Group group);

     /**
      * Retrieves a set of Permissions an user is assigned in the global Group.
      *
      * @return the set of Permissions this user has within the global Group.
      */
     PermissionSet getPermissions();

     /**
      * Checks if the user is assigned a specific Role in the Group.
      *
      * @param role the Role
      * @param group the Group
      * @return <code>true</code> if the user is assigned the Role in the Group.
      */
     boolean hasRole(Role role, Group group);

     /**
      * Checks if the user is assigned a specific Role in any of the given
      * Groups
      *
      * @param role the Role
      * @param groupset a Groupset
      * @return <code>true</code> if the user is assigned the Role in any of
      *         the given Groups.
      */
     boolean hasRole(Role role, GroupSet groupset);

     /**
      * Checks if the user is assigned a specific Role in the Group.
      *
      * @param role the Role
      * @param group the Group
      * @return <code>true</code> if the user is assigned the Role in the Group.
      */
     boolean hasRole(String role, String group);

     /**
      * Checks if the user is assigned a specifie Role in any of the given
      * Groups
      *
      * @param rolename the name of the Role
      * @param groupset a Groupset
      * @return <code>true</code> if the user is assigned the Role in any of
      *         the given Groups.
      */
     boolean hasRole(String rolename, GroupSet groupset);

     /**
      * Checks if the user is assigned a specific Role in the global Group.
      *
      * @param role the Role
      * @return <code>true</code> if the user is assigned the Role in the global Group.
      */
     boolean hasRole(Role role);

     /**
      * Checks if the user is assigned a specific Role in the global Group.
      *
      * @param role the Role
      * @return <code>true</code> if the user is assigned the Role in the global Group.
      */
     boolean hasRole(String role);

     /**
      * Checks if the user is assigned a specific Permission in the Group.
      *
      * @param permission the Permission
      * @param group the Group
      * @return <code>true</code> if the user is assigned the Permission in the Group.
      */
     boolean hasPermission(Permission permission, Group group);

     /**
      * Checks if the user is assigned a specific Permission in any of the given
      * Groups
      *
      * @param permission the Permission
      * @param groupset a Groupset
      * @return <code>true</code> if the user is assigned the Permission in any
      *         of the given Groups.
      */
     boolean hasPermission(Permission permission, GroupSet groupset);

     /**
      * Checks if the user is assigned a specific Permission in the Group.
      *
      * @param permission the Permission
      * @param group the Group
      * @return <code>true</code> if the user is assigned the Permission in the Group.
      */
     boolean hasPermission(String permission, String group);

     /**
      * Checks if the user is assigned a specific Permission in the Group.
      *
      * @param permission the Permission
      * @param group the Group
      * @return <code>true</code> if the user is assigned the Permission in the Group.
      */
     boolean hasPermission(String permission, Group group);

     /**
      * Checks if the user is assigned a specifie Permission in any of the given
      * Groups
      *
      * @param permissionName the name of the Permission
      * @param groupset a Groupset
      * @return <code>true</code> if the user is assigned the Permission in any
      *         of the given Groups.
      */
     boolean hasPermission(String permissionName, GroupSet groupset);

     /**
      * Checks if the user is assigned a specific Permission in the global Group.
      *
      * @param permission the Permission
      * @return <code>true</code> if the user is assigned the Permission in the global Group.
      */
     boolean hasPermission(Permission permission);

     /**
      * Checks if the user is assigned a specific Permission in the global Group.
      *
      * @param permission the Permission
      * @return <code>true</code> if the user is assigned the Permission in the global Group.
      */
     boolean hasPermission(String permission);

     /**
      * Returns all groups definded in the system.
      *
      * @return An Array of all defined Groups
      *
      * This is useful for debugging, when you want to display all roles
      * and permissions an user is assigned. This method is needed
      * because you can't call static methods of TurbineSecurity class
      * from within WebMacro/Velocity template
      */
     Group[] getAllGroups();
 }
	package org.apache.turbine.util.security;

	/* ====================================================================
	* The Apache Software License, Version 1.1
	*
	* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
	* reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	*
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	*
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in
	* the documentation and/or other materials provided with the
	* distribution.
	*
	* 3. The end-user documentation included with the redistribution,
	* if any, must include the following acknowledgment:
	* "This product includes software developed by the
	* Apache Software Foundation (http://www.apache.org/)."
	* Alternately, this acknowledgment may appear in the software itself,
	* if and wherever such third-party acknowledgments normally appear.
	*
	* 4. The names "Apache" and "Apache Software Foundation" and
	* "Apache Turbine" must not be used to endorse or promote products
	* derived from this software without prior written permission. For
	* written permission, please contact apache@apache.org.
	*
	* 5. Products derived from this software may not be called "Apache",
	* "Apache Turbine", nor may "Apache" appear in their name, without
	* prior written permission of the Apache Software Foundation.
	*
	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
	* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	* SUCH DAMAGE.
	* ====================================================================
	*
	* This software consists of voluntary contributions made by many
	* individuals on behalf of the Apache Software Foundation. For more
	* information on the Apache Software Foundation, please see
	* <http://www.apache.org/>.
	*/

	import java.io.Serializable;

	import org.apache.turbine.om.security.Group;
	import org.apache.turbine.om.security.Permission;
	import org.apache.turbine.om.security.Role;

	/**
	* This interface describes a control class that makes it
	* easy to find out if a particular User has a given Permission.
	* It also determines if a User has a a particular Role.
	*
	* @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
	* @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
	* @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
	* @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
	* @author <a href="mailto:marco@intermeta.de">Marco Knüttel</a>
	* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
	* @version $Id$
	*/
	public interface AccessControlList
	extends Serializable
	{
	/** The default Session key for the Access Control List */
	public static final java.lang.String SESSION_KEY = "turbine.AccessControlList";

	/**
	* Retrieves a set of Roles an user is assigned in a Group.
	*
	* @param group the Group
	* @return the set of Roles this user has within the Group.
	*/
	RoleSet getRoles(Group group);

	/**
	* Retrieves a set of Roles an user is assigned in the global Group.
	*
	* @return the set of Roles this user has within the global Group.
	*/
	RoleSet getRoles();

	/**
	* Retrieves a set of Permissions an user is assigned in a Group.
	*
	* @param group the Group
	* @return the set of Permissions this user has within the Group.
	*/
	PermissionSet getPermissions(Group group);

	/**
	* Retrieves a set of Permissions an user is assigned in the global Group.
	*
	* @return the set of Permissions this user has within the global Group.
	*/
	PermissionSet getPermissions();

	/**
	* Checks if the user is assigned a specific Role in the Group.
	*
	* @param role the Role
	* @param group the Group
	* @return <code>true</code> if the user is assigned the Role in the Group.
	*/
	boolean hasRole(Role role, Group group);

	/**
	* Checks if the user is assigned a specific Role in any of the given
	* Groups
	*
	* @param role the Role
	* @param groupset a Groupset
	* @return <code>true</code> if the user is assigned the Role in any of
	* the given Groups.
	*/
	boolean hasRole(Role role, GroupSet groupset);

	/**
	* Checks if the user is assigned a specific Role in the Group.
	*
	* @param role the Role
	* @param group the Group
	* @return <code>true</code> if the user is assigned the Role in the Group.
	*/
	boolean hasRole(String role, String group);

	/**
	* Checks if the user is assigned a specifie Role in any of the given
	* Groups
	*
	* @param rolename the name of the Role
	* @param groupset a Groupset
	* @return <code>true</code> if the user is assigned the Role in any of
	* the given Groups.
	*/
	boolean hasRole(String rolename, GroupSet groupset);

	/**
	* Checks if the user is assigned a specific Role in the global Group.
	*
	* @param role the Role
	* @return <code>true</code> if the user is assigned the Role in the global Group.
	*/
	boolean hasRole(Role role);

	/**
	* Checks if the user is assigned a specific Role in the global Group.
	*
	* @param role the Role
	* @return <code>true</code> if the user is assigned the Role in the global Group.
	*/
	boolean hasRole(String role);

	/**
	* Checks if the user is assigned a specific Permission in the Group.
	*
	* @param permission the Permission
	* @param group the Group
	* @return <code>true</code> if the user is assigned the Permission in the Group.
	*/
	boolean hasPermission(Permission permission, Group group);

	/**
	* Checks if the user is assigned a specific Permission in any of the given
	* Groups
	*
	* @param permission the Permission
	* @param groupset a Groupset
	* @return <code>true</code> if the user is assigned the Permission in any
	* of the given Groups.
	*/
	boolean hasPermission(Permission permission, GroupSet groupset);

	/**
	* Checks if the user is assigned a specific Permission in the Group.
	*
	* @param permission the Permission
	* @param group the Group
	* @return <code>true</code> if the user is assigned the Permission in the Group.
	*/
	boolean hasPermission(String permission, String group);

	/**
	* Checks if the user is assigned a specific Permission in the Group.
	*
	* @param permission the Permission
	* @param group the Group
	* @return <code>true</code> if the user is assigned the Permission in the Group.
	*/
	boolean hasPermission(String permission, Group group);

	/**
	* Checks if the user is assigned a specifie Permission in any of the given
	* Groups
	*
	* @param permissionName the name of the Permission
	* @param groupset a Groupset
	* @return <code>true</code> if the user is assigned the Permission in any
	* of the given Groups.
	*/
	boolean hasPermission(String permissionName, GroupSet groupset);

	/**
	* Checks if the user is assigned a specific Permission in the global Group.
	*
	* @param permission the Permission
	* @return <code>true</code> if the user is assigned the Permission in the global Group.
	*/
	boolean hasPermission(Permission permission);

	/**
	* Checks if the user is assigned a specific Permission in the global Group.
	*
	* @param permission the Permission
	* @return <code>true</code> if the user is assigned the Permission in the global Group.
	*/
	boolean hasPermission(String permission);

	/**
	* Returns all groups definded in the system.
	*
	* @return An Array of all defined Groups
	*
	* This is useful for debugging, when you want to display all roles
	* and permissions an user is assigned. This method is needed
	* because you can't call static methods of TurbineSecurity class
	* from within WebMacro/Velocity template
	*/
	Group[] getAllGroups();
	}