pt.digitalis.dif.controller.security.managers
Interface IAuthorizationManager

All Known Implementing Classes:
AbstractAuthorizationManagerImpl, AuthorizationManagerStaticImpl

public interface IAuthorizationManager

Defines the behavior for an authorization manager.

Author:
Rodrigo Gonçalves rgoncalves@digitalis.pt
, Pedro Viegas pviegas@digitalis.pt
Created on:
2007/12/03

Method Summary
 boolean addACLEntry(ACLEntry entry)
          Adds an ACL to the manager repository
 List<ACLEntry> findACLEntriesByApplication(String applicationID)
          Returns the ACL by application.
 List<ACLEntry> findACLEntriesByGroup(String groupID)
          Returns the group ACL.
 List<ACLEntry> findACLEntriesByProvider(String provider)
          Returns ACL by provider.
 List<ACLEntry> findACLEntriesByService(String serviceID)
          Returns the ACL by service.
 List<ACLEntry> findACLEntriesByStage(String stageID)
          Returns the ACL by stage.
 List<ACLEntry> findACLEntriesByUser(String userID)
          Returns the user ACL.
 List<ACLEntry> findACLEntriesByUserInherited(String userID)
          Returns the user ACL, inheriting the ACL's from groups as well.
 List<ACLEntry> findPublicACLEntries()
          Returns the public ACL.
 boolean grantAccessToGroup(String groupID, Entity entityType, String entityID)
          Grants a group with access to a given stage.
 boolean grantAccessToPublic(Entity entityType, String entityID)
          Grants the public with access to a given stage.
 boolean grantAccessToUser(String userID, Entity entityType, String entityID)
          Grants a user with access to a given stage.
 boolean grantDefaultAccessToGroup(String groupID, Entity entityType, String entityID)
          Grants a group with default access to a given stage.
 boolean grantDefaultAccessToUser(String userID, Entity entityType, String entityID)
          Grants a user with default access to a given stage.
 boolean grantDefaultPublicAccess(Entity entityType, String entityID)
          Grants with default public access to a given stage.
 boolean hasAccessGroup(IDIFGroup group, Entity entityType, String entityID)
          Checks if a group can access a given stage.
 boolean hasAccessGroup(IDIFGroup group, IApplication application)
          Checks if the group can access a given application.
 boolean hasAccessGroup(IDIFGroup group, IService service)
          Checks if the group can access a given service.
 boolean hasAccessGroup(IDIFGroup group, IStage stage)
          Checks if a group can access to a given stage.
 boolean hasAccessPublic(Entity entityType, String entityID)
          Checks if the public can access to a given entity identified with a type and ID.
 boolean hasAccessPublic(IApplication application)
          Checks if the public can access a given application.
 boolean hasAccessPublic(IService service)
          Checks if the public can access a given service.
 boolean hasAccessPublic(IStage stage)
          Checks if the public can access a given stage.
 boolean hasAccessUser(IDIFUser user, Entity entityType, String entityID)
          Checks if a user can access to a given entity identified with a type and ID.
 boolean hasAccessUser(IDIFUser user, IApplication application)
          Checks if the user can access a given application.
 boolean hasAccessUser(IDIFUser user, IService service)
          Checks if the user can access a given service.
 boolean hasAccessUser(IDIFUser user, IStage stage)
          Checks if the user can access a given stage.
 boolean revokeAccessFromGroup(String groupID, Entity entityType, String entityID)
          Revokes the access of a group to a given stage.
 boolean revokeAccessFromPublic(Entity entityType, String entityID)
          Revokes the public access to a given stage.
 boolean revokeAccessFromUser(String userID, Entity entityType, String entityID)
          Revokes the access of a user to a given stage.
 boolean revokeACLEntry(ACLEntry entry)
          Removes an ACL from the manager repository
 boolean revokeAllAccessFromGroup(String groupID)
          Revokes the access of a group to all entities.
 boolean revokeAllAccessFromUser(String userID)
          Revokes the access of a user to all entities.
 

Method Detail

addACLEntry

boolean addACLEntry(ACLEntry entry)
                    throws AuthorizationManagerException
Adds an ACL to the manager repository

Parameters:
entry - the entry
Returns:
T if the operation was successful
Throws:
AuthorizationManagerException - if a resource needed for adding authorization credentials can't be accessed

findACLEntriesByApplication

List<ACLEntry> findACLEntriesByApplication(String applicationID)
Returns the ACL by application.

Parameters:
applicationID - the application id
Returns:
the application ACL

findACLEntriesByGroup

List<ACLEntry> findACLEntriesByGroup(String groupID)
Returns the group ACL.

Parameters:
groupID - the group id
Returns:
the group ACL

findACLEntriesByProvider

List<ACLEntry> findACLEntriesByProvider(String provider)
Returns ACL by provider.

Parameters:
provider - the provider id
Returns:
the provider ACL

findACLEntriesByService

List<ACLEntry> findACLEntriesByService(String serviceID)
Returns the ACL by service.

Parameters:
serviceID - the service id
Returns:
the service ACL

findACLEntriesByStage

List<ACLEntry> findACLEntriesByStage(String stageID)
Returns the ACL by stage.

Parameters:
stageID - the stage id
Returns:
the stage ACL

findACLEntriesByUser

List<ACLEntry> findACLEntriesByUser(String userID)
Returns the user ACL.

Parameters:
userID - the user id
Returns:
the user ACL

findACLEntriesByUserInherited

List<ACLEntry> findACLEntriesByUserInherited(String userID)
                                             throws AuthorizationManagerException
Returns the user ACL, inheriting the ACL's from groups as well.

Parameters:
userID - the user id
Returns:
the user ACL
Throws:
AuthorizationManagerException

findPublicACLEntries

List<ACLEntry> findPublicACLEntries()
Returns the public ACL.

Returns:
the public ACL

grantAccessToGroup

boolean grantAccessToGroup(String groupID,
                           Entity entityType,
                           String entityID)
                           throws AuthorizationManagerException
Grants a group with access to a given stage.

Parameters:
groupID - the id of the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

grantAccessToPublic

boolean grantAccessToPublic(Entity entityType,
                            String entityID)
                            throws AuthorizationManagerException
Grants the public with access to a given stage.

Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

grantAccessToUser

boolean grantAccessToUser(String userID,
                          Entity entityType,
                          String entityID)
                          throws AuthorizationManagerException
Grants a user with access to a given stage.

Parameters:
userID - the id of the user to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed

grantDefaultAccessToGroup

boolean grantDefaultAccessToGroup(String groupID,
                                  Entity entityType,
                                  String entityID)
                                  throws AuthorizationManagerException
Grants a group with default access to a given stage.

Parameters:
groupID - the id of the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

grantDefaultAccessToUser

boolean grantDefaultAccessToUser(String userID,
                                 Entity entityType,
                                 String entityID)
                                 throws AuthorizationManagerException
Grants a user with default access to a given stage.

Parameters:
userID - the id of the user to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was granted, F otherwise.
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed

grantDefaultPublicAccess

boolean grantDefaultPublicAccess(Entity entityType,
                                 String entityID)
                                 throws AuthorizationManagerException
Grants with default public access to a given stage.

Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if the operation was successful
Throws:
AuthorizationManagerException - if a resource needed for granting authorization credentials can't be accessed

hasAccessGroup

boolean hasAccessGroup(IDIFGroup group,
                       Entity entityType,
                       String entityID)
                       throws AuthorizationManagerException
Checks if a group can access a given stage.

Parameters:
group - the group to grant access
entityType - the entity type
entityID - the entity ID
Returns:
T if the group can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a needed resource for authorization checking can't be found

hasAccessGroup

boolean hasAccessGroup(IDIFGroup group,
                       IApplication application)
                       throws AuthorizationManagerException
Checks if the group can access a given application. Will parse the DEM for inherited grants

Parameters:
group - the group to grant access
application - the application to check
Returns:
T if the user can access the application, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

hasAccessGroup

boolean hasAccessGroup(IDIFGroup group,
                       IService service)
                       throws AuthorizationManagerException
Checks if the group can access a given service. Will parse the DEM for inherited grants

Parameters:
group - the group to grant access
service - the service to check
Returns:
T if the user can access the service, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

hasAccessGroup

boolean hasAccessGroup(IDIFGroup group,
                       IStage stage)
                       throws AuthorizationManagerException
Checks if a group can access to a given stage.

Parameters:
group - the group to grant access
stage - the stage to check
Returns:
T if the group can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a needed resource for authorization checking can't be found

hasAccessPublic

boolean hasAccessPublic(Entity entityType,
                        String entityID)
Checks if the public can access to a given entity identified with a type and ID.

Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise

hasAccessPublic

boolean hasAccessPublic(IApplication application)
Checks if the public can access a given application.

Parameters:
application - the application to check
Returns:
T if the public can access the application, F otherwise

hasAccessPublic

boolean hasAccessPublic(IService service)
Checks if the public can access a given service.

Parameters:
service - the stage to check
Returns:
T if the public can access the service, F otherwise

hasAccessPublic

boolean hasAccessPublic(IStage stage)
Checks if the public can access a given stage.

Parameters:
stage - the stage to check
Returns:
T if the public can access the stage, F otherwise

hasAccessUser

boolean hasAccessUser(IDIFUser user,
                      Entity entityType,
                      String entityID)
                      throws AuthorizationManagerException
Checks if a user can access to a given entity identified with a type and ID.

Parameters:
user - the the user to check access
entityType - the entity type
entityID - the entity ID
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

hasAccessUser

boolean hasAccessUser(IDIFUser user,
                      IApplication application)
                      throws AuthorizationManagerException
Checks if the user can access a given application. Will parse the DEM for inherited grants

Parameters:
user - the user to check access
application - the application to check
Returns:
T if the user can access the application, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

hasAccessUser

boolean hasAccessUser(IDIFUser user,
                      IService service)
                      throws AuthorizationManagerException
Checks if the user can access a given service. Will parse the DEM for inherited grants

Parameters:
user - the user to check access
service - the service to check
Returns:
T if the user can access the service, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

hasAccessUser

boolean hasAccessUser(IDIFUser user,
                      IStage stage)
                      throws AuthorizationManagerException
Checks if the user can access a given stage. Will parse the DEM for inherited grants

Parameters:
user - the user to check access
stage - the stage to check
Returns:
T if the user can access the stage, F otherwise
Throws:
AuthorizationManagerException - if a resource needed for checking authorization credentials can't be accessed

revokeAccessFromGroup

boolean revokeAccessFromGroup(String groupID,
                              Entity entityType,
                              String entityID)
Revokes the access of a group to a given stage.

Parameters:
groupID - the id of the group to revoke access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.

revokeAccessFromPublic

boolean revokeAccessFromPublic(Entity entityType,
                               String entityID)
Revokes the public access to a given stage. AccessControl

Parameters:
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.

revokeAccessFromUser

boolean revokeAccessFromUser(String userID,
                             Entity entityType,
                             String entityID)
Revokes the access of a user to a given stage.

Parameters:
userID - the id of the user to revoke access
entityType - the entity type
entityID - the entity ID
Returns:
T if access was revoked, F otherwise.

revokeACLEntry

boolean revokeACLEntry(ACLEntry entry)
Removes an ACL from the manager repository

Parameters:
entry - the entry
Returns:
T if the operation was successful

revokeAllAccessFromGroup

boolean revokeAllAccessFromGroup(String groupID)
Revokes the access of a group to all entities.

Parameters:
groupID - the id of the group to revoke access
Returns:
T if access was revoked, F otherwise.

revokeAllAccessFromUser

boolean revokeAllAccessFromUser(String userID)
Revokes the access of a user to all entities.

Parameters:
userID - the id of the user to revoke access
Returns:
T if access was revoked, F otherwise.


Copyright © 2014 Digitalis Informática Lda. All Rights Reserved.