Coverage Report - pt.digitalis.dif.controller.security.managers.IAuthorizationManager
 
Classes in this File Line Coverage Branch Coverage Complexity
IAuthorizationManager
N/A
N/A
1
 
 1  
 /**
 2  
  * 2007, Digitalis Informatica. All rights reserved. Distribuicao e Gestao de Informatica, Lda. Estrada de Paco de Arcos
 3  
  * num.9 - Piso -1 2780-666 Paco de Arcos Telefone: (351) 21 4408990 Fax: (351) 21 4408999 http://www.digitalis.pt
 4  
  */
 5  
 
 6  
 package pt.digitalis.dif.controller.security.managers;
 7  
 
 8  
 import java.util.List;
 9  
 
 10  
 import pt.digitalis.dif.controller.security.objects.ACLEntry;
 11  
 import pt.digitalis.dif.controller.security.objects.IDIFGroup;
 12  
 import pt.digitalis.dif.controller.security.objects.IDIFUser;
 13  
 import pt.digitalis.dif.dem.Entity;
 14  
 import pt.digitalis.dif.dem.interfaces.IApplication;
 15  
 import pt.digitalis.dif.dem.interfaces.IService;
 16  
 import pt.digitalis.dif.dem.interfaces.IStage;
 17  
 import pt.digitalis.dif.exception.security.AuthorizationManagerException;
 18  
 
 19  
 /**
 20  
  * Defines the behavior for an authorization manager.
 21  
  * 
 22  
  * @author Rodrigo Gonçalves <a href="mailto:rgoncalves@digitalis.pt">rgoncalves@digitalis.pt</a><br/>
 23  
  * @author Pedro Viegas <a href="mailto:pviegas@digitalis.pt">pviegas@digitalis.pt</a><br/>
 24  
  * @created 2007/12/03
 25  
  */
 26  
 public interface IAuthorizationManager {
 27  
 
 28  
     /**
 29  
      * Adds an ACL to the manager repository
 30  
      * 
 31  
      * @param entry
 32  
      *            the entry
 33  
      * @return T if the operation was successful
 34  
      * @throws AuthorizationManagerException
 35  
      *             if a resource needed for adding authorization credentials can't be accessed
 36  
      */
 37  
     public boolean addACLEntry(ACLEntry entry) throws AuthorizationManagerException;
 38  
 
 39  
     /**
 40  
      * Returns the ACL by application.
 41  
      * 
 42  
      * @param applicationID
 43  
      *            the application id
 44  
      * @return the application ACL
 45  
      */
 46  
     public List<ACLEntry> findACLEntriesByApplication(String applicationID);
 47  
 
 48  
     /**
 49  
      * Returns the group ACL.
 50  
      * 
 51  
      * @param groupID
 52  
      *            the group id
 53  
      * @return the group ACL
 54  
      */
 55  
     public List<ACLEntry> findACLEntriesByGroup(String groupID);
 56  
 
 57  
     /**
 58  
      * Returns ACL by provider.
 59  
      * 
 60  
      * @param provider
 61  
      *            the provider id
 62  
      * @return the provider ACL
 63  
      */
 64  
     public List<ACLEntry> findACLEntriesByProvider(String provider);
 65  
 
 66  
     /**
 67  
      * Returns the ACL by service.
 68  
      * 
 69  
      * @param serviceID
 70  
      *            the service id
 71  
      * @return the service ACL
 72  
      */
 73  
     public List<ACLEntry> findACLEntriesByService(String serviceID);
 74  
 
 75  
     /**
 76  
      * Returns the ACL by stage.
 77  
      * 
 78  
      * @param stageID
 79  
      *            the stage id
 80  
      * @return the stage ACL
 81  
      */
 82  
     public List<ACLEntry> findACLEntriesByStage(String stageID);
 83  
 
 84  
     /**
 85  
      * Returns the user ACL.
 86  
      * 
 87  
      * @param userID
 88  
      *            the user id
 89  
      * @return the user ACL
 90  
      */
 91  
     public List<ACLEntry> findACLEntriesByUser(String userID);
 92  
 
 93  
     /**
 94  
      * Returns the user ACL, inheriting the ACL's from groups as well.
 95  
      * 
 96  
      * @param userID
 97  
      *            the user id
 98  
      * @return the user ACL
 99  
      * @throws AuthorizationManagerException
 100  
      */
 101  
     public List<ACLEntry> findACLEntriesByUserInherited(String userID) throws AuthorizationManagerException;
 102  
 
 103  
     /**
 104  
      * Returns the public ACL.
 105  
      * 
 106  
      * @return the public ACL
 107  
      */
 108  
     public List<ACLEntry> findPublicACLEntries();
 109  
 
 110  
     /**
 111  
      * Grants a group with access to a given stage.
 112  
      * 
 113  
      * @param groupID
 114  
      *            the id of the group to grant access
 115  
      * @param entityType
 116  
      *            the entity type
 117  
      * @param entityID
 118  
      *            the entity ID
 119  
      * @return T if access was granted, F otherwise.
 120  
      * @throws AuthorizationManagerException
 121  
      *             if a resource needed for checking authorization credentials can't be accessed
 122  
      */
 123  
     public boolean grantAccessToGroup(String groupID, Entity entityType, String entityID)
 124  
             throws AuthorizationManagerException;
 125  
 
 126  
     /**
 127  
      * Grants the public with access to a given stage.
 128  
      * 
 129  
      * @param entityType
 130  
      *            the entity type
 131  
      * @param entityID
 132  
      *            the entity ID
 133  
      * @return T if access was granted, F otherwise.
 134  
      * @throws AuthorizationManagerException
 135  
      *             if a resource needed for checking authorization credentials can't be accessed
 136  
      */
 137  
     public boolean grantAccessToPublic(Entity entityType, String entityID) throws AuthorizationManagerException;
 138  
 
 139  
     /**
 140  
      * Grants a user with access to a given stage.
 141  
      * 
 142  
      * @param userID
 143  
      *            the id of the user to grant access
 144  
      * @param entityType
 145  
      *            the entity type
 146  
      * @param entityID
 147  
      *            the entity ID
 148  
      * @return T if access was granted, F otherwise.
 149  
      * @throws AuthorizationManagerException
 150  
      *             if a resource needed for granting authorization credentials can't be accessed
 151  
      */
 152  
     public boolean grantAccessToUser(String userID, Entity entityType, String entityID)
 153  
             throws AuthorizationManagerException;
 154  
 
 155  
     /**
 156  
      * Grants a group with default access to a given stage.
 157  
      * 
 158  
      * @param groupID
 159  
      *            the id of the group to grant access
 160  
      * @param entityType
 161  
      *            the entity type
 162  
      * @param entityID
 163  
      *            the entity ID
 164  
      * @return T if access was granted, F otherwise.
 165  
      * @throws AuthorizationManagerException
 166  
      *             if a resource needed for checking authorization credentials can't be accessed
 167  
      */
 168  
     public boolean grantDefaultAccessToGroup(String groupID, Entity entityType, String entityID)
 169  
             throws AuthorizationManagerException;
 170  
 
 171  
     /**
 172  
      * Grants a user with default access to a given stage.
 173  
      * 
 174  
      * @param userID
 175  
      *            the id of the user to grant access
 176  
      * @param entityType
 177  
      *            the entity type
 178  
      * @param entityID
 179  
      *            the entity ID
 180  
      * @return T if access was granted, F otherwise.
 181  
      * @throws AuthorizationManagerException
 182  
      *             if a resource needed for granting authorization credentials can't be accessed
 183  
      */
 184  
     public boolean grantDefaultAccessToUser(String userID, Entity entityType, String entityID)
 185  
             throws AuthorizationManagerException;
 186  
 
 187  
     /**
 188  
      * Grants with default public access to a given stage.
 189  
      * 
 190  
      * @param entityType
 191  
      *            the entity type
 192  
      * @param entityID
 193  
      *            the entity ID
 194  
      * @return T if the operation was successful
 195  
      * @throws AuthorizationManagerException
 196  
      *             if a resource needed for granting authorization credentials can't be accessed
 197  
      */
 198  
     public boolean grantDefaultPublicAccess(Entity entityType, String entityID) throws AuthorizationManagerException;
 199  
 
 200  
     /**
 201  
      * Checks if a group can access a given stage.
 202  
      * 
 203  
      * @param group
 204  
      *            the group to grant access
 205  
      * @param entityType
 206  
      *            the entity type
 207  
      * @param entityID
 208  
      *            the entity ID
 209  
      * @return T if the group can access the stage, F otherwise
 210  
      * @throws AuthorizationManagerException
 211  
      *             if a needed resource for authorization checking can't be found
 212  
      */
 213  
     public boolean hasAccessGroup(IDIFGroup group, Entity entityType, String entityID)
 214  
             throws AuthorizationManagerException;
 215  
 
 216  
     /**
 217  
      * Checks if the group can access a given application. Will parse the DEM for inherited grants
 218  
      * 
 219  
      * @param group
 220  
      *            the group to grant access
 221  
      * @param application
 222  
      *            the application to check
 223  
      * @return T if the user can access the application, F otherwise
 224  
      * @throws AuthorizationManagerException
 225  
      *             if a resource needed for checking authorization credentials can't be accessed
 226  
      */
 227  
     public boolean hasAccessGroup(IDIFGroup group, IApplication application) throws AuthorizationManagerException;
 228  
 
 229  
     /**
 230  
      * Checks if the group can access a given service. Will parse the DEM for inherited grants
 231  
      * 
 232  
      * @param group
 233  
      *            the group to grant access
 234  
      * @param service
 235  
      *            the service to check
 236  
      * @return T if the user can access the service, F otherwise
 237  
      * @throws AuthorizationManagerException
 238  
      *             if a resource needed for checking authorization credentials can't be accessed
 239  
      */
 240  
     public boolean hasAccessGroup(IDIFGroup group, IService service) throws AuthorizationManagerException;
 241  
 
 242  
     /**
 243  
      * Checks if a group can access to a given stage.
 244  
      * 
 245  
      * @param group
 246  
      *            the group to grant access
 247  
      * @param stage
 248  
      *            the stage to check
 249  
      * @return T if the group can access the stage, F otherwise
 250  
      * @throws AuthorizationManagerException
 251  
      *             if a needed resource for authorization checking can't be found
 252  
      */
 253  
     public boolean hasAccessGroup(IDIFGroup group, IStage stage) throws AuthorizationManagerException;
 254  
 
 255  
     /**
 256  
      * Checks if the public can access to a given entity identified with a type and ID.
 257  
      * 
 258  
      * @param entityType
 259  
      *            the entity type
 260  
      * @param entityID
 261  
      *            the entity ID
 262  
      * @return T if the user can access the stage, F otherwise
 263  
      */
 264  
     public boolean hasAccessPublic(Entity entityType, String entityID);
 265  
 
 266  
     /**
 267  
      * Checks if the public can access a given application.
 268  
      * 
 269  
      * @param application
 270  
      *            the application to check
 271  
      * @return T if the public can access the application, F otherwise
 272  
      */
 273  
     public boolean hasAccessPublic(IApplication application);
 274  
 
 275  
     /**
 276  
      * Checks if the public can access a given service.
 277  
      * 
 278  
      * @param service
 279  
      *            the stage to check
 280  
      * @return T if the public can access the service, F otherwise
 281  
      */
 282  
     public boolean hasAccessPublic(IService service);
 283  
 
 284  
     /**
 285  
      * Checks if the public can access a given stage.
 286  
      * 
 287  
      * @param stage
 288  
      *            the stage to check
 289  
      * @return T if the public can access the stage, F otherwise
 290  
      */
 291  
     public boolean hasAccessPublic(IStage stage);
 292  
 
 293  
     /**
 294  
      * Checks if a user can access to a given entity identified with a type and ID.
 295  
      * 
 296  
      * @param user
 297  
      *            the the user to check access
 298  
      * @param entityType
 299  
      *            the entity type
 300  
      * @param entityID
 301  
      *            the entity ID
 302  
      * @return T if the user can access the stage, F otherwise
 303  
      * @throws AuthorizationManagerException
 304  
      *             if a resource needed for checking authorization credentials can't be accessed
 305  
      */
 306  
     public boolean hasAccessUser(IDIFUser user, Entity entityType, String entityID)
 307  
             throws AuthorizationManagerException;
 308  
 
 309  
     /**
 310  
      * Checks if the user can access a given application. Will parse the DEM for inherited grants
 311  
      * 
 312  
      * @param user
 313  
      *            the user to check access
 314  
      * @param application
 315  
      *            the application to check
 316  
      * @return T if the user can access the application, F otherwise
 317  
      * @throws AuthorizationManagerException
 318  
      *             if a resource needed for checking authorization credentials can't be accessed
 319  
      */
 320  
     public boolean hasAccessUser(IDIFUser user, IApplication application) throws AuthorizationManagerException;
 321  
 
 322  
     /**
 323  
      * Checks if the user can access a given service. Will parse the DEM for inherited grants
 324  
      * 
 325  
      * @param user
 326  
      *            the user to check access
 327  
      * @param service
 328  
      *            the service to check
 329  
      * @return T if the user can access the service, F otherwise
 330  
      * @throws AuthorizationManagerException
 331  
      *             if a resource needed for checking authorization credentials can't be accessed
 332  
      */
 333  
     public boolean hasAccessUser(IDIFUser user, IService service) throws AuthorizationManagerException;
 334  
 
 335  
     /**
 336  
      * Checks if the user can access a given stage. Will parse the DEM for inherited grants
 337  
      * 
 338  
      * @param user
 339  
      *            the user to check access
 340  
      * @param stage
 341  
      *            the stage to check
 342  
      * @return T if the user can access the stage, F otherwise
 343  
      * @throws AuthorizationManagerException
 344  
      *             if a resource needed for checking authorization credentials can't be accessed
 345  
      */
 346  
     public boolean hasAccessUser(IDIFUser user, IStage stage) throws AuthorizationManagerException;
 347  
 
 348  
     /**
 349  
      * Revokes the access of a group to a given stage.
 350  
      * 
 351  
      * @param groupID
 352  
      *            the id of the group to revoke access
 353  
      * @param entityType
 354  
      *            the entity type
 355  
      * @param entityID
 356  
      *            the entity ID
 357  
      * @return T if access was revoked, F otherwise.
 358  
      */
 359  
     public boolean revokeAccessFromGroup(String groupID, Entity entityType, String entityID);
 360  
 
 361  
     /**
 362  
      * Revokes the public access to a given stage. AccessControl
 363  
      * 
 364  
      * @param entityType
 365  
      *            the entity type
 366  
      * @param entityID
 367  
      *            the entity ID
 368  
      * @return T if access was revoked, F otherwise.
 369  
      */
 370  
     public boolean revokeAccessFromPublic(Entity entityType, String entityID);
 371  
 
 372  
     /**
 373  
      * Revokes the access of a user to a given stage.
 374  
      * 
 375  
      * @param userID
 376  
      *            the id of the user to revoke access
 377  
      * @param entityType
 378  
      *            the entity type
 379  
      * @param entityID
 380  
      *            the entity ID
 381  
      * @return T if access was revoked, F otherwise.
 382  
      */
 383  
     public boolean revokeAccessFromUser(String userID, Entity entityType, String entityID);
 384  
 
 385  
     /**
 386  
      * Removes an ACL from the manager repository
 387  
      * 
 388  
      * @param entry
 389  
      *            the entry
 390  
      * @return T if the operation was successful
 391  
      */
 392  
     public boolean revokeACLEntry(ACLEntry entry);
 393  
 
 394  
     /**
 395  
      * Revokes the access of a group to all entities.
 396  
      * 
 397  
      * @param groupID
 398  
      *            the id of the group to revoke access
 399  
      * @return T if access was revoked, F otherwise.
 400  
      */
 401  
     public boolean revokeAllAccessFromGroup(String groupID);
 402  
 
 403  
     /**
 404  
      * Revokes the access of a user to all entities.
 405  
      * 
 406  
      * @param userID
 407  
      *            the id of the user to revoke access
 408  
      * @return T if access was revoked, F otherwise.
 409  
      */
 410  
     public boolean revokeAllAccessFromUser(String userID);
 411  
 }