AuthorizationManager xref

View Javadoc

1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.core.authorization.manager;
29  
30  import java.security.Permission;
31  import java.security.Principal;
32  import java.util.Collection;
33  import java.util.List;
34  import java.util.Set;
35  
36  import net.sf.jguard.core.authorization.AuthorizationException;
37  
38  import net.sf.jguard.core.authorization.permissions.Domain;
39  import net.sf.jguard.core.authorization.permissions.JGPermissionCollection;
40  
41  
42  /**
43   * retrieve user's permissions.
44   * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
45   * @author <a href="mailto:vinipitta@users.sourceforge.net">Vinicius Pitta Lima de Araujo</a>
46   * @author <a href="mailto:tandilero@users.sourceforge.net">Maximiliano Batelli</a>
47   */
48  public interface AuthorizationManager extends PermissionProvider {
49  
50  	
51      /**
52       * return needed initialization parameters.
53       * @return parameters list.
54       */
55      public  List getInitParameters();
56  
57      
58  
59      /**
60       * create an URLPermission giving a url and a domain
61       * @param url
62       * @param domainName
63       * @throws AuthorizationException
64       */
65      public void createPermission(Permission url,String domainName) throws AuthorizationException;
66  
67      public Permission readPermission(String permissionName)throws AuthorizationException;
68  
69      public void updatePermission (String oldPermissionName, Permission url,String newDomainName) throws AuthorizationException;
70  
71      public void deletePermission (String permissionName)throws AuthorizationException;
72  
73      public JGPermissionCollection listPermissions();
74  
75      public void createDomain(String domainName) throws AuthorizationException;
76  
77      public JGPermissionCollection readDomain(String domainName)throws AuthorizationException;
78  
79      public void updateDomain (String newName,String oldName) throws AuthorizationException;
80  
81      public void deleteDomain (String domainName)throws AuthorizationException;
82  
83      public Set listDomains()throws AuthorizationException;
84  
85      public void createPrincipal(Principal principal)throws AuthorizationException;
86  
87      /**
88       * Clone a Principal with a random name
89       * @param roleName Principal name to clone
90       * @return cloned Principal with a different name: roleName + Random integer betweeen 0 and 99999
91       * @throws AuthorizationException
92       */
93      public Principal clonePrincipal(String roleName) throws AuthorizationException;
94      /**
95       * Clone a Principal. If Principal is instance of RolePrincipal makes a call to the clone method leting the clone task to RolePrincipal
96       * @param roleName Principal name to clone
97       * @param cloneName Principal cloned name
98       * @return cloned Principal with the given cloneName
99       * @throws AuthorizationException
100      */
101     public Principal clonePrincipal(String roleName, String cloneName) throws AuthorizationException;
102 
103     public Principal readPrincipal(String roleName)throws AuthorizationException;
104 
105     /**
106      * update the application Principal (role).
107      * @param oldPrincipalName the name the principal had
108      * @param principal the new principal updated
109      * @see net.sf.jguard.ext.authorization.manager.AuthorizationManager#updatePrincipal(net.sf.jguard.core.principals.RolePrincipal)
110      * @throws AuthorizationException
111      */
112     public void updatePrincipal(String oldPrincipalName, Principal principal) throws AuthorizationException;
113 
114     public void deletePrincipal (Principal principal)throws AuthorizationException;
115 
116     public Set listPrincipals();
117 
118     public Set getDomains (Collection domainNames);
119 
120     public Set getPermissions (Collection permissionNames);
121 
122     public void addToPrincipal(String roleName, Permission perm)throws AuthorizationException;
123 
124     public void addToPrincipal(String roleName, Domain domain)throws AuthorizationException;
125 
126     /* RBAC Role General Hierarchical model specific methods */
127 
128     /**
129      * This commands establishes a new immediate inheritance relationship
130      * between the existing principals roleAsc and the roleDesc.
131      * The command is valid if and only if the role roleAsc is not an immediate
132      * ascendant of roleDesc, and descendant does
133      * not properly inherit roleAsc role (in order to avoid cycle creation).
134      *
135      * @param roleAscName  the role that will inherite.
136      * @param roleDescName the role that will be inherited.
137      * @throws AuthorizationException if the inheritance already exists or create a cycle.
138      */
139     public void addInheritance(String roleAscName, String roleDescName) throws AuthorizationException;
140 
141     /**
142      * Delete the existing inheritance beteween roleAsc and roleDesc.
143      *
144      * @param roleAscName
145      * @param roleDescName
146      * @throws AuthorizationException
147      */
148     public void deleteInheritance(String roleAscName, String roleDescName) throws AuthorizationException;
149 
150     /**
151      * replace the inital principal with the new one.
152      * @param principal RolePrincipal updated
153      * @throws AuthorizationException
154      * @see net.sf.jguard.ext.authorization.manager.AuthorizationManager#updatePrincipal(net.sf.jguard.core.principals.RolePrincipal)
155      */
156     public void updatePrincipal(Principal principal) throws AuthorizationException;
157 
158 
159     /**
160      * return an unmodifiable Domain Set.
161      * @return
162      */
163 	public Set getDomainsSet();
164 
165     /**
166      * return an unmodifiable Principal Set.
167      * @return
168      */
169 	public Set getPrincipalsSet();
170 
171 	/**
172      * return an unmodifiable Permissions Set.
173      * @return
174      */
175 	public Set getPermissionsSet();
176 
177        public boolean isEmpty();
178 	 
179       public void importAuthorizationManager(AuthorizationManager authorizationManager)throws AuthorizationException;
180       
181       /**
182        * define the name of the <strong>current</strong> application which holds this 
183        * AuthorizationManager.
184        */
185       public String getApplicationName();
186 }