View Javadoc

1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.services.security;
18  
19  import java.util.Iterator;
20  
21  import org.apache.turbine.services.Service;
22  import org.apache.jetspeed.om.security.Permission;
23  
24  /***
25   * <p> The <code>PermissionManagement</code> interface describes contract between 
26   * the portal and security provider required for Jetspeed Permission Management.
27   * This interface enables an application to be independent of the underlying 
28   * permission management technology.
29   *
30   * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
31   * @version $Id: PermissionManagement.java,v 1.3 2004/02/23 03:58:11 jford Exp $
32   */
33  
34  public interface PermissionManagement extends Service
35  {
36      public String SERVICE_NAME = "PermissionManagement";
37  
38      /***
39       * Retrieves all <code>Permission</code>s for a given rolename principal.
40       *   
41       * The security service may optionally check the current user context
42       * to determine if the requestor has permission to perform this action.
43       *
44       * @param rolename a role name identity to be retrieved.
45       * @return Iterator over all permissions associated to the role principal.
46       * @exception PermissionException when the security provider has a general failure.
47       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
48       */
49      Iterator getPermissions(String rolename)
50          throws JetspeedSecurityException;
51  
52      /***
53       * Retrieves all <code>Permission</code>s.
54       *   
55       * The security service may optionally check the current user context
56       * to determine if the requestor has permission to perform this action.
57       *
58       * @return Iterator over all permissions.
59       * @exception PermissionException when the security provider has a general failure.
60       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
61       */
62      Iterator getPermissions()
63          throws JetspeedSecurityException;
64  
65      /***
66       * Adds a <code>Permission</code> into permanent storage. 
67       *
68       * The security service may optionally check the current user context
69       * to determine if the requestor has permission to perform this action.
70       *
71       * @exception PermissionException when the security provider has a general failure.
72       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
73       */
74      void addPermission(Permission permission)
75          throws JetspeedSecurityException;
76  
77      /***
78       * Saves a <code>Permission</code> into permanent storage. 
79       *
80       * The security service may optionally check the current user context
81       * to determine if the requestor has permission to perform this action.
82       *
83       * @exception PermissionException when the security provider has a general failure.
84       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
85       */
86      void savePermission(Permission permission)
87          throws JetspeedSecurityException;
88  
89      /***
90       * Removes a <code>Permission</code> from the permanent store.
91       *
92       * The security service may optionally check the current user context
93       * to determine if the requestor has permission to perform this action.
94       *
95       * @param permissionName the principal identity of the permission to be retrieved.
96       * @exception PermissionException when the security provider has a general failure.
97       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
98       */
99      void removePermission(String permissionName)
100         throws JetspeedSecurityException;
101 
102     /***
103      * Grants a permission to a role. 
104      *
105      * The security service may optionally check the current user context
106      * to determine if the requestor has permission to perform this action.
107      *
108      * @param roleName grant a permission to this role.
109      * @param permissionName the permission to grant to the role.
110      * @exception PermissionException when the security provider has a general failure retrieving permissions.
111      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
112      */
113     void grantPermission(String roleName, String permissionName)
114         throws JetspeedSecurityException;
115 
116     /***
117      * Revokes a permission from a role. 
118      *
119      * The security service may optionally check the current user context
120      * to determine if the requestor has permission to perform this action.
121      *
122      * @param roleName grant a permission to this role.
123      * @param permissionName the permission to grant to the role.     
124      * @exception PermissionException when the security provider has a general failure retrieving permissions.
125      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
126      */
127     void revokePermission(String roleName, String permissionName)
128         throws JetspeedSecurityException;
129 
130     /***
131      * Checks for the relationship of role has a permission. Returns true when the role has the given permission.
132      *
133      * The security service may optionally check the current user context
134      * to determine if the requestor has permission to perform this action.
135      *
136      * @param roleName grant a permission to this role.
137      * @param permissionName the permission to grant to the role.    
138      * @exception PermissionException when the security provider has a general failure retrieving permissions.
139      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
140      */
141     boolean hasPermission(String roleName, String permissionName)
142         throws JetspeedSecurityException;
143 
144     /***
145      * Retrieves a single <code>Permission</code> for a given permissionName principal.
146      *   
147      * The security service may optionally check the current user context
148      * to determine if the requestor has permission to perform this action.
149      *
150      * @param permissionName a permission principal identity to be retrieved.
151      * @return Permission the permission record retrieved.
152      * @exception PermissionException when the security provider has a general failure.
153      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
154      */
155     Permission getPermission(String permissionName)
156         throws JetspeedSecurityException;
157 
158 }
159 
160 
161 
162 
163 
164 
165 
166 
167 
168