1/*2 * Copyright 2000-2001,2004 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 */1617packageorg.apache.jetspeed.services.security;
1819import java.util.Iterator;
2021import org.apache.turbine.services.Service;
22import org.apache.jetspeed.om.security.Permission;
2324/***25 * <p> The <code>PermissionManagement</code> interface describes contract between 26 * the portal and security provider required for Jetspeed Permission Management.27 * This interface enables an application to be independent of the underlying 28 * permission management technology.29 *30 * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>31 * @version $Id: PermissionManagement.java,v 1.3 2004/02/23 03:58:11 jford Exp $32 */3334publicinterfacePermissionManagementextends Service
35 {
36public String SERVICE_NAME = "PermissionManagement";
3738/***39 * Retrieves all <code>Permission</code>s for a given rolename principal.40 * 41 * The security service may optionally check the current user context42 * to determine if the requestor has permission to perform this action.43 *44 * @param rolename a role name identity to be retrieved.45 * @return Iterator over all permissions associated to the role principal.46 * @exception PermissionException when the security provider has a general failure.47 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 48 */49 Iterator getPermissions(String rolename)
50 throws JetspeedSecurityException;
5152/***53 * Retrieves all <code>Permission</code>s.54 * 55 * The security service may optionally check the current user context56 * to determine if the requestor has permission to perform this action.57 *58 * @return Iterator over all permissions.59 * @exception PermissionException when the security provider has a general failure.60 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 61 */62 Iterator getPermissions()
63 throws JetspeedSecurityException;
6465/***66 * Adds a <code>Permission</code> into permanent storage. 67 *68 * The security service may optionally check the current user context69 * to determine if the requestor has permission to perform this action.70 *71 * @exception PermissionException when the security provider has a general failure.72 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 73 */74void addPermission(Permission permission)
75 throws JetspeedSecurityException;
7677/***78 * Saves a <code>Permission</code> into permanent storage. 79 *80 * The security service may optionally check the current user context81 * to determine if the requestor has permission to perform this action.82 *83 * @exception PermissionException when the security provider has a general failure.84 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 85 */86void savePermission(Permission permission)
87 throws JetspeedSecurityException;
8889/***90 * Removes a <code>Permission</code> from the permanent store.91 *92 * The security service may optionally check the current user context93 * to determine if the requestor has permission to perform this action.94 *95 * @param permissionName the principal identity of the permission to be retrieved.96 * @exception PermissionException when the security provider has a general failure.97 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 98 */99void removePermission(String permissionName)
100 throws JetspeedSecurityException;
101102/***103 * Grants a permission to a role. 104 *105 * The security service may optionally check the current user context106 * to determine if the requestor has permission to perform this action.107 *108 * @param roleName grant a permission to this role.109 * @param permissionName the permission to grant to the role.110 * @exception PermissionException when the security provider has a general failure retrieving permissions.111 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 112 */113void grantPermission(String roleName, String permissionName)
114 throws JetspeedSecurityException;
115116/***117 * Revokes a permission from a role. 118 *119 * The security service may optionally check the current user context120 * to determine if the requestor has permission to perform this action.121 *122 * @param roleName grant a permission to this role.123 * @param permissionName the permission to grant to the role. 124 * @exception PermissionException when the security provider has a general failure retrieving permissions.125 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 126 */127void revokePermission(String roleName, String permissionName)
128 throws JetspeedSecurityException;
129130/***131 * Checks for the relationship of role has a permission. Returns true when the role has the given permission.132 *133 * The security service may optionally check the current user context134 * to determine if the requestor has permission to perform this action.135 *136 * @param roleName grant a permission to this role.137 * @param permissionName the permission to grant to the role. 138 * @exception PermissionException when the security provider has a general failure retrieving permissions.139 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 140 */141boolean hasPermission(String roleName, String permissionName)
142 throws JetspeedSecurityException;
143144/***145 * Retrieves a single <code>Permission</code> for a given permissionName principal.146 * 147 * The security service may optionally check the current user context148 * to determine if the requestor has permission to perform this action.149 *150 * @param permissionName a permission principal identity to be retrieved.151 * @return Permission the permission record retrieved.152 * @exception PermissionException when the security provider has a general failure.153 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 154 */155Permission getPermission(String permissionName)
156 throws JetspeedSecurityException;
157158 }
159160161162163164165166167168