AuthorizationRule (/security 0.2.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.wamblee.security.authorization
Interface AuthorizationRule

All Superinterfaces:: Persistent

All Known Implementing Classes:: UrlAuthorizationRule

public interface AuthorizationRule
extends Persistent
extends Persistent

Represents an authorization rule to determine whether an operation is allowed on a resource.

Author:: Erik Brakkee

Method Summary
`java.lang.Class[]`	`getSupportedTypes()` Returns the supported object types for which this authorization rule applies.
`AuthorizationResult`	`isAllowed(java.lang.Object aResource, Operation anOperation, User aUser)` Determines whether an operation is allowed on a certain resource.

Methods inherited from interface org.wamblee.persistence.Persistent
`getPersistedVersion, getPrimaryKey, setPersistedVersion, setPrimaryKey`

Method Detail

getSupportedTypes

java.lang.Class[] getSupportedTypes()

Returns the supported object types for which this authorization rule applies. This can be used by the authorization service for optimization.

Returns:: Array of supported types.

isAllowed

AuthorizationResult isAllowed(java.lang.Object aResource,
                              Operation anOperation,
                              User aUser)

Determines whether an operation is allowed on a certain resource. The rule implementation must be prepared to deal with resources for which it does not apply. In those cases it should return AuthorizationResult.UNSUPPORTED_RESOURCE.

Parameters:: aResource - Resource.; anOperation - Operation.; aUser - Current user.
Returns:: Authorization result.