org.wamblee.security.authorization

Interface AuthorizationRule

All Known Implementing Classes:

AbstractAuthorizationRule, UrlAuthorizationRule

public interface AuthorizationRule

Represents an authorization rule to determine whether an operation is allowed on a resource.

Author:

Erik Brakkee

Method Summary

Modifier and Type	Method and Description
Class[]	getSupportedTypes() Returns the supported object types for which this authorization rule applies.
AuthorizationResult	isAllowed(Object aResource, Operation aOperation, String aUser) Determines whether an operation is allowed on a certain resource.
void	setUserAdministration(UserAdministration aAdmin) Sets the user admnistration to use.

Method Detail

setUserAdministration

void setUserAdministration(UserAdministration aAdmin)

Sets the user admnistration to use.

Parameters:

aAdmin - User administration.

getSupportedTypes

Class[] getSupportedTypes()

Returns the supported object types for which this authorization rule applies. This can be used by the authorization service for optimization.

Returns:

Array of supported types.

isAllowed

AuthorizationResult isAllowed(Object aResource,
                              Operation aOperation,
                              String aUser)

Determines whether an operation is allowed on a certain resource. The rule implementation must be prepared to deal with resources for which it does not apply. In those cases it should return AuthorizationResult.UNSUPPORTED_RESOURCE.

Parameters:

aResource - Resource.

aOperation - Operation.

aUser - Current user.

Returns:

Authorization result.