ca.uhn.fhir.rest.server.interceptor.auth.IAuthRuleBuilderRule Maven / Gradle / Ivy
package ca.uhn.fhir.rest.server.interceptor.auth;
/*
* #%L
* HAPI FHIR - Core Library
* %%
* Copyright (C) 2014 - 2016 University Health Network
* %%
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* #L%
*/
public interface IAuthRuleBuilderRule {
/**
* This rule applies to create operations with a conditional
* URL as a part of the request. Note that this rule will allow the conditional
* operation to proceed, but the server is expected to determine the actual target
* of the conditional request and send a subsequent event to the {@link AuthorizationInterceptor}
* in order to authorize the actual target.
*
* In other words, if the server is configured correctly, this chain will allow the
* client to perform a conditional update, but a different rule is required to actually
* authorize the target that the conditional update is determined to match.
*
*/
IAuthRuleBuilderRuleConditional createConditional();
/**
* This rule applies to the FHIR delete operation
*/
IAuthRuleBuilderRuleOp delete();
/**
* This rule applies to create operations with a conditional
* URL as a part of the request. Note that this rule will allow the conditional
* operation to proceed, but the server is expected to determine the actual target
* of the conditional request and send a subsequent event to the {@link AuthorizationInterceptor}
* in order to authorize the actual target.
*
* In other words, if the server is configured correctly, this chain will allow the
* client to perform a conditional update, but a different rule is required to actually
* authorize the target that the conditional update is determined to match.
*
*/
IAuthRuleBuilderRuleConditional deleteConditional();
/**
* This rules applies to the metadata operation (retrieve the
* server's conformance statement)
*
* This call completes the rule and adds the rule to the chain.
*
*/
IAuthRuleBuilderRuleOpClassifierFinished metadata();
/**
* This rule applies to a FHIR operation (e.g. $validate)
*/
IAuthRuleBuilderOperation operation();
/**
* This rule applies to any FHIR operation involving reading, including
* read, vread, search, and
* history
*/
IAuthRuleBuilderRuleOp read();
/**
* This rule applies to the FHIR transaction operation. Transaction is a special
* case in that it bundles other operations
*/
IAuthRuleBuilderRuleTransaction transaction();
/**
* This rule applies to update operations with a conditional
* URL as a part of the request. Note that this rule will allow the conditional
* operation to proceed, but the server is expected to determine the actual target
* of the conditional request and send a subsequent event to the {@link AuthorizationInterceptor}
* in order to authorize the actual target.
*
* In other words, if the server is configured correctly, this chain will allow the
* client to perform a conditional update, but a different rule is required to actually
* authorize the target that the conditional update is determined to match.
*
*/
IAuthRuleBuilderRuleConditional updateConditional();
/**
* This rule applies to any FHIR operation involving writing, including
* create, and update
*/
IAuthRuleBuilderRuleOp write();
}