com.anaptecs.jeaf.services.usermanagement.AuthorizationAdminService Maven / Gradle / Ivy
/*
* anaptecs GmbH, Ricarda-Huch-Str. 71, 72760 Reutlingen, Germany
*
* Copyright 2004 - 2019. All rights reserved.
*/
package com.anaptecs.jeaf.services.usermanagement;
import java.util.List;
import com.anaptecs.jeaf.core.api.Service;
import com.anaptecs.jeaf.core.api.ServiceObjectID;
import com.anaptecs.jeaf.xfun.types.Period;
/**
* This service is responsible to manage the roles and object permissions for persons and organizational units.
* Therefore the service provides several methods that can be used to administer all authorizations. The check of
* authorizations will be performed through the AuthorizationService.
*
* @author JEAF Generator
* @version JEAF Release 1.4.x
*/
public interface AuthorizationAdminService extends Service {
/**
* Method creates a new role definition from the passed object. Therefore also the authorizations which link
* authorization types and role definitions have to be set on the passed object. All referenced authorization types
* already have to exist. The method does not create authorization types if they do not exist yet.
*
*
* @param pRoleDefinition Role definition that should be created. The reference to all authorization types that make
* up this role definition have to be set. The parameter must not be null and there must not exist a role definition
* with the same name yet.
*
* @return {@link RoleDefinition} Created role definition. The reference to all authorizations and authorization types
* is also set. The method never returns null.
*
*/
RoleDefinition createRoleDefinition( RoleDefinition pRoleDefinition );
/**
* Method returns the role definition with the passed id. A role definition with the passed id must exist.
*
*
* @param pRoleDefinitionID ID of the role definition that should be returned. The parameter must not be null.
*
* @return {@link RoleDefinition} Role definition with the passed id. The reference to all authorizations and
* authorization types is also set. The method never returns null.
*
*/
RoleDefinition getRoleDefinition( ServiceObjectID pRoleDefinitionID );
/**
* Method delete the passed role definition. A role definition can only be deleted if it is not referenced any more.
*
*
* @param pRoleDefintion RoleDefinition that should be deleted. The parameter must not be null.
*
*/
void deleteRoleDefinition( RoleDefinition pRoleDefintion );
/**
* Method returns all available role definitions.
*
*
* @return {@link RoleDefinition} List with all available role definitions. The returned objects also have the
* references to all authorizations and all authorization types set. The method never returns null.
*
*/
List getAllRoleDefinitions( );
/**
* Method creates a new authorization type from the passed object. There must not already exist an authorization type
* with the same name.
*
*
* @param pAuthorizationType Authorization type that should be created. The parameter must not be null
*
* @return {@link AuthorizationType} Created authorization type. The method never returns null.
*
*/
AuthorizationType createAuthorizationType( AuthorizationType pAuthorizationType );
/**
* Method returns the authorization type with the passed id. An authorization type with the passed id must exist.
*
*
* @param pAuthorizationTypeID ID of the authorization type that should be returned. The parameter must not be null
*
* @return {@link AuthorizationType} Authorization type with the passed id. The method never returns null.
*
*/
AuthorizationType getAuthorizationType( ServiceObjectID pAuthorizationTypeID );
/**
* Method deletes the passed authorization type. An authorization type can only be deleted if it is not referenced any
* more.
*
*
* @param pAuthorizationType AuthorizationType that should be deleted. The parameter must not be null.
*
*/
void deleteAuthorizationType( AuthorizationType pAuthorizationType );
/**
* Method returns all available authorization types.
*
*
* @return {@link AuthorizationType} List with all available authorization types. The method never returns null.
*
*/
List getAllAuthorizationTypes( );
/**
* Method assigns the passed role to the passed user for the passed validity period.
*
*
* @param pRoleDefinition RoleDefinition which has several competences. The parameter must not be null.
*
* @param pUserAccount User the role will be assigned to. The parameter must not be null.
*
* @param pValidityPeriod Period that the RoleAssociation will be valid. The parameter may be null.
*
* @param pLoadStrategy Load strategy can be used to define which associations of the user account service object
* should also be returned. The parameter may be null. In this case no associations of the user account will be loaded
* and returned.
*
* @return {@link UserAccount} Updated user account object. According to the passed load strategy associations to
* depending objects are also set.
*
*/
UserAccount assignRole( RoleDefinition pRoleDefinition, UserAccount pUserAccount, Period pValidityPeriod,
UserAccountLoadStrategy pLoadStrategy );
/**
* Method unassigns the passed role from the passed user.
*
*
* @param pRoleDefinition
* @param pUserAccount User account from which the role should be removed. The parameter must not be null.
*
* @param pLoadStrategy Load strategy can be used to define which associations of the user account service object
* should also be returned. The parameter may be null. In this case no associations of the user account will be loaded
* and returned.
*
* @return {@link UserAccount}
*/
UserAccount unassignRole( RoleDefinition pRoleDefinition, UserAccount pUserAccount,
UserAccountLoadStrategy pLoadStrategy );
/**
* Method returns all available use case definitions.
*
*
* @return {@link UseCaseDefinition} List with all available use case definitions. The method never returns null.
*
*/
List getAllUseCaseDefinitions( );
/**
* Method returns the use case definition for the use case with the passed name.
*
*
* @param pUseCaseName Name of the use case that should be returned. The parameter must not be null and a use case
* definition with the passed name must exist.
*
* @return {@link UseCaseDefinition} Use case definition of the use case with the passed name. The method never
* returns null. If no use case with the passed name exists an exception will be thrown.
*
*/
UseCaseDefinition getUseCaseDefinition( String pUseCaseName );
/**
* The method gets the role definition with the given name. If no role definition could be found an Exception is
* thrown
*
*
* @param pName The name of the role Definition the method looks for. The parameter may not be null.
*
* @return {@link RoleDefinition} The found role definition or null.
*
* @throws {@link UserManagementServiceSystemException}
*/
RoleDefinition getRoleDefinition( String pName ) throws UserManagementServiceSystemException;
/**
* Method synchronizes the given RoleDefinition with the Database. The role definitions from the given list will be
* imported and all older role definitions and authorizations which are not given via the role definition list will be
* lost.
*
*
* @param pRoleDefinitions the RoleDefinitions which have to be updated on the storage.
*
* @return {@link RoleDefinition} List of synchronized role definitions.
*
*/
List synchronizeRolesAndAuthorizations( List pRoleDefinitions );
}