All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.acegisecurity.acl.basic.BasicAclEntry Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
/* Copyright 2004 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.acegisecurity.acl.basic;

import org.acegisecurity.acl.AclEntry;


/**
 * Represents an entry in an access control list.
 *
 * @author Ben Alex
 * @version $Id: BasicAclEntry.java,v 1.3 2005/11/17 00:55:47 benalex Exp $
 */
public interface BasicAclEntry extends AclEntry {
    //~ Methods ================================================================

    /**
     * This setter should only be used by DAO implementations.
     *
     * @param aclObjectIdentity an object which can be used to uniquely
     *        identify the domain object instance subject of this ACL entry
     */
    public void setAclObjectIdentity(AclObjectIdentity aclObjectIdentity);

    /**
     * Indicates the domain object instance that is subject of this
     * BasicAclEntry. This information may be of interest to
     * relying classes (voters and business methods) that wish to know the
     * actual origination of the ACL entry (so as to distinguish individual
     * ACL entries from others contributed by the inheritance hierarchy).
     *
     * @return the ACL object identity that is subject of this ACL entry (never
     *         null)
     */
    public AclObjectIdentity getAclObjectIdentity();

    /**
     * This setter should only be used by DAO implementations.
     *
     * @param aclObjectParentIdentity an object which represents the parent of
     *        the domain object instance subject of this ACL entry, or
     *        null if either the domain object instance has no
     *        parent or its parent should be not used to compute an
     *        inheritance hierarchy
     */
    public void setAclObjectParentIdentity(
        AclObjectIdentity aclObjectParentIdentity);

    /**
     * Indicates any ACL parent of the domain object instance. This is used by
     * BasicAclProvider to walk the inheritance hierarchy. An
     * domain object instance need not have a parent.
     *
     * @return the ACL object identity that is the parent of this ACL entry
     *         (may be null if no parent should be consulted)
     */
    public AclObjectIdentity getAclObjectParentIdentity();

    /**
     * This setter should only be used by DAO implementations.
     *
     * @param mask the integer representing the permissions bit mask
     */
    public void setMask(int mask);

    /**
     * Access control lists in this package are based on bit masking. The
     * integer value of the bit mask can be obtained from this method.
     *
     * @return the bit mask applicable to this ACL entry (zero indicates a bit
     *         mask where no permissions have been granted)
     */
    public int getMask();

    /**
     * This setter should only be used by DAO implementations.
     *
     * @param recipient a representation of the recipient of this ACL entry
     *        that makes sense to an EffectiveAclsResolver
     *        implementation
     */
    public void setRecipient(Object recipient);

    /**
     * A domain object instance will usually have multiple
     * BasicAclEntrys. Each separate BasicAclEntry
     * applies to a particular "recipient". Typical examples of recipients
     * include (but do not necessarily have to include) usernames, role names,
     * complex granted authorities etc.
     * 
     * 

* It is essential that only one BasicAclEntry exists for a * given recipient. Otherwise conflicts as to the mask that should * apply to a given recipient will occur. *

* *

* This method indicates which recipient this BasicAclEntry * applies to. The returned object type will vary depending on the type of * recipient. For instance, it might be a String containing a * username, or a GrantedAuthorityImpl containing a complex * granted authority that is being granted the permissions contained in * this access control entry. The {@link EffectiveAclsResolver} and {@link * BasicAclProvider#getAcls(Object, Authentication)} can process the * different recipient types and return only those that apply to a * specified Authentication object. *

* * @return the recipient of this access control list entry (never * null) */ public Object getRecipient(); /** * Determine if the mask of this entry includes this permission or not * * @param permissionToCheck * @return if the entry's mask includes this permission */ public boolean isPermitted(int permissionToCheck); }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy