inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

First cut of audit annotations on public services, updated audit schema and first cut of default audit settings

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3312 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2006-07-12 16:59:19 +00:00
parent 9025ad537a
commit 868966c11a
33 changed files with 655 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
source/java/org/alfresco/service/cmr/security/AuthenticationService.java
View File

@@ -19,6 +19,7 @@ package org.alfresco.service.cmr.security;
import java.util.Set;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.service.Auditable;
/**
* The authentication service defines the API for managing authentication information
@@ -36,6 +37,7 @@ public interface AuthenticationService
* @param password
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName", "password"}, recordable = {true, false})
public void createAuthentication(String userName, char[] password) throws AuthenticationException;
/**
@@ -46,6 +48,7 @@ public interface AuthenticationService
* @param newPassword
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName", "oldPassword", "newPassword"}, recordable = {true, false, false})
public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword) throws AuthenticationException;
/**
@@ -55,6 +58,7 @@ public interface AuthenticationService
* @param newPassword
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName", "newPassword"}, recordable = {true, false})
public void setAuthentication(String userName, char[] newPassword) throws AuthenticationException;
@@ -64,6 +68,7 @@ public interface AuthenticationService
* @param userName
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName"})
public void deleteAuthentication(String userName) throws AuthenticationException;
/**
@@ -72,6 +77,7 @@ public interface AuthenticationService
* @param userName
* @param enabled
*/
@Auditable(parameters = {"userName", "enabled"})
public void setAuthenticationEnabled(String userName, boolean enabled) throws AuthenticationException;
/**
@@ -80,6 +86,7 @@ public interface AuthenticationService
* @param userName
* @return
*/
@Auditable(parameters = {"userName"})
public boolean getAuthenticationEnabled(String userName) throws AuthenticationException;
/**
@@ -90,6 +97,7 @@ public interface AuthenticationService
* @param password the passowrd
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName", "password"}, recordable = {true, false})
public void authenticate(String userName, char[] password) throws AuthenticationException;
/**
@@ -97,6 +105,7 @@ public interface AuthenticationService
*
* @throws AuthenticationException
*/
@Auditable
public void authenticateAsGuest() throws AuthenticationException;
/**
@@ -105,6 +114,7 @@ public interface AuthenticationService
* @param userName the username
* @return Returns <tt>true</tt> if the authentication exists
*/
@Auditable(parameters = {"userName"})
public boolean authenticationExists(String userName);
/**
@@ -113,6 +123,7 @@ public interface AuthenticationService
* @return
* @throws AuthenticationException
*/
@Auditable
public String getCurrentUserName() throws AuthenticationException;
/**
@@ -121,6 +132,7 @@ public interface AuthenticationService
* @param userName
* @throws AuthenticationException
*/
@Auditable(parameters = {"userName"})
public void invalidateUserSession(String userName) throws AuthenticationException;
/**
@@ -129,6 +141,7 @@ public interface AuthenticationService
* @param ticket
* @throws AuthenticationException
*/
@Auditable(parameters = {"ticket"}, recordable = {false})
public void invalidateTicket(String ticket) throws AuthenticationException;
/**
@@ -137,18 +150,21 @@ public interface AuthenticationService
* @param ticket
* @throws AuthenticationException
*/
@Auditable(parameters = {"ticket"}, recordable = {false})
public void validate(String ticket) throws AuthenticationException;
/**
* Get the current ticket as a string
* @return
*/
@Auditable
public String getCurrentTicket();
/**
* Remove the current security information
*
*/
@Auditable
public void clearCurrentSecurityContext();
/**
@@ -156,7 +172,7 @@ public interface AuthenticationService
*
* @return
*/
@Auditable
public boolean isCurrentUserTheSystemUser();
/**
@@ -164,7 +180,7 @@ public interface AuthenticationService
*
* @return The domain name
*/
@Auditable
public Set<String> getDomains();
/**
@@ -172,6 +188,7 @@ public interface AuthenticationService
*
* @return
*/
@Auditable
public Set<String> getDomainsThatAllowUserCreation();
/**
@@ -179,6 +196,7 @@ public interface AuthenticationService
*
* @return
*/
@Auditable
public Set<String> getDomainsThatAllowUserDeletion();
/**
@@ -186,6 +204,7 @@ public interface AuthenticationService
*
* @return
*/
@Auditable
public Set<String> getDomiansThatAllowUserPasswordChanges();
}

16
source/java/org/alfresco/service/cmr/security/AuthorityService.java
View File

@@ -18,6 +18,8 @@ package org.alfresco.service.cmr.security;
import java.util.Set;
import org.alfresco.service.Auditable;
/**
* The service that encapsulates authorities granted to users.
*
@@ -43,6 +45,7 @@ public interface AuthorityService
*
* @return true if the currently authenticated user has the admin authority
*/
@Auditable
public boolean hasAdminAuthority();
/**
@@ -50,6 +53,7 @@ public interface AuthorityService
*
* @return
*/
@Auditable
public Set<String> getAuthorities();
/**
@@ -59,6 +63,7 @@ public interface AuthorityService
* the type of authorities.
* @return
*/
@Auditable(parameters = {"type"})
public Set<String> getAllAuthorities(AuthorityType type);
/**
@@ -69,7 +74,7 @@ public interface AuthorityService
* the type of the authority
* @return
*/
@Auditable(parameters = {"type"})
public Set<String> getAllRootAuthorities(AuthorityType type);
/**
@@ -87,6 +92,7 @@ public interface AuthorityService
* @return the name of the authority (this will be the prefix, if any
* associated with the type appended with the short name)
*/
@Auditable(parameters = {"type", "parentName", "shortName"})
public String createAuthority(AuthorityType type, String parentName, String shortName);
/**
@@ -98,6 +104,7 @@ public interface AuthorityService
* @param childName -
* the string identifier for the child.
*/
@Auditable(parameters = {"parentName", "childName"})
public void addAuthority(String parentName, String childName);
/**
@@ -111,6 +118,7 @@ public interface AuthorityService
* @param childName -
* the string identifier for the child.
*/
@Auditable(parameters = {"parentName", "childName"})
public void removeAuthority(String parentName, String childName);
/**
@@ -118,6 +126,7 @@ public interface AuthorityService
*
* @param name
*/
@Auditable(parameters = {"name"})
public void deleteAuthority(String name);
/**
@@ -135,6 +144,7 @@ public interface AuthorityService
* find authorities at any depth
* @return
*/
@Auditable(parameters = {"type", "name", "immediate"})
public Set<String> getContainedAuthorities(AuthorityType type, String name, boolean immediate);
/**
@@ -152,6 +162,7 @@ public interface AuthorityService
* limit to immediate parents or any ancestor.
* @return
*/
@Auditable(parameters = {"type", "name", "immediate"})
public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate);
/**
@@ -160,6 +171,7 @@ public interface AuthorityService
* @param name
* @return
*/
@Auditable(parameters = {"name"})
public String getShortName(String name);
/**
@@ -170,6 +182,7 @@ public interface AuthorityService
* @param shortName
* @return
*/
@Auditable(parameters = {"type", "shortName"})
public String getName(AuthorityType type, String shortName);
/**
@@ -178,6 +191,7 @@ public interface AuthorityService
* @param name (the long name).
* @return
*/
@Auditable(parameters = {"name"})
public boolean authorityExists(String name);
}

5
source/java/org/alfresco/service/cmr/security/OwnableService.java
View File

@@ -16,6 +16,7 @@
*/
package org.alfresco.service.cmr.security;
import org.alfresco.service.Auditable;
import org.alfresco.service.cmr.repository.NodeRef;
/**
@@ -31,6 +32,7 @@ public interface OwnableService
* @param nodeRef
* @return the username or null if the object has no owner
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public String getOwner(NodeRef nodeRef);
/**
@@ -39,6 +41,7 @@ public interface OwnableService
* @param nodeRef
* @param userName
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "userName"})
public void setOwner(NodeRef nodeRef, String userName);
/**
@@ -46,6 +49,7 @@ public interface OwnableService
*
* @param nodeRef
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public void takeOwnership(NodeRef nodeRef);
/**
@@ -54,5 +58,6 @@ public interface OwnableService
* @param nodeRef
* @return
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public boolean hasOwner(NodeRef nodeRef);
}

23
source/java/org/alfresco/service/cmr/security/PermissionService.java
View File

@@ -18,6 +18,7 @@ package org.alfresco.service.cmr.security;
import java.util.Set;
import org.alfresco.service.Auditable;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.namespace.QName;
@@ -119,6 +120,7 @@ public interface PermissionService
*
* @return the owner authority
*/
@Auditable
public String getOwnerAuthority();
/**
@@ -126,6 +128,7 @@ public interface PermissionService
*
* @return the All authorities
*/
@Auditable
public String getAllAuthorities();
/**
@@ -133,6 +136,7 @@ public interface PermissionService
*
* @return the All permission
*/
@Auditable
public String getAllPermission();
/**
@@ -143,6 +147,7 @@ public interface PermissionService
* the reference to the node
* @return the set of allowed permissions
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public Set<AccessPermission> getPermissions(NodeRef nodeRef);
/**
@@ -153,6 +158,7 @@ public interface PermissionService
* the reference to the node
* @return the set of allowed permissions
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public Set<AccessPermission> getAllSetPermissions(NodeRef nodeRef);
/**
@@ -161,6 +167,7 @@ public interface PermissionService
* @param nodeRef
* @return
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public Set<String> getSettablePermissions(NodeRef nodeRef);
/**
@@ -169,6 +176,7 @@ public interface PermissionService
* @param nodeRef
* @return
*/
@Auditable(parameters = {"type"})
public Set<String> getSettablePermissions(QName type);
/**
@@ -176,16 +184,18 @@ public interface PermissionService
* given node. (The default behaviour is to inherit permissions)
*
* @param nodeRef
* @param perm
* @param permission
* @return
*/
public AccessStatus hasPermission(NodeRef nodeRef, String perm);
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "permission"})
public AccessStatus hasPermission(NodeRef nodeRef, String permission);
/**
* Delete all the permission assigned to the node
*
* @param nodeRef
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public void deletePermissions(NodeRef nodeRef);
/**
@@ -194,6 +204,7 @@ public interface PermissionService
* @param nodeRef
* @param authority
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority"})
public void clearPermission(NodeRef nodeRef, String authority);
/**
@@ -203,6 +214,7 @@ public interface PermissionService
* @param authority the authority recipient
* @param permission the entry permission
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority", "permission"})
public void deletePermission(NodeRef nodeRef, String authority, String permission);
/**
@@ -210,10 +222,11 @@ public interface PermissionService
*
* @param nodeRef
* @param authority
* @param perm
* @param permission
* @param allow
*/
public void setPermission(NodeRef nodeRef, String authority, String perm, boolean allow);
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority", "permission", "allow"})
public void setPermission(NodeRef nodeRef, String authority, String permission, boolean allow);
/**
* Set the global inheritance behaviour for permissions on a node.
@@ -221,6 +234,7 @@ public interface PermissionService
* @param nodeRef
* @param inheritParentPermissions
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "inheritParentPermissions"})
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions);
/**
@@ -229,5 +243,6 @@ public interface PermissionService
* @param nodeRef
* @return inheritParentPermissions
*/
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
public boolean getInheritParentPermissions(NodeRef nodeRef);
}

13
source/java/org/alfresco/service/cmr/security/PersonService.java
View File

@@ -20,6 +20,7 @@ import java.io.Serializable;
import java.util.Map;
import java.util.Set;
import org.alfresco.service.Auditable;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.namespace.QName;
@@ -49,6 +50,7 @@ public interface PersonService
* @see #setCreateMissingPeople(boolean)
* @see #createMissingPeople()
*/
@Auditable(parameters = {"userName"})
public NodeRef getPerson(String userName);
/**
@@ -57,6 +59,7 @@ public interface PersonService
* @param userName the user name
* @return Returns true if the user exists, otherwise false
*/
@Auditable(parameters = {"userName"})
public boolean personExists(String userName);
/**
@@ -65,6 +68,7 @@ public interface PersonService
*
* @return true if people are created on demand and false otherwise.
*/
@Auditable
public boolean createMissingPeople();
/**
@@ -74,6 +78,7 @@ public interface PersonService
*
* @see #getPerson(String)
*/
@Auditable(parameters = {"createMissing"})
public void setCreateMissingPeople(boolean createMissing);
/**
@@ -84,6 +89,7 @@ public interface PersonService
*
* @return A set of QNames that identify properties that can be changed
*/
@Auditable
public Set<QName> getMutableProperties();
/**
@@ -93,6 +99,7 @@ public interface PersonService
* @param userName - the user for which the properties should be set.
* @param properties - the map of properties to set (as the NodeService)
*/
@Auditable(parameters = {"userName", "properties"})
public void setPersonProperties(String userName, Map<QName, Serializable> properties);
/**
@@ -100,6 +107,7 @@ public interface PersonService
*
* @return true if this service allows mutation to people.
*/
@Auditable
public boolean isMutable();
/**
@@ -110,6 +118,7 @@ public interface PersonService
* @param properties
* @return
*/
@Auditable(parameters = {"properties"})
public NodeRef createPerson(Map<QName, Serializable> properties);
/**
@@ -117,6 +126,7 @@ public interface PersonService
*
* @param userName
*/
@Auditable(parameters = {"userName"})
public void deletePerson(String userName);
/**
@@ -124,6 +134,7 @@ public interface PersonService
*
* @return a set of people in no specific order.
*/
@Auditable
public Set<NodeRef> getAllPeople();
/**
@@ -131,6 +142,7 @@ public interface PersonService
*
* @return
*/
@Auditable
public NodeRef getPeopleContainer();
/**
@@ -138,5 +150,6 @@ public interface PersonService
*
* @return
*/
@Auditable
public boolean getUserNamesAreCaseSensitive();
}