mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-06-09 17:45:10 +00:00
868966c11a
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3312 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
249 lines
7.6 KiB
Java
249 lines
7.6 KiB
Java
/*
|
|
* Copyright (C) 2005 Alfresco, Inc.
|
|
*
|
|
* Licensed under the Mozilla Public License version 1.1
|
|
* with a permitted attribution clause. You may obtain a
|
|
* copy of the License at
|
|
*
|
|
* http://www.alfresco.org/legal/license.txt
|
|
*
|
|
* Unless required by applicable law or agreed to in writing,
|
|
* software distributed under the License is distributed on an
|
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
|
|
* either express or implied. See the License for the specific
|
|
* language governing permissions and limitations under the
|
|
* License.
|
|
*/
|
|
package org.alfresco.service.cmr.security;
|
|
|
|
import java.util.Set;
|
|
|
|
import org.alfresco.service.Auditable;
|
|
import org.alfresco.service.cmr.repository.NodeRef;
|
|
import org.alfresco.service.namespace.QName;
|
|
|
|
/**
|
|
* The public API for a permission service
|
|
*
|
|
* The implementation may be changed in the application configuration
|
|
*
|
|
* @author Andy Hind
|
|
*/
|
|
public interface PermissionService
|
|
{
|
|
public static final String ROLE_PREFIX = "ROLE_";
|
|
|
|
public static final String GROUP_PREFIX = "GROUP_";
|
|
|
|
|
|
|
|
public static final String ALL_AUTHORITIES = "GROUP_EVERYONE";
|
|
|
|
public static final String OWNER_AUTHORITY = "ROLE_OWNER";
|
|
|
|
public static final String LOCK_OWNER_AUTHORITY = "ROLE_LOCK_OWNER";
|
|
|
|
public static final String ADMINISTRATOR_AUTHORITY = "ROLE_ADMINISTRATOR";
|
|
|
|
public static final String GUEST_AUTHORITY = "guest";
|
|
|
|
|
|
|
|
public static final String ALL_PERMISSIONS = "All";
|
|
|
|
public static final String FULL_CONTROL = "FullControl";
|
|
|
|
public static final String READ = "Read";
|
|
|
|
public static final String WRITE = "Write";
|
|
|
|
public static final String DELETE = "Delete";
|
|
|
|
public static final String ADD_CHILDREN = "AddChildren";
|
|
|
|
public static final String READ_PROPERTIES = "ReadProperties";
|
|
|
|
public static final String READ_CHILDREN = "ReadChildren";
|
|
|
|
public static final String WRITE_PROPERTIES = "WriteProperties";
|
|
|
|
public static final String DELETE_NODE = "DeleteNode";
|
|
|
|
public static final String DELETE_CHILDREN = "DeleteChildren";
|
|
|
|
public static final String CREATE_CHILDREN = "CreateChildren";
|
|
|
|
public static final String LINK_CHILDREN = "LinkChildren";
|
|
|
|
public static final String DELETE_ASSOCIATIONS = "DeleteAssociations";
|
|
|
|
public static final String READ_ASSOCIATIONS = "ReadAssociations";
|
|
|
|
public static final String CREATE_ASSOCIATIONS = "CreateAssociations";
|
|
|
|
public static final String READ_PERMISSIONS = "ReadPermissions";
|
|
|
|
public static final String CHANGE_PERMISSIONS = "ChangePermissions";
|
|
|
|
public static final String EXECUTE = "Execute";
|
|
|
|
public static final String READ_CONTENT = "ReadContent";
|
|
|
|
public static final String WRITE_CONTENT = "WriteContent";
|
|
|
|
public static final String EXECUTE_CONTENT = "ExecuteContent";
|
|
|
|
public static final String TAKE_OWNERSHIP = "TakeOwnership";
|
|
|
|
public static final String SET_OWNER = "SetOwner";
|
|
|
|
public static final String COORDINATOR = "Coordinator";
|
|
|
|
public static final String CONTRIBUTOR = "Contributor";
|
|
|
|
public static final String EDITOR = "Editor";
|
|
|
|
public static final String CONSUMER = "Consumer";
|
|
|
|
public static final String LOCK = "Lock";
|
|
|
|
public static final String UNLOCK = "Unlock";
|
|
|
|
public static final String CHECK_OUT = "CheckOut";
|
|
|
|
public static final String CHECK_IN = "CheckIn";
|
|
|
|
public static final String CANCEL_CHECK_OUT = "CancelCheckOut";
|
|
|
|
/**
|
|
* Get the Owner Authority
|
|
*
|
|
* @return the owner authority
|
|
*/
|
|
@Auditable
|
|
public String getOwnerAuthority();
|
|
|
|
/**
|
|
* Get the All Authorities
|
|
*
|
|
* @return the All authorities
|
|
*/
|
|
@Auditable
|
|
public String getAllAuthorities();
|
|
|
|
/**
|
|
* Get the All Permission
|
|
*
|
|
* @return the All permission
|
|
*/
|
|
@Auditable
|
|
public String getAllPermission();
|
|
|
|
/**
|
|
* Get all the AccessPermissions that are granted/denied to the current
|
|
* authentication for the given node
|
|
*
|
|
* @param nodeRef -
|
|
* the reference to the node
|
|
* @return the set of allowed permissions
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
|
|
public Set<AccessPermission> getPermissions(NodeRef nodeRef);
|
|
|
|
/**
|
|
* Get all the AccessPermissions that are set for anyone for the
|
|
* given node
|
|
*
|
|
* @param nodeRef -
|
|
* the reference to the node
|
|
* @return the set of allowed permissions
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
|
|
public Set<AccessPermission> getAllSetPermissions(NodeRef nodeRef);
|
|
|
|
/**
|
|
* Get the permissions that can be set for a given node
|
|
*
|
|
* @param nodeRef
|
|
* @return
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
|
|
public Set<String> getSettablePermissions(NodeRef nodeRef);
|
|
|
|
/**
|
|
* Get the permissions that can be set for a given type
|
|
*
|
|
* @param nodeRef
|
|
* @return
|
|
*/
|
|
@Auditable(parameters = {"type"})
|
|
public Set<String> getSettablePermissions(QName type);
|
|
|
|
/**
|
|
* Check that the given authentication has a particular permission for the
|
|
* given node. (The default behaviour is to inherit permissions)
|
|
*
|
|
* @param nodeRef
|
|
* @param permission
|
|
* @return
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "permission"})
|
|
public AccessStatus hasPermission(NodeRef nodeRef, String permission);
|
|
|
|
/**
|
|
* Delete all the permission assigned to the node
|
|
*
|
|
* @param nodeRef
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
|
|
public void deletePermissions(NodeRef nodeRef);
|
|
|
|
/**
|
|
* Delete all permission for the given authority.
|
|
*
|
|
* @param nodeRef
|
|
* @param authority
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority"})
|
|
public void clearPermission(NodeRef nodeRef, String authority);
|
|
|
|
/**
|
|
* Find and delete a access control entry by node, authentication and permission.
|
|
*
|
|
* @param nodeRef the node that the entry applies to
|
|
* @param authority the authority recipient
|
|
* @param permission the entry permission
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority", "permission"})
|
|
public void deletePermission(NodeRef nodeRef, String authority, String permission);
|
|
|
|
/**
|
|
* Set a specific permission on a node.
|
|
*
|
|
* @param nodeRef
|
|
* @param authority
|
|
* @param permission
|
|
* @param allow
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "authority", "permission", "allow"})
|
|
public void setPermission(NodeRef nodeRef, String authority, String permission, boolean allow);
|
|
|
|
/**
|
|
* Set the global inheritance behaviour for permissions on a node.
|
|
*
|
|
* @param nodeRef
|
|
* @param inheritParentPermissions
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef", "inheritParentPermissions"})
|
|
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions);
|
|
|
|
/**
|
|
* Return the global inheritance behaviour for permissions on a node.
|
|
*
|
|
* @param nodeRef
|
|
* @return inheritParentPermissions
|
|
*/
|
|
@Auditable(key = Auditable.Key.ARG_0, parameters = {"nodeRef"})
|
|
public boolean getInheritParentPermissions(NodeRef nodeRef);
|
|
}
|