Interface MCRRuleAccessInterface

All Superinterfaces:
MCRAccessInterface
All Known Implementing Classes:
MCRAccessBaseImpl, MCRAccessControlSystem

public interface MCRRuleAccessInterface extends MCRAccessInterface
This serves as an interface to an underlying access controll system.
Since:
1.3
Version:
$Revision$ $Date$
Author:
Thomas Scheffler (yagee)
  • Method Details

    • createRule

      void createRule(String rule, String creator, String description)
      create an access rule in the rulestore using an rule string in plain text
      Parameters:
      rule - the rule string in plain text
      description - a String description of the rule in prosa
    • createRule

      void createRule(Element rule, String creator, String description)
      create an access rule in the rulestore using an rule string in plain text
      Parameters:
      rule - the rule string as xml
      description - a String description of the rule in prosa
    • getNormalizedRuleString

      String getNormalizedRuleString(Element rule)
      generate rule string from xml
      Returns:
      the normalized rule string
    • addRule

      void addRule(String id, String permission, Element rule, String description) throws MCRException
      adds an access rule for an ID to an access system. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an error occured
    • addRule

      void addRule(String permission, Element rule, String description) throws MCRException
      adds an access rule for an "a priori-permission" like "create-document"
      Parameters:
      permission - the access permission for the rule (e.g. "create-document")
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an error occured
    • removeRule

      void removeRule(String id, String permission) throws MCRException
      removes a rule. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Throws:
      MCRException - if an error occured
    • removeRule

      void removeRule(String permission) throws MCRException
      removes a rule for an "a priori permission" like "create-document"
      Parameters:
      permission - the access permission for the rule
      Throws:
      MCRException - if an error occured
    • removeAllRules

      void removeAllRules(String id) throws MCRException
      removes all rules of the id. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Parameters:
      id - the ID-String of the object
      Throws:
      MCRException - if an errow was occured
    • updateRule

      void updateRule(String id, String permission, Element rule, String description) throws MCRException
      updates an access rule for an ID to an access system. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an errow was occured
    • updateRule

      void updateRule(String permission, Element rule, String description) throws MCRException
      updates an access rule for an "a priori permission" of an access system like "create-document".
      Parameters:
      permission - the access permission for the rule
      rule - the access rule
      description - a String description of the rule in prosa
      Throws:
      MCRException - if an errow was occured
    • getAccessRule

      MCRAccessRule getAccessRule(String id, String permission)
      returns a MCRAccessRule which could be validated All information regarding the current user is capsulated by a MCRSession instance which can be retrieved by
       MCRSession currentSession = MCRSessionMgr.getCurrentSession();
       
      The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Parameters:
      id - the ID-String of the object
      permission - the permission/action to be granted, e.g. "read"
      Returns:
      MCRAccessRule instance or null if no rule is defined;
      See Also:
    • checkPermissionForUser

      @Deprecated boolean checkPermissionForUser(String permission, String userID)
      Deprecated.
      determines whether a given user has the permission to perform a certain action. no session data will be checked here. This method is used for checking "a priori permissions" like "create-document" where a String ID does not exist yet
      Parameters:
      permission - the permission/action to be granted, e.g. "create-document"
      userID - the MCRUser, whose permissions are checked
      Returns:
      true if the permission is granted, else false
      See Also:
    • checkPermission

      boolean checkPermission(Element rule)
      determines whether the current user has the permission to perform a certain action. All information regarding the current user is capsulated by a MCRSession instance which can be retrieved by
       MCRSession currentSession = MCRSessionMgr.getCurrentSession();
       
      Parameters:
      rule - the jdom-representation of a mycore access rule
      Returns:
      true if the permission is granted, else false
      See Also:
    • getRule

      Element getRule(String id, String permission)
      exports a access rule as JDOM element.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      the rule as jdom element, or null if no rule is defined
    • getRule

      Element getRule(String permission)
      exports a access rule for a "a priori permission" as JDOM element.
      Parameters:
      permission - the access permission for the rule
      Returns:
      the rule as jdom element, or null if no rule is defined
    • getRuleDescription

      String getRuleDescription(String permission)
      returns the prosa description of a defined rule for a "a priori" permission like "create-document".
      Parameters:
      permission - the access permission for the rule
      Returns:
      the String of the description
    • getRuleDescription

      String getRuleDescription(String id, String permission)
      returns the prosa description of a defined rule.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      the String of the description
    • getPermissionsForID

      Collection<String> getPermissionsForID(String id)
      lists all permissions defined for the id. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Returns:
      a List of all for id defined permission
    • getPermissions

      Collection<String> getPermissions()
      lists all a-priori permissions like "create-document".
      Returns:
      a List of all defined permissions
    • getAccessPermissionsFromConfiguration

      Collection<String> getAccessPermissionsFromConfiguration()
      list all object-related Access Permissions that are defined in configuration files
      Returns:
      a List of permissiond from the configuration
    • getAllControlledIDs

      Collection<String> getAllControlledIDs()
      lists all String IDs, a permission is assigned to. The parameter id serves as an identifier for the concrete underlying rule, e.g. a MCRObjectID.
      Returns:
      a sorted and distinct List of all String IDs
    • hasRule

      boolean hasRule(String id, String permission)
      checks wether a rule with the id and permission is defined.
      Parameters:
      id - the ID-String of the object
      permission - the access permission for the rule
      Returns:
      false, if getRule(id, permission) would return null, else true
    • hasRule

      boolean hasRule(String id)
      checks wether a rule with the id is defined.
      Parameters:
      id - the ID-String of the object
      Returns:
      false, if getPermissionsForID(id) would return an empty list, else true