org.kuali.rice.kew.framework.document.security
Interface DocumentSecurityHandlerService

All Known Implementing Classes:
DocumentSecurityHandlerServiceImpl

public interface DocumentSecurityHandlerService

A remotable service which handles processing of a client application's custom security processing of workflow documents.

Author:
Kuali Rice Team (rice.collab@kuali.org)

Method Summary
 List<String> getAuthorizedDocumentIds(String principalId, List<DocumentSecurityDirective> documentSecurityDirectives)
          Returns a list of document ids from the given list of document security directives for which the principal with the given principal id is allowed to view.
 

Method Detail

getAuthorizedDocumentIds

List<String> getAuthorizedDocumentIds(String principalId,
                                      List<DocumentSecurityDirective> documentSecurityDirectives)
                                      throws RiceIllegalArgumentException
Returns a list of document ids from the given list of document security directives for which the principal with the given principal id is allowed to view. Any document which is passed to this method as part of a document security directive which is not included in the list of document ids that is returned from this method should not be presented to the principal with the given principal id.

This method essentially invokes DocumentSecurityAttribute.isAuthorizedForDocument(String, org.kuali.rice.kew.api.document.Document) method for each of the security attributes supplied in the document security directives, passing the associated list of document ids.

Parameters:
principalId - the id of the principal against which to perform the authorization
documentSecurityDirectives - the list of security directives which define the documents which should be checked for authorization and the name of the DocumentSecurityAttribute extensions against which to execute the authorization check.
Returns:
the list of document ids from the given document security directives for which the given principal is authorized, if a null or empty list is returned, that means that the given principal is not authorized to view information about any of the documents
Throws:
RiceIllegalArgumentException - if the given principalId is a null or blank value
RiceIllegalArgumentException - if any of the security attributes defined in the given list of security directives cannot be located or loaded


Copyright © 2005-2012 The Kuali Foundation. All Rights Reserved.