001    /**
002     * Copyright 2005-2012 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.kew.framework.document.security;
017    
018    import org.kuali.rice.kew.api.document.Document;
019    
020    import java.io.Serializable;
021    
022    /**
023     * This is an attribute used to implement custom document security for document search and the route log.
024     * SecurityAttributes are configured to be associated with the document type against which they should
025     * be applied.  For each route log or row that is returned from a document search, this authorization
026     * methods will be executed. 
027     *
028     * @author Kuali Rice Team (rice.collab@kuali.org)
029     *
030     */
031    public interface DocumentSecurityAttribute extends Serializable {
032    
033        /**
034         * Determines whether or not a principal is authorized to see information about a given document.
035         *
036         * @param principalId the principalId for which to check authorization
037         * @param document the document for which to check security
038         *
039         * @return true if the principal is authorized to view the document, false otherwise
040         */
041        boolean isAuthorizedForDocument(String principalId, Document document);
042    
043    }