View Javadoc

1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kew.framework.document.security;
17  
18  import org.kuali.rice.core.api.exception.RiceIllegalArgumentException;
19  import org.kuali.rice.kew.api.KewApiConstants;
20  import org.kuali.rice.kew.framework.KewFrameworkServiceLocator;
21  
22  import javax.jws.WebMethod;
23  import javax.jws.WebParam;
24  import javax.jws.WebResult;
25  import javax.jws.WebService;
26  import javax.jws.soap.SOAPBinding;
27  import javax.xml.bind.annotation.XmlElement;
28  import javax.xml.bind.annotation.XmlElementWrapper;
29  import java.util.List;
30  
31  /**
32   * A remotable service which handles processing of a client application's custom security processing of workflow
33   * documents.
34   *
35   * @author Kuali Rice Team (rice.collab@kuali.org)
36   */
37  @WebService(name = KewFrameworkServiceLocator.DOCUMENT_SECURITY_HANDLER_SERVICE, targetNamespace = KewApiConstants.Namespaces.KEW_NAMESPACE_2_0)
38  @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
39  public interface DocumentSecurityHandlerService {
40  
41      /**
42       * Returns a list of document ids from the given list of document security directives for which the principal with
43       * the given principal id is allowed to view.  Any document which is passed to this method as part of a document
44       * security directive which is not included in the list of document ids that is returned from this method should
45       * <strong>not</strong> be presented to the principal with the given principal id.
46       *
47       * <p>This method essentially invokes
48       * {@link DocumentSecurityAttribute#isAuthorizedForDocument(String, org.kuali.rice.kew.api.document.Document)}
49       * method for each of the security attributes supplied in the document security directives, passing the associated
50       * list of document ids.</p>
51       *
52       * @param principalId the id of the principal against which to perform the authorization
53       * @param documentSecurityDirectives the list of security directives which define the documents which should be
54       * checked for authorization and the name of the {@code DocumentSecurityAttribute} extensions against which to
55       * execute the authorization check.
56       *
57       * @return the list of document ids from the given document security directives for which the given principal is
58       * authorized, if a null or empty list is returned, that means that the given principal is not authorized to view
59       * information about any of the documents
60       *
61       * @throws RiceIllegalArgumentException if the given principalId is a null or blank value
62       * @throws RiceIllegalArgumentException if any of the security attributes defined in the given list of security
63       * directives cannot be located or loaded
64       */
65      @WebMethod(operationName = "getAuthorizedDocumentIds")
66      @WebResult(name = "authorizedDocumentIds")
67      @XmlElementWrapper(name = "authorizedDocumentIds", required = true)
68      @XmlElement(name = "documentId", required = false)
69      List<String> getAuthorizedDocumentIds(
70              @WebParam(name = "principalId") String principalId,
71              @WebParam(name = "documents") List<DocumentSecurityDirective> documentSecurityDirectives)
72          throws RiceIllegalArgumentException;
73  
74  }