View Javadoc
1   /**
2    * Copyright 2005-2016 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.bo;
17  
18  import java.util.Map;
19  
20  /**
21   * Invoked to authorize actions requested on data objects (such as edit or view)
22   *
23   * @author Kuali Rice Team (rice.collab@kuali.org)
24   */
25  public interface DataObjectAuthorizer {
26  
27      /**
28       * Determines whether the user identified by the given principal ID has the given permission in the context
29       * of the data object
30       *
31       * @param dataObject
32       * @param namespaceCode
33       * @param permissionName
34       * @param principalId
35       * @return boolean true if the user is authorized, false if not
36       */
37      public boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId);
38  
39      /**
40       * Determines whether the user identified by the given principal ID has been granted a permission of the given
41       * template in the context of the data object
42       *
43       * @param dataObject
44       * @param namespaceCode
45       * @param permissionTemplateName
46       * @param principalId
47       * @return boolean true if the user is authorized, false if not
48       */
49      public boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
50              String principalId);
51  
52      /**
53       * Determines whether the user identified by the given principal ID has the given permission in the context
54       * of the data object, the additional permission details and role qualifiers are used for the check
55       *
56       * @param dataObject
57       * @param namespaceCode
58       * @param permissionName
59       * @param principalId
60       * @param additionalPermissionDetails
61       * @param additionalRoleQualifiers
62       * @return boolean true if the user is authorized, false if not
63       */
64      public boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId,
65              Map<String, String> additionalPermissionDetails, Map<String, String> additionalRoleQualifiers);
66  
67      /**
68       * Determines whether the user identified by the given principal ID has been granted a permission of the given
69       * template in the context of the data object, the additional permission details and role qualifiers are used for
70       * the check
71       *
72       * @param dataObject
73       * @param namespaceCode
74       * @param permissionTemplateName
75       * @param principalId
76       * @param additionalPermissionDetails
77       * @param additionalRoleQualifiers
78       * @return boolean true if the user is authorized, false if not
79       */
80      public boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
81              String principalId, Map<String, String> additionalPermissionDetails,
82              Map<String, String> additionalRoleQualifiers);
83  
84  }