001 //$HeadURL: http://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/security/drm/SecurityRegistry.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.security.drm;
037
038 import java.util.Collection;
039 import java.util.LinkedList;
040 import java.util.List;
041 import java.util.Properties;
042
043 import org.deegree.framework.util.StringPair;
044 import org.deegree.security.GeneralSecurityException;
045 import org.deegree.security.drm.model.Group;
046 import org.deegree.security.drm.model.Privilege;
047 import org.deegree.security.drm.model.Right;
048 import org.deegree.security.drm.model.RightType;
049 import org.deegree.security.drm.model.Role;
050 import org.deegree.security.drm.model.SecurableObject;
051 import org.deegree.security.drm.model.SecuredObject;
052 import org.deegree.security.drm.model.Service;
053 import org.deegree.security.drm.model.User;
054
055 /**
056 * This is an interface for datastores that are able to stores the following object types and their relations:
057 * <ul>
058 * <li><code>User</code>
059 * <li><code>Group</code>
060 * <li><code>Role</code>
061 * <li><code>SecurableObject</code>
062 * <li><code>Right / RightType</code>
063 * <li><code>Privilege</code>
064 * </ul>
065 *
066 * @author <a href="mailto:mschneider@lat-lon.de">Markus Schneider </a>
067 * @version $Revision: 32121 $
068 */
069 public interface SecurityRegistry {
070
071 /**
072 * Initializes the <code>Registry</code> -instance according to the contents of the submitted
073 * <code>Properties</code>.
074 * <p>
075 * The supported keys and values depend on the concrete implementation.
076 *
077 * @param properties
078 * @throws GeneralSecurityException
079 */
080 void initialize( Properties properties )
081 throws GeneralSecurityException;
082
083 /**
084 * Signals the <code>Registry</code> that a new transaction starts.
085 * <p>
086 * Only one transaction can be active at a time.
087 *
088 * @param transaction
089 *
090 * @throws GeneralSecurityException
091 */
092 void beginTransaction( SecurityTransaction transaction )
093 throws GeneralSecurityException;
094
095 /**
096 * Signals the <code>Registry</code> that the current transaction ends. Changes made during the transaction are now
097 * made persistent.
098 *
099 * @param transaction
100 *
101 * @throws GeneralSecurityException
102 */
103 void commitTransaction( SecurityTransaction transaction )
104 throws GeneralSecurityException;
105
106 /**
107 * Signals the <code>Registry</code> that the transaction shall be aborted. Changes made by the transaction are
108 * undone.
109 *
110 * @param transaction
111 *
112 * @throws GeneralSecurityException
113 */
114 void abortTransaction( SecurityTransaction transaction )
115 throws GeneralSecurityException;
116
117 /**
118 * Deletes all data from the <code>Registry</code> and sets the default objects (SEC_ADMIN user, role and group) and
119 * standard rights and privileges.
120 *
121 * @param transaction
122 * @throws GeneralSecurityException
123 */
124 void clean( SecurityTransaction transaction )
125 throws GeneralSecurityException;
126
127 /**
128 * Adds a new User-account to the <code>Registry</code>.
129 *
130 * @param transaction
131 * @param name
132 * @param password
133 * @param lastName
134 * @param firstName
135 * @param mailAddress
136 * @return the new user
137 *
138 * @throws GeneralSecurityException
139 * this is a <code>DuplicateException</code> if the group already existed
140 */
141 User registerUser( SecurityTransaction transaction, String name, String password, String lastName,
142 String firstName, String mailAddress )
143 throws GeneralSecurityException;
144
145 /**
146 * Removes an existing <code>User<code> from the <code>Registry</code>.
147 *
148 * @param transaction
149 * @param user
150 *
151 * @throws GeneralSecurityException
152 */
153 void deregisterUser( SecurityTransaction transaction, User user )
154 throws GeneralSecurityException;
155
156 /**
157 * Updates the metadata (name, email, etc.) of a <code>User</code> in the <code>Registry</code>.
158 *
159 * @param transaction
160 * @param user
161 *
162 * @throws GeneralSecurityException
163 * this is a <code>DuplicateException</code> if a user with the new name already existed
164 */
165 void updateUser( SecurityTransaction transaction, User user )
166 throws GeneralSecurityException;
167
168 /**
169 * Retrieves a <code>User</code> from the <code>Registry</code>.
170 *
171 * @param securityAccess
172 * @param name
173 * @return the user
174 *
175 * @throws GeneralSecurityException
176 * this is an <code>UnknownException</code> if the user is not known to the <code>Registry</code>
177 */
178 User getUserByName( SecurityAccess securityAccess, String name )
179 throws GeneralSecurityException;
180
181 /**
182 * Retrieves a <code>User</code> from the <code>Registry</code>.
183 *
184 * @param securityAccess
185 * @param id
186 * @return the user
187 *
188 * @throws GeneralSecurityException
189 * this is an <code>UnknownException</code> if the user is not known to the <code>Registry</code>
190 */
191 User getUserById( SecurityAccess securityAccess, int id )
192 throws GeneralSecurityException;
193
194 /**
195 * Retrieves all <code>User</code> s from the <code>Registry</code>.
196 *
197 * @param securityAccess
198 * @return the users
199 *
200 * @throws GeneralSecurityException
201 */
202 User[] getAllUsers( SecurityAccess securityAccess )
203 throws GeneralSecurityException;
204
205 /**
206 * Retrieves all <code>Users</code> s from the <code>Registry</code> that are associated DIRECTLY (SecurityAccess
207 * securityAccess, i.e. not via group memberships) with a given <code>Role</code>.
208 *
209 * @param securityAccess
210 * @param role
211 * @return the users
212 *
213 * @throws GeneralSecurityException
214 */
215 User[] getUsersWithRole( SecurityAccess securityAccess, Role role )
216 throws GeneralSecurityException;
217
218 /**
219 * Retrieves all <code>User</code> s from the <code>Registry</code> belong to the given <code>Group</code>.
220 *
221 * @param securityAccess
222 * @param group
223 * @return the users
224 *
225 * @throws GeneralSecurityException
226 */
227 User[] getUsersInGroup( SecurityAccess securityAccess, Group group )
228 throws GeneralSecurityException;
229
230 /**
231 * Sets the <code>User</code> s that are members of a given <code>Group</code>.
232 *
233 * @param transaction
234 * @param group
235 * @param users
236 *
237 * @throws GeneralSecurityException
238 */
239 void setUsersInGroup( SecurityTransaction transaction, Group group, User[] users )
240 throws GeneralSecurityException;
241
242 /**
243 * Sets the <code>User</code> s that a given <code>Role</code> is associated to.
244 *
245 * @param transaction
246 * @param role
247 * @param users
248 *
249 * @throws GeneralSecurityException
250 */
251 void setUsersWithRole( SecurityTransaction transaction, Role role, User[] users )
252 throws GeneralSecurityException;
253
254 /**
255 * Adds a new Group-account to the <code>Registry</code>.
256 *
257 * @param transaction
258 * @param name
259 * @param title
260 * @return the group
261 *
262 * @throws GeneralSecurityException
263 * this is a <code>DuplicateException</code> if the group already existed
264 */
265 Group registerGroup( SecurityTransaction transaction, String name, String title )
266 throws GeneralSecurityException;
267
268 /**
269 * Removes an existing <code>Group</code> from the <code>Registry</code> (including its relations).
270 *
271 * @param transaction
272 * @param group
273 *
274 * @throws GeneralSecurityException
275 */
276 void deregisterGroup( SecurityTransaction transaction, Group group )
277 throws GeneralSecurityException;
278
279 /**
280 * Retrieves a <code>Group</code> from the <code>Registry</code>.
281 *
282 * @param securityAccess
283 * @param name
284 * @return the group
285 *
286 * @throws GeneralSecurityException
287 * this is an <code>UnknownException</code> if the group is not known to the <code>Registry</code>
288 */
289 Group getGroupByName( SecurityAccess securityAccess, String name )
290 throws GeneralSecurityException;
291
292 /**
293 * Retrieves a <code>Group</code> from the <code>Registry</code>.
294 *
295 * @param securityAccess
296 * @param id
297 * @return the group
298 *
299 * @throws GeneralSecurityException
300 * this is an <code>UnknownException</code> if the group is not known to the <code>Registry</code>
301 */
302 Group getGroupById( SecurityAccess securityAccess, int id )
303 throws GeneralSecurityException;
304
305 /**
306 * Retrieves all <code>Group</code> s from the <code>Registry</code>.
307 *
308 * @param securityAccess
309 * @return the groups
310 *
311 * @throws GeneralSecurityException
312 */
313 Group[] getAllGroups( SecurityAccess securityAccess )
314 throws GeneralSecurityException;
315
316 /**
317 * Retrieves all <code>Group</code> s from the <code>Registry</code> that the given <code>User</code> belongs to.
318 *
319 * @param securityAccess
320 * @param user
321 * @return the groups
322 *
323 * @throws GeneralSecurityException
324 */
325 Group[] getGroupsForUser( SecurityAccess securityAccess, User user )
326 throws GeneralSecurityException;
327
328 /**
329 * Retrieves all <code>Group</code> s from the <code>Registry</code> that the given <code>Group</code> belongs to.
330 *
331 * @param securityAccess
332 * @param group
333 * @return the groups
334 *
335 * @throws GeneralSecurityException
336 */
337 Group[] getGroupsForGroup( SecurityAccess securityAccess, Group group )
338 throws GeneralSecurityException;
339
340 /**
341 * Retrieves all <code>Group</code> s from the <code>Registry</code> that the given <code>Group</code>s belongs to.
342 *
343 * @param securityAccess
344 * @param groups
345 * @return the groups
346 *
347 * @throws GeneralSecurityException
348 */
349 Group[] getGroupsForGroups( SecurityAccess securityAccess, Group[] groups )
350 throws GeneralSecurityException;
351
352 /**
353 * Retrieves all <code>Group</code> s from the <code>Registry</code> belong to the given <code>Group</code>.
354 *
355 * @param securityAccess
356 * @param group
357 * @return the groups
358 *
359 * @throws GeneralSecurityException
360 */
361 Group[] getGroupsInGroup( SecurityAccess securityAccess, Group group )
362 throws GeneralSecurityException;
363
364 /**
365 * Retrieves all <code>Group</code> s from the <code>Registry</code> that are associated with a given
366 * <code>Role</code>.
367 *
368 * @param securityAccess
369 * @param role
370 * @return the groups
371 *
372 * @throws GeneralSecurityException
373 */
374 Group[] getGroupsWithRole( SecurityAccess securityAccess, Role role )
375 throws GeneralSecurityException;
376
377 /**
378 * Sets the <code>Group</code> s that a given <code>User</code> is a DIRECT member of.
379 *
380 * @param transaction
381 * @param user
382 * @param groups
383 *
384 * @throws GeneralSecurityException
385 */
386 void setGroupsForUser( SecurityTransaction transaction, User user, Group[] groups )
387 throws GeneralSecurityException;
388
389 /**
390 * Sets the <code>Groups</code> s that are members of a given <code>Group</code>.
391 *
392 * @param transaction
393 * @param group
394 * @param groups
395 *
396 * @throws GeneralSecurityException
397 */
398 void setGroupsInGroup( SecurityTransaction transaction, Group group, Group[] groups )
399 throws GeneralSecurityException;
400
401 /**
402 * Sets the <code>Group</code> s that a given <code>Role</code> is associated to.
403 *
404 * @param transaction
405 * @param role
406 * @param groups
407 *
408 * @throws GeneralSecurityException
409 */
410 void setGroupsWithRole( SecurityTransaction transaction, Role role, Group[] groups )
411 throws GeneralSecurityException;
412
413 /**
414 * Sets the <code>Groups</code> s that a given <code>Group</code> is member of DIRECTLY (i.e. not via group
415 * membership).
416 *
417 * @param transaction
418 * @param group
419 * @param groups
420 *
421 * @throws GeneralSecurityException
422 */
423 void setGroupsForGroup( SecurityTransaction transaction, Group group, Group[] groups )
424 throws GeneralSecurityException;
425
426 /**
427 * Adds a new role to the <code>Registry</code>.
428 *
429 * @param transaction
430 * @param name
431 * @return the role
432 *
433 * @throws GeneralSecurityException
434 * this is a <code>DuplicateException</code> if the role already existed
435 */
436 Role registerRole( SecurityTransaction transaction, String name )
437 throws GeneralSecurityException;
438
439 /**
440 * Removes an existing <code>Role</code> from the <code>Registry</code> (including its relations).
441 *
442 * @param transaction
443 * @param role
444 *
445 * @throws GeneralSecurityException
446 */
447 void deregisterRole( SecurityTransaction transaction, Role role )
448 throws GeneralSecurityException;
449
450 /**
451 * Retrieves a <code>Role</code> from the <code>Registry</code>.
452 *
453 * @param securityAccess
454 * @param name
455 * @return the role
456 *
457 * @throws GeneralSecurityException
458 * this is an <code>UnknownException</code> if the role is not known to the <code>Registry</code>
459 */
460 Role getRoleByName( SecurityAccess securityAccess, String name )
461 throws GeneralSecurityException;
462
463 /**
464 * Retrieves all <code>Role</code> s from the <code>Registry</code> that have a certain namespace.
465 *
466 * @param securityAccess
467 * @param ns
468 * @return the roles
469 *
470 * @throws GeneralSecurityException
471 */
472 Role[] getRolesByNS( SecurityAccess securityAccess, String ns )
473 throws GeneralSecurityException;
474
475 /**
476 * Retrieves a <code>Role</code> from the <code>Registry</code>.
477 *
478 * @param securityAccess
479 * @param id
480 * @return the role
481 *
482 * @throws GeneralSecurityException
483 * this is an <code>UnknownException</code> if the role is not known to the <code>Registry</code>
484 */
485 Role getRoleById( SecurityAccess securityAccess, int id )
486 throws GeneralSecurityException;
487
488 /**
489 * Retrieves all <code>Role</code> s from the <code>Registry</code>, except those that are only used internally
490 * (these end with a $ symbol);
491 *
492 * @param securityAccess
493 * @return the roles
494 *
495 * @throws GeneralSecurityException
496 */
497 Role[] getAllRoles( SecurityAccess securityAccess )
498 throws GeneralSecurityException;
499
500 /**
501 * Retrieves all <code>Role</code> s from the <code>Registry</code> that are associated with a given
502 * <code>User</code> DIRECTLY (i.e. not via group memberships).
503 *
504 * @param securityAccess
505 * @param user
506 * @return the roles
507 *
508 * @throws GeneralSecurityException
509 */
510 Role[] getRolesForUser( SecurityAccess securityAccess, User user )
511 throws GeneralSecurityException;
512
513 /**
514 * Retrieves all <code>Role</code> s from the <code>Registry</code> that are associated with a given
515 * <code>Group</code> DIRECTLY (i.e. not via group memberships).
516 *
517 * @param securityAccess
518 * @param group
519 * @return the roles
520 *
521 * @throws GeneralSecurityException
522 */
523 Role[] getRolesForGroup( SecurityAccess securityAccess, Group group )
524 throws GeneralSecurityException;
525
526 /**
527 * Retrieves all <code>Role</code> s from the <code>Registry</code> that are associated with a given
528 * <code>Group</code>s DIRECTLY (i.e. not via group memberships).
529 *
530 * @param securityAccess
531 * @param groups
532 * @return the roles
533 *
534 * @throws GeneralSecurityException
535 */
536 Role[] getRolesForGroups( SecurityAccess securityAccess, Group[] groups )
537 throws GeneralSecurityException;
538
539 /**
540 * Sets the <code>Role</code> s that a given <code>User</code> is directly associated to.
541 *
542 * @param transaction
543 * @param user
544 * @param roles
545 *
546 * @throws GeneralSecurityException
547 */
548 void setRolesForUser( SecurityTransaction transaction, User user, Role[] roles )
549 throws GeneralSecurityException;
550
551 /**
552 * Sets the <code>Role</code> s that a given <code>Group</code> is associated to.
553 *
554 * @param transaction
555 * @param group
556 * @param roles
557 *
558 * @throws GeneralSecurityException
559 */
560 void setRolesForGroup( SecurityTransaction transaction, Group group, Role[] roles )
561 throws GeneralSecurityException;
562
563 /**
564 * Adds a new <code>SecuredObject</code> to the <code>Registry</code>.
565 *
566 * @param transaction
567 * @param type
568 * @param name
569 * @param title
570 * @return the new object
571 *
572 * @throws GeneralSecurityException
573 * this is a <code>DuplicateException</code> if the object already existed
574 */
575 SecuredObject registerSecuredObject( SecurityTransaction transaction, String type, String name, String title )
576 throws GeneralSecurityException;
577
578 /**
579 * Removes an existing <code>SecuredObject</code> from the <code>Registry</code> (including its associated rights).
580 *
581 * @param transaction
582 * @param object
583 *
584 * @throws GeneralSecurityException
585 */
586 void deregisterSecuredObject( SecurityTransaction transaction, SecuredObject object )
587 throws GeneralSecurityException;
588
589 /**
590 * Retrieves a <code>SecuredObject</code> from the <code>Registry</code>.
591 *
592 * @param securityAccess
593 * @param name
594 * @param type
595 * @return the object
596 *
597 * @throws GeneralSecurityException
598 * this is an <code>UnknownException</code> if the <code>SecuredObject</code> is not known to the
599 * <code>Registry</code>
600 */
601 SecuredObject getSecuredObjectByName( SecurityAccess securityAccess, String name, String type )
602 throws GeneralSecurityException;
603
604 /**
605 * Retrieves all <code>SecuredObject</code> s from the <code>Registry</code> that have a certain namespace.
606 *
607 * @param securityAccess
608 * @param ns
609 * @param type
610 * @return the objects
611 *
612 * @throws GeneralSecurityException
613 */
614 SecuredObject[] getSecuredObjectsByNS( SecurityAccess securityAccess, String ns, String type )
615 throws GeneralSecurityException;
616
617 /**
618 * Retrieves a <code>SecuredObject</code> from the <code>Registry</code>.
619 *
620 * @param securityAccess
621 * @param id
622 * @return the object
623 *
624 * @throws GeneralSecurityException
625 * this is an <code>UnknownException</code> if the <code>SecuredObject</code> is not known to the
626 * <code>Registry</code>
627 */
628 SecuredObject getSecuredObjectById( SecurityAccess securityAccess, int id )
629 throws GeneralSecurityException;
630
631 /**
632 * Retrieves all <code>SecuredObject</code> s from the <code>Registry</code>.
633 *
634 * @param securityAccess
635 * @param type
636 * @return the objects
637 *
638 * @throws GeneralSecurityException
639 */
640 SecuredObject[] getAllSecuredObjects( SecurityAccess securityAccess, String type )
641 throws GeneralSecurityException;
642
643 /**
644 * Adds a new <code>Privilege</code> to the <code>Registry</code>.
645 *
646 * @param transaction
647 * @param name
648 * @return the privilege
649 *
650 * @throws GeneralSecurityException
651 * this is a <code>DuplicateException</code> if the <code>Privilege</code> already existed
652 */
653 Privilege registerPrivilege( SecurityTransaction transaction, String name )
654 throws GeneralSecurityException;
655
656 /**
657 * Removes an existing</code> Privilege</code> from the <code>Registry </code> (including its relations).
658 *
659 * @param transaction
660 * @param privilege
661 *
662 * @throws GeneralSecurityException
663 */
664 void deregisterPrivilege( SecurityTransaction transaction, Privilege privilege )
665 throws GeneralSecurityException;
666
667 /**
668 * Retrieves a <code>Privilege</code> from the <code>Registry</code>.
669 *
670 * @param securityAccess
671 * @param name
672 * @return the privilege
673 *
674 * @throws GeneralSecurityException
675 * this is an <code>UnknownException</code> if the privilege is not known to the <code>Registry</code>
676 */
677 Privilege getPrivilegeByName( SecurityAccess securityAccess, String name )
678 throws GeneralSecurityException;
679
680 /**
681 * Retrieves all <code>Privileges</code> s from the <code>Registry</code> that are associated with a given
682 * <code>Role</code>.
683 *
684 * @param securityAccess
685 * @param role
686 * @return the privileges
687 *
688 * @throws GeneralSecurityException
689 */
690 Privilege[] getPrivilegesForRole( SecurityAccess securityAccess, Role role )
691 throws GeneralSecurityException;
692
693 /**
694 * Sets all <code>Privilege</code> s that are associated with a given <code>Role</code>.
695 *
696 * @param transaction
697 * @param role
698 * @param privileges
699 *
700 * @throws GeneralSecurityException
701 */
702 void setPrivilegesForRole( SecurityTransaction transaction, Role role, Privilege[] privileges )
703 throws GeneralSecurityException;
704
705 /**
706 * Adds a new <code>RightType</code> to the <code>Registry</code>.
707 *
708 * @param transaction
709 * @param name
710 * @return the right type
711 *
712 * @throws GeneralSecurityException
713 * this is a <code>DuplicateException</code> if the <code>RightType</code> already existed
714 */
715 RightType registerRightType( SecurityTransaction transaction, String name )
716 throws GeneralSecurityException;
717
718 /**
719 * Removes an existing <code>RightType</code> from the <code>Registry</code> (including its relations).
720 *
721 * @param transaction
722 * @param type
723 *
724 * @throws GeneralSecurityException
725 */
726 void deregisterRightType( SecurityTransaction transaction, RightType type )
727 throws GeneralSecurityException;
728
729 /**
730 * Retrieves a <code>RightType</code> from the <code>Registry</code>.
731 *
732 * @param securityAccess
733 * @param name
734 * @return the right type
735 *
736 * @throws GeneralSecurityException
737 * this is an <code>UnknownException</code> if the <code>RightType</code> is not known to the
738 * <code>Registry</code>
739 */
740 RightType getRightTypeByName( SecurityAccess securityAccess, String name )
741 throws GeneralSecurityException;
742
743 /**
744 * Retrieves the <code>Rights</code> from the <code>Registry</code> that are associated with a given
745 * <code>Role</code> and a <code>SecurableObject</code>.
746 *
747 * @param securityAccess
748 * @param object
749 * @param role
750 * @return the rights
751 *
752 * @throws GeneralSecurityException
753 */
754 Right[] getRights( SecurityAccess securityAccess, SecurableObject object, Role role )
755 throws GeneralSecurityException;
756
757 /**
758 * Retrieves the <code>Rights</code> from the <code>Registry</code> that are associated with a given
759 * <code>Role</code> and a <code>SecurableObject</code>.
760 *
761 * @param securityAccess
762 * @param object
763 * @param roles
764 * @param type
765 * @return the rights
766 *
767 * @throws GeneralSecurityException
768 */
769 Right[] getRights( SecurityAccess securityAccess, SecurableObject object, Role[] roles, RightType type )
770 throws GeneralSecurityException;
771
772 /**
773 * Sets the <code>Rights</code> to be associated with a given <code>Role</code> and <code>SecurableObject</code>.
774 *
775 * @param transaction
776 * @param object
777 * @param role
778 * @param rights
779 *
780 * @throws GeneralSecurityException
781 */
782 void setRights( SecurityTransaction transaction, SecurableObject object, Role role, Right[] rights )
783 throws GeneralSecurityException;
784
785 /**
786 * Sets the services an user has access to.
787 *
788 * @param transaction
789 * @param services
790 * the ids of the accessible services
791 * @param role
792 * @throws GeneralSecurityException
793 */
794 void setServicesRights( SecurityTransaction transaction, Collection<Integer> services, Role role )
795 throws GeneralSecurityException;
796
797 /**
798 * Sets one <code>Right</code> to be associated with a given <code>Role</code> and all given
799 * <code>SecurableObjects</code>.
800 *
801 * @param transaction
802 * @param objects
803 * @param role
804 * @param right
805 *
806 * @throws GeneralSecurityException
807 */
808 void setRights( SecurityTransaction transaction, SecurableObject[] objects, Role role, Right right )
809 throws GeneralSecurityException;
810
811 /**
812 * @param access
813 * @param address
814 * @return the service
815 * @throws GeneralSecurityException
816 */
817 Service getServiceByAddress( SecurityAccess access, String address )
818 throws GeneralSecurityException;
819
820 /**
821 * @param transaction
822 * @param address
823 * @param title
824 * @param objects
825 * @param type
826 * @return the new service
827 * @throws GeneralSecurityException
828 */
829 Service registerService( SecurityTransaction transaction, String address, String title, List<StringPair> objects,
830 String type )
831 throws GeneralSecurityException;
832
833 /**
834 * @param transaction
835 * @param service
836 * @throws GeneralSecurityException
837 */
838 void deregisterService( SecurityTransaction transaction, Service service )
839 throws GeneralSecurityException;
840
841 /**
842 * @param access
843 * @return all services
844 * @throws GeneralSecurityException
845 */
846 LinkedList<Service> getAllServices( SecurityAccess access )
847 throws GeneralSecurityException;
848
849 /**
850 * @param securityTransaction
851 * @param oldService
852 * @param newService
853 * @throws GeneralSecurityException
854 */
855 void updateService( SecurityTransaction securityTransaction, Service oldService, Service newService )
856 throws GeneralSecurityException;
857
858 /**
859 * @param securityTransaction
860 * @param service
861 * @param oldName
862 * @param newName
863 * @throws GeneralSecurityException
864 */
865 void renameObject( SecurityTransaction securityTransaction, Service service, String oldName, String newName )
866 throws GeneralSecurityException;
867
868 /**
869 * @param securityTransaction
870 * @param service
871 * @param newTitle
872 * @param newAddress
873 * @throws GeneralSecurityException
874 */
875 void editService( SecurityTransaction securityTransaction, Service service, String newTitle, String newAddress )
876 throws GeneralSecurityException;
877
878 /**
879 * @param access
880 * @param role
881 * @return the appropriate services
882 * @throws GeneralSecurityException
883 */
884 LinkedList<Service> getRolesServices( SecurityAccess access, Role role )
885 throws GeneralSecurityException;
886
887 /**
888 * @param transaction
889 * @param role
890 * @param right
891 */
892 void setServiceRight( SecurityTransaction transaction, Service service, Role role, RightType right )
893 throws GeneralSecurityException;
894
895 Service getServiceById( SecurityAccess access, int id )
896 throws GeneralSecurityException;
897
898 boolean hasServiceRight( SecurityAccess access, Service service, Role role, RightType right )
899 throws GeneralSecurityException;
900
901 String getConstraints( SecurityAccess access, Role role, Service service )
902 throws GeneralSecurityException;
903
904 void setConstraints( SecurityTransaction transaction, Service service, Role role, String constraints )
905 throws GeneralSecurityException;
906
907 }