Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Home >> All >> com >> RuntimeCollective >> permission >> [ bean Javadoc ]

Source code: com/RuntimeCollective/permission/bean/Permissible.java


1   /* $Header: /home/CVS/rjp/src/com/RuntimeCollective/permission/bean/Permissible.java,v 1.6 2003/09/30 15:12:49 joe Exp $
2    * $Revision: 1.6 $
3    * $Date: 2003/09/30 15:12:49 $
4    *
5    * ====================================================================
6    *
7    * Josephine : http://www.runtime-collective.com/josephine/index.html
8    *
9    * Copyright (C) 2003 Runtime Collective
10   * 
11   * This product includes software developed by the
12   * Apache Software Foundation (http://www.apache.org/).
13   *
14   * This library is free software; you can redistribute it and/or
15   * modify it under the terms of the GNU Lesser General Public
16   * License as published by the Free Software Foundation; either
17   * version 2.1 of the License, or (at your option) any later version.
18   *
19   * This library is distributed in the hope that it will be useful,
20   * but WITHOUT ANY WARRANTY; without even the implied warranty of
21   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22   * Lesser General Public License for more details.
23   *
24   * You should have received a copy of the GNU Lesser General Public
25   * License along with this library; if not, write to the Free Software
26   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
27   *
28   */
29  
30  package com.RuntimeCollective.permission.bean;
31  
32  import com.RuntimeCollective.webapps.bean.EntityBean;
33  import com.RuntimeCollective.webapps.bean.PermissionBean;
34  import com.RuntimeCollective.webapps.bean.User;
35  import com.RuntimeCollective.webapps.ReturnPathContainer;
36  import com.RuntimeCollective.webapps.bean.Session;
37  
38  import java.util.Iterator;
39  import javax.servlet.http.HttpSession;
40  
41  /**
42   * Interface to implement if you want the access to your object to be constrained
43   * by PermissionRules.
44   * <p>
45   * If you want to be spared the hassle of writing JSPs to assign PermissionRules to your Permissible objects,
46   * do have a look at the pages written for the Sussex Enterprise project. You can find them by
47   * checking out the relevent project: "cvs co rsework", then look in rsework/web/admin.
48   * <p>
49   * The page is called publishPage-step3.jsp, and is part of the publishing process (Publishable is a subclass of Permissible).
50   * The rsework/struts-config.xml file is also worth checking, for the action mappings etc.
51   * <p>
52   * And while you're at it, why not vanilla the page and copy it to permissible/web/admin ...
53   * <p>
54   * You can also check the Sussex Enterprise staging server (ask Fabrice, JoeH or Sophie).
55   *
56   * @version $Id: Permissible.java,v 1.6 2003/09/30 15:12:49 joe Exp $
57   */
58  public interface Permissible extends PermissionBean, EntityBean {
59  
60      // ---Inherited from EntityBean---------------------------
61  
62      /** The name of the database table for this bean type. */
63      public static final String DATABASE_TABLE = "permission_permissible";
64  
65      /** The action for object viewing. */
66      public static final String VIEW_ACTION = "view";
67  
68      /** The action for object editing. */
69      public static final String EDIT_ACTION = "edit";
70  
71      /** Get the unique id of this bean instance. */
72      public int getId();
73  
74      /** Set the unique id of this bean instance. */
75      public void setId(int id);
76  
77      /** Save this bean to the database. */
78      public void save();
79  
80      /** Delete this bean from the database. */
81      public void delete();
82  
83  
84      // ---Inherited from PermissionBean---------------------------
85  
86      /** Can a user "edit" this Bean. */
87      public boolean canEdit(User user);
88  
89      /** Can a user "view" this Bean. */
90      public boolean canView(User user);
91  
92  
93      //---Permissible specific methods---------------------
94  
95      /**
96       * Set the PermissionRule for a given action on this Bean.
97       * @param action, the action to constrain
98       * @param permissionRule, the rule to use for this action
99       */
100     public void setActionPermissionRule(String action, PermissionRule permissionRule);
101 
102     /**
103      * Get the PermissionRule for a given action on this Bean.
104      * @param action, the action
105      * @return the permissionRule currently in use for the action
106      */
107     public PermissionRule getActionPermissionRule(String action);
108 
109     /**
110      * Can a given User perform a given action on that Bean?
111      * @param action, the action to be performed
112      * @param user, the user who is trying to perform the action
113      * @return a boolean, yes the user can perform the action, or no
114      */
115     public boolean canPerformAction(String action, User user);
116 
117     /**
118      * Get the path of the page where the Session should be sent in order
119      * to (maybe) get authorised for an action.
120      * Also sets required attributes in the Session.
121      * <p>
122      * On submission of that page, the Session should be checked again,
123      * as there may be more than one page to go to.
124      *
125      * @deprecated This method was modified not to refer to Client Tier classes (HttpSession). Use instead:
126      * <code>getAuthorisationPathForAction(action, (User) session.getAttribute(RuntimeParameters.get("logonUserKey")), (Session) session.getAttribute(Session.SESSION_KEY), new HttpSessionReturnPathContainer(session), returnPath)</code>
127      * @param session, the session who would like to be authorised
128      * @param returnPath, where the session should be sent back after going to that page
129      * @return a String, the local path to go to, or null if the session is accepted
130      */
131     public String getAuthorisationPathForAction(String action, HttpSession session, String returnPath);
132 
133     /**
134      * Get the path of the page where a User should be sent in order
135      * to (maybe) get authorised for an action.
136      * <p>
137      * On submission of that resulting page, the user should be checked again,
138      * as there may be more than one page to go to before he/she is authorised.
139      * @param action, the action
140      * @param user, the user, possibly null if the user hasn't been identified
141      * @param session, the general purpose webapps session that the user is using ATM, possibly null
142      * @param rpContainer, something on which to put the return path, if necessaru
143      * @param returnPath, where the user should be sent back after going to that page
144      * @return a String, the local path to go to, or null if the session is accepted
145      */
146     public String getAuthorisationPathForAction(String action, User user, Session session, ReturnPathContainer rpContainer, String returnPath);
147 
148     /**
149      * Get an Iterator of the actions constrained until now.
150      * @return an Iterator of Strings
151      */
152     public Iterator getActions();
153 }
154 
155 
156 
157