001 /*
002 Licensed to the Apache Software Foundation (ASF) under one
003 or more contributor license agreements. See the NOTICE file
004 distributed with this work for additional information
005 regarding copyright ownership. The ASF licenses this file
006 to you under the Apache License, Version 2.0 (the
007 "License"); you may not use this file except in compliance
008 with the License. You may obtain a copy of the License at
009
010 http://www.apache.org/licenses/LICENSE-2.0
011
012 Unless required by applicable law or agreed to in writing,
013 software distributed under the License is distributed on an
014 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 KIND, either express or implied. See the License for the
016 specific language governing permissions and limitations
017 under the License.
018 */
019 package org.apache.wiki.auth.acl;
020
021 import java.security.Permission;
022 import java.security.Principal;
023 import java.util.Enumeration;
024
025 /**
026 * <p>
027 * Represents one entry in an Access Control List (ACL).
028 * </p>
029 * <p>
030 * An ACL can be thought of as a data structure with multiple ACL entry objects.
031 * Each ACL entry object contains a set of positive page permissions associated
032 * with a particular principal. (A principal represents an entity such as an
033 * individual user, group, or role). Each principal can have at most one ACL
034 * entry; that is, multiple ACL entries are not allowed for any principal.
035 * </p>
036 * <p>
037 * This interface is functionally equivalent to the java.security.acl.AclEntry
038 * interface, minus negative permissions.
039 * </p>
040 * @see Acl
041 * @since 2.3
042 */
043 public interface AclEntry
044 {
045
046 /**
047 * Adds the specified permission to this ACL entry. The permission
048 * <em>must</em> be of type
049 * {@link org.apache.wiki.auth.permissions.PagePermission}. Note: An entry
050 * can have multiple permissions.
051 * @param permission the permission to be associated with the principal in
052 * this entry
053 * @return <code>true</code> if the permission was added,
054 * <code>false</code> if the permission was
055 * already part of this entry's permission set, and <code>false</code> if
056 * the permission is not of type PagePermission
057 */
058 boolean addPermission(Permission permission);
059
060 /**
061 * Checks if the specified permission is part of the permission set in this
062 * entry.
063 * @param permission the permission to be checked for.
064 * @return true if the permission is part of the permission set in this entry,
065 * false otherwise.
066 */
067 boolean checkPermission(Permission permission);
068
069 /**
070 * Returns the principal for which permissions are granted by this
071 * ACL entry. Returns null if there is no principal set for this entry yet.
072 * @return the principal associated with this entry.
073 */
074 Principal getPrincipal();
075
076 /**
077 * Returns an enumeration of the permissions in this ACL entry.
078 * @return an enumeration of the permissions
079 */
080 Enumeration< Permission > permissions();
081
082 /**
083 * Removes the specified permission from this ACL entry.
084 * @param permission the permission to be removed from this entry.
085 * @return true if the permission is removed, false if the permission was not
086 * part of this entry's permission set.
087 */
088 boolean removePermission(Permission permission);
089
090 /**
091 * Specifies the principal for which permissions are granted or denied by
092 * this ACL entry. If a principal was already set for this ACL entry, false
093 * is returned, otherwise true is returned.
094 * @param user the principal to be set for this entry
095 * @return true if the principal is set, false if there was already a
096 * principal set for this entry
097 */
098 boolean setPrincipal(Principal user);
099
100 /**
101 * Returns a string representation of the contents of this ACL entry.
102 * @return a string representation of the contents.
103 */
104 String toString();
105 }