| Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1 |
|
 |
|
|||||||||||||||||||
| Source file | Conditionals | Statements | Methods | TOTAL | |||||||||||||||
| EffectiveAclsResolver.java | - | - | - | - |
|
||||||||||||||
| 1 | /* Copyright 2004 Acegi Technology Pty Limited | |
| 2 | * | |
| 3 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
| 4 | * you may not use this file except in compliance with the License. | |
| 5 | * You may obtain a copy of the License at | |
| 6 | * | |
| 7 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 8 | * | |
| 9 | * Unless required by applicable law or agreed to in writing, software | |
| 10 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 12 | * See the License for the specific language governing permissions and | |
| 13 | * limitations under the License. | |
| 14 | */ | |
| 15 | ||
| 16 | package org.acegisecurity.acl.basic; | |
| 17 | ||
| 18 | import org.acegisecurity.Authentication; | |
| 19 | import org.acegisecurity.acl.AclEntry; | |
| 20 | ||
| 21 | ||
| 22 | /** | |
| 23 | * Determines the ACLs that are effective for a given | |
| 24 | * <code>Authentication</code> object. | |
| 25 | * | |
| 26 | * <P> | |
| 27 | * Implementations will vary depending on their ability to interpret the | |
| 28 | * "recipient" object types contained in {@link BasicAclEntry} instances, and | |
| 29 | * how those recipient object types correspond to | |
| 30 | * <code>Authentication</code>-presented principals and granted authorities. | |
| 31 | * </p> | |
| 32 | * | |
| 33 | * <P> | |
| 34 | * Implementations should not filter the resulting ACL list from lower-order | |
| 35 | * permissions. So if a resulting ACL list grants a "read" permission, an | |
| 36 | * "unlimited" permission and a "zero" permission (due to the effective ACLs | |
| 37 | * for different granted authorities held by the <code>Authentication</code> | |
| 38 | * object), all three permissions would be returned as distinct | |
| 39 | * <code>BasicAclEntry</code> instances. It is the responsibility of the | |
| 40 | * relying classes (voters and business methods) to ignore or handle | |
| 41 | * lower-order permissions in a business logic dependent manner. | |
| 42 | * </p> | |
| 43 | * | |
| 44 | * @author Ben Alex | |
| 45 | * @version $Id: EffectiveAclsResolver.java,v 1.2 2005/11/17 00:55:47 benalex Exp $ | |
| 46 | */ | |
| 47 | public interface EffectiveAclsResolver { | |
| 48 | //~ Methods ================================================================ | |
| 49 | ||
| 50 | /** | |
| 51 | * Determines the ACLs that apply to the presented | |
| 52 | * <code>Authentication</code> object. | |
| 53 | * | |
| 54 | * @param allAcls every ACL assigned to a domain object instance | |
| 55 | * @param filteredBy the principal (populated with | |
| 56 | * <code>GrantedAuthority</code>s along with any other members that | |
| 57 | * relate to role or group membership) that effective ACLs should | |
| 58 | * be returned for | |
| 59 | * | |
| 60 | * @return the ACLs that apply to the presented principal, or | |
| 61 | * <code>null</code> if there are none after filtering | |
| 62 | */ | |
| 63 | public AclEntry[] resolveEffectiveAcls(AclEntry[] allAcls, | |
| 64 | Authentication filteredBy); | |
| 65 | } |
|
||||||||||
