org.sakaiproject.service.legacy.security
Interface SecurityService

All Known Implementing Classes:
NoSecurity, SakaiSecurity

public interface SecurityService

SecurityService is the interface for Sakai security services.

Author:
Sakai Software Development Team

Field Summary
static String SERVICE_NAME
          This string can be used to find the service in the service manager.
 
Method Summary
 void addKey(String userOrGroup, String lockOrRole, String resourceOrGroup, boolean allow)
          Add a new key.
 void clearAdvisors()
          Remove any SecurityAdvisors from this thread.
 boolean hasAdvisors()
          Check if there are any security advisors stacked for this thread.
 boolean isSuperUser()
          Is this a super special super (admin) user?
 SecurityAdvisor popAdvisor()
          Remove one SecurityAdvisor from the stack for this thread, if any exist.
 void pushAdvisor(SecurityAdvisor advisor)
          Establish a new SecurityAdvisor for this thread, at the top of the stack (it gets first dibs on the answer).
 void removeKey(String userOrGroup, String lockOrRole, String resourceOrGroup, boolean allow)
          Remove any keys that exactly match this key specification.
 boolean unlock(String lock, String reference)
          Can the current session user unlock the lock for use with this resource?
 boolean unlock(User user, String lock, String reference)
          Can the specificed user unlock the lock for use with this resource?
 List unlockUsers(String lock, String reference)
          Access the List of Users who can unlock the lock for use with this resource.
 

Field Detail

SERVICE_NAME

public static final String SERVICE_NAME
This string can be used to find the service in the service manager.

Method Detail

unlock

public boolean unlock(String lock,
                      String reference)
Can the current session user unlock the lock for use with this resource?

Parameters:
lock - The lock id string.
reference - The resource reference string.
Returns:
true, if the user can unlock the lock, false otherwise.

unlock

public boolean unlock(User user,
                      String lock,
                      String reference)
Can the specificed user unlock the lock for use with this resource?

Parameters:
user - The user.
lock - The lock id string.
reference - The resource reference string.
Returns:
true, if the user can unlock the lock, false otherwise.

unlockUsers

public List unlockUsers(String lock,
                        String reference)
Access the List of Users who can unlock the lock for use with this resource.

Parameters:
lock - The lock id string.
reference - The resource reference string.
Returns:
A List (User) of the users can unlock the lock (may be empty).

isSuperUser

public boolean isSuperUser()
Is this a super special super (admin) user?

Returns:
true, if the user is a cut above the rest, false if a mere mortal.

addKey

public void addKey(String userOrGroup,
                   String lockOrRole,
                   String resourceOrGroup,
                   boolean allow)
Add a new key.

Parameters:
userOrGroup - The id of the user or user group which is given the key.
lockOrRole - The id of the lock or role (lock group) which the key opens.
resourceOrGroup - the id of the resource or resource group which restricts the key (the key will work only for these resources. null if no resource is involved).
allow - true if the key allows access, false if it denys access.

removeKey

public void removeKey(String userOrGroup,
                      String lockOrRole,
                      String resourceOrGroup,
                      boolean allow)
Remove any keys that exactly match this key specification.

Parameters:
userOrGroup - The id of the user or user group which is given the key.
lockOrRole - The id of the lock or role (lock group) which the key opens.
resourceOrGroup - the id of the resource or resource group which restricts the key (the key will work only for these resources. null if no resource is involved).
allow - true if the key allows access, false if it denys access.

pushAdvisor

public void pushAdvisor(SecurityAdvisor advisor)
Establish a new SecurityAdvisor for this thread, at the top of the stack (it gets first dibs on the answer).

Parameters:
advisor - The advisor to establish

popAdvisor

public SecurityAdvisor popAdvisor()
Remove one SecurityAdvisor from the stack for this thread, if any exist.

Returns:
advisor The advisor popped of, or null if the stack is empty.

hasAdvisors

public boolean hasAdvisors()
Check if there are any security advisors stacked for this thread.

Returns:
true if some advisors are defined, false if not.

clearAdvisors

public void clearAdvisors()
Remove any SecurityAdvisors from this thread.