001    /*
002      Copyright (C) 2002 Laurent Martelli <laurent@aopsys.com>
003                         Renaud Pawlak <renaud@aopsys.com>
004    
005      This program is free software; you can redistribute it and/or modify
006      it under the terms of the GNU Lesser General Public License as
007      published by the Free Software Foundation; either version 2 of the
008      License, or (at your option) any later version.
009    
010      This program is distributed in the hope that it will be useful, but
011      WITHOUT ANY WARRANTY; without even the implied warranty of
012      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
013      Lesser General Public License for more details.
014    
015      You should have received a copy of the GNU Lesser General Public
016      License along with this program; if not, write to the Free Software
017      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
018      USA */
019    
020    package org.objectweb.jac.aspects.user;
021    
022    import org.objectweb.jac.core.rtti.CollectionItem;
023    import org.objectweb.jac.core.rtti.ClassItem;
024    import org.objectweb.jac.core.rtti.MethodItem;
025    
026    public interface UserConf {
027    
028       /**
029        * Sets the class of the application that must be used as a storage
030        * for the users.
031        *
032        * <p>The users are eventually used to know what user is currently
033        * logged into the system so you should define fields that can be
034        * used to identify the user.
035        *
036        * @param userClass the class that represents the application's
037        * users
038        * @param loginField the field that stores the login (iow the
039        * user's id)
040        * @param passwordField the field that stores the password (not
041        * mandatory it no password authentication is performed)
042        * @param profileField the field that contains the profile (if
043        * any, can be null)
044        * @see org.objectweb.jac.aspects.authentication.UserPasswordAuthenticator */
045     
046       void setUserClass(ClassItem userClass, 
047                         String loginField,
048                         String passwordField,
049                         String profileField);
050    
051       /**
052        * This method should affect all the classes that define a
053        * reference towards a user of the application and that should be
054        * seamlessly initialized to the currently logged user (instead of
055        * been filled in interactively).
056        *
057        * @param classExpr a class pointcut expression that denote all the
058        * classes that should be affected by this behavior */
059    
060       void autoInitClasses(String classExpr);
061    
062       /**
063        * Declares a new profile (that has no parent).
064        * 
065        * <p>A profile is a kind of user type that has some well-defined
066        * persmissions to access or to modify elements of the configured
067        * application (e.g. the default <code>user.acc</code> defines an
068        * <code>administrator</code> profile that grants access and
069        * modification of all the elements).
070        * 
071        * @param profile the profile's name
072        * @see #declareProfile(String,String) */
073    
074       void declareProfile(String profile);
075    
076       /**
077        * Use this config method to clear a profile so that it can be
078        * reinitialized from the config file.
079        * @param name name of the profile to clear
080        */
081       void clearProfile(String name);
082    
083       /**
084        * Declares a new profile that inherits from the caracteristics of
085        * its parent.
086        *
087        * <p>All the parent access permissions can be restrained (and only
088        * restrained) by the child profile (a permission that is not
089        * granted by the parent cannot be granted by the child).
090        * 
091        * @param profile the profile's name
092        * @param parent the parent profile's name
093        * @see #declareProfile(String) */
094    
095       void declareProfile(String profile,String parent);
096    
097       /**
098        * Adds a readable resources set to a profile.
099        *
100        * @param profile the profile's name
101        * @param resourceExpr a regular expression that denotes a set of
102        * resources (based on <code>package.class.member</code>) */
103       
104       void addReadable(String profile,String resourceExpr);
105    
106       /**
107        * Adds a writable resources set to a profile.
108        *
109        * @param profile the profile's name
110        * @param resourceExpr a regular expression that denotes a set of
111        * resources (based on <code>package.class.member</code>) */
112    
113       void addWritable(String profile,String resourceExpr);
114    
115       /**
116        * Adds an removable resources set to a profile (collection
117        * dedicated).
118        *
119        * @param profile the profile's name
120        * @param resourceExpr a regular expression that denotes a set of
121        * resources (based on <code>package.class.member</code>) 
122        */
123       void addRemovable(String profile,String resourceExpr);
124    
125       /**
126        * Adds an addable resources set to a profile (collection
127        * dedicated).
128        *
129        * @param profile the profile's name
130        * @param resourceExpr a regular expression that denotes a set of
131        * resources (based on <code>package.class.member</code>) 
132        */
133       void addAddable(String profile,String resourceExpr);
134    
135    
136       /**
137        * Adds a creatable resources set to a profile (collection
138        * dedicated).
139        *
140        * @param profile the profile's name
141        * @param resourceExpr a regular expression that denotes a set of
142        * resources (based on <code>package.class</code>) 
143        */
144       void addCreatable(String profile,String resourceExpr);
145    
146       /**
147        * Create an administrator user. 
148        *
149        * <p>A user class must have been defined with
150        * <code>setUserClass()</code>. The administrator user will be
151        * created only if no user with the given login already exist. If
152        * created, the administrator user will be given the
153        * "administrator" profile.</p>
154        *
155        * @param login the login name of the administrator
156        * @param password the password of the administrator
157        * 
158        * @see #setUserClass(ClassItem,String,String,String) */
159       void defineAdministrator(String login,String password);
160    
161       /**
162        * Defines a contextual habilitation test (this is a generic method to
163        * be used when the habilitation does not fit any simple scheme).
164        *
165        * @param condition the contextual condition (a static method
166        * that takes the substance, the currently tested item, the
167        * action's type and that returns true if the habilitation is
168        * granted) 
169        * @see #defineHabilitation(ClassItem,MethodItem)
170        */
171       void defineHabilitation(MethodItem condition);
172    
173       /**
174        * Defines a contextual habilitation test for instances of given
175        * class (This is a generic method to be used when the habilitation
176        * does not fit any simple scheme).
177        *
178        * @param cli the class the test applies to
179        * @param condition the contextual condition (a static method that
180        * takes the substance, the currently tested item, the action's
181        * type (one of GuiAC.VISIBLE, GuiAC.EDITABLE, GuiAC.ADDABLE
182        * or GuiAC.REMOVABLE) and that returns true if the habilitation is
183        * granted)
184        * @see #defineHabilitation(MethodItem) 
185        */
186       void defineHabilitation(ClassItem cli, MethodItem condition);
187    
188       /**
189        * For the specified collection, users will only see the objects
190        * that they own.
191        *
192        * @param profile apply the filter only if the user has this profile
193        * @param cl the class holding the collection
194        * @param collectionName name of the collection attribute
195        */
196       void addOwnerFilter(String profile,ClassItem cl,
197                           String collectionName);
198    
199       /**
200        * For the specified collection, apply a filter on its getter, so
201        * that some items can be hidden depending on the user.
202        *
203        * @param collection the collection to filter 
204        * @param filter a static method which takes a Collection (the one
205        * to filter), an Object (the holder of the collection), a
206        * CollectionItem, and a User and returns the filtered collection.
207        */
208       void addFilter(CollectionItem collection, MethodItem filter);
209    
210       /**
211        * Set a contextual profile to a reference or a collection that
212        * contains user(s).
213        *
214        * <p>If one user is added to the given field at runtime, the user
215        * will then have the given profile for the current object.</p>
216        *
217        * @param cl the class that owns the field
218        * @param field the profiled field 
219        * @param profile the profile to be set contextually */
220    
221       void setContextualProfile(ClassItem cl, String field, 
222                                 String profile);
223    
224    
225    }