001 /* 002 Copyright (C) 2002 Laurent Martelli <laurent@aopsys.com> 003 Renaud Pawlak <renaud@aopsys.com> 004 005 This program is free software; you can redistribute it and/or modify 006 it under the terms of the GNU Lesser General Public License as 007 published by the Free Software Foundation; either version 2 of the 008 License, or (at your option) any later version. 009 010 This program is distributed in the hope that it will be useful, but 011 WITHOUT ANY WARRANTY; without even the implied warranty of 012 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 013 Lesser General Public License for more details. 014 015 You should have received a copy of the GNU Lesser General Public 016 License along with this program; if not, write to the Free Software 017 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 018 USA */ 019 020 package org.objectweb.jac.aspects.user; 021 022 import org.objectweb.jac.core.rtti.CollectionItem; 023 import org.objectweb.jac.core.rtti.ClassItem; 024 import org.objectweb.jac.core.rtti.MethodItem; 025 026 public interface UserConf { 027 028 /** 029 * Sets the class of the application that must be used as a storage 030 * for the users. 031 * 032 * <p>The users are eventually used to know what user is currently 033 * logged into the system so you should define fields that can be 034 * used to identify the user. 035 * 036 * @param userClass the class that represents the application's 037 * users 038 * @param loginField the field that stores the login (iow the 039 * user's id) 040 * @param passwordField the field that stores the password (not 041 * mandatory it no password authentication is performed) 042 * @param profileField the field that contains the profile (if 043 * any, can be null) 044 * @see org.objectweb.jac.aspects.authentication.UserPasswordAuthenticator */ 045 046 void setUserClass(ClassItem userClass, 047 String loginField, 048 String passwordField, 049 String profileField); 050 051 /** 052 * This method should affect all the classes that define a 053 * reference towards a user of the application and that should be 054 * seamlessly initialized to the currently logged user (instead of 055 * been filled in interactively). 056 * 057 * @param classExpr a class pointcut expression that denote all the 058 * classes that should be affected by this behavior */ 059 060 void autoInitClasses(String classExpr); 061 062 /** 063 * Declares a new profile (that has no parent). 064 * 065 * <p>A profile is a kind of user type that has some well-defined 066 * persmissions to access or to modify elements of the configured 067 * application (e.g. the default <code>user.acc</code> defines an 068 * <code>administrator</code> profile that grants access and 069 * modification of all the elements). 070 * 071 * @param profile the profile's name 072 * @see #declareProfile(String,String) */ 073 074 void declareProfile(String profile); 075 076 /** 077 * Use this config method to clear a profile so that it can be 078 * reinitialized from the config file. 079 * @param name name of the profile to clear 080 */ 081 void clearProfile(String name); 082 083 /** 084 * Declares a new profile that inherits from the caracteristics of 085 * its parent. 086 * 087 * <p>All the parent access permissions can be restrained (and only 088 * restrained) by the child profile (a permission that is not 089 * granted by the parent cannot be granted by the child). 090 * 091 * @param profile the profile's name 092 * @param parent the parent profile's name 093 * @see #declareProfile(String) */ 094 095 void declareProfile(String profile,String parent); 096 097 /** 098 * Adds a readable resources set to a profile. 099 * 100 * @param profile the profile's name 101 * @param resourceExpr a regular expression that denotes a set of 102 * resources (based on <code>package.class.member</code>) */ 103 104 void addReadable(String profile,String resourceExpr); 105 106 /** 107 * Adds a writable resources set to a profile. 108 * 109 * @param profile the profile's name 110 * @param resourceExpr a regular expression that denotes a set of 111 * resources (based on <code>package.class.member</code>) */ 112 113 void addWritable(String profile,String resourceExpr); 114 115 /** 116 * Adds an removable resources set to a profile (collection 117 * dedicated). 118 * 119 * @param profile the profile's name 120 * @param resourceExpr a regular expression that denotes a set of 121 * resources (based on <code>package.class.member</code>) 122 */ 123 void addRemovable(String profile,String resourceExpr); 124 125 /** 126 * Adds an addable resources set to a profile (collection 127 * dedicated). 128 * 129 * @param profile the profile's name 130 * @param resourceExpr a regular expression that denotes a set of 131 * resources (based on <code>package.class.member</code>) 132 */ 133 void addAddable(String profile,String resourceExpr); 134 135 136 /** 137 * Adds a creatable resources set to a profile (collection 138 * dedicated). 139 * 140 * @param profile the profile's name 141 * @param resourceExpr a regular expression that denotes a set of 142 * resources (based on <code>package.class</code>) 143 */ 144 void addCreatable(String profile,String resourceExpr); 145 146 /** 147 * Create an administrator user. 148 * 149 * <p>A user class must have been defined with 150 * <code>setUserClass()</code>. The administrator user will be 151 * created only if no user with the given login already exist. If 152 * created, the administrator user will be given the 153 * "administrator" profile.</p> 154 * 155 * @param login the login name of the administrator 156 * @param password the password of the administrator 157 * 158 * @see #setUserClass(ClassItem,String,String,String) */ 159 void defineAdministrator(String login,String password); 160 161 /** 162 * Defines a contextual habilitation test (this is a generic method to 163 * be used when the habilitation does not fit any simple scheme). 164 * 165 * @param condition the contextual condition (a static method 166 * that takes the substance, the currently tested item, the 167 * action's type and that returns true if the habilitation is 168 * granted) 169 * @see #defineHabilitation(ClassItem,MethodItem) 170 */ 171 void defineHabilitation(MethodItem condition); 172 173 /** 174 * Defines a contextual habilitation test for instances of given 175 * class (This is a generic method to be used when the habilitation 176 * does not fit any simple scheme). 177 * 178 * @param cli the class the test applies to 179 * @param condition the contextual condition (a static method that 180 * takes the substance, the currently tested item, the action's 181 * type (one of GuiAC.VISIBLE, GuiAC.EDITABLE, GuiAC.ADDABLE 182 * or GuiAC.REMOVABLE) and that returns true if the habilitation is 183 * granted) 184 * @see #defineHabilitation(MethodItem) 185 */ 186 void defineHabilitation(ClassItem cli, MethodItem condition); 187 188 /** 189 * For the specified collection, users will only see the objects 190 * that they own. 191 * 192 * @param profile apply the filter only if the user has this profile 193 * @param cl the class holding the collection 194 * @param collectionName name of the collection attribute 195 */ 196 void addOwnerFilter(String profile,ClassItem cl, 197 String collectionName); 198 199 /** 200 * For the specified collection, apply a filter on its getter, so 201 * that some items can be hidden depending on the user. 202 * 203 * @param collection the collection to filter 204 * @param filter a static method which takes a Collection (the one 205 * to filter), an Object (the holder of the collection), a 206 * CollectionItem, and a User and returns the filtered collection. 207 */ 208 void addFilter(CollectionItem collection, MethodItem filter); 209 210 /** 211 * Set a contextual profile to a reference or a collection that 212 * contains user(s). 213 * 214 * <p>If one user is added to the given field at runtime, the user 215 * will then have the given profile for the current object.</p> 216 * 217 * @param cl the class that owns the field 218 * @param field the profiled field 219 * @param profile the profile to be set contextually */ 220 221 void setContextualProfile(ClassItem cl, String field, 222 String profile); 223 224 225 }