public interface Authorization extends OsidRelationship
An Authorization is a mapping among an actor, a Function
and a Qualifier.
This interface is not required for
performing authorization checks but is used for examining and managing
authorizations.
The actor of an authorization may be specified in a variety of forms.
Agent
Resource:
the authorization provider uses all the
Agents
associated with a Resource
for
matching authorizations Resource
and Trust:
the
authorization provider uses the associated Agents
within a cicle of Trust
An explicit Authorization
represents the mappings as
they are specified in the authorization provdier. Implicit authorizations
may be retrieved which are authorizations inferred through the
Function
or Qualifier
hierarchies. An implicit
Authorization
is one where isImplicit()
is
true and should not be used for modification as it is only available for
auditing purposes.
An Authorization
containing a Resource
may also provide the associated Agent in a request for implicit
authorizations or for all the authorizations, both explicit and implicit,
for a given Agent.
Modifier and Type | Method and Description |
---|---|
Agent |
getAgent()
Gets the
Agent for this authorization. |
Id |
getAgentId()
Gets the
Agent Id for this authorization. |
AuthorizationRecord |
getAuthorizationRecord(Type authorizationRecordType)
Gets the authorization record corresponding to the given
Authorization record Type. |
Function |
getFunction()
Gets the
Function for this authorization. |
Id |
getFunctionId()
Gets the
Function Id for this authorization. |
Qualifier |
getQualifier()
Gets the qualifier for this authorization.
|
Id |
getQualifierId()
Gets the
Qualifier Id for this authorization. |
Resource |
getResource()
Gets the
Resource for this authorization. |
Id |
getResourceId()
Gets the
resource Id for this authorization. |
Trust |
getTrust()
Gets the
Trust for this authorization. |
Id |
getTrustId()
Gets the
Trust Id for this
authorization. |
boolean |
hasAgent()
Tests if this authorization has an
Agent. |
boolean |
hasResource()
Tests if this authorization has a
Resource. |
boolean |
hasTrust()
Tests if this authorization has a
Trust. |
boolean |
isImplicit()
Tests if this authorization is implicit.
|
getEndReason, getEndReasonId, hasEndReason
getDescription, getDisplayName, getGenusType, isOfGenusType
getId, isCurrent
getRecordTypes, hasRecordType
getProperties, getPropertiesByRecordType
getEndDate, getStartDate, isEffective
boolean isImplicit()
true
if this authorization is implicit,
false
otherwisemandatory
- This method must be implemented. boolean hasResource()
Resource.
true
if this authorization has a
Resource,
false
otherwisemandatory
- This method must be implemented. Id getResourceId()
resource Id
for this authorization. Resource Id
IllegalStateException
- hasResource()
is
false
mandatory
- This method must be implemented. Resource getResource() throws OperationFailedException
Resource
for this authorization. Resource
IllegalStateException
- hasResource()
is
false
OperationFailedException
- unable to complete requestmandatory
- This method must be implemented. boolean hasTrust()
Trust.
true
if this authorization has a Trust,
false
otherwisemandatory
- This method must be implemented. Id getTrustId()
Trust
Id
for this
authorization. Id
IllegalStateException
- hasTrust()
is
false
mandatory
- This method must be implemented. Trust getTrust() throws OperationFailedException
Trust
for this authorization. Trust
IllegalStateException
- hasTrust()
is
false
OperationFailedException
- unable to complete requestmandatory
- This method must be implemented. boolean hasAgent()
Agent.
An implied
authorization may have an Agent
in addition to a
specified Resource.
true
if this authorization has an Agent,
false
otherwisemandatory
- This method must be implemented. Id getAgentId()
Agent Id
for this authorization. Agent Id
IllegalStateException
- hasAgent()
is
false
mandatory
- This method must be implemented. Agent getAgent() throws OperationFailedException
Agent
for this authorization. Agent
IllegalStateException
- hasAgent()
is
false
OperationFailedException
- unable to complete requestmandatory
- This method must be implemented. Id getFunctionId()
Function Id
for this authorization. Id
mandatory
- This method must be implemented. Function getFunction() throws OperationFailedException
Function
for this authorization.OperationFailedException
- unable to complete requestmandatory
- This method must be implemented. Id getQualifierId()
Qualifier Id
for this authorization. Id
mandatory
- This method must be implemented. Qualifier getQualifier() throws OperationFailedException
OperationFailedException
- unable to complete requestmandatory
- This method must be implemented. AuthorizationRecord getAuthorizationRecord(Type authorizationRecordType) throws OperationFailedException
Authorization
record Type.
This method is used
to retrieve an object implementing the requested record. The
authorizationRecordType
may be the Type
returned in getRecordTypes()
or any of its parents in a
Type
hierarchy where
hasRecordType(authorizationRecordType)
is true
.authorizationRecordType
- the type of the record to retrieveNullArgumentException
- authorizationRecordType
is null
OperationFailedException
- unable to complete requestUnsupportedException
-
hasRecordType(authorizationRecordType)
is false
mandatory
- This method must be implemented.