OSID - osid.authorization.AuthorizationAdminSession Service Interface Definition

Interface	osid.authorization.AuthorizationAdminSession
Implements	`osid.OsidSession`
Description	This session creates, updates, and deletes `Authorizations.` The data for create and update is provided by the consumer via the form object. `OsidForms` are requested for each create or update and may not be reused. Create and update operations differ in their usage. To create an `Authorization,` an `AuthorizationForm` is requested using `getAuthorizationFormForCreate()` specifying the desired relationship peers and record `Types` or none if no record `Types` are needed. The returned `AuthorizationForm` will indicate that it is to be used with a create operation and can be used to examine metdata or validate data prior to creation. Once the `AuthorizationForm` is submiited to a create operation, it cannot be reused with another create operation unless the first operation was unsuccessful. Each `AuthorizationForm` corresponds to an attempted transaction. For updates, `AuthorizationForms` are requested to the `Authorization` `Id` that is to be updated using `getAuthorizationFormForUpdate().` Similarly, the `AuthorizationForm` has metadata about the data that can be updated and it can perform validation before submitting the update. The `AuthorizationForm` can only be used once for a successful update and cannot be reused. The delete operations delete `Authorizations.` To unmap an `Authorization` from the current `Vault,` the `AuthorizationVaultAssignmentSession` should be used. These delete operations attempt to remove the `Authorization` itself thus removing it from all known `Vault` catalogs. This session includes an `Id` aliasing mechanism to assign an external `Id` to an internally assigned Id.
Method	getVaultId
Description	Gets the `Vault` `Id` associated with this session.
Return	`osid.id.Id`		the `Vault Id` associated with this session
Compliance	`mandatory`		This method must be implemented.
Method	getVault
Description	Gets the `Vault` associated with this session.
Return	`osid.authorization.Vault`		the `Vault` associated with this session
Errors	OPERATION_FAILED		unable to complete request
Errors	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.
Method	canCreateAuthorizations
Description	Tests if this user can create `Authorizations.` A return of true does not guarantee successful authorization. A return of false indicates that it is known all methods in this session will result in a `PERMISSION_DENIED.` This is intended as a hint to an application that may opt not to offer create operations to unauthorized users.
Return	`boolean`		`false` if `Authorization` creation is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	canCreateAuthorizationWithRecordTypes
Description	Tests if this user can create a single `Authorization` using the desired record types. While `AuthorizationManager.getAuthorizationRecordTypes()` can be used to examine which records are supported, this method tests which record(s) are required for creating a specific `Authorization.` Providing an empty array tests if an `Authorization` can be created with no records.
Parameters	`osid.type.Type[]`	`authorizationRecordTypes`	array of authorization record types
Return	`boolean`		`true` if `Authorization` creation using the specified `Types` is supported, `false` otherwise
Errors	NULL_ARGUMENT		`authorizationRecordTypes` is `null`
Compliance	`mandatory`		This method must be implemented.
Method	getAuthorizationFormForCreateForAgent
Description	Gets the authorization form for creating new authorizations. A new form should be requested for each create transaction.
Parameters	`osid.id.Id`	`agentId`	the agent `Id`
	`osid.id.Id`	`functionId`	the function `Id`
	`osid.id.Id`	`qualifierId`	the qualifier `Id`
	`osid.type.Type[]`	`authorizationRecordTypes`	array of authorization record types
Return	`osid.authorization.AuthorizationForm`		the authorization form
Errors	NOT_FOUND		`agentId, functionId` or `qualifierId` is not found
	NULL_ARGUMENT		`agentId, functionId, qualifierId` or `authorizationRecordTypes` is `null`
	OPERATION_FAILED		`unable to complete request`
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		unable to get form with requested record types
Compliance	`mandatory`		This method must be implemented.
Method	getAuthorizationFormForCreateForResource
Description	Gets the authorization form for creating new authorizations. A new form should be requested for each create transaction.
Parameters	`osid.id.Id`	`resourceId`	the resource `Id`
	`osid.id.Id`	`functionId`	the function `Id`
	`osid.id.Id`	`qualifierId`	the qualifier `Id`
	`osid.type.Type[]`	`authorizationRecordTypes`	array of authorization record types
Return	`osid.authorization.AuthorizationForm`		the authorization form
Errors	NOT_FOUND		`resourceId, functionId` or `qualifierId` is not found
	NULL_ARGUMENT		`resourceId, functionId, qualifierId,` or `authorizationRecordTypes` is `null`
	OPERATION_FAILED		`unable to complete request`
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		unable to get form with requested record types
Compliance	`mandatory`		This method must be implemented.
Method	getAuthorizationFormForCreateForResourceAndTrust
Description	Gets the authorization form for creating new authorizations. A new form should be requested for each create transaction.
Parameters	`osid.id.Id`	`resourceId`	a resource `Id`
	`osid.id.Id`	`trustId`	an `Id` for a circle of trust
	`osid.id.Id`	`functionId`	a function `Id`
	`osid.id.Id`	`qualifierId`	the qualifier `Id`
	`osid.type.Type[]`	`authorizationRecordTypes`	array of authorization record types
Return	`osid.authorization.AuthorizationForm`		the authorization form
Errors	NOT_FOUND		`resourceId, trustId, functionId` , or `qualifierid` is not found
	NULL_ARGUMENT		`resourceId, trustId` , `resourceId, qualifierId` or `authorizationRecordTypes` is `null`
	OPERATION_FAILED		`unable to complete request`
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		unable to get form with requested record types
Compliance	`mandatory`		This method must be implemented.
Method	createAuthorization
Description	Creates a new explicit `Authorization.`
Parameters	`osid.authorization.AuthorizationForm`	`authorizationForm`	the authorization form
Return	`osid.authorization.Authorization`		`t` he new `Authorization`
Errors	ILLEGAL_STATE		`authorizationForm` already used in a create transaction
	INVALID_ARGUMENT		one or more of the form elements is invalid
	NULL_ARGUMENT		`authorizationForm` is `null`
	OPERATION_FAILED		`unable to complete request`
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		`authorizationForm` did not originate from this service
Compliance	`mandatory`		This method must be implemented.
Method	canUpdateAuthorizations
Description	Tests if this user can update `Authorizations.` A return of true does not guarantee successful authorization. A return of false indicates that it is known updating an `Authorization` will result in a `PERMISSION_DENIED.` This is intended as a hint to an application that may opt not to offer update operations to an unauthorized user.
Return	`boolean`		`false` if authorization modification is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	getAuthorizationFormForUpdate
Description	Gets the authorization form for updating an existing authorization. A new authorization form should be requested for each update transaction.
Parameters	`osid.id.Id`	`authorizationId`	the `Id` of the `Authorization`
Return	`osid.authorization.AuthorizationForm`		the authorization form
Errors	NOT_FOUND		`authorizationId` is not found
	NULL_ARGUMENT		`authorizationId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.
Method	updateAuthorization
Description	Updates an existing authorization
Parameters	`osid.authorization.AuthorizationForm`	`authorizationForm`	the authorization `Id`
Errors	ILLEGAL_STATE		`authorizationForm` already used in an update transaction
	INVALID_ARGUMENT		one or more of the form elements is invalid
	NULL_ARGUMENT		`authorizationForm` is `null`
	OPERATION_FAILED		`unable to complete request`
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		`authorizationForm` did not originate from `getAuthorizationFormForUpdate()`
Compliance	`mandatory`		This method must be implemented.
Method	canDeleteAuthorizations
Description	Tests if this user can delete `Authorizations.` A return of true does not guarantee successful authorization. A return of false indicates that it is known deleting an `Authorization` will result in a `PERMISSION_DENIED.` This is intended as a hint to an application that may opt not to offer delete operations to an unauthorized user.
Return	`boolean`		`false` if `Authorization` deletion is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	deleteAuthorization
Description	Deletes the `Authorization` identified by the given `Id.`
Parameters	`osid.id.Id`	`authorizationId`	the `Id` of the `Authorization` to delete
Errors	NOT_FOUND		an `Authorization` was not found identified by the given `Id`
	NULL_ARGUMENT		`authorizationId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.
Method	canManageAuthorizationAliases
Description	Tests if this user can manage `Id` aliases for `Authorizations.` A return of true does not guarantee successful authorization. A return of false indicates that it is known changing an alias will result in a `PERMISSION_DENIED.` This is intended as a hint to an application that may opt not to offer alias operations to an unauthorized user.
Return	`boolean`		`false` if `Authorization` aliasing is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	aliasAuthorization
Description	Adds an `Id` to an `Authorization` for the purpose of creating compatibility. The primary `Id` of the `Authorization` is determined by the provider. The new `Id` performs as an alias to the primary `Id.` If the alias is a pointer to another authorization. it is reassigned to the given authorization `Id.`
Parameters	`osid.id.Id`	`authorizationId`	the `Id` of an `Authorization`
Parameters	`osid.id.Id`	`aliasId`	the alias `Id`
Errors	ALREADY_EXISTS		`aliasId` is already assigned
	NOT_FOUND		`authorizationId` not found
	NULL_ARGUMENT		`authorizationId` or `aliasId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.