OSID Logo
OSID Specifications
authorization rules package
Version 3.0.0
Release Candidate Preview
Interfaceosid.authorization.rules.AuthorizationEnablerRuleLookupSession
Implementsosid.OsidSession
Description

This session provides methods to retrieve AuthorizationEnabler to Authorization mappings. An Authorization with multiple AuthorizationEnablers means any positive rule evaluation across the enablers result in an effective Authorization.

This lookup session defines several views:

  • comparative view: elements may be silently omitted or re-ordered
  • plenary view: provides a complete result set or is an error condition
  • isolated vault view: All methods in this session operate, retrieve and pertain authorization enablers defined explicitly in the current vault
  • federated vault view: All methods in this session operate, retrieve and pertain to all authorization enablers defined in this vault and any other authorization enablers implicitly available in this vault through vault inheritence.
MethodgetVaultId
Description

Gets the Vault Id associated with this session.

Returnosid.id.Idthe Vault Id associated with this session
CompliancemandatoryThis method must be implemented.
MethodgetVault
Description

Gets the Vault associated with this session.

Returnosid.authorization.Vaultthe vault
ErrorsOPERATION_FAILEDunable to complete request
PERMISSION_DENIEDauthorization failure
CompliancemandatoryThis method must be implemented.
MethodcanLookupAuthorizationEnablerRules
Description

Tests if this user can perform lookups of authorization enabler/authorization mappings. A return of true does not guarantee successful authorization. A return of false indicates that it is known lookup methods in this session will result in a PERMISSION_DENIED. This is intended as a hint to an application that may opt not to offer lookup operations to unauthorized users.

Returnboolean false if looking up mappings is not authorized, true otherwise
CompliancemandatoryThis method must be implemented.
MethoduseComparativeAuthorizationEnablerRuleView
Description

The returns from the lookup methods may omit or translate elements based on this session, such as authorization, and not result in an error. This view is used when greater interoperability is desired at the expense of precision.

CompliancemandatoryThis method is must be implemented.
MethodusePlenaryAuthorizationEnablerRuleView
Description

A complete view of the AuthorizationEnabler and Authorization returns is desired. Methods will return what is requested or result in an error. This view is used when greater precision is desired at the expense of interoperability.

CompliancemandatoryThis method is must be implemented.
MethoduseFederatedVaultView
Description

Federates the view for methods in this session. A federated view will include authorization enablers in vaults which are children of this vault in the vault hierarchy.

CompliancemandatoryThis method is must be implemented.
MethoduseIsolatedVaultView
Description

Isolates the view for methods in this session. An isolated view restricts lookups to this vault only.

CompliancemandatoryThis method is must be implemented.
MethodgetAuthorizationEnablerIdsForAuthorization
Description

Gets the AuthorizationEnabler Id associated with an Authorization.

Parametersosid.id.IdauthorizationId Id of the Authorization
Returnosid.id.IdListthe authorization enabler Ids
ErrorsNOT_FOUND authorizationId is not found
NULL_ARGUMENT authorizationId is null
OPERATION_FAILEDunable to complete request
PERMISSION_DENIEDauthorization failure
CompliancemandatoryThis method must be implemented.
MethodgetAuthorizationEnablersForAuthorization
Description

Gets the AuthorizationEnabler associated with an Authorization.

Parametersosid.id.IdauthorizationId Id of the Authorization
Returnosid.authorization.rules.AuthorizationEnablerListthe authorization enablers
ErrorsNOT_FOUND authorizationId is not found
NULL_ARGUMENT authorizationId is null
OPERATION_FAILEDunable to complete request
PERMISSION_DENIEDauthorization failure
CompliancemandatoryThis method must be implemented.
MethodgetAuthorizationIdsForAuthorizationEnabler
Description

Gets the Authorization Ids mapped to an AuthorizationEnabler.

Parametersosid.id.IdauthorizationEnablerId Id of an AuthorizationEnabler
Returnosid.id.IdListlist of authorization Ids
ErrorsNOT_FOUND authorizationEnablerId is not found
NULL_ARGUMENT authorizationEnablerId is null
OPERATION_FAILEDunable to complete request
PERMISSION_DENIEDauthorization failure
CompliancemandatoryThis method must be implemented.
MethodgetAuthorizationsForAuthorizationEnabler
Description

Gets the Authorizations mapped to an AuthorizationEnabler.

Parametersosid.id.IdauthorizationEnablerId Id of an AuthorizationEnabler
Returnosid.authorization.AuthorizationListlist of authorizations
ErrorsNOT_FOUND authorizationEnablerId is not found
NULL_ARGUMENT authorizationEnablerId is null
OPERATION_FAILEDunable to complete request
PERMISSION_DENIEDauthorization failure
CompliancemandatoryThis method must be implemented.