1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 * 19 */ 20 package org.apache.directory.server.core.authz.support; 21 22 23 import java.util.Collection; 24 25 import javax.naming.NamingException; 26 27 import org.apache.directory.server.core.entry.ServerEntry; 28 import org.apache.directory.server.core.interceptor.context.OperationContext; 29 import org.apache.directory.server.schema.registries.Registries; 30 import org.apache.directory.shared.ldap.aci.ACITuple; 31 import org.apache.directory.shared.ldap.aci.MicroOperation; 32 import org.apache.directory.shared.ldap.constants.AuthenticationLevel; 33 import org.apache.directory.shared.ldap.entry.Value; 34 import org.apache.directory.shared.ldap.name.LdapDN; 35 36 37 /** 38 * An interface that filters the specified collection of tuples using the 39 * specified extra information. 40 * 41 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 42 * @version $Rev: 662440 $, $Date: 2008-06-02 16:00:23 +0200 (Mo, 02 Jun 2008) $ 43 * 44 */ 45 public interface ACITupleFilter 46 { 47 /** 48 * Returns the collection of the filtered tuples using the specified 49 * extra information. 50 * 51 * @param tuples the collection of tuples to filter 52 * @param scope the scope of the operation to be performed 53 * @param proxy the proxy interceptor for this filter to access the DIT 54 * @param userGroupNames the collection of group ({@link LdapDN})s which the current user belongs to 55 * @param userName the {@link LdapDN} of the current user 56 * @param userEntry the {@link ServerEntry} of the current user entry in the DIT 57 * @param authenticationLevel the level of authentication of the current user 58 * @param entryName the {@link LdapDN} of the entry the current user accesses 59 * @param attrId the attribute ID the current user accesses 60 * @param attrValue the value of the attribute the current user accesses 61 * @param entry the {@link ServerEntry} of the entry the current user accesses 62 * @param microOperations the set of {@link MicroOperation}s the current user will perform 63 * @param entryView in case of a Modify operation, view of the entry being modified as if the modification permitted and completed 64 * @return the collection of filtered tuples 65 * @throws NamingException if failed to filter the specific tuples 66 */ 67 Collection<ACITuple> filter( 68 Registries registries, 69 Collection<ACITuple> tuples, 70 OperationScope scope, 71 OperationContext opContext, 72 Collection<LdapDN> userGroupNames, 73 LdapDN userName, 74 ServerEntry userEntry, 75 AuthenticationLevel authenticationLevel, 76 LdapDN entryName, 77 String attrId, 78 Value<?> attrValue, 79 ServerEntry entry, 80 Collection<MicroOperation> microOperations, 81 ServerEntry entryView ) 82 throws Exception; 83 }