View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.core.authz.support;
21  
22  
23  import java.util.Collection;
24  
25  import javax.naming.NamingException;
26  
27  import org.apache.directory.server.core.entry.ServerEntry;
28  import org.apache.directory.server.core.interceptor.context.OperationContext;
29  import org.apache.directory.server.schema.registries.Registries;
30  import org.apache.directory.shared.ldap.aci.ACITuple;
31  import org.apache.directory.shared.ldap.aci.MicroOperation;
32  import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
33  import org.apache.directory.shared.ldap.entry.Value;
34  import org.apache.directory.shared.ldap.name.LdapDN;
35  
36  
37  /**
38   * An interface that filters the specified collection of tuples using the
39   * specified extra information.
40   *
41   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
42   * @version $Rev: 662440 $, $Date: 2008-06-02 16:00:23 +0200 (Mo, 02 Jun 2008) $
43   *
44   */
45  public interface ACITupleFilter
46  {
47      /**
48       * Returns the collection of the filtered tuples using the specified
49       * extra information.
50       * 
51       * @param tuples the collection of tuples to filter
52       * @param scope the scope of the operation to be performed
53       * @param proxy the proxy interceptor for this filter to access the DIT
54       * @param userGroupNames the collection of group ({@link LdapDN})s which the current user belongs to
55       * @param userName the {@link LdapDN} of the current user
56       * @param userEntry the {@link ServerEntry} of the current user entry in the DIT
57       * @param authenticationLevel the level of authentication of the current user
58       * @param entryName the {@link LdapDN} of the entry the current user accesses
59       * @param attrId the attribute ID the current user accesses
60       * @param attrValue the value of the attribute the current user accesses
61       * @param entry the {@link ServerEntry} of the entry the current user accesses
62       * @param microOperations the set of {@link MicroOperation}s the current user will perform
63       * @param entryView in case of a Modify operation, view of the entry being modified as if the modification permitted and completed
64       * @return the collection of filtered tuples
65       * @throws NamingException if failed to filter the specific tuples
66       */
67      Collection<ACITuple> filter( 
68              Registries registries, 
69              Collection<ACITuple> tuples, 
70              OperationScope scope, 
71              OperationContext opContext,
72              Collection<LdapDN> userGroupNames, 
73              LdapDN userName, 
74              ServerEntry userEntry,
75              AuthenticationLevel authenticationLevel, 
76              LdapDN entryName, 
77              String attrId,
78              Value<?> attrValue, 
79              ServerEntry entry, 
80              Collection<MicroOperation> microOperations,
81              ServerEntry entryView )
82          throws Exception;
83  }