/* * $Header: /cvshome/build/org.osgi.service.useradmin/src/org/osgi/service/useradmin/Group.java,v 1.8 2006/06/16 16:31:41 hargrave Exp $ * * Copyright (c) OSGi Alliance (2001, 2006). All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.osgi.service.useradmin; /** * A named grouping of roles (Role objects). *

* Whether or not a given Authorization context implies a * Group object depends on the members of that Group * object. *

* A Group object can have two kinds of members: basic and * required . A Group object is implied by an * Authorization context if all of its required members are implied * and at least one of its basic members is implied. *

* A Group object must contain at least one basic member in order to * be implied. In other words, a Group object without any basic * member roles is never implied by any Authorization context. *

* A User object always implies itself. *

* No loop detection is performed when adding members to Group * objects, which means that it is possible to create circular implications. * Loop detection is instead done when roles are checked. The semantics is that * if a role depends on itself (i.e., there is an implication loop), the role is * not implied. *

* The rule that a Group object must have at least one basic member * to be implied is motivated by the following example: * *

 * 
 *  group foo
 *    required members: marketing
 *    basic members: alice, bob
 *  
 *

* * Privileged operations that require membership in "foo" can be performed only * by "alice" and "bob", who are in marketing. *

* If "alice" and "bob" ever transfer to a different department, anybody in * marketing will be able to assume the "foo" role, which certainly must be * prevented. Requiring that "foo" (or any Group object for that * matter) must have at least one basic member accomplishes that. *

* However, this would make it impossible for a Group object to be * implied by just its required members. An example where this implication might * be useful is the following declaration: "Any citizen who is an adult is * allowed to vote." An intuitive configuration of "voter" would be: * *

 * 
 *  group voter
 *    required members: citizen, adult
 *       basic members:
 *  
 *

* * However, according to the above rule, the "voter" role could never be assumed * by anybody, since it lacks any basic members. In order to address this issue * a predefined role named "user.anyone" can be specified, which is always * implied. The desired implication of the "voter" group can then be achieved by * specifying "user.anyone" as its basic member, as follows: * *

 * 
 *  group voter
 *    required members: citizen, adult
 *       basic members: user.anyone
 *  
 *

* * @version $Revision: 1.8 $ */ public interface Group extends User { /** * Adds the specified Role object as a basic member to this * Group object. * * @param role The role to add as a basic member. * * @return true if the given role could be added as a basic * member, and false if this Group object * already contains a Role object whose name matches that * of the specified role. * * @throws SecurityException If a security manager exists and the caller * does not have the UserAdminPermission with name * admin. */ public boolean addMember(Role role); /** * Adds the specified Role object as a required member to this * Group object. * * @param role The Role object to add as a required member. * * @return true if the given Role object could be * added as a required member, and false if this * Group object already contains a Role object * whose name matches that of the specified role. * * @throws SecurityException If a security manager exists and the caller * does not have the UserAdminPermission with name * admin. */ public boolean addRequiredMember(Role role); /** * Removes the specified Role object from this Group * object. * * @param role The Role object to remove from this Group * object. * * @return true if the Role object could be removed, * otherwise false. * * @throws SecurityException If a security manager exists and the caller * does not have the UserAdminPermission with name * admin. */ public boolean removeMember(Role role); /** * Gets the basic members of this Group object. * * @return The basic members of this Group object, or * null if this Group object does not contain * any basic members. */ public Role[] getMembers(); /** * Gets the required members of this Group object. * * @return The required members of this Group object, or * null if this Group object does not contain * any required members. */ public Role[] getRequiredMembers(); }