Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.authz;
020
021import org.apache.shiro.subject.PrincipalCollection;
022
023import java.util.Collection;
024import java.util.List;
025
026/**
027 * An <tt>Authorizer</tt> performs authorization (access control) operations for any given Subject
028 * (aka 'application user').
029 *
030 * <p>Each method requires a subject principal to perform the action for the corresponding Subject/user.
031 *
032 * <p>This principal argument is usually an object representing a user database primary key or a String username or
033 * something similar that uniquely identifies an application user.  The runtime value of the this principal
034 * is application-specific and provided by the application's configured Realms.
035 *
036 * <p>Note that there are many *Permission methods in this interface overloaded to accept String arguments instead of
037 * {@link Permission Permission} instances. They are a convenience allowing the caller to use a String representation of
038 * a {@link Permission Permission} if desired.  Most implementations of this interface will simply convert these
039 * String values to {@link Permission Permission} instances and then just call the corresponding type-safe method.
040 * (Shiro's default implementations do String-to-Permission conversion for these methods using
041 * {@link org.apache.shiro.authz.permission.PermissionResolver PermissionResolver}s.)
042 *
043 * <p>These overloaded *Permission methods <em>do</em> forego type-safety for the benefit of convenience and simplicity,
044 * so you should choose which ones to use based on your preferences and needs.
045 *
046 * @since 0.1
047 */
048public interface Authorizer {
049
050    /**
051     * Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
052     * summarized by the specified permission string.
053     *
054     * <p>This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.
055     * Please see the class-level JavaDoc for more information on these String-based permission methods.
056     *
057     * @param principals the application-specific subject/user identifier.
058     * @param permission the String representation of a Permission that is being checked.
059     * @return true if the corresponding Subject/user is permitted, false otherwise.
060     * @see #isPermitted(PrincipalCollection principals, Permission permission)
061     * @since 0.9
062     */
063    boolean isPermitted(PrincipalCollection principals, String permission);
064
065    /**
066     * Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
067     * summarized by the specified permission.
068     *
069     * <p>More specifically, this method determines if any <tt>Permission</tt>s associated
070     * with the subject {@link Permission#implies(Permission) imply} the specified permission.
071     *
072     * @param subjectPrincipal the application-specific subject/user identifier.
073     * @param permission       the permission that is being checked.
074     * @return true if the corresponding Subject/user is permitted, false otherwise.
075     */
076    boolean isPermitted(PrincipalCollection subjectPrincipal, Permission permission);
077
078    /**
079     * Checks if the corresponding Subject implies the given permission strings and returns a boolean array
080     * indicating which permissions are implied.
081     *
082     * <p>This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.
083     * Please see the class-level JavaDoc for more information on these String-based permission methods.
084     *
085     * @param subjectPrincipal the application-specific subject/user identifier.
086     * @param permissions      the String representations of the Permissions that are being checked.
087     * @return an array of booleans whose indices correspond to the index of the
088     * permissions in the given list.  A true value at an index indicates the user is permitted for
089     * for the associated <tt>Permission</tt> string in the list.  A false value at an index
090     * indicates otherwise.
091     * @since 0.9
092     */
093    boolean[] isPermitted(PrincipalCollection subjectPrincipal, String... permissions);
094
095    /**
096     * Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating
097     * which permissions are implied.
098     *
099     * <p>More specifically, this method should determine if each <tt>Permission</tt> in
100     * the array is {@link Permission#implies(Permission) implied} by permissions
101     * already associated with the subject.
102     *
103     * <p>This is primarily a performance-enhancing method to help reduce the number of
104     * {@link #isPermitted} invocations over the wire in client/server systems.
105     *
106     * @param subjectPrincipal the application-specific subject/user identifier.
107     * @param permissions      the permissions that are being checked.
108     * @return an array of booleans whose indices correspond to the index of the
109     * permissions in the given list.  A true value at an index indicates the user is permitted for
110     * for the associated <tt>Permission</tt> object in the list.  A false value at an index
111     * indicates otherwise.
112     */
113    boolean[] isPermitted(PrincipalCollection subjectPrincipal, List<Permission> permissions);
114
115    /**
116     * Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permission strings,
117     * <tt>false</tt> otherwise.
118     *
119     * <p>This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.
120     * Please see the class-level JavaDoc for more information on these String-based permission methods.
121     *
122     * @param subjectPrincipal the application-specific subject/user identifier.
123     * @param permissions      the String representations of the Permissions that are being checked.
124     * @return true if the user has all of the specified permissions, false otherwise.
125     * @see #isPermittedAll(PrincipalCollection, Collection)
126     * @since 0.9
127     */
128    boolean isPermittedAll(PrincipalCollection subjectPrincipal, String... permissions);
129
130    /**
131     * Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permissions, <tt>false</tt>
132     * otherwise.
133     *
134     * <p>More specifically, this method determines if all of the given <tt>Permission</tt>s are
135     * {@link Permission#implies(Permission) implied by} permissions already associated with the subject.
136     *
137     * @param subjectPrincipal the application-specific subject/user identifier.
138     * @param permissions      the permissions to check.
139     * @return true if the user has all of the specified permissions, false otherwise.
140     */
141    boolean isPermittedAll(PrincipalCollection subjectPrincipal, Collection<Permission> permissions);
142
143    /**
144     * Ensures the corresponding Subject/user implies the specified permission String.
145     *
146     * <p>If the subject's existing associated permissions do not {@link Permission#implies(Permission)} imply}
147     * the given permission, an {@link AuthorizationException} will be thrown.
148     *
149     * <p>This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.
150     * Please see the class-level JavaDoc for more information on these String-based permission methods.
151     *
152     * @param subjectPrincipal the application-specific subject/user identifier.
153     * @param permission       the String representation of the Permission to check.
154     * @throws AuthorizationException if the user does not have the permission.
155     * @since 0.9
156     */
157    void checkPermission(PrincipalCollection subjectPrincipal, String permission) throws AuthorizationException;
158
159    /**
160     * Ensures a subject/user {@link Permission#implies(Permission)} implies} the specified <tt>Permission</tt>.
161     * If the subject's existing associated permissions do not {@link Permission#implies(Permission)} imply}
162     * the given permission, an {@link AuthorizationException} will be thrown.
163     *
164     * @param subjectPrincipal the application-specific subject/user identifier.
165     * @param permission       the Permission to check.
166     * @throws AuthorizationException if the user does not have the permission.
167     */
168    void checkPermission(PrincipalCollection subjectPrincipal, Permission permission) throws AuthorizationException;
169
170    /**
171     * Ensures the corresponding Subject/user
172     * {@link Permission#implies(Permission) implies} all of the
173     * specified permission strings.
174     * <p>
175     * If the subject's existing associated permissions do not
176     * {@link Permission#implies(Permission) imply} all of the given permissions,
177     * an {@link AuthorizationException} will be thrown.
178     *
179     * <p>This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.
180     * Please see the class-level JavaDoc for more information on these String-based permission methods.
181     *
182     * @param subjectPrincipal the application-specific subject/user identifier.
183     * @param permissions      the string representations of Permissions to check.
184     * @throws AuthorizationException if the user does not have all of the given permissions.
185     * @since 0.9
186     */
187    void checkPermissions(PrincipalCollection subjectPrincipal, String... permissions) throws AuthorizationException;
188
189    /**
190     * Ensures the corresponding Subject/user
191     * {@link Permission#implies(Permission) implies} all of the
192     * specified permission strings.
193     * <p>
194     * If the subject's existing associated permissions do not
195     * {@link Permission#implies(Permission) imply} all of the given permissions,
196     * an {@link AuthorizationException} will be thrown.
197     *
198     * @param subjectPrincipal the application-specific subject/user identifier.
199     * @param permissions      the Permissions to check.
200     * @throws AuthorizationException if the user does not have all of the given permissions.
201     */
202    void checkPermissions(PrincipalCollection subjectPrincipal, Collection<Permission> permissions) throws AuthorizationException;
203
204    /**
205     * Returns <tt>true</tt> if the corresponding Subject/user has the specified role, <tt>false</tt> otherwise.
206     *
207     * @param subjectPrincipal the application-specific subject/user identifier.
208     * @param roleIdentifier   the application-specific role identifier (usually a role id or role name).
209     * @return <tt>true</tt> if the corresponding subject has the specified role, <tt>false</tt> otherwise.
210     */
211    boolean hasRole(PrincipalCollection subjectPrincipal, String roleIdentifier);
212
213    /**
214     * Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating
215     * which roles are associated with the given subject.
216     *
217     * <p>This is primarily a performance-enhancing method to help reduce the number of
218     * {@link #hasRole} invocations over the wire in client/server systems.
219     *
220     * @param subjectPrincipal the application-specific subject/user identifier.
221     * @param roleIdentifiers  the application-specific role identifiers to check (usually role ids or role names).
222     * @return an array of booleans whose indices correspond to the index of the
223     * roles in the given identifiers.  A true value indicates the user has the
224     * role at that index.  False indicates the user does not have the role at that index.
225     */
226    boolean[] hasRoles(PrincipalCollection subjectPrincipal, List<String> roleIdentifiers);
227
228    /**
229     * Returns <tt>true</tt> if the corresponding Subject/user has all of the specified roles, <tt>false</tt> otherwise.
230     *
231     * @param subjectPrincipal the application-specific subject/user identifier.
232     * @param roleIdentifiers  the application-specific role identifiers to check (usually role ids or role names).
233     * @return true if the user has all the roles, false otherwise.
234     */
235    boolean hasAllRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers);
236
237    /**
238     * Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
239     * {@link AuthorizationException} if they do not.
240     *
241     * @param subjectPrincipal the application-specific subject/user identifier.
242     * @param roleIdentifier   the application-specific role identifier (usually a role id or role name ).
243     * @throws AuthorizationException if the user does not have the role.
244     */
245    void checkRole(PrincipalCollection subjectPrincipal, String roleIdentifier) throws AuthorizationException;
246
247    /**
248     * Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or
249     * throwing an {@link AuthorizationException} if they do not.
250     *
251     * @param subjectPrincipal the application-specific subject/user identifier.
252     * @param roleIdentifiers  the application-specific role identifiers to check (usually role ids or role names).
253     * @throws AuthorizationException if the user does not have all of the specified roles.
254     */
255    void checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers) throws AuthorizationException;
256
257    /**
258     * Same as {@link #checkRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)
259     * checkRoles(PrincipalCollection subjectPrincipal,
260     * Collection&lt;String&gt; roleIdentifiers)} but doesn't require a collection as an argument.
261     * Asserts the corresponding Subject/user has all the specified roles by returning quietly if they do or
262     * throwing an {@link AuthorizationException} if they do not.
263     *
264     * @param subjectPrincipal the application-specific subject/user identifier.
265     * @param roleIdentifiers  the application-specific role identifiers to check (usually role ids or role names).
266     * @throws AuthorizationException if the user does not have all the specified roles.
267     * @since 1.1.0
268     */
269    void checkRoles(PrincipalCollection subjectPrincipal, String... roleIdentifiers) throws AuthorizationException;
270
271}