3 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
5 * This program and the accompanying materials are made available under the
6 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
7 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.sal.authorization;
12 import java.util.List;
16 * Interface for applications which maintain an authorization
17 * database for their resources. Respective application web bundle
18 * and User Manager make use of this interface to retrieve
19 * authorization information at user or and role level
21 public interface IResourceAuthorization {
24 * Create a Role name for the application
26 * @param role the role name
27 * @param userLevel the user level in the application context
29 public void createRole(String role, AppRoleLevel userLevel);
32 * Return the list of roles configured for the application
34 * @return the list of roles
36 public List<String> getRoles();
39 * Returns the application role level for the specified role
40 * If the role is not known to this application <code>NOUSER<code>
41 * will be returned as specified in {@link AppRoleLevel}
43 * @param roleName the role name to query
44 * @return the application level of the given role in the application context as specified by {@link AppRoleLevel}
45 * if the role is not part of this application's roles, <code>NOUSER<code> is returned
47 public AppRoleLevel getApplicationRoleLevel(String roleName);
50 * Returns whether the specified role is part of this application's roles
52 * @param roleName the role name to test
53 * @return true if the role belongs to this application, false otherwise
55 public boolean isApplicationRole(String roleName);
58 * Create a resource group for application
60 * @param groupName the name for the resource group
61 * @param resources the list of resources for the group
63 public void createResourceGroup(String groupName, List<Object> resources);
66 * Removes a resource group
68 * @param groupName the name of the group
70 public void removeResourceGroup(String groupName);
73 * Returns the list of resource groups configured for the application
75 * @return the list of resource group names
77 public List<String> getResourceGroups();
80 * Assign a resource group to a user group (role)
82 * @param groupName the object expressing the resource group name and the access privilege
83 * @param role the user group (role) name
85 public void assignResourceGroupToRole(String groupName,
86 Privilege privilege, String role);
89 * Returns the list of resource groups the given Role is authorized to use
90 * The returning object expresses the resource group name and the access
91 * its privilege for the given user role
94 * @return list of resources
96 public List<ResourceGroup> getAuthorizedGroups(String role);
99 * Returns the list of resources contained in the given resource group
101 * @param groupName the resource group name
104 public List<Object> getResources(String groupName);
107 * Returns the list of authorized resources for the given role
108 * For each resource only the highest privilege occurrence is returned
110 * @return the list of Resource
112 public List<Resource> getAuthorizedResources(String role);
118 * Returns the controller user role level the passed user name is associated with
120 * @param userName the user name
121 * @return the user role level as specified in {@link UserLevel}
123 public UserLevel getUserLevel(String userName);
126 * Returns the application context user role level the passed user name is associated with
128 * @param userName the user name
129 * @return the user role level as specified in {@link AppRoleLevel}
131 public AppRoleLevel getUserApplicationLevel(String userName);
134 * Returns the list of resources (resource + privilege) associated
135 * with the passed user name for this application context
136 * For each resource only the highest privilege occurrence is returned
138 * @param userName the user name
139 * @return the list of resources associated with this user name in this application context
141 public Set<Resource> getAllResourcesforUser(String userName);
144 * Returns the highest privilege that the user has on the specified
145 * resource in this application context
151 public Privilege getResourcePrivilege(String userName, Object resource);