X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?p=controller.git;a=blobdiff_plain;f=opendaylight%2Fsal%2Fapi%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fcontroller%2Fsal%2Fauthorization%2FIResourceAuthorization.java;h=8f6cfa42512642ba6e1115332c68898bb35ece75;hp=160967482496792e56c4b28089ff41b2b97ddb89;hb=e2f7aaa41e482815ca1d4495eb85c8653cd903ab;hpb=42210c03b0a4c54706320ba9f55794c0abd4d201

diff --git a/opendaylight/sal/api/src/main/java/org/opendaylight/controller/sal/authorization/IResourceAuthorization.java b/opendaylight/sal/api/src/main/java/org/opendaylight/controller/sal/authorization/IResourceAuthorization.java
index 1609674824..8f6cfa4251 100644
--- a/opendaylight/sal/api/src/main/java/org/opendaylight/controller/sal/authorization/IResourceAuthorization.java
+++ b/opendaylight/sal/api/src/main/java/org/opendaylight/controller/sal/authorization/IResourceAuthorization.java
@@ -12,11 +12,13 @@ package org.opendaylight.controller.sal.authorization;
 import java.util.List;
 import java.util.Set;
 
+import org.opendaylight.controller.sal.utils.Status;
+
 /**
  * Interface for applications which maintain an authorization
  * database for their resources. Respective application web bundle
  * and User Manager make use of this interface to retrieve
- * authorization information at user or and role level
+ * authorization information at user or and role level.
  */
 public interface IResourceAuthorization {
 
@@ -25,9 +27,18 @@ public interface IResourceAuthorization {
      *
      * @param role	the role name
      * @param userLevel	the user level in the application context
-     */
-    public void createRole(String role, AppRoleLevel userLevel);
+	 * @return the status of the request
+	 */
+    public Status createRole(String role, AppRoleLevel userLevel);
 
+    /**
+     * Remove a Role
+     * 
+     * @param role the role name
+     * @return the status of the request
+     */
+    public Status removeRole(String role);
+    
     /**
      * Return the list of roles configured for the application
      *
@@ -59,15 +70,17 @@ public interface IResourceAuthorization {
      *
      * @param groupName the name for the resource group
      * @param resources the list of resources for the group
+     * @return the status of the request
      */
-    public void createResourceGroup(String groupName, List<Object> resources);
+    public Status createResourceGroup(String groupName, List<Object> resources);
 
     /**
      * Removes a resource group
      *
      * @param groupName the name of the group
+     * @return the status of the request
      */
-    public void removeResourceGroup(String groupName);
+    public Status removeResourceGroup(String groupName);
 
     /**
      * Returns the list of resource groups configured for the application
@@ -77,14 +90,36 @@ public interface IResourceAuthorization {
     public List<String> getResourceGroups();
 
     /**
-     * Assign a resource group to a user group (role)
+     * Assign a resource group to a role
      *
-     * @param groupName the object expressing the resource group name and the access privilege
-     * @param role the user group (role) name
+     * @param groupName the name of the resource group
+     * @param privilege the access privilege role will have on the resource group
+     * @param role the role name
+     * @return the status of the request
      */
-    public void assignResourceGroupToRole(String groupName,
+    @Deprecated
+    public Status assignResourceGroupToRole(String groupName,
             Privilege privilege, String role);
 
+    /**
+     * Assign a resource group to a role. The access privilege on the resources
+     * is inferred by the AppRoleLevel associated to role.
+     *
+     * @param groupName the name of the resource group
+     * @param role the role name
+     * @return the status of the request
+     */
+    public Status assignResourceGroupToRole(String groupName, String role);
+    
+    /**
+     * Unassign the passed resource group from the specified role
+     * 
+     * @param group
+     * @param role
+     * @return the status of the request
+     */
+    public Status unassignResourceGroupFromRole(String group, String role);
+    
     /**
      * Returns the list of resource groups the given Role is authorized to use
      * The returning object expresses the resource group name and the access
@@ -146,7 +181,7 @@ public interface IResourceAuthorization {
      *
      * @param userName
      * @param resource
-     * @return
+     * @return the privilege the user has on the passed resource
      */
     public Privilege getResourcePrivilege(String userName, Object resource);