Interface for QueryChecker adapter. Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c3baf3ad Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c3baf3ad Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c3baf3ad
Branch: refs/heads/rbac Commit: c3baf3ad72bd77eb1415feae5f715bcd8501d26b Parents: 81a794a Author: Min Chen <[email protected]> Authored: Thu Nov 21 10:32:26 2013 -0800 Committer: Min Chen <[email protected]> Committed: Thu Nov 21 10:32:26 2013 -0800 ---------------------------------------------------------------------- .../org/apache/cloudstack/acl/QueryChecker.java | 83 ++++++++++++++++++++ 1 file changed, 83 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3baf3ad/api/src/org/apache/cloudstack/acl/QueryChecker.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/acl/QueryChecker.java b/api/src/org/apache/cloudstack/acl/QueryChecker.java new file mode 100644 index 0000000..bbe9a2e --- /dev/null +++ b/api/src/org/apache/cloudstack/acl/QueryChecker.java @@ -0,0 +1,83 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.acl; + +import java.util.List; + +import com.cloud.user.Account; +import com.cloud.utils.component.Adapter; + +/** + * QueryChecker returns granted access at domain, account or resource level. + */ +public interface QueryChecker extends Adapter { + + /** + * List granted domains for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getAuthorizedDomains(Account caller, AclEntityType entityType); + + /** + * List denied domains for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getDeniedDomains(Account caller, AclEntityType entityType); + + /** + * List granted accounts for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getAuthorizedAccounts(Account caller, AclEntityType entityType); + + /** + * List denied accounts for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getDeniedAccounts(Account caller, AclEntityType entityType); + + /** + * List granted resources for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getAuthorizedResources(Account caller, AclEntityType entityType); + + /** + * List denied resources for the caller, given a specific entity type. + * + * @param caller account to check against. + * @param entityType entity type + * @return list of domain Ids granted to the caller account. + */ + List<Long> getDeniedResources(Account caller, AclEntityType entityType); + +}
