PermissionLimitInterface

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

edu.internet2.middleware.grouper.permissions.limits
Interface PermissionLimitInterface

All Known Implementing Classes:: PermissionLimitAmountLessThan, PermissionLimitAmountLessThanEquals, PermissionLimitBase, PermissionLimitElLogic, PermissionLimitIpOnNetworkRealm, PermissionLimitIpOnNetworks, PermissionLimitLabelsContain, PermissionLimitWeekday9to5Logic

public interface PermissionLimitInterface

implement this interface to attach logic to a permission limit

Author:: mchyzer

Method Summary
`boolean`	`allowPermission(PermissionEntry permissionEntry, AttributeAssign limitAssignment, Set<AttributeAssignValue> limitAssignmentValues, Map<String,Object> limitEnvVars, Set<PermissionLimitBean> permissionLimitBeans)` if the limit allowed the permission to be allowed
`int`	`cacheLimitValueResultMinutes()` if we can cache the result for a some minutes.
`PermissionLimitDocumentation`	`documentation()` return a UI key to documentation about the limit.
`PermissionLimitDocumentation`	`validateLimitAssignValue(AttributeAssign limitAssign, Set<AttributeAssignValue> limitAssignmentValues)` validate a user entered value(s) on the limit assignment

Method Detail

allowPermission

boolean allowPermission(PermissionEntry permissionEntry,
                        AttributeAssign limitAssignment,
                        Set<AttributeAssignValue> limitAssignmentValues,
                        Map<String,Object> limitEnvVars,
                        Set<PermissionLimitBean> permissionLimitBeans)

if the limit allowed the permission to be allowed

Parameters:: permissionEntry - to check; limitAssignment - the assignment of the limit (e.g. to the permission assignment a parent assignment, or the role, etc); limitAssignmentValues -; limitEnvVars - value could be String, Long, or Double; permissionLimitBeans - all limits for this permission (in case the limit logic needs it... note, dont use built in caching if this is the case)
Returns:: true if allowed, false if not

validateLimitAssignValue

PermissionLimitDocumentation validateLimitAssignValue(AttributeAssign limitAssign,
                                                      Set<AttributeAssignValue> limitAssignmentValues)

validate a user entered value(s) on the limit assignment

Parameters:: limitAssign -; limitAssignmentValues -
Returns:: the UI key and args for the error code (arbitrary, in Grouper should put in nav.properties) or null for ok

documentation

PermissionLimitDocumentation documentation()

return a UI key to documentation about the limit. for Grouper, put in nav.properties

Returns:: a UI key

cacheLimitValueResultMinutes

int cacheLimitValueResultMinutes()

if we can cache the result for a some minutes. i.e. for the same attribute assignment and value and input map, is the result the same... e.g. ip address math can be cached, amount limits, etc. If there are conditions about the permission names, then dont cache

Returns:: the number of minutes to cache