policydatabase.java

这是linux下ssl vpn的实现程序

     *         resources
     * @throws Exception on any error
     */
    public List getGrantedResourcesOfType(Principal principal, ResourceType resourceType) throws Exception;
   

    /**
     * Get a list of {@link Policy} that are attached to a resource
     * 
     * @param resource
     * @return list of policies
     * @throws Exception on any error
     */
    public List getPoliciesAttachedToResource(Resource resource) throws Exception;

    /**
     * Get a list of all {@link Principal}s granted the provided {@link Policy}
     * 
     * @param policy
     * @return list of principals
     * @throws Exception
     */
    public List getPrincipalsGrantedPolicy(Policy policy) throws Exception;

    /**
     * Revoke all policy from all principals
     * 
     * @param policy
     * @throws Exception on any error
     */
    public void revokePolicyFromAllPrincipals(Policy policy) throws Exception;

    /**
     * Get a resource type given its id.
     * 
     * @param resourceTypeId
     * @return resource type
     */
    public ResourceType getResourceType(int resourceTypeId);
    
    /**
     * Get a policy given its name.
     * 
     * @param name policy name
     * @return policy object
     * @throws Exception on any error
     */
    public Policy getPolicyByName(String name) throws Exception;

    
    /**
     * Create a resource permission. The ID will be set upon success. The same
     * object instance will be returned
     * 
     * @param resourcePermission resource permission
     * @return resource
     * @throws Exception
     */
    public ResourcePermission createResourcePermission(ResourcePermission resourcePermission)  throws Exception;

    /**
     * Get the complete list of {@link ResourcePermission} objects
     * 
     * @return list of resource permissions
     * @throws Exception on any error
     */
    public List getResourcePermissions() throws Exception;
    
    /**
     * Get a resource permission given its name.
     * 
     * @param name resource permission
     * @return delegation resource object
     * @throws Exception on any error
     */
    public ResourcePermission getResourcePermissionByName(String name) throws Exception;

    /**
     * Get a resource permission given its id
     * 
     * @param id
     * @return resource permission
     * @throws Exception on any error
     */
    public ResourcePermission getResourcePermission(int id) throws Exception;

    /**
     * Determine whether an action can be performed by checking the resource
     * permission tree.
     * 
     * @param resourceType resource type to check
     * @param permissions permissions required
     * @param user user to check
     * @param all all permissions are check rather than any if true
     * @return resource permission is allowed
     * @throws Exception on any error
     */
    public boolean isResourcePermissionAllowed(ResourceType resourceType, Permission[] permissions, User user, boolean all)
        throws Exception;

    /**
     * Get a list of {@link ResourcePermission} objects that are valid for user
     * to view / edit.
     * 
     * @param resourceType resource type to check or null for any
     * @param permission permission required or null for any
     * @param permissionClass class of resource permission or null for any
     * @param user user to check (may not be null)
     * @return list of resource permission objects
     * @throws Exception on any error
     */
    public List getResourcePermissions(ResourceType resourceType, Permission permission, String permissionClass, User user)
        throws Exception;

    /**
     * Get a list of {@link ResourcePermission} objects that are permit the the
     * specified user to perform an action.
     * 
     * @param resourceType resource type to check or null for any
     * @param permission permission required or null for any
     * @param permissionClass class of resource permission or null for any
     * @param user user to check (may not be null)
     * @param onwardDelegation if true only onward delegatable resource
     *        permissions are returned, if false non onward delegatable resource
     *        permissions are returned
     * @param checkDelegatedPolicies if true, delegated policies are checked
     * @param checkGrantedPolicies if true, granted policies are checked
     * @return list of resource permission objects
     * @throws Exception on any error
     */
    public List getPermittingResourcePermissions(ResourceType resourceType, Permission permission, String permissionClass, User user, boolean onwardDelegation, boolean checkDelegatedPolicies, boolean checkGrantedPolicies)
        throws Exception;

    /**
     * Determine whether the user can perform <strong>any</strong>
     * administrative actions using the delegation tree.
     * 
     * @param user user to check
     * @param delegation include deletation class
     * @param system include system class
     * @param personal include personal class
     * @return allowed
     * @throws Exception on any error
     */
    public boolean isAnyResourcePermissionAllowed(User user, boolean delegation, boolean system, boolean personal) throws Exception;
    
    /**
     * Delete a resource permission given its id
     * 
     * @param id id to remove
     * @return deleted resource permission
     * @throws Exception on any error
     */
    public ResourcePermission deleteResourcePermission(int id) throws Exception;
    
    /**
     * Update a resource permission
     * 
     * @param permission permission to update
     * @throws Exception on any error
     */
    public void updateResourcePermission(ResourcePermission permission) throws Exception;

    /**
     * Get a list of all the policies that a permission may be delegated too
     * 
     * @param resourcePermission resource permission
     * @return list of {@link Policy} objects.
     * @throws Exception on any error
     */
    public List getResourcePermissionDelegatedPolicies(ResourcePermission resourcePermission) throws Exception;

    /**
     * Add delegation of a resource permission to a policy
     * 
     * @param resourcePermission resource permission
     * @param policy policy
     * @throws Exception on any error
     */
    public void addResourcePermissionDelegationToPolicy(ResourcePermission resourcePermission, Policy policy) throws Exception;
    
    /**
     * Remove delegation of a resource permission from a policy
     * 
     * @param resourcePermission resource permission
     * @param policy policy
     * @throws Exception on any error
     */
    public void removeResourcePermissionDelegationFromPolicy(ResourcePermission resourcePermission, Policy policy) throws Exception;

    /**
     * Remove delegation of a resource permission from all policies
     * 
     * @param resourcePermission resource permission
     * @throws Exception on any error
     */
    public void clearResourcePermissionDelegation(ResourcePermission resourcePermission) throws Exception;

    /**
     * Load the resource permissions
     * 
     * @throws Exception on any error
     */
    public void initResourcePermissions() throws Exception;

    /**
     * Get a list of {@link Policy} objects that have been delegated ANY
     * permission to maintain a resource type. A permission class may also be
     * specified
     * 
     * @param resourceType resource type
     * @param permissionClass permission class
     * @param user user
     * @param onwardDelegatableOnly onware delegatable resource permissions only
     * @return list of policies
     * @throws Exception on any error
     */
    public List getPoliciesOfDelegatedResourcePermissions(ResourceType resourceType, String permissionClass, User user, boolean onwardDelegatableOnly)
                    throws Exception;

}