Source code

001/**
002 * Copyright 2005-2017 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kew.framework.document.security;
017
018import org.kuali.rice.kew.api.action.ActionType;
019import org.kuali.rice.kew.api.doctype.DocumentType;
020import org.kuali.rice.kew.api.document.Document;
021
022import java.util.Map;
023
024/**
025 * Framework interface used by DocumentTypePermisionServiceAuthorizerImpl to allow
026 * applications to customize document routing permission checks.
027 * {@link #isActionAuthorized(AuthorizableAction, String, org.kuali.rice.kew.api.doctype.DocumentType, org.kuali.rice.kew.api.document.Document, java.util.Map)}
028 * is invoked for applicable actions to check authorization.  Additional action-specific parameters are enumerated by {@link ActionArgument} enum and passed in the actionParameters argument
029 * @since 2.1.3
030 */
031public interface DocumentTypeAuthorizer {
032    /**
033     * Type of additional arguments for {@link #isActionAuthorized(AuthorizableAction, String, org.kuali.rice.kew.api.doctype.DocumentType, org.kuali.rice.kew.api.document.Document, java.util.Map)}
034     */
035    public static enum ActionArgument {
036        ROUTENODE_NAMES,
037        DOCSTATUS
038    }
039
040    /**
041     * Check whether specified action is authorized.
042     * @param action the AuthorizableAction type, either a document action, initiation, or su approve action request check
043     * @param principalId the principal id associated with the action
044     * @param documentType the document type
045     * @param document the document, if available/applicable (may be null)
046     * @param actionParameters additional actionParameters if applicable to the AuthorizableAction check
047     * @return Authorization object specifying whether the action was authorized
048     */
049    Authorization isActionAuthorized(AuthorizableAction action,
050                                     String principalId,
051                                     DocumentType documentType,
052                                     Document document,
053                                     Map<ActionArgument, Object> actionParameters);
054}