Package edu.internet2.middleware.grouper.permissions.limits

Interface PermissionLimitInterface

All Known Implementing Classes:

PermissionLimitAmountLessThan, PermissionLimitAmountLessThanEquals, PermissionLimitBase, PermissionLimitElLogic, PermissionLimitIpOnNetworkRealm, PermissionLimitIpOnNetworks, PermissionLimitLabelsContain, PermissionLimitWeekday9to5Logic

public interface PermissionLimitInterface

implement this interface to attach logic to a permission limit

Method Summary

Modifier and Type	Method	Description
boolean	allowPermission(PermissionEntry permissionEntry, AttributeAssign limitAssignment, Set<AttributeAssignValue> limitAssignmentValues, Map<String,Object> limitEnvVars, Set<PermissionLimitBean> permissionLimitBeans)	if the limit allowed the permission to be allowed
int	cacheLimitValueResultMinutes()	if we can cache the result for a some minutes.
PermissionLimitDocumentation	documentation()	return a UI key to documentation about the limit.
PermissionLimitDocumentation	validateLimitAssignValue(AttributeAssign limitAssign, Set<AttributeAssignValue> limitAssignmentValues)	validate a user entered value(s) on the limit assignment

Method Details

allowPermission

boolean allowPermission(PermissionEntry permissionEntry,
 AttributeAssign limitAssignment,
 Set<AttributeAssignValue> limitAssignmentValues,
 Map<String,Object> limitEnvVars,
 Set<PermissionLimitBean> permissionLimitBeans)

if the limit allowed the permission to be allowed

Parameters:

permissionEntry - to check

limitAssignment - the assignment of the limit (e.g. to the permission assignment a parent assignment, or the role, etc)

limitAssignmentValues -

limitEnvVars - value could be String, Long, or Double

permissionLimitBeans - all limits for this permission (in case the limit logic needs it... note, dont use built in caching if this is the case)

Returns:

true if allowed, false if not

validateLimitAssignValue

PermissionLimitDocumentation validateLimitAssignValue(AttributeAssign limitAssign,
 Set<AttributeAssignValue> limitAssignmentValues)

validate a user entered value(s) on the limit assignment

Parameters:

limitAssign -

limitAssignmentValues -

Returns:

the UI key and args for the error code (arbitrary, in Grouper should put in nav.properties) or null for ok

documentation

PermissionLimitDocumentation documentation()

return a UI key to documentation about the limit. for Grouper, put in nav.properties

Returns:

a UI key

cacheLimitValueResultMinutes

int cacheLimitValueResultMinutes()

if we can cache the result for a some minutes. i.e. for the same attribute assignment and value and input map, is the result the same... e.g. ip address math can be cached, amount limits, etc. If there are conditions about the permission names, then dont cache

Returns:

the number of minutes to cache