001package org.apache.archiva.redback.authorization; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import java.lang.annotation.ElementType; 023import java.lang.annotation.Retention; 024import java.lang.annotation.RetentionPolicy; 025import java.lang.annotation.Target; 026 027/** 028 * Authorization annotation. The annotation can be defined for methods and describes 029 * the permissions necessary to execute the method. 030 * 031 * @author Olivier Lamy 032 * @since 1.3 033 */ 034@Target( ElementType.METHOD ) 035@Retention( RetentionPolicy.RUNTIME ) 036public @interface RedbackAuthorization 037{ 038 039 /** 040 * The list of permissions that are needed for executing the method. 041 * The strings refer to defined permission ids. 042 * The accessing user must have at least one of the given permissions to execute 043 * the method. 044 * @return the array of permission ids. 045 */ 046 String[] permissions() default ( "" ); 047 048 /** 049 * The resource is used to restrict access by using information from 050 * the method parameters or call environment. 051 * Resource annotations have to be in line with the defined permissions. 052 * Parameters have to be given in the form <code>{parameterName}</code> and are extracted from the URIInfo (path- and 053 * query-parameters) 054 * @return the redback resource karma needed 055 */ 056 String resource() default ( "" ); 057 058 /** 059 * A description of the authorization definition. 060 * @return the description string 061 */ 062 String description() default ( "" ); 063 064 /** 065 * @return <code>true</code> if doesn't need any special permission 066 */ 067 boolean noRestriction() default false; 068 069 /** 070 * @return True, if this service need only authentication and not special karma 071 */ 072 boolean noPermission() default false; 073}