Source code

001package org.apache.archiva.redback.authorization;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 * http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import java.lang.annotation.ElementType;
023import java.lang.annotation.Retention;
024import java.lang.annotation.RetentionPolicy;
025import java.lang.annotation.Target;
026
027/**
028 * Authorization annotation. The annotation can be defined for methods and describes
029 * the permissions necessary to execute the method.
030 *
031 * @author Olivier Lamy
032 * @since 1.3
033 */
034@Target( ElementType.METHOD )
035@Retention( RetentionPolicy.RUNTIME )
036public @interface RedbackAuthorization
037{
038
039    /**
040     * The list of permissions that are needed for executing the method.
041     * The strings refer to defined permission ids.
042     * The accessing user must have at least one of the given permissions to execute
043     * the method.
044     * @return the array of permission ids.
045     */
046    String[] permissions() default ( "" );
047
048    /**
049     * The resource is used to restrict access by using information from
050     * the method parameters or call environment.
051     * Resource annotations have to be in line with the defined permissions.
052     * Parameters have to be given in the form <code>{parameterName}</code> and are extracted from the URIInfo (path- and
053     * query-parameters)
054     * @return the redback resource karma needed
055     */
056    String resource() default ( "" );
057
058    /**
059     * A description of the authorization definition.
060     * @return the description string
061     */
062    String description() default ( "" );
063
064    /**
065     * @return <code>true</code> if doesn't need any special permission
066     */
067    boolean noRestriction() default false;
068
069    /**
070     * @return True, if this service need only authentication and not special karma
071     */
072    boolean noPermission() default false;
073}