ARoad0.gBaseInterface
Interface Resource

All Superinterfaces:
ACSObject, BaseBeanManager, BaseObject, Basic, BoundBean, java.lang.Cloneable, java.lang.Comparable, Copyable, FinalizedObject, FinalizedObjectForUser, ImmutableBasic, ImmutableLeaf, ImmutablePrivilegeTarget, ImmutableResource, ImmutableTarget, Leaf, PrivilegeTarget, PrivilegeUser
All Known Subinterfaces:
Actor, ActorMySQL, ActorUbuntu, BasesSetMySQL, Directory, DirectoryMySQL, DirectoryUbuntu, ExecutableUbuntu, ResourceMySQL, ResourceUbuntu
All Known Implementing Classes:
ActorImpl, ActorMySQLImpl, ActorUbuntuImpl, BasesSetMySQLImpl, DirectoryImpl, DirectoryMySQLImpl, DirectoryUbuntuImpl, ExecutableUbuntuImpl, ResourceImpl, ResourceMySQLImpl, ResourceUbuntuImpl

public interface Resource
extends ImmutableResource, Leaf, Basic, PrivilegeTarget

This interface is responsible for modeling a resource in an ACS. The resource may have a parent in a resource tree in this ACS, and may be the alias of an EligibleParty of another ACS.

As a general resource it is accessed from EligibleParties (userID, groupID, actor) through AclEntries belonging to this ACS or to another one. As a resource with AGO rights, it has an userID (account) and a groupID (group) in this ACS, and rights for them. The Resource is a PrivilegeTarget. This interface has several subinterfaces in this package. Directories, files, executable progams are examples of resources. The resource is automatically registered in at most one ACS (the main one) plus others (the controllers). So, finalizeForUser() HAVE TO BE CALLED BEFORE DELETING the resource.

It is a javabean with the following bound properties: 'Comment', 'AclEntries', 'UserID', 'GroupID', 'RootRights', 'OtherRights', 'GroupRights', 'OwnerRights', 'EPsThroughAclEntry', 'AcsControllers', and from the subclasses in the AcsAddon, 'InheritedTargetPrivileges', 'InheritedTargetAclEntries'. The listeners are proper to this instance, outside gBase, transient (not serialized in this instance backup), and they are called in any order. As a BaseBeanManager, fire closing/deleting events on AclEntries.

Since:
0.4.0

Method Summary
 AclEntry addAclEntry(ImmutableACS _aclAcs, ImmutableEligibleParty _ep, StringRight[] _right, java.lang.Boolean _positiveRight, ImmutableGroupID _conditionGroup)
          Creates a new aclEntry which delivers rights to an eligible party to access or to deny access to this resource.
 java.lang.Object copyWithoutInternalAcl(ImmutableName _name, ACS _acs, Directory _parent, java.lang.Boolean _toRegisterInManager)
          This method provides a copy of the instance as Copyable.copy(), but without copying the internal aclEntries.
 void removeAclEntry(ImmutableACS _aclAcs, ImmutableEligibleParty _ep, boolean _positiveRight, ImmutableGroupID _conditionGroup)
          Deletes an aclEntry which delivers rights to an eligible party to access or to deny access to this resource.
 void resetInheritedAclEntryRights(AclEntry _acl)
          Resets the inherited AclEntry rights after an user edition.
 void resetInheritedPrivilegeRights(PrivilegeForLinks _lpri)
          Resets the inherited Privilege rights after an user edition.
 PrivilegeForLinks selectInheritedPrivilege(PrivilegeForLinks _lpri, java.lang.String _type)
          Returns the Privilege to use as inherited Privilege in a child.
 void setEorGroupID(ImmutableGroupID _g)
          Defines the group owning this resource.
 void setEorUserID(ImmutableUserID _u)
          Set the userID of the resource, and set the current userID in the own actors if it was the previous userID.
 void setL_groupRights(StringRight[] _s)
          Set the rights for the members of the groupID which owns this resource.
 void setL_ownerRights(StringRight[] _s)
          Sets the rights for the account which owns this resource.
 void setL_rootRights(StringRight[] _s)
          Sets the rights for the userID 'root'.
 void setResourceType(java.lang.String _st)
          If _st is allowed by the ACS, set the type of this resource.
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableResource
containsAclEntryToEP, getActorActivated, getAGOAccessFromTheParentAccount, getAGOAccessFromTheParentGroup, getEorGroupID, getEorImmutableL_TargetInheritedAclEntries, getEorL_EPthroughAclEntry, getEorUserID, getL_aclEntry, getL_AcsControllers, getL_groupRights, getL_inheritedGroupRights, getL_inheritedOwnerRights, getL_ownerRights, getL_rootRights, getM_ConstrainedChildACS, getM_TargetInheritedACLRights, getResourceType, hasTheAccountAndGroupOfParent, selectInheritedAclEntry
 
Methods inherited from interface ARoad0.gBaseInterface.Basic
finalizeForUser, setComment
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableBasic
getComment, getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getImpliedViews, getIS_Name, getL_AcsOfSoftReferences, getL_SoftAlias, getPropertyChangeListeners, getSerialVersionUID, getVirtualFolders
 
Methods inherited from interface ARoad0.gBaseInterface.Copyable
copy
 
Methods inherited from interface ARoad0.gBaseInterface.PrivilegeTarget
addEorPrivilegeForTypeToTarget, removeEorPrivilegeToTarget
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilegeTarget
getEorImmutableL_TargetInheritedLinkedPrivileges, getEorL_TargetPrivilegeForLinks, getEorL_TargetPrivilegeForTypes, getEorL_TargetPrivileges, getM_TargetInheritedLinkedPRIRights, getType
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutableTarget
getEorAliasAsInternalHardReference, getEorReferenceAsInternalHardAlias, getHasSoftAlias, getL_AcsOfSoftReferences, getL_SoftAlias
 
Methods inherited from interface ARoad0.gBaseInterface.ACSObject
getAcsName, getEorACS
 
Methods inherited from interface ARoad0.gBaseInterface.BaseObject
equals, getFullName, getName, getNickName, hashCode
 

Method Detail

setEorGroupID

void setEorGroupID(ImmutableGroupID _g)
                   throws UpDateError
Defines the group owning this resource. Some resources as actors have secondary groups in the same ACS.

Parameters:
_g - ImmutableGroupID which owns this resource, in the main ACS.
Throws:
UpDateError - if _g does not belong to the main ACS of this resource.

setEorUserID

void setEorUserID(ImmutableUserID _u)
                  throws UpDateError
Set the userID of the resource, and set the current userID in the own actors if it was the previous userID. It is a bound property. Change the group, which becomes the primary group of the new account if it is not null.

Parameters:
_u - owns this resource, in the main ACS. May be null.
Throws:
UpDateError - if _u does not belong to this resource main ACS.

setL_ownerRights

void setL_ownerRights(StringRight[] _s)
                      throws UpDateError
Sets the rights for the account which owns this resource. The rights may be acsrights and metarights, positive and negative rights. The ACS constraints are always applied. No action if the instance has been finalized. If a new right is not allowed by the ACS, it is removed and the other rights are kept. No adding of null elements. 'full_control' equivallent is the default right if there is no umask.

Parameters:
_s - array of acsrights and/or metarights. May be null.
Throws:
UpDateError - if the owner rights are immutable.

setL_groupRights

void setL_groupRights(StringRight[] _s)
                      throws UpDateError
Set the rights for the members of the groupID which owns this resource. The rights may be acsrights and metarights, positive and negative rights. The ACS constraints are always applied. No action if the instance has been finalized. If a new right is not allowed by the ACS, it is removed and the other rights are kept. No adding of null elements.

Parameters:
_s - array of acsrights and/or metarights. May be null.
Throws:
UpDateError - if the group rights are immutable.

setL_rootRights

void setL_rootRights(StringRight[] _s)
                     throws UpDateError
Sets the rights for the userID 'root'. "full_control" equivallent is a mandatory right, even if it is not in the constrained rights list. No action if the instance has been finalized or if a right is not allowed. Fires a PropertyChange for 'RootRights'.

Parameters:
_s - array of acsrights and/or metarights. May be null.
Throws:
UpDateError - if the root rights are immutable.

setResourceType

void setResourceType(java.lang.String _st)
                     throws UpDateError
If _st is allowed by the ACS, set the type of this resource. This method is used to switch from an type which forbids the updates of a protected property, and to return to this protecting type. Then , it is possible to switch for example from 'actor' to ' actor', but not to ' directory'. From the default value '', any first update may be done. Fire a PropertyChange for 'ResourceType'.

Parameters:
_st - type of the resource.
Throws:
UpDateError - if the type is null, equal to , or not known by the ACS, or not associated to the previous type.

addAclEntry

AclEntry addAclEntry(ImmutableACS _aclAcs,
                     ImmutableEligibleParty _ep,
                     StringRight[] _right,
                     java.lang.Boolean _positiveRight,
                     ImmutableGroupID _conditionGroup)
                     throws CreateError
Creates a new aclEntry which delivers rights to an eligible party to access or to deny access to this resource. The resource name must have a name following the pattern IS_name / ACS_name / resource_name, to allow the identification of the ACS in _ep. 'AclEntries' and 'EPsThroughAclEntry' are bound properties.

Parameters:
_aclAcs - ImmutableACS which owns the new AclEntry, and to be recorded as an ACS controller of this resource if it is not its main ACS.
_ep - eligible party connected to the resource through a new aclEntry.
_right - is an string array of positive or negative rights of _ep on this resource (that is, if READ is a right, _ep can read on the resource). May be null.
_positiveRight - is true if the rights are set to authorize (grant), and false if they are set to forbid (deny).
_conditionGroup - first condition group. May be null.
Returns:
new AclEntry.
Throws:
java.lang.InternalError - if this resource has a null name or a null ACS, or if _ep is not an EligiblePartyImpl nor an ActorImpl.
CreateError - if _ep or _aclAcs is null, or if _ep is already recorded in this resource with the same ACS, or thrown by the ACS.newEorAclEntry().

removeAclEntry

void removeAclEntry(ImmutableACS _aclAcs,
                    ImmutableEligibleParty _ep,
                    boolean _positiveRight,
                    ImmutableGroupID _conditionGroup)
                    throws UpDateError
Deletes an aclEntry which delivers rights to an eligible party to access or to deny access to this resource. 'AclEntries' and 'EPsThroughAclEntry' are bound properties.

Parameters:
_aclAcs - ImmutableACS which owns the AclEntry, and is recorded as an ACS controller of this resource.
_ep - eligible party connected to the resource through an AclEntry. This method unrecords the relevant aclEntry in _ep, in this resource, and in the relevant ACS. The ACS of the aclEntry may be unrecorded in this resource if there are no other aclEntry owned by this ACS in this resource.
_positiveRight - is true if the rights are oriented to authorize, and false if they are oriented to forbid.
_conditionGroup - first condition group. May be null.
Throws:
UpDateError - if _ep is null, unknown, or if _aclAcs is closed or unknown.

resetInheritedAclEntryRights

void resetInheritedAclEntryRights(AclEntry _acl)
Resets the inherited AclEntry rights after an user edition. Only to be overridden in an AcsAddon, so it is an empty method in the generic class. Called by an AclEntry when it fires 'AclRights' or a 'ConditionSourceGroups' property change, since this implies a change in the effective rights of itself as inherited AclEntry in the children of the Directory it has as target. This method has to be overread only in the Resource implementations of the AcsAddons handling the ACL inheritance. Not described in the BeanInfo since the user does not call it.

Parameters:
_acl - inherited AclEntry with updated rights

resetInheritedPrivilegeRights

void resetInheritedPrivilegeRights(PrivilegeForLinks _lpri)
Resets the inherited Privilege rights after an user edition. Called by the master parent when there is a change in the effective rights of an inherited Privilege. This is only when it is about a change in the sources. Contrary to AclEntry, the rights are immutable and there is no condition. Not described in the BeanInfo since the user does not call it. Note: the creation of the inherited Privilege in a child is not handled by the generic gBase package, while the rights updating of the inherited Privilege is handled.

Parameters:
_lpri - inherited Privilege with updated rights. Never null.

selectInheritedPrivilege

PrivilegeForLinks selectInheritedPrivilege(PrivilegeForLinks _lpri,
                                           java.lang.String _type)
Returns the Privilege to use as inherited Privilege in a child. Empty method which returns the argument. Should be never called, and throws an InternalError. Has to be overridden into an AcsAddon handling the privilege inheritance.

Specified by:
selectInheritedPrivilege in interface ImmutablePrivilegeTarget
Parameters:
_lpri - the initial Privilege which may be given to the child
_type - type of a child, as Resource
Returns:
the inherited Privilege if the child inherits this initial Privilege, or null

copyWithoutInternalAcl

java.lang.Object copyWithoutInternalAcl(ImmutableName _name,
                                        ACS _acs,
                                        Directory _parent,
                                        java.lang.Boolean _toRegisterInManager)
                                        throws CreateError
This method provides a copy of the instance as Copyable.copy(), but without copying the internal aclEntries. It is used in ACSImpl.copy(). Each internal variable that is an external object reference have a shallow copy (no deep copy), but without copy for the internal aclEntry nor the list of ViewInBase that contains this instance.

Parameters:
_name - copy name. Usually creates as an extension of _parent name.
_acs - main ACS of the copy to create. May not be the ACS of this instance.
_parent - DirectoryImpl which belongs to _acs and will have the copy. May be null. Must be null for some implementations.
_toRegisterInManager - false if this method must not register the instance in the ACS.
Returns:
a copy of the object, in the same class.
Throws:
CreateError - of the constructor with the same parameters, or if _parent ACS is not _acs, or addAclEntry() exceptions.