xref: /OpenGrok/opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/IAuthorizationPlugin.java (revision aa6abf429bacc2c0baa482bff3022e77ef23c183) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * See LICENSE.txt included in this distribution for the specific
9  * language governing permissions and limitations under the License.
10  *
11  * When distributing Covered Code, include this CDDL HEADER in each
12  * file and include the License file at LICENSE.txt.
13  * If applicable, add the following below this CDDL HEADER, with the
14  * fields enclosed by brackets "[]" replaced with your own identifying
15  * information: Portions Copyright [yyyy] [name of copyright owner]
16  *
17  * CDDL HEADER END
18  */
19 
20 /*
21  * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
22  */
23 package org.opengrok.indexer.authorization;
24 
25 import java.util.Map;
26 
27 import jakarta.servlet.http.HttpServletRequest;
28 import org.opengrok.indexer.configuration.Group;
29 import org.opengrok.indexer.configuration.Project;
30 
31 /**
32  * Interface for authorization plug-ins.
33  *
34  * All plug-ins considered for authorization must implement this interface
35  *
36  * @author Krystof Tulinger
37  */
38 public interface IAuthorizationPlugin {
39 
40     /**
41      * Called when the plug-in is loaded into memory. With the parameters from
42      * the configuration.
43      *
44      * This can be used for establishing database/LDAP connection or perform
45      * initialization.
46      *
47      * @param parameters parameters specified in the configuration
48      */
load(Map<String, Object> parameters)49     void load(Map<String, Object> parameters);
50 
51     /**
52      * Called when the plug-in is about to be deleted from the memory.
53      *
54      * This can be used for releasing connections and/or other release stuff.
55      */
unload()56     void unload();
57 
58     /**
59      * This method should decide if given request should be allowed to view or
60      * display the project.
61      *
62      * It is up to the implementor if the standard request attributes like
63      * session, user principal and others are used or not.
64      *
65      * @param request servlet request
66      * @param project project to test
67      * @return true if request is allowed to see this project
68      */
isAllowed(HttpServletRequest request, Project project)69     boolean isAllowed(HttpServletRequest request, Project project);
70 
71     /**
72      * This method should decide if given request should be allowed to view or
73      * display the group.
74      *
75      * It is up to the implementor if the standard request attributes like
76      * session, user principal and others are used or not.
77      *
78      * VERY IMPORTANT NOTE: Allowing particular group does not allow its
79      * projects, repositories. You must include those in the isAllowed method
80      * for project if you want to display content of the group.
81      *
82      * @param request servlet request
83      * @param group group to test
84      * @return true if request is allowed to see this group of projects
85      */
isAllowed(HttpServletRequest request, Group group)86     boolean isAllowed(HttpServletRequest request, Group group);
87 }
88