001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.server.core.authz.support;
021    
022    
023    import java.util.Collection;
024    
025    import javax.naming.NamingException;
026    
027    import org.apache.directory.server.core.interceptor.context.OperationContext;
028    import org.apache.directory.shared.ldap.aci.ACITuple;
029    import org.apache.directory.shared.ldap.aci.MicroOperation;
030    import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
031    import org.apache.directory.shared.ldap.entry.ServerEntry;
032    import org.apache.directory.shared.ldap.entry.Value;
033    import org.apache.directory.shared.ldap.name.DN;
034    import org.apache.directory.shared.ldap.schema.SchemaManager;
035    
036    
037    /**
038     * An interface that filters the specified collection of tuples using the
039     * specified extra information.
040     *
041     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
042     * @version $Rev: 927146 $, $Date: 2010-03-24 19:39:54 +0100 (Wed, 24 Mar 2010) $
043     *
044     */
045    public interface ACITupleFilter
046    {
047        /**
048         * Returns the collection of the filtered tuples using the specified
049         * extra information.
050         * 
051         * @param tuples the collection of tuples to filter
052         * @param scope the scope of the operation to be performed
053         * @param proxy the proxy interceptor for this filter to access the DIT
054         * @param userGroupNames the collection of group ({@link DN})s which the current user belongs to
055         * @param userName the {@link DN} of the current user
056         * @param userEntry the {@link ServerEntry} of the current user entry in the DIT
057         * @param authenticationLevel the level of authentication of the current user
058         * @param entryName the {@link DN} of the entry the current user accesses
059         * @param attrId the attribute ID the current user accesses
060         * @param attrValue the value of the attribute the current user accesses
061         * @param entry the {@link ServerEntry} of the entry the current user accesses
062         * @param microOperations the set of {@link MicroOperation}s the current user will perform
063         * @param entryView in case of a Modify operation, view of the entry being modified as if the modification permitted and completed
064         * @return the collection of filtered tuples
065         * @throws NamingException if failed to filter the specific tuples
066         */
067        Collection<ACITuple> filter( 
068                SchemaManager schemaManager, 
069                Collection<ACITuple> tuples, 
070                OperationScope scope, 
071                OperationContext opContext,
072                Collection<DN> userGroupNames, 
073                DN userName, 
074                ServerEntry userEntry,
075                AuthenticationLevel authenticationLevel, 
076                DN entryName, 
077                String attrId,
078                Value<?> attrValue, 
079                ServerEntry entry, 
080                Collection<MicroOperation> microOperations,
081                ServerEntry entryView )
082            throws Exception;
083    }