...
| Code Block | ||
|---|---|---|
| ||
interface PermissionsService {
Set<Permission> getPermissionsForUser(String appId, String userId);
Permission addPermission(Permission permission);
void updatePermission(Permission permission);
void removePermission(Permission permissions);
Set<Permission> getPermissionsForObject(String appId, ObjectType type, String id);
// this delete cannot be cascaded by the database and must be done manually.
void deletePermissions(String appId, ObjectType type, String id);
/** Spring security will need a very focused method to check, for a
* given user and a given object, does the user have any of the required
* roles to perform the request. This method can fudge things like
* app-scoped permissions, too.
*/
boolean isAuthorizedisAuthorizedAs(AccountId accountId, ObjectType type, String objectId, Role... roles);
} |
...