[2/2] git commit: updated refs/heads/rbac to c3baf3a

[mc...@apache.org]

Interface for QueryChecker adapter.

Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c3baf3ad
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c3baf3ad
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c3baf3ad

Branch: refs/heads/rbac
Commit: c3baf3ad72bd77eb1415feae5f715bcd8501d26b
Parents: 81a794a
Author: Min Chen <mi...@citrix.com>
Authored: Thu Nov 21 10:32:26 2013 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Thu Nov 21 10:32:26 2013 -0800

----------------------------------------------------------------------
 .../org/apache/cloudstack/acl/QueryChecker.java | 83 ++++++++++++++++++++
 1 file changed, 83 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3baf3ad/api/src/org/apache/cloudstack/acl/QueryChecker.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/QueryChecker.java b/api/src/org/apache/cloudstack/acl/QueryChecker.java
new file mode 100644
index 0000000..bbe9a2e
--- /dev/null
+++ b/api/src/org/apache/cloudstack/acl/QueryChecker.java
@@ -0,0 +1,83 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl;
+
+import java.util.List;
+
+import com.cloud.user.Account;
+import com.cloud.utils.component.Adapter;
+
+/**
+ * QueryChecker returns granted access at domain, account or resource level.
+ */
+public interface QueryChecker extends Adapter {
+
+    /**
+    * List granted domains for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getAuthorizedDomains(Account caller, AclEntityType entityType);
+
+    /**
+    * List denied domains for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getDeniedDomains(Account caller, AclEntityType entityType);
+
+    /**
+    * List granted accounts for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getAuthorizedAccounts(Account caller, AclEntityType entityType);
+
+    /**
+    * List denied accounts for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getDeniedAccounts(Account caller, AclEntityType entityType);
+
+    /**
+    * List granted resources for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getAuthorizedResources(Account caller, AclEntityType entityType);
+
+    /**
+    * List denied resources for the caller, given a specific entity type.
+    *
+    * @param caller account to check against.
+    * @param entityType entity type
+    * @return list of domain Ids granted to the caller account.
+    */
+    List<Long> getDeniedResources(Account caller, AclEntityType entityType);
+
+}