PermissionTicket.java

/*
 * Copyright 2017 Red Hat, Inc. and/or its affiliates
 * and other contributors as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.keycloak.authorization.model;

import org.keycloak.storage.SearchableModelField;

/**
 * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
 */
public interface PermissionTicket {

    public static class SearchableFields {
        public static final SearchableModelField<PermissionTicket> ID = new SearchableModelField<>("id", String.class);
        public static final SearchableModelField<PermissionTicket> RESOURCE_ID = new SearchableModelField<>("resourceId", String.class);
        public static final SearchableModelField<PermissionTicket> RESOURCE_SERVER_ID = new SearchableModelField<>("resourceServerId", String.class);
        public static final SearchableModelField<PermissionTicket> OWNER = new SearchableModelField<>("owner", String.class);
        public static final SearchableModelField<PermissionTicket> REQUESTER = new SearchableModelField<>("requester", String.class);
        public static final SearchableModelField<PermissionTicket> SCOPE_ID = new SearchableModelField<>("scopeId", String.class);
        public static final SearchableModelField<PermissionTicket> POLICY_ID = new SearchableModelField<>("policyId", String.class);
        public static final SearchableModelField<PermissionTicket> GRANTED_TIMESTAMP = new SearchableModelField<>("grantedTimestamp", String.class);
        public static final SearchableModelField<PermissionTicket> REALM_ID = new SearchableModelField<>("realmId", String.class);
    }
    
    public static enum FilterOption {
        ID("id", SearchableFields.ID),
        RESOURCE_ID("resource.id", SearchableFields.RESOURCE_ID),
        RESOURCE_NAME("resource.name", SearchableFields.RESOURCE_ID),
        SCOPE_ID("scope.id", SearchableFields.SCOPE_ID),
        SCOPE_IS_NULL("scope_is_null", SearchableFields.SCOPE_ID),
        OWNER("owner", SearchableFields.OWNER),
        GRANTED("granted", SearchableFields.GRANTED_TIMESTAMP),
        REQUESTER("requester", SearchableFields.REQUESTER),
        REQUESTER_IS_NULL("requester_is_null", SearchableFields.REQUESTER),
        POLICY_IS_NOT_NULL("policy_is_not_null", SearchableFields.POLICY_ID),
        POLICY_ID("policy.id", SearchableFields.POLICY_ID)
        ;

        private final String name;
        private final SearchableModelField<PermissionTicket> searchableModelField;

        FilterOption(String name, SearchableModelField<PermissionTicket> searchableModelField) {
            this.name = name;
            this.searchableModelField = searchableModelField;
        }


        public String getName() {
            return name;
        }

        public SearchableModelField<PermissionTicket> getSearchableModelField() {
            return searchableModelField;
        }
    }

    /**
     * Returns the unique identifier for this instance.
     *
     * @return the unique identifier for this instance
     */
    String getId();

    /**
     * Returns the resource's owner, which is usually an identifier that uniquely identifies the resource's owner.
     *
     * @return the owner of this resource
     */
    String getOwner();

    String getRequester();

    /**
     * Returns the {@link Resource} associated with this instance
     *
     * @return the {@link Resource} associated with this instance
     */
    Resource getResource();

    /**
     * Returns the {@link Scope} associated with this instance
     *
     * @return the {@link Scope} associated with this instance
     */
    Scope getScope();

    boolean isGranted();

    Long getCreatedTimestamp();

    Long getGrantedTimestamp();
    void setGrantedTimestamp(Long millis);

    /**
     * Returns the {@link ResourceServer} where this policy belongs to.
     *
     * @return a resource server
     */
    ResourceServer getResourceServer();

    Policy getPolicy();

    void setPolicy(Policy policy);
}