public Identity getIdentity(AuthzTrans trans, String id) throws OrganizationException;
/**
- * May AutoDelete
+ * Is Revoked
*
* Deletion of an Identity that has been removed from an Organization can be dangerous. Mistakes may have been made
* in the Organization side, a Feed might be corrupted, an API might not be quite right.
*
- * The implementation of this method can use a double check of some sort, such as comparsion of missing ID in Organization
+ * The implementation of this method can use a double check of some sort, such as comparison of missing ID in Organization
* feed with a "Deleted ID" feed.
*
- * The failure to be in Organization will still be reported, if returned "false", but if true, it is taken as an
- * ok to proceed with deletion.
*/
- public boolean mayAutoDelete(AuthzTrans trans, String id);
+ public boolean isRevoked(AuthzTrans trans, String id);
/**
* @return
*/
public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException ;
+
+ /**
+ * Get Identities for Escalation Level
+ * 1 = self
+ * 2 = expects both self and immediate responsible party
+ * 3 = expects self, immediate report and any higher that the Organization wants to escalate to in the
+ * hierarchy.
+ *
+ * Note: this is used to notify of imminent danger of Application's Cred or Role expirations.
+ */
+ public List<Identity> getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException ;
+
/*
*
* @param user
}
@Override
- public boolean mayAutoDelete(AuthzTrans trans, String id) {
+ public boolean isRevoked(AuthzTrans trans, String id) {
// provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table.
return false;
}
+ @Override
+ public List<Identity> getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
};
}
Code Review / aaf / authz.git / blobdiff