X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-core%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Forg%2FOrganization.java;h=778eb295687a514b82ed6a0d1fdbbea7ebef43e6;hb=HEAD;hp=73093099e4a27c341d24cc92ac6bacacdc1d357e;hpb=613859588b02fce23acc98e0f51035a947dc3142;p=aaf%2Fauthz.git diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java index 73093099..778eb295 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java @@ -124,7 +124,7 @@ public interface Organization { * feed with a "Deleted ID" feed. * */ - public boolean isRevoked(AuthzTrans trans, String id); + public Date isRevoked(AuthzTrans trans, String id); /** @@ -214,7 +214,8 @@ public interface Organization { Future, UserInRole, UserDelegate, - ExtendPassword + ExtendPassword, + RevokedGracePeriodEnds } public enum Policy { @@ -347,6 +348,16 @@ public interface Organization { public void setTestMode(boolean dryRun); + /** + * Evaluates a user to determine if they are exempt from role and cred expiration. + * Returns true if true, false if false. Default implementation is always false. + * + * @param user + * @param expires + * @return + */ + public boolean isUserExpireExempt(String user, Date expires); + public static final Organization NULL = new Organization() { private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1); @@ -574,9 +585,9 @@ public interface Organization { } @Override - public boolean isRevoked(AuthzTrans trans, String id) { + public Date isRevoked(AuthzTrans trans, String id) { // provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table. - return false; + return null; } @Override @@ -585,6 +596,11 @@ public interface Organization { return null; } + @Override + public boolean isUserExpireExempt(String user, Date expires) { + return false; + } + }; }