* feed with a "Deleted ID" feed.
*
*/
- public boolean isRevoked(AuthzTrans trans, String id);
+ public Date isRevoked(AuthzTrans trans, String id);
/**
Future,
UserInRole,
UserDelegate,
- ExtendPassword
+ ExtendPassword,
+ RevokedGracePeriodEnds
}
public enum Policy {
public void setTestMode(boolean dryRun);
+ /**
+ * Evaluates a user to determine if they are exempt from role expiration.
+ * Returns true if true, false is false. Default implementation is always false.
+ *
+ * @param user
+ * @param expires
+ * @return
+ */
+ public boolean isUserExpireExempt(String user, Date expires);
+
public static final Organization NULL = new Organization()
{
private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1);
}
@Override
- public boolean isRevoked(AuthzTrans trans, String id) {
+ public Date isRevoked(AuthzTrans trans, String id) {
// provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table.
- return false;
+ return null;
}
@Override
return null;
}
+ @Override
+ public boolean isUserExpireExempt(String user, Date expires) {
+ return false;
+ }
+
};
}
Code Review / aaf / authz.git / blobdiff