001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 * Portions copyright 2013 ForgeRock AS. 016 */ 017 018package org.forgerock.opendj.server.core; 019 020import java.net.InetSocketAddress; 021import java.util.Collection; 022 023import org.forgerock.opendj.ldap.Connection; 024import org.forgerock.opendj.ldap.Entry; 025import org.forgerock.opendj.ldap.RequestContext; 026import org.forgerock.opendj.ldap.requests.BindRequest; 027 028/** 029 * The context in which a request is to be processed. 030 * <p> 031 * Implementations may query the context in order to: 032 * <ul> 033 * <li>query the schema associated with the request (attribute types, decode 034 * DNs, etc) 035 * <li>perform internal operations 036 * <li>query information regarding client performing the request 037 * </ul> 038 * Context implementations take care of correctly routing internal requests. 039 * <p> 040 * In addition, the context acts as a transaction manager, coordinating any 041 * resources accessed during the processing of a request and any subsequent 042 * requests forming part of the same logical transaction. 043 * <p> 044 * FiXME: this interface should be split up into sub-components, such as network 045 * information (protocol, addresses), client information (auth ID, SSF, 046 * privileges). 047 */ 048public interface Operation extends RequestContext, AttachmentHolder { 049 /** 050 * Retrieves the entry for the user that should be considered the 051 * authorization identity for this operation. In many cases, it will be the 052 * same as the authorization entry for the underlying client connection, or 053 * {@code null} if no authentication has been performed on that connection. 054 * However, it may be some other value if special processing has been 055 * requested (e.g., the operation included a proxied authorization control). 056 * 057 * @return The entry for the user that should be considered the 058 * authorization identity for this operation, or {@code null} if the 059 * authorization identity should be the unauthenticated user. 060 */ 061 Entry getAuthorizationEntry(); 062 063 /** 064 * Returns a connection for performing internal operations. 065 * 066 * @return A connection for performing internal operations. 067 */ 068 Connection getConnection(); 069 070 /** 071 * Retrieves the operation ID for this operation. 072 * 073 * @return The operation ID for this operation. 074 */ 075 long getOperationID(); 076 077 /** 078 * Indicates whether the authenticate client has all of the specified 079 * privileges. 080 * 081 * @param privileges 082 * The array of privileges for which to make the determination. 083 * @return {@code true} if the authenticated client has all of the specified 084 * privileges, or {@code false} if not. 085 */ 086 boolean hasAllPrivileges(Collection<Privilege> privileges); 087 088 /** 089 * Indicates whether the authenticated client has the specified privilege. 090 * 091 * @param privilege 092 * The privilege for which to make the determination. 093 * @return {@code true} if the authenticated client has the specified 094 * privilege, or {@code false} if not. 095 */ 096 boolean hasPrivilege(Privilege privilege); 097 098 /** 099 * Sets the entry for the user that should be considered the authorization 100 * identity for this operation. 101 * 102 * @param authorizationEntry 103 * The entry for the user that should be considered the 104 * authorization identity for this operation, or {@code null} if 105 * it should be the unauthenticated user. 106 */ 107 void setAuthorizationEntry(Entry authorizationEntry); 108 109 /** 110 * Retrieves the entry for the user as whom the client is authenticated. 111 * 112 * @return The entry for the user as whom the client is authenticated, or 113 * {@code null} if the client is unauthenticated. 114 */ 115 Entry getAuthenticationEntry(); 116 117 /** 118 * Retrieves the last successful bind request from the client. 119 * 120 * @return The last successful bind request or {@code null} if the client 121 * have not yet successfully bind. 122 */ 123 BindRequest getBindRequest(); 124 125 /** 126 * Retrieves the unique identifier that is assigned to the client connection 127 * that submitted this operation. 128 * 129 * @return The unique identifier that is assigned to the client connection 130 * that submitted this operation. 131 */ 132 long getConnectionID(); 133 134 /** 135 * Returns the {@code InetSocketAddress} associated with the local system. 136 * 137 * @return The {@code InetSocketAddress} associated with the local system. 138 */ 139 InetSocketAddress getLocalAddress(); 140 141 /** 142 * Retrieves the default maximum number of entries that should checked for 143 * matches during a search. 144 * 145 * @return The default maximum number of entries that should checked for 146 * matches during a search. 147 */ 148 int getLookthroughLimit(); 149 150 /** 151 * Returns the {@code InetSocketAddress} associated with the remote system. 152 * 153 * @return The {@code InetSocketAddress} associated with the remote system. 154 */ 155 InetSocketAddress getPeerAddress(); 156 157 /** 158 * Retrieves the protocol that the client is using to communicate with the 159 * Directory Server. 160 * 161 * @return The protocol that the client is using to communicate with the 162 * Directory Server. 163 */ 164 String getProtocol(); 165 166 /** 167 * Returns the strongest cipher strength currently in use by the underlying 168 * connection. 169 * 170 * @return The strongest cipher strength currently in use by the underlying 171 * connection. 172 */ 173 int getSecurityStrengthFactor(); 174 175 /** 176 * Retrieves the size limit that will be enforced for searches performed 177 * using this client connection. 178 * 179 * @return The size limit that will be enforced for searches performed using 180 * this client connection. 181 */ 182 int getSizeLimit(); 183 184 /** 185 * Retrieves the time limit that will be enforced for searches performed 186 * using this client connection. 187 * 188 * @return The time limit that will be enforced for searches performed using 189 * this client connection. 190 */ 191 int getTimeLimit(); 192}