-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathTenant.java
104 lines (92 loc) · 3.71 KB
/
Tenant.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
/*
* Made with all the love in the world
* by scireum in Remshalden, Germany
*
* Copyright by scireum GmbH
* http://www.scireum.de - [email protected]
*/
package sirius.biz.tenants;
import sirius.biz.analytics.flags.PerformanceFlagged;
import sirius.biz.isenguard.RateLimitedEntity;
import sirius.biz.protocol.Journaled;
import sirius.biz.protocol.Traced;
import sirius.db.mixing.Entity;
import sirius.db.mixing.Mapping;
import sirius.db.mixing.types.BaseEntityRef;
import sirius.kernel.commons.Explain;
import sirius.kernel.di.transformers.Transformable;
import sirius.kernel.settings.Settings;
import sirius.pasta.noodle.sandbox.NoodleSandbox;
import sirius.web.security.UserContext;
import java.io.Serializable;
import java.util.Set;
/**
* Provides the database independent interface for describing a tenant which uses the system.
* <p>
* Note that all fields are represented via {@link TenantData}.
*
* @param <I> the type used to represent database IDs
*/
@SuppressWarnings("squid:S1214")
@Explain("We rather keep the constants here, as this emulates the behaviour and layout of a real entity.")
public interface Tenant<I extends Serializable>
extends Entity, Transformable, Traced, Journaled, RateLimitedEntity, PerformanceFlagged {
/**
* This flag permission is granted to tenant objects only.
* <p>
* This can be used in role / permission mappings to filter specific user roles for the system tenant.
* When a user of the system tenant takes control over another tenant, this permission is kept.
* <p>
* Use {@link #hasPermission(String)} to check for this flag. For user specific permissions the flags
* {@link TenantUserManager#PERMISSION_SYSTEM_TENANT_MEMBER} and
* {@link TenantUserManager#PERMISSION_SYSTEM_ADMINISTRATOR} must be used.
*/
String PERMISSION_SYSTEM_TENANT = "flag-system-tenant";
/**
* Contains the mapping used to identify the parent tenant of the current one.
*/
Mapping PARENT = Mapping.named("parent");
/**
* Contains the effective fields which are mapped by the appropriate mapper depending on the actual entity type.
*/
Mapping TENANT_DATA = Mapping.named("tenantData");
/**
* Returns the reference to the parent tenant (if available).
*
* @return the reference to look up the parent tenant
*/
BaseEntityRef<I, ? extends Tenant<I>> getParent();
/**
* Provides access to the effective tenant data.
*
* @return the tenant data composite which stores all values in a database independent manner.
*/
@NoodleSandbox(NoodleSandbox.Accessibility.GRANTED)
TenantData getTenantData();
/**
* Determines if this tenant has the requested permission.
* <p>
* Note that this only verifies that the tenant has a specific property or feature enabled but does not
* take user permissions into account. These can be checked using
* {@link sirius.web.security.UserInfo#hasPermission(String)}.
*
* @param permission the permission to check
* @return <tt>true</tt> if the tenant has the permission, <tt>false</tt> otherwise
*/
boolean hasPermission(String permission);
/**
* Returns the set of all permissions which are effectively enabled for this tenant.
*
* @return the set of all permissions effectively enabled for this tenant
*/
Set<String> getPermissions();
/**
* Returns the compiled and parsed settings of this tenant.
* <p>
* Normally, we obtain the settings via {@link UserContext#getSettings()} but sometimes we only or directly need
* the settings of a tenant instead of those of a user + tenant.
*
* @return the settings of this tenant
*/
Settings getSettings();
}