001package ca.uhn.fhir.rest.server.interceptor.auth; 002 003/* 004 * #%L 005 * HAPI FHIR - Core Library 006 * %% 007 * Copyright (C) 2014 - 2017 University Health Network 008 * %% 009 * Licensed under the Apache License, Version 2.0 (the "License"); 010 * you may not use this file except in compliance with the License. 011 * You may obtain a copy of the License at 012 * 013 * http://www.apache.org/licenses/LICENSE-2.0 014 * 015 * Unless required by applicable law or agreed to in writing, software 016 * distributed under the License is distributed on an "AS IS" BASIS, 017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 018 * See the License for the specific language governing permissions and 019 * limitations under the License. 020 * #L% 021 */ 022 023import org.hl7.fhir.instance.model.api.IBaseResource; 024import org.hl7.fhir.instance.model.api.IIdType; 025 026import ca.uhn.fhir.rest.api.RestOperationTypeEnum; 027import ca.uhn.fhir.rest.method.RequestDetails; 028import ca.uhn.fhir.rest.server.interceptor.auth.AuthorizationInterceptor.Verdict; 029 030public interface IAuthRule { 031 032 /** 033 * Applies the rule and returns a policy decision, or <code>null</code> if the rule does not apply 034 * 035 * @param theOperation 036 * The operation type 037 * @param theRequestDetails 038 * The request 039 * @param theInputResource 040 * The resource being input by the client, or <code>null</code> 041 * @param theInputResourceId TODO 042 * @param theOutputResource 043 * The resource being returned by the server, or <code>null</code> 044 * @param theRuleApplier 045 * The rule applying module (this can be used by rules to apply the rule set to 046 * nested objects in the request, such as nested requests in a transaction) 047 * @return Returns a policy decision, or <code>null</code> if the rule does not apply 048 */ 049 Verdict applyRule(RestOperationTypeEnum theOperation, RequestDetails theRequestDetails, IBaseResource theInputResource, IIdType theInputResourceId, IBaseResource theOutputResource, IRuleApplier theRuleApplier); 050 051 /** 052 * Returns a name for this rule, to be used in logs and error messages 053 */ 054 String getName(); 055 056}