001package ca.uhn.fhir.rest.server.interceptor.auth;
002
003/*
004 * #%L
005 * HAPI FHIR - Core Library
006 * %%
007 * Copyright (C) 2014 - 2017 University Health Network
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 * 
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 * 
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import org.hl7.fhir.instance.model.api.IBaseResource;
024import org.hl7.fhir.instance.model.api.IIdType;
025
026import ca.uhn.fhir.rest.api.RestOperationTypeEnum;
027import ca.uhn.fhir.rest.method.RequestDetails;
028import ca.uhn.fhir.rest.server.interceptor.auth.AuthorizationInterceptor.Verdict;
029
030public interface IAuthRule {
031
032        /**
033         * Applies the rule and returns a policy decision, or <code>null</code> if the rule does not apply
034         * 
035         * @param theOperation
036         *           The operation type
037         * @param theRequestDetails
038         *           The request
039         * @param theInputResource
040         *           The resource being input by the client, or <code>null</code>
041         * @param theInputResourceId TODO
042         * @param theOutputResource
043         *           The resource being returned by the server, or <code>null</code>
044         * @param theRuleApplier
045         *           The rule applying module (this can be used by rules to apply the rule set to
046         *           nested objects in the request, such as nested requests in a transaction)
047         * @return Returns a policy decision, or <code>null</code> if the rule does not apply
048         */
049        Verdict applyRule(RestOperationTypeEnum theOperation, RequestDetails theRequestDetails, IBaseResource theInputResource, IIdType theInputResourceId, IBaseResource theOutputResource, IRuleApplier theRuleApplier);
050
051        /**
052         * Returns a name for this rule, to be used in logs and error messages
053         */
054        String getName();
055
056}