Security

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.user1.union.api
Interface Security

All Superinterfaces:: EventProducer

public interface Security
extends EventProducer
extends EventProducer

Used by applications to perform various security functions such as: - determine if an action is permissible. - change which actions are permissible - ban/unban clients

Method Summary
`void`	`banClient(java.lang.String address, int duration, java.lang.String reason)` Ban a client from connecting to the server.
`void`	`checkAccountInfoAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to account information.
`void`	`checkAccountListAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the account list.
`void`	`checkAddRole(Client client)` Throws a UnionSecurityException if the client is not allowed to add roles to clients.
`void`	`checkBan(Client client)` Throws a UnionSecurityException if the client is not allowed to ban addresses.
`void`	`checkBannedListAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the list of the banned addresses.
`void`	`checkClientInfoAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to client information (eg.
`void`	`checkClientListAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the client list.
`void`	`checkCreateAccount(Client client)` Throws a UnionSecurityException if the client is not allowed to create accounts.
`void`	`checkCreateRoom(Client client)` Throws a UnionSecurityException if the client is not allowed to create rooms.
`void`	`checkJoinRoom(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to join the room.
`void`	`checkKickClient(Client client)` Throws a UnionSecurityException if the client is not allowed to kick other clients.
`void`	`checkLogin(Client client)` Throws a UnionSecurityException if the client is not allowed to login.
`void`	`checkLogoff(Client client, Account account)` Throws a UnionSecurityException if the client is not allowed to logoff the account.
`void`	`checkModifyAccountAttribute(Client client, Account account)` Throws a UnionSecurityException if the client is not allowed to modify the attributes of the account.
`void`	`checkModifyClientAttribute(Client actingClient, Client targetClient)` Throws a UnionSecurityException if the acting client is not allowed to modify the attributes of the target client.
`void`	`checkModifyRoomAttribute(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to modify the attributes of the room.
`void`	`checkModifyRoomSetting(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to modify the settings of the room.
`void`	`checkModuleAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the module list and cannot clear the module cache.
`void`	`checkNodeListAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the list of nodes connected to this server.
`void`	`checkRemoveAccount(Client client, Account account)` Throws a UnionSecurityException if the client is not allowed to remove an account.
`void`	`checkRemoveRole(Client client)` Throws a UnionSecurityException if the client is not allowed to add remove roles from clients.
`void`	`checkRemoveRoom(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to remove the room.
`void`	`checkRoomInfoAccess(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed access to room information.
`void`	`checkRoomListAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the room list.
`void`	`checkSendMessageToClient(Client client)` Throws a UnionSecurityException if the client is not allowed to send messages to clients.
`void`	`checkSendMessageToRoom(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to send messages to rooms.
`void`	`checkSendMessageToServer(Client client)` Throws a UnionSecurityException if the client is not allowed to send messages to the entire server.
`void`	`checkSendRoomModuleMessage(Client client, Room room)` Throws a UnionSecurityException if the client is not allowed to send a room module message to the room.
`void`	`checkSendServerModuleMessage(Client client)` Throws a UnionSecurityException if the client is not allowed to send server module messages.
`void`	`checkServerStatisticsAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to the server statistics.
`void`	`checkUnban(Client client)` Throws a UnionSecurityException if the client is not allowed to unban addresses.
`void`	`checkUPCAccess(Client client)` Throws a UnionSecurityException if the client is not allowed access to UPC stats or to listen to the UPCs being processed on the server.
`BannedDetails`	`getBannedDetails(java.lang.String address)` Returns the banned details for an address.
`java.util.List<BannedDetails>`	`getBannedList()` Return a list of Objects containing information about the banned addresses.
`java.util.Set<java.lang.String>`	`getConnectRefusalRecipients()` Returns a Set of the recipients that should receive a CONNECTION_REFUSED (u164) if their connection was refused.
`boolean`	`isBanned(java.lang.String address)` Returns true if the given address is banned.
`void`	`setPermission(SecurityAction action, SecurityRole... roles)` Gives permission for the given roles to execute the given action.
`void`	`unbanClient(java.lang.String address)`

Methods inherited from interface net.user1.union.core.event.EventProducer
`addEventListener, dispatchEvent, getEventClassMap, removeEventListener`

Method Detail

banClient

void banClient(java.lang.String address,
               int duration,
               java.lang.String reason)

Ban a client from connecting to the server.

Parameters:: address - - the address of client to be banned, can be obtained from client.getAddress(); duration - - the duration in seconds the client will be banned for, use net.user1.union.security.BanInterval.FOREVER for perma ban.; reason - - the reason the client was banned.
See Also:: BanInterval

unbanClient

void unbanClient(java.lang.String address)

Parameters:: address - - the address of the client that was banned

isBanned

boolean isBanned(java.lang.String address)

Returns true if the given address is banned.

Parameters:: address - - the address to check
Returns:: true if the address is banned

getBannedDetails

BannedDetails getBannedDetails(java.lang.String address)

Returns the banned details for an address. Returns null if the address is not banned.

Parameters:: address - - the address to get the banned details for
Returns:: the banned info for an address

getBannedList

java.util.List<BannedDetails> getBannedList()

Return a list of Objects containing information about the banned addresses.

Returns:: a list of Objects containing information about the banned addresses

setPermission

void setPermission(SecurityAction action,
                   SecurityRole... roles)

Gives permission for the given roles to execute the given action.

Parameters:: action - - the action to give permission to; roles - - the roles allowed to perform the action

checkBan

void checkBan(Client client)
              throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to ban addresses.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkUnban

void checkUnban(Client client)
                throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to unban addresses.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkBannedListAccess

void checkBannedListAccess(Client client)
                           throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the list of the banned addresses.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkCreateRoom

void checkCreateRoom(Client client)
                     throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to create rooms.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkSendMessageToRoom

void checkSendMessageToRoom(Client client,
                            Room room)
                            throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to send messages to rooms.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkSendMessageToClient

void checkSendMessageToClient(Client client)
                              throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to send messages to clients.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkSendMessageToServer

void checkSendMessageToServer(Client client)
                              throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to send messages to the entire server.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkModifyClientAttribute

void checkModifyClientAttribute(Client actingClient,
                                Client targetClient)
                                throws UnionSecurityException

Throws a UnionSecurityException if the acting client is not allowed to modify the attributes of the target client. The actingClient and targetClient will be the same when checking if a client is allowed to modify its own attributes.

Parameters:: actionClient - - the client trying to modify the attribute; targetClient - - the client to check
Throws:: UnionSecurityException

checkModifyAccountAttribute

void checkModifyAccountAttribute(Client client,
                                 Account account)
                                 throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to modify the attributes of the account. The client can be the owner of the account when checking if a client is allowed to modify its own account attributes.

Parameters:: client - - the client trying to modify the attribute; account - - the account being modified
Throws:: UnionSecurityException

checkJoinRoom

void checkJoinRoom(Client client,
                   Room room)
                   throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to join the room.

Parameters:: client - - the client to check; room - - the room to join
Throws:: UnionSecurityException

checkRemoveRoom

void checkRemoveRoom(Client client,
                     Room room)
                     throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to remove the room.

Parameters:: client - - the client to check; room - - the room to remove
Throws:: UnionSecurityException

checkModifyRoomSetting

void checkModifyRoomSetting(Client client,
                            Room room)
                            throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to modify the settings of the room. A room setting is a room attribute that begins with "_" (eg. _MAX_CLIENTS)

Parameters:: client - - the client to check; room - - the room which attributes are to be modified
Throws:: UnionSecurityException

checkModifyRoomAttribute

void checkModifyRoomAttribute(Client client,
                              Room room)
                              throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to modify the attributes of the room.

Parameters:: client - - the client to check; room - - the room which attributes are to be modified
Throws:: UnionSecurityException

checkCreateAccount

void checkCreateAccount(Client client)
                        throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to create accounts.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkRemoveAccount

void checkRemoveAccount(Client client,
                        Account account)
                        throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to remove an account.

Parameters:: client - - the client to check; account - - the account to be removed
Throws:: UnionSecurityException

checkRoomInfoAccess

void checkRoomInfoAccess(Client client,
                         Room room)
                         throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to room information.

Parameters:: client - - the client to check; room - - the room to observe
Throws:: UnionSecurityException

checkSendRoomModuleMessage

void checkSendRoomModuleMessage(Client client,
                                Room room)
                                throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to send a room module message to the room.

Parameters:: client - - the client to check; room - - the room to send the room module message to
Throws:: UnionSecurityException

checkSendServerModuleMessage

void checkSendServerModuleMessage(Client client)
                                  throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to send server module messages.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkClientListAccess

void checkClientListAccess(Client client)
                           throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the client list.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkRoomListAccess

void checkRoomListAccess(Client client)
                         throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the room list.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkClientInfoAccess

void checkClientInfoAccess(Client client)
                           throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to client information (eg. observe, get client snapshot).

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkKickClient

void checkKickClient(Client client)
                     throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to kick other clients.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkLogin

void checkLogin(Client client)
                throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to login.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkLogoff

void checkLogoff(Client client,
                 Account account)
                 throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to logoff the account.

Parameters:: actionClient - - the client trying to logoff an account; targetClient - - the account being logged off
Throws:: UnionSecurityException

checkAddRole

void checkAddRole(Client client)
                  throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to add roles to clients.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkRemoveRole

void checkRemoveRole(Client client)
                     throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed to add remove roles from clients.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkAccountListAccess

void checkAccountListAccess(Client client)
                            throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the account list.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkAccountInfoAccess

void checkAccountInfoAccess(Client client)
                            throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to account information.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkModuleAccess

void checkModuleAccess(Client client)
                       throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the module list and cannot clear the module cache.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkUPCAccess

void checkUPCAccess(Client client)
                    throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to UPC stats or to listen to the UPCs being processed on the server.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkNodeListAccess

void checkNodeListAccess(Client client)
                         throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the list of nodes connected to this server.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

checkServerStatisticsAccess

void checkServerStatisticsAccess(Client client)
                                 throws UnionSecurityException

Throws a UnionSecurityException if the client is not allowed access to the server statistics.

Parameters:: client - - the client to check
Throws:: UnionSecurityException

getConnectRefusalRecipients

java.util.Set<java.lang.String> getConnectRefusalRecipients()

Returns a Set of the recipients that should receive a CONNECTION_REFUSED (u164) if their connection was refused. This should be used by modules to determine if a connection that is being rejected matches a custom recipient (eg. "CANADA" if only IPs located in Canada should receive a CONNECTION_REFUSED).

Returns:: a Set of the recipients that should receive a CONNECTION_REFUSED (u164) if their connection was refused