001 /*
002 // $Id: //open/mondrian-release/3.2/src/main/mondrian/olap/Role.java#1 $
003 // This software is subject to the terms of the Eclipse Public License v1.0
004 // Agreement, available at the following URL:
005 // http://www.eclipse.org/legal/epl-v10.html.
006 // Copyright (C) 2002-2002 Kana Software, Inc.
007 // Copyright (C) 2002-2009 Julian Hyde and others
008 // All Rights Reserved.
009 // You must accept the terms of that agreement to use this software.
010 //
011 // jhyde, Oct 5, 2002
012 */
013
014 package mondrian.olap;
015
016 /**
017 * A <code>Role</code> is a collection of access rights to cubes, permissions,
018 * and so forth.
019 *
020 * <p>At present, the only way to create a role is programmatically. You then
021 * add appropriate permissions, and associate the role with a connection.
022 * Queries executed for the duration of the connection will b.
023 *
024 * <p>Mondrian does not have any notion of a 'user'. It is the client
025 * application's responsibility to create a role appropriate for the user who
026 * is establishing the connection.
027 *
028 * @author jhyde
029 * @since Oct 5, 2002
030 * @version $Id: //open/mondrian-release/3.2/src/main/mondrian/olap/Role.java#1 $
031 */
032 public interface Role {
033
034 /**
035 * Returns the access this role has to a given schema.
036 *
037 * @pre schema != null
038 * @post return == Access.ALL
039 * || return == Access.NONE
040 * || return == Access.ALL_DIMENSIONS
041 */
042 Access getAccess(Schema schema);
043
044 /**
045 * Returns the access this role has to a given cube.
046 *
047 * @pre cube != null
048 * @post return == Access.ALL || return == Access.NONE
049 */
050 Access getAccess(Cube cube);
051
052 /**
053 * Represents the access that a role has to a particular hierarchy.
054 */
055 public interface HierarchyAccess {
056 /**
057 * Returns the access the current role has to a given member.
058 *
059 * <p>Visibility is:<ul>
060 * <li>{@link Access#NONE} if member is not visible,
061 * <li>{@link Access#ALL} if member and all children are visible,
062 * <li>{@link Access#CUSTOM} if some of the children are not visible.
063 * </ul></p>
064 *
065 * <p>For these purposes, children which are below the bottom level are
066 * regarded as visible.</p>
067 *
068 * @param member Member
069 * @return current role's access to member
070 */
071 Access getAccess(Member member);
072
073 /**
074 * Returns the depth of the highest level to which the current Role has
075 * access. The 'all' level, if present, has a depth of zero.
076 *
077 * @return depth of the highest accessible level
078 */
079 int getTopLevelDepth();
080
081 /**
082 * Returns the depth of the lowest level to which the current Role has
083 * access. The 'all' level, if present, has a depth of zero.
084 *
085 * @return depth of the lowest accessible level
086 */
087 int getBottomLevelDepth();
088
089 /**
090 * Returns the policy by which cell values are calculated if not all
091 * of a member's children are visible.
092 *
093 * @return rollup policy
094 */
095 RollupPolicy getRollupPolicy();
096
097 /**
098 * Returns <code>true</code> if at least one of the descendants of the
099 * given Member is inaccessible to this Role.
100 *
101 * <p>Descendants which are inaccessible because they are below the
102 * bottom level are ignored.
103 *
104 * @param member Member
105 * @return whether a descendant is inaccessible
106 */
107 boolean hasInaccessibleDescendants(Member member);
108 }
109
110 /**
111 * Returns the access this role has to a given dimension.
112 *
113 * @pre dimension != null
114 * @post Access.instance().isValid(return)
115 */
116 Access getAccess(Dimension dimension);
117
118 /**
119 * Returns the access this role has to a given hierarchy.
120 *
121 * @pre hierarchy != null
122 * @post return == Access.NONE
123 * || return == Access.ALL
124 * || return == Access.CUSTOM
125 */
126 Access getAccess(Hierarchy hierarchy);
127
128 /**
129 * Returns the details of this hierarchy's access, or null if the hierarchy
130 * has not been given explicit access.
131 *
132 * @pre hierarchy != null
133 */
134 HierarchyAccess getAccessDetails(Hierarchy hierarchy);
135
136 /**
137 * Returns the access this role has to a given level.
138 *
139 * @pre level != null
140 * @post Access.instance().isValid(return)
141 */
142 Access getAccess(Level level);
143
144 /**
145 * Returns the access this role has to a given member.
146 *
147 * @pre member != null
148 * @pre isMutable()
149 * @post return == Access.NONE
150 * || return == Access.ALL
151 * || return == Access.CUSTOM
152 */
153 Access getAccess(Member member);
154
155 /**
156 * Returns the access this role has to a given named set.
157 *
158 * @pre set != null
159 * @pre isMutable()
160 * @post return == Access.NONE || return == Access.ALL
161 */
162 Access getAccess(NamedSet set);
163
164 /**
165 * Returns whether this role is allowed to see a given element.
166 * @pre olapElement != null
167 */
168 boolean canAccess(OlapElement olapElement);
169
170 /**
171 * Enumeration of the policies by which a cell is calculated if children
172 * of a member are not accessible.
173 */
174 enum RollupPolicy {
175 /**
176 * The value of the cell is null if any of the children are
177 * inaccessible.
178 */
179 HIDDEN,
180
181 /**
182 * The value of the cell is obtained by rolling up the values of
183 * accessible children.
184 */
185 PARTIAL,
186
187 /**
188 * The value of the cell is obtained by rolling up the values of all
189 * children.
190 */
191 FULL,
192 }
193 }
194
195 // End Role.java