001/* 002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019package org.nuxeo.ecm.core.api.security; 020 021import org.nuxeo.ecm.core.api.CoreSession; 022import org.nuxeo.runtime.api.login.LoginComponent; 023 024/** 025 * @author Bogdan Stefanescu 026 */ 027// TODO: make it a constant utility class instead of an interface. 028public interface SecurityConstants { 029 030 String SYSTEM_USERNAME = LoginComponent.SYSTEM_USERNAME; 031 032 /** 033 * @deprecated since 5.3.1 administrator user names are configurable on user manager 034 * Too many references to this constant, no clean for LTS 2017 035 */ 036 @Deprecated 037 String ADMINISTRATOR = "Administrator"; 038 039 /** 040 * @deprecated since 5.3.1 anonymous user name is configurable on user manager 041 * Too many references to this constant, no clean for LTS 2017 042 */ 043 @Deprecated 044 String ANONYMOUS = "anonymous"; 045 046 /** 047 * @deprecated since 5.3.1 administrators groups are configurable on user manager 048 * Too many references to this constant, no clean for LTS 2017 049 */ 050 @Deprecated 051 String ADMINISTRATORS = "administrators"; 052 053 /** 054 * @deprecated since 5.3.1 default group is configurable on user manager 055 * Too many references to this constant, no clean for LTS 2017 056 */ 057 @Deprecated 058 String MEMBERS = "members"; 059 060 String EVERYONE = "Everyone"; 061 062 String EVERYTHING = "Everything"; 063 064 String RESTRICTED_READ = "RestrictedRead"; 065 066 String READ = "Read"; 067 068 String WRITE = "Write"; 069 070 String READ_WRITE = "ReadWrite"; 071 072 String REMOVE = "Remove"; 073 074 String VERSION = "Version"; 075 076 String READ_VERSION = "ReadVersion"; 077 078 String WRITE_VERSION = "WriteVersion"; 079 080 String BROWSE = "Browse"; 081 082 String WRITE_SECURITY = "WriteSecurity"; 083 084 String READ_SECURITY = "ReadSecurity"; 085 086 String READ_PROPERTIES = "ReadProperties"; 087 088 String WRITE_PROPERTIES = "WriteProperties"; 089 090 String READ_CHILDREN = "ReadChildren"; 091 092 String ADD_CHILDREN = "AddChildren"; 093 094 String REMOVE_CHILDREN = "RemoveChildren"; 095 096 String READ_LIFE_CYCLE = "ReadLifeCycle"; 097 098 String WRITE_LIFE_CYCLE = "WriteLifeCycle"; 099 100 String MANAGE_WORKFLOWS = "ManageWorkflows"; 101 102 String VIEW_WORKLFOW = "ReviewParticipant"; 103 104 String UNLOCK = "Unlock"; 105 106 /** 107 * Flag that can be used as principal to mark an unsupported ACL. 108 */ 109 String UNSUPPORTED_ACL = "_UNSUPPORTED_ACL_"; 110 111 /** 112 * Permission needed to turn a document into a record. 113 * 114 * @see CoreSession#makeRecord 115 * @since 11.1 116 */ 117 String MAKE_RECORD = "MakeRecord"; 118 119 /** 120 * Permission needed to set the retention date of a record. 121 * 122 * @see CoreSession#setRetainUntil 123 * @since 11.1 124 */ 125 String SET_RETENTION = "SetRetention"; 126 127 /** 128 * Permission needed to manage the legal hold of a record. 129 * 130 * @see CoreSession#setLegalHold 131 * @since 11.1 132 */ 133 String MANAGE_LEGAL_HOLD = "ManageLegalHold"; 134 135 /** 136 * Permission needed to move document's main content to cold storage. 137 * 138 * @since 11.1 139 */ 140 String WRITE_COLD_STORAGE = "WriteColdStorage"; 141}