/*
      Copyright 2008 Ramon Servadei
   
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
      You may obtain a copy of the License at
   
          http://www.apache.org/licenses/LICENSE-2.0
   
     Unless required by applicable law or agreed to in writing, software
     distributed under the License is distributed on an "AS IS" BASIS,
     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     See the License for the specific language governing permissions and
     limitations under the License.
   */
  package fulmine.context;
  
  import fulmine.model.container.IContainer;
  import fulmine.model.field.IField;
  
  /**
   * Represents the permission profile for the {@link IFulmineContext}.
   * Permissions govern the visibility of published data by subscribers. A
   * publisher of data will assign permission rights to its data. Subscribers of
   * the data must have appropriate permission rights to view the data.
   * <p>
   * Permission tokens are attached to {@link IField}s of an {@link IContainer}.
   * When reading its state from a wire frame, a field will check its permission
   * token against that of the context. If the permissions 'match' then the field
   * will read its state from the wire frame and application code will be able to
   * view the state of the field. If the permission tokens do not match then
   * application code will have access to the field but its value will be blank
   * (or null). A similar strategy is applied when a remote context attempts to
   * update a local container's fields; if the permissions do not match, the
   * operation is not permitted.
   * <p>
   * A permission token for a field is composed of two segments; an application
   * code and a permission code. This provides the ability for a single
   * application to expose multiple permissions (e.g. level1, level2 permissions).
   * The application is essentially hosted by the context and the fields published
   * by the application will be tagged with a permission token. A subscribing
   * application (hosted by another context) may have many permission tokens that
   * allow it to view the fields of many other applications.
   * <p>
   * The definition of a permission match is performed by implementations of this
   * interface.
   * 
   * @author Ramon Servadei
   */
  public interface IPermissionProfile
  {
      /** Represents a default application */
      byte DEFAULT_APPLICATION = (byte) 0x0;
  
      /** Represents the default permission code */
      short DEFAULT_PERMISSION = (short) 0x0;
  
      /**
       * Determine if the application and permission arguments are contained by
       * this permission profile.
       * <p>
       * This is generally used when reading the wire-state of an {@link IField}
       * and determines if the data is de-serialised into the remote instance;
       * basically prevents data from being read in a context that does not have
       * permission to do so.
       * 
       * @param application
       *            the application code
       * @param permission
       *            the permission code
       * @return <code>true</code> if the application and permission codes are
       *         contained by (matched by) this profile, <code>false</code>
       *         otherwise
       */
      boolean contains(byte application, short permission);
  
      /**
       * Determine if the received application and permission codes are matched
       * with a set of application and permission codes.
       * <p>
       * This is generally used when handling RPC operations received from a
       * remote context to update a local container. The permission attributes of
       * the remote context need to be compared with those of the target
       * {@link IField} in the local container to determine if the operation
       * should proceed.
       * 
       * @see IRemoteUpdateHandler
       * 
       * @param receivedApplication
       *            the received application code (generally the application code
       *            of a remote context)
       * @param receivedPermission
       *            the received permission code (generally the permission code of
       *            a remote context)
       * @param matchWithApplication
       *            the application code to match with the received one (generally
       *            the application code of the field being updated)
       * @param matchWithPermission
       *            the permission code to match with the received one (generally
      *            the permission code of the field being updated)
      * @return <code>true</code> if the received application and permission
      *         codes are matched by the application and permission codes to
      *         compare with, <code>false</code> otherwise
      */
     boolean matches(byte receivedApplication, short receivedPermission,
         byte matchWithApplication, short matchWithPermission);
 
     /**
      * Get the application code of this profile
      * 
      * @return the application code of this profile
      */
     byte getApplicationCode();
 
     /**
      * Get the permission code of this profile
      * 
      * @return the permission code of this profile
      */
     short getPermissionCode();
 }