package com.evolveum.midpoint.security.enforcer.api;

import com.evolveum.midpoint.prism.Containerable;
import com.evolveum.midpoint.prism.PrismContainerValue;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.delta.PlusMinusZero;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.prism.query.ObjectFilter;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.security.api.OwnerResolver;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.OrderConstraintsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.util.List;

/* loaded from: input_file:com/evolveum/midpoint/security/enforcer/api/SecurityEnforcer.class */
public interface SecurityEnforcer {
    AccessDecision decideAccess(MidPointPrincipal midPointPrincipal, List<String> list, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <O extends ObjectType, T extends ObjectType> void failAuthorization(String str, AuthorizationPhaseType authorizationPhaseType, AuthorizationParameters<O, T> authorizationParameters, OperationResult operationResult) throws SecurityViolationException;

    <O extends ObjectType, T extends ObjectType> boolean isAuthorized(String str, AuthorizationPhaseType authorizationPhaseType, AuthorizationParameters<O, T> authorizationParameters, OwnerResolver ownerResolver, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <O extends ObjectType, T extends ObjectType> void authorize(String str, AuthorizationPhaseType authorizationPhaseType, AuthorizationParameters<O, T> authorizationParameters, OwnerResolver ownerResolver, Task task, OperationResult operationResult) throws SecurityViolationException, SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException;

    <O extends ObjectType> ObjectSecurityConstraints compileSecurityConstraints(PrismObject<O> prismObject, OwnerResolver ownerResolver, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <T extends ObjectType, O extends ObjectType> ObjectFilter preProcessObjectFilter(String[] strArr, AuthorizationPhaseType authorizationPhaseType, Class<T> cls, PrismObject<O> prismObject, ObjectFilter objectFilter, String str, List<OrderConstraintsType> list, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <T extends ObjectType, O extends ObjectType> boolean canSearch(String[] strArr, AuthorizationPhaseType authorizationPhaseType, Class<T> cls, PrismObject<O> prismObject, boolean z, ObjectFilter objectFilter, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <O extends ObjectType, R extends AbstractRoleType> ItemSecurityConstraints getAllowedRequestAssignmentItems(MidPointPrincipal midPointPrincipal, String str, PrismObject<O> prismObject, PrismObject<R> prismObject2, OwnerResolver ownerResolver, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    MidPointPrincipal createDonorPrincipal(MidPointPrincipal midPointPrincipal, String str, PrismObject<UserType> prismObject, Task task, OperationResult operationResult) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException;

    <O extends ObjectType> AccessDecision determineSubitemDecision(ObjectSecurityConstraints objectSecurityConstraints, ObjectDelta<O> objectDelta, PrismObject<O> prismObject, String str, AuthorizationPhaseType authorizationPhaseType, ItemPath itemPath);

    <C extends Containerable> AccessDecision determineSubitemDecision(ObjectSecurityConstraints objectSecurityConstraints, PrismContainerValue<C> prismContainerValue, String str, AuthorizationPhaseType authorizationPhaseType, ItemPath itemPath, PlusMinusZero plusMinusZero, String str2);
}
