From c203f51cf9f5d6e3e89110fa06489aaffd121e52 Mon Sep 17 00:00:00 2001
From: Dmitriy Kopylenko <dima767@gmail.com>
Date: Mon, 31 Oct 2022 12:10:12 -0400
Subject: [PATCH] Wip of the authorization API

---
 .../service/IPersistentEntityTupple.java      | 14 ++++++++++++
 .../service/IShibUiPermissionEvaluator.java   | 22 +++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java
 create mode 100644 backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java
new file mode 100644
index 000000000..c79c7b513
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java
@@ -0,0 +1,14 @@
+package edu.internet2.tier.shibboleth.admin.ui.security.service;
+
+import java.io.Serializable;
+
+/**
+ * Will be used as a key for PersmissionEvaluator return types
+ */
+public interface IPersistentEntityTupple extends Serializable {
+
+    String getId();
+
+    Class getType();
+
+}
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java
new file mode 100644
index 000000000..2482f34fd
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java
@@ -0,0 +1,22 @@
+package edu.internet2.tier.shibboleth.admin.ui.security.service;
+
+import org.springframework.security.access.PermissionEvaluator;
+import org.springframework.security.core.Authentication;
+
+import java.util.Collection;
+import java.util.Map;
+
+public interface IShibUiPermissionEvaluator extends PermissionEvaluator {
+
+    Collection getPersistentEntitiesWithPermission(Authentication authentication, Object permission);
+
+    /**
+     * Get ALL persistent entities that user has access to
+     * @param authentication
+     * @return
+     */
+    Map<IPersistentEntityTupple, Object> getPersistentEntities(Authentication authentication);
+
+    Map<IPersistentEntityTupple, Object> getPersistentEntities(Authentication authentication, Class clazz);
+    
+}