OSID - osid.authorization.VaultAdminSession Service Interface Definition

Interface	osid.authorization.VaultAdminSession
Implements	`osid.OsidSession`
Implemented By	`osid.authorization.batch.VaultBatchAdminSession`
Used By	`osid.authorization.AuthorizationManager`
Used By	`osid.authorization.AuthorizationProxyManager`
Description	This session creates, updates, and deletes `Vaults`. The data for create and update is provided by the consumer via the form object. `OsidForms` are requested for each create or update and may not be reused. Create and update operations differ in their usage. To create a `Vault`, a `VaultForm` is requested using `getVaultFormForCreate()` specifying the desired record `Types` or none if no record `Types` are needed. The returned `VaultForm` will indicate that it is to be used with a create operation and can be used to examine metdata or validate data prior to creation. Once the `VaultForm` is submiited to a create operation, it cannot be reused with another create operation unless the first operation was unsuccessful. Each `VaultForm` corresponds to an attempted transaction. For updates, `VaultForms` are requested to the `Vault` `Id` that is to be updated using `getVaultFormForUpdate()`. Similarly, the `VaultForm` has metadata about the data that can be updated and it can perform validation before submitting the update. The `VaultForm` can only be used once for a successful update and cannot be reused. The delete operations delete `Vaults`. It is safer to remove all mappings to the `Vault` catalogs before deletion. This session includes an `Id` aliasing mechanism to assign an external `Id` to an internally assigned Id.
Method	canCreateVaults
Description	Tests if this user can create `Vaults`. A return of true does not guarantee successful authorization. A return of false indicates that it is known creating a `Vault` will result in a `PERMISSION_DENIED`. This is intended as a hint to an application that may not wish to offer create operations to unauthorized users.
Return	`boolean`		`false` if `Vault` creation is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	canCreateVaultWithRecordTypes
Description	Tests if this user can create a single `Vault` using the desired record types. While `AuthorizationManager.getVaultRecordTypes()` can be used to examine which records are supported, this method tests which record(s) are required for creating a specific `Vault`. Providing an empty array tests if a `Vault` can be created with no records.
Parameters	`osid.type.Type[]`	`vaultRecordTypes`	array of vault record types
Return	`boolean`		`true` if `Vault` creation using the specified `Types` is supported, `false` otherwise
Errors	NULL_ARGUMENT		`vaultRecordTypes` is `null`
Compliance	`mandatory`		This method must be implemented.
Method	getVaultFormForCreate
Description	Gets the vault form for creating new vaults. A new form should be requested for each create transaction.
Parameters	`osid.type.Type[]`	`vaultRecordTypes`	array of vault record types
Return	`osid.authorization.VaultForm`		the vault form
Errors	NULL_ARGUMENT		`vaultRecordTypes` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		unable to get form qith requested record types
Compliance	`mandatory`		This method must be implemented.
Method	createVault
Description	Creates a new `Vault`.
Parameters	`osid.authorization.VaultForm`	`vaultForm`	the form for this `Vault`
Return	`osid.authorization.Vault`		the new `Vault`
Errors	ILLEGAL_STATE		`vaultForm` already used in a create transaction
	INVALID_ARGUMENT		one or more of the form elements is invalid
	NULL_ARGUMENT		`vaultForm` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		`vaultForm` did not originate from `getVaultFormForCreate()`
Compliance	`mandatory`		This method must be implemented.
Method	canUpdateVaults
Description	Tests if this user can update `Vaults`. A return of true does not guarantee successful authorization. A return of false indicates that it is known updating a `Vault` will result in a `PERMISSION_DENIED`. This is intended as a hint to an application that may not wish to offer update operations to unauthorized users.
Return	`boolean`		`false` if `Vault` modification is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	getVaultFormForUpdate
Description	Gets the vault form for updating an existing vault. A new vault form should be requested for each update transaction.
Parameters	`osid.id.Id`	`vaultId`	the `Id` of the `Vault`
Return	`osid.authorization.VaultForm`		the vault form
Errors	NOT_FOUND		`vaultId` is not found
	NULL_ARGUMENT		`vaultId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.
Method	updateVault
Description	Updates an existing vault.
Parameters	`osid.authorization.VaultForm`	`vaultForm`	the form containing the elements to be updated
Errors	ILLEGAL_STATE		`vaultForm` already used in an update transaction
	INVALID_ARGUMENT		the form contains an invalid value
	NULL_ARGUMENT		`vaultForm` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
	UNSUPPORTED		`vaultForm` did not originate from `getVaultFormForUpdate()`
Compliance	`mandatory`		This method must be implemented.
Method	canDeleteVaults
Description	Tests if this user can delete vaults. A return of true does not guarantee successful authorization. A return of false indicates that it is known deleting a `Vault` will result in a `PERMISSION_DENIED`. This is intended as a hint to an application that may not wish to offer delete operations to unauthorized users.
Return	`boolean`		`false` if `Vault` deletion is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	deleteVault
Description	Deletes a `Vault`.
Parameters	`osid.id.Id`	`vaultId`	the `Id` of the `Vault` to remove
Errors	NOT_FOUND		`vaultId` not found
	NULL_ARGUMENT		`vaultId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.
Method	canManageVaultAliases
Description	Tests if this user can manage `Id` aliases for `Vaults`. A return of true does not guarantee successful authorization. A return of false indicates that it is known changing an alias will result in a `PERMISSION_DENIED`. This is intended as a hint to an application that may opt not to offer alias operations to an unauthorized user.
Return	`boolean`		`false` if `Vault` aliasing is not authorized, `true` otherwise
Compliance	`mandatory`		This method must be implemented.
Method	aliasVault
Description	Adds an `Id` to a `Vault` for the purpose of creating compatibility. The primary `Id` of the `Vault` is determined by the provider. The new `Id` performs as an alias to the primary `Id`. If the alias is a pointer to another vault it is reassigned to the given vault `Id`.
Parameters	`osid.id.Id`	`vaultId`	the `Id` of a `Vault`
Parameters	`osid.id.Id`	`aliasId`	the alias `Id`
Errors	ALREADY_EXISTS		`aliasId` is already assigned
	NOT_FOUND		`vaultId` not found
	NULL_ARGUMENT		`vaultId` or `aliasId` is `null`
	OPERATION_FAILED		unable to complete request
	PERMISSION_DENIED		authorization failure
Compliance	`mandatory`		This method must be implemented.