com.adobe.livecycle.usermanager.client
Class AuthorizationManagerServiceClient

java.lang.Object
  extended by ManagerServiceClient
      extended by com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient
All Implemented Interfaces:
AuthorizationManager

public class AuthorizationManagerServiceClient
extends ManagerServiceClient
implements AuthorizationManager

This is the client implementation of the AuthorizationManager class.

See Also:
AuthorizationManager

Constructor Summary
AuthorizationManagerServiceClient(ServiceClientFactory serviceClientFactory)
          Authorization manager service client constructor.
 
Method Summary
 java.util.Map areUsersInRole(java.lang.String roleId, java.util.List principalOid)
          Determines whether the specified principals have been assigned the given role.
 void assignPermToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permissionOid)
          Assigns the specified permissions to the principal for the given resource instance.
 void assignPermToPrincipalsForRes(java.lang.String resourceId, java.util.Map principalPermissionMap)
          Assigns the specified permissions to the principals for the given resource instance.
 void assignRole(java.lang.String roleId, java.lang.String[] principalOids)
          Assigns the role to the specified principals.
 void assignRoles(java.lang.String[] roleId, java.lang.String[] principalOids)
          Assigns the specified roles to the given principals.
 java.lang.String createPermission(Permission perm)
          Creates a permission for a resource type.
 java.lang.String createReliantApplication(ReliantApplication relApp)
          Creates a reliant application.
 java.lang.String createResourceType(ResourceType resType)
          Creates a resource type.
 void createRole(Role role)
          Creates a role.
 void createRole(Role role, java.util.List addPermissionOids)
          Creates a role with specific permissions.
 void deletePermsForPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permList)
          Removes the specified permissions from the principal for the given resource instance.
 void deletePermsForPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List permList)
          Removes the specified permissions from the List of principals for the given resource instance.
 void deleteRole(java.lang.String roleId)
          Deletes the role.
 java.util.Map findPriPermInfoForRes(java.lang.String resourceId)
          Retrieves a Map of permissions and principals for a given resource instance.
 Role findRole(java.lang.String roleId)
          Retrieves a role.
 java.util.List findRoleMembership(RoleMembershipSearchFilter rmb)
          Retrieves a List of roles based on specified membership search criteria.
 java.util.List findRoles(RoleSearchFilter rsf)
          Retrieves a List of roles based on specified search criteria.
 java.util.Set findRolesForPrincipal(java.lang.String principalOid)
          Finds the roles for a given principal.
 java.util.Map findRolesForPrincipals(java.util.List principalOid)
          Retrieves a Map containing sets of roles assigned to the specified principals.
 java.util.List getAllRolePermissions(java.lang.String roleId)
          Retrieves a List of permissions related to the specified role.
 java.util.List getPermissions(PermissionSearchFilter psf)
          Retrieves a List of permissions related to the specified search filter.
 java.util.List getPermissions(java.lang.String resourceTypeOid)
          Retrieves a List of permissions related to the resource type.
 java.util.Set getPermsForPrincipalOverRes(java.lang.String principalOid, java.lang.String resourceId)
          Retrieves a Set of permissions for the specified principal and resource instance.
 java.util.Map getPermsForPrincipalsOverRes(java.util.List principalOidList, java.lang.String resourceId)
          Retrieves a Map of permissions for the List of specified principals and resource instance.
 ReliantApplication getReliantApplication(java.lang.String reliantApplicationName)
          Retrieves a reliant application.
 java.util.Set getResourcesForPrincipal(java.lang.String principalOid, java.lang.String permissionOid)
          Retrieves a Set of resource identifiers for which the principal has the specified permission.
 java.util.Map getResourcesForPrincipals(java.util.List principalOid, java.lang.String permissionOid)
          Retrieves a Map of resource identifiers for which the principals have the specified permission.
 java.util.List getResourceType(ResourceTypeSearchFilter rtsf)
          Searches for resource types.
 java.util.List getSystemPermissions(PermissionSearchFilter psf)
          Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter.
 java.util.Map hasPermission(java.util.List principalOid, java.lang.String resourceId, Permission perm)
          Determines whether the List of principals have the specified permission for the given resource instance.
 java.util.Map hasPermission(java.util.List principalOid, java.lang.String resourceId, java.lang.String permissionOid)
          Determines whether the List of principals have the specified permission for the given resource instance.
 PermissionInfo hasPermission(java.lang.String principalOid, java.lang.String resourceId, Permission perm)
          Determines whether the principal has the permission assigned to it for the specified resource instance.
 PermissionInfo hasPermission(java.lang.String principalOid, java.lang.String resourceId, java.lang.String permissionOid)
          Determines whether the principal has the permission assigned to it for the specified resource instance.
 boolean isMutable(java.lang.String roleId)
          Determines whether the specified role is mutable.
 boolean isUserInRole(java.lang.String roleId)
          This determines whether the currently authenticated user is in the specified role.
 boolean isUserInRole(java.lang.String roleId, java.lang.String principalOid)
          This determines whether the principal has an assigned role.
 void modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL)
          Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.
 void modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List desiredPerms)
          Assigns the specified permissions to the principal for the given resource instance.
 void modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm)
          Assigns and removes the specified permissions from the principal for the given resource instance.
 void modifyPermsToPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm)
          Assigns and removes the specified permissions from the List of principals for the given resource instance.
 void modifyRole(java.lang.String roleName, java.util.List addPermissionOids, java.util.List removePermissionOids)
          Modifies the definition of a role by adding and removing a set of permissions from the definition of the role.
 void registerResInstance(java.lang.String resType, java.util.List resIdList)
          Assigns the default access control list (ACL) of the specified resource type to the given resource instances.
 void setDefaultACL(ResourceTypeACL rtDefACL)
          Specifies the default access control list (ACL) for the given resource type.
 void unassignRole(java.lang.String roleId, java.lang.String[] principalOids)
          Unassigns the role from the specified principals.
 void unassignRoles(java.lang.String[] roleId, java.lang.String[] principalOids)
          Removes the specified roles from the given principals.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorizationManagerServiceClient

public AuthorizationManagerServiceClient(ServiceClientFactory serviceClientFactory)
Authorization manager service client constructor.

Parameters:
serviceClientFactory - The service client factory.
Method Detail

isUserInRole

public boolean isUserInRole(java.lang.String roleId,
                            java.lang.String principalOid)
                     throws UMException
This determines whether the principal has an assigned role.

Specified by:
isUserInRole in interface AuthorizationManager
Parameters:
roleId - The assigned role's identifier.
principalOid - The principal's identifier.
Returns:
true if the principal has the assigned role, false otherwise.
Throws:
UMException

isUserInRole

public boolean isUserInRole(java.lang.String roleId)
                     throws UMException
This determines whether the currently authenticated user is in the specified role. It gathers the information from the context passed into this AuthorizationManger when it was instantiated. If you need to change roles, you must re-authenticate, create a new context, and instantiate a new AuthorizationManager object.

Specified by:
isUserInRole in interface AuthorizationManager
Parameters:
roleId - The role's identifier.
Returns:
true if the currently authenticated user has the specified role, false otherwise.
Throws:
UMException

createReliantApplication

public java.lang.String createReliantApplication(ReliantApplication relApp)
                                          throws UMException
Creates a reliant application.

Specified by:
createReliantApplication in interface AuthorizationManager
Parameters:
relApp - The reliant application to be created.
Returns:
A String identifier of the reliant application that was created.
Throws:
UMException - to indicate if the same reliant application is being created again with the same or different system attributes.

createRole

public void createRole(Role role)
                throws UMException
Creates a role. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Specified by:
createRole in interface AuthorizationManager
Parameters:
role - The role to be created.
Throws:
UMException

createRole

public void createRole(Role role,
                       java.util.List addPermissionOids)
                throws UMException
Creates a role with specific permissions. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Specified by:
createRole in interface AuthorizationManager
Parameters:
role - The role to be created.
addPermissionOids - A List of permissions the principal will have.
Throws:
UMException

deleteRole

public void deleteRole(java.lang.String roleId)
                throws UMException
Deletes the role.

Specified by:
deleteRole in interface AuthorizationManager
Parameters:
roleId - The role identifier.
Throws:
UMException - could be thrown, for example, in cases where an attempt to delete an immutable role has been made.

assignRole

public void assignRole(java.lang.String roleId,
                       java.lang.String[] principalOids)
                throws UMException
Assigns the role to the specified principals. No exception is raised if the same role is reassigned to a given principal. Either all or none of the principals will be assigned the role.

Specified by:
assignRole in interface AuthorizationManager
Parameters:
roleId - The role to be assigned.
principalOids - The principals to which the role is to be assigned.
Throws:
UMException

unassignRole

public void unassignRole(java.lang.String roleId,
                         java.lang.String[] principalOids)
                  throws UMException
Unassigns the role from the specified principals. No exception is raised if the same role is unassigned from a given principal. Either all or none of the principals will be unassigned from the role.

Specified by:
unassignRole in interface AuthorizationManager
Parameters:
roleId - The role to be assigned.
principalOids - The principals from which the role is to be unassigned.
Throws:
UMException

findRole

public Role findRole(java.lang.String roleId)
              throws UMException
Retrieves a role.

Specified by:
findRole in interface AuthorizationManager
Parameters:
roleId - The role to be retrieved.
Returns:
The role.
Throws:
UMException

findRoles

public java.util.List findRoles(RoleSearchFilter rsf)
                         throws UMException
Retrieves a List of roles based on specified search criteria.

Specified by:
findRoles in interface AuthorizationManager
Parameters:
rsf - A search filter that allows you to set multiple clauses for the roles to be retrieved.
Returns:
The List of roles that were found based on the search filter.
Throws:
UMException

findRolesForPrincipal

public java.util.Set findRolesForPrincipal(java.lang.String principalOid)
                                    throws UMException
Finds the roles for a given principal.

Specified by:
findRolesForPrincipal in interface AuthorizationManager
Parameters:
principalOid - The principal's identifier.
Returns:
The Set of roles associated with the specified principal.
Throws:
UMException

findRoleMembership

public java.util.List findRoleMembership(RoleMembershipSearchFilter rmb)
                                  throws UMException
Retrieves a List of roles based on specified membership search criteria.

Specified by:
findRoleMembership in interface AuthorizationManager
Parameters:
rmb - A search filter that allows you to set multiple clauses for the roles to be retrieved.
Returns:
A List of principals (User/Group objects).
Throws:
UMException

getReliantApplication

public ReliantApplication getReliantApplication(java.lang.String reliantApplicationName)
                                         throws UMException
Retrieves a reliant application.

Specified by:
getReliantApplication in interface AuthorizationManager
Parameters:
reliantApplicationName - The name of the reliant application.
Returns:
The reliant application.
Throws:
UMException

getResourceType

public java.util.List getResourceType(ResourceTypeSearchFilter rtsf)
                               throws UMException
Searches for resource types.

Specified by:
getResourceType in interface AuthorizationManager
Parameters:
rtsf - A filter that encapsulates search parameters, as well as global parameters such as the offset and range of returned values.
Returns:
A List containing the resource types.
Throws:
UMException

createResourceType

public java.lang.String createResourceType(ResourceType resType)
                                    throws UMException
Creates a resource type.

Specified by:
createResourceType in interface AuthorizationManager
Parameters:
resType - The resource type to be created.
Returns:
A String identifier of the resource type that was created.
Throws:
UMException - to indicate if the same resource type is being created again with the same or different system attributes.

createPermission

public java.lang.String createPermission(Permission perm)
                                  throws UMException
Creates a permission for a resource type.

Specified by:
createPermission in interface AuthorizationManager
Parameters:
perm - The permission to be assigned.
Returns:
A String identifier of the permission that was created.
Throws:
UMException

getPermissions

public java.util.List getPermissions(java.lang.String resourceTypeOid)
                              throws UMException
Retrieves a List of permissions related to the resource type. The reliant application can use this method to populate its user interface with the relevant permissions on the permission assignment page. A list of size zero is returned if no relevant permissions are found.

Specified by:
getPermissions in interface AuthorizationManager
Parameters:
resourceTypeOid - The resource type identifier.
Returns:
A List of permissions for the specified resource type.
Throws:
UMException

getPermissions

public java.util.List getPermissions(PermissionSearchFilter psf)
                              throws UMException
Retrieves a List of permissions related to the specified search filter. A list of size zero is returned if no relevant permissions are found.

Specified by:
getPermissions in interface AuthorizationManager
Parameters:
psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.
Returns:
A List of permissions that were found.
Throws:
UMException

getSystemPermissions

public java.util.List getSystemPermissions(PermissionSearchFilter psf)
                                    throws UMException
Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter. This method is used in the creation of roles. A role may consist of any number of permissions that have been potentially defined on various resource types. A list of size zero is returned if no relevant permissions are found.

Specified by:
getSystemPermissions in interface AuthorizationManager
Parameters:
psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.
Returns:
A List of permissions that were found for all the system resource types.
Throws:
UMException

setDefaultACL

public void setDefaultACL(ResourceTypeACL rtDefACL)
                   throws UMException
Specifies the default access control list (ACL) for the given resource type.

Specified by:
setDefaultACL in interface AuthorizationManager
Parameters:
rtDefACL - An object containing the permission and principal identifiers.
Throws:
UMException

modifyDefaultACL

public void modifyDefaultACL(ResourceTypeACL addRtDefACL,
                             ResourceTypeACL delRtDefACL)
                      throws UMException
Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.

Specified by:
modifyDefaultACL in interface AuthorizationManager
Parameters:
addRtDefACL - The ACL to be added.
delRtDefACL - The ACL to be removed.
Throws:
UMException
See Also:
AuthorizationManager.registerResInstance(java.lang.String, java.util.List)

modifyRole

public void modifyRole(java.lang.String roleName,
                       java.util.List addPermissionOids,
                       java.util.List removePermissionOids)
                throws UMException
Modifies the definition of a role by adding and removing a set of permissions from the definition of the role. Only mutable roles may be modified.

Specified by:
modifyRole in interface AuthorizationManager
Parameters:
roleName - The name of the role.
addPermissionOids - The identifiers of the permissions to be added.
removePermissionOids - The identifiers of the permissions to be removed.
Throws:
UMException

getAllRolePermissions

public java.util.List getAllRolePermissions(java.lang.String roleId)
                                     throws UMException
Retrieves a List of permissions related to the specified role. The reliant application can use this method to dynamically ascertain the permissions for a role. A list of size zero is returned if no relevant permissions are found. It is possible that all the permissions in the role definition may be deleted. This role can still be assigned to principals. However, it would not have any underlying permissions. In such cases it is assumed that the client will be able to make necessary access-related decisions gracefully, based on assignment of the role only, and not on its underlying permissions.

Specified by:
getAllRolePermissions in interface AuthorizationManager
Parameters:
roleId - The role identifier.
Returns:
The List of permissions related to the specified role.
Throws:
UMException

isMutable

public boolean isMutable(java.lang.String roleId)
                  throws UMException
Determines whether the specified role is mutable.

Specified by:
isMutable in interface AuthorizationManager
Parameters:
roleId - The role identifier.
Returns:
true if the role is mutable, false otherwise.
Throws:
UMException

registerResInstance

public void registerResInstance(java.lang.String resType,
                                java.util.List resIdList)
                         throws UMException
Assigns the default access control list (ACL) of the specified resource type to the given resource instances.

Specified by:
registerResInstance in interface AuthorizationManager
Parameters:
resType - The resource type.
resIdList - The resource identifiers to which default permissions must be applied.
Throws:
UMException

assignPermToPrincipalForRes

public void assignPermToPrincipalForRes(java.lang.String principalOid,
                                        java.lang.String resourceId,
                                        java.util.List permissionOid)
                                 throws UMException
Assigns the specified permissions to the principal for the given resource instance.

Specified by:
assignPermToPrincipalForRes in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
permissionOid - A List of permissions identifiers that will be assigned to the principal for the given resource.
Throws:
UMException

assignPermToPrincipalsForRes

public void assignPermToPrincipalsForRes(java.lang.String resourceId,
                                         java.util.Map principalPermissionMap)
                                  throws UMException
Assigns the specified permissions to the principals for the given resource instance.

Specified by:
assignPermToPrincipalsForRes in interface AuthorizationManager
Parameters:
resourceId - The resource identifier.
principalPermissionMap - A Map whose keys are principal identifiers and whose values are ArrayList objects containing permission identifiers to be assigned to the principal for the given resource instance.
Throws:
UMException

getPermsForPrincipalOverRes

public java.util.Set getPermsForPrincipalOverRes(java.lang.String principalOid,
                                                 java.lang.String resourceId)
                                          throws UMException
Retrieves a Set of permissions for the specified principal and resource instance. A Set of size zero is returned if no relevant permissions are found.

Specified by:
getPermsForPrincipalOverRes in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
Returns:
A Set of permissions for the specified principal and resource instance.
Throws:
UMException

getPermsForPrincipalsOverRes

public java.util.Map getPermsForPrincipalsOverRes(java.util.List principalOidList,
                                                  java.lang.String resourceId)
                                           throws UMException
Retrieves a Map of permissions for the List of specified principals and resource instance.

Specified by:
getPermsForPrincipalsOverRes in interface AuthorizationManager
Parameters:
principalOidList - The List of principal identifiers.
resourceId - The resource identifier.
Returns:
A Map whose keys are principal identifiers and whose values are Set objects containing permission identifiers to be assigned to the principal for the given resource instance.
Throws:
UMException

modifyPermsToPrincipalForRes

public void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                         java.lang.String resourceId,
                                         java.util.List delPerm,
                                         java.util.List addPerm)
                                  throws UMException
Assigns and removes the specified permissions from the principal for the given resource instance.

Specified by:
modifyPermsToPrincipalForRes in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
delPerm - The permissions to be removed from the principal.
addPerm - The permissions to be assigned to the principal.
Throws:
UMException

modifyPermsToPrincipalsForRes

public void modifyPermsToPrincipalsForRes(java.util.List principalOid,
                                          java.lang.String resourceId,
                                          java.util.List delPerm,
                                          java.util.List addPerm)
                                   throws UMException
Assigns and removes the specified permissions from the List of principals for the given resource instance.

Specified by:
modifyPermsToPrincipalsForRes in interface AuthorizationManager
Parameters:
principalOid - The List of principal identifiers.
resourceId - The resource identifier.
delPerm - The permissions to be removed from the principal.
addPerm - The permissions to be assigned to the principal.
Throws:
UMException

deletePermsForPrincipalForRes

public void deletePermsForPrincipalForRes(java.lang.String principalOid,
                                          java.lang.String resourceId,
                                          java.util.List permList)
                                   throws UMException
Removes the specified permissions from the principal for the given resource instance.

Specified by:
deletePermsForPrincipalForRes in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
permList - The permissions to be removed.
Throws:
UMException

deletePermsForPrincipalsForRes

public void deletePermsForPrincipalsForRes(java.util.List principalOid,
                                           java.lang.String resourceId,
                                           java.util.List permList)
                                    throws UMException
Removes the specified permissions from the List of principals for the given resource instance.

Specified by:
deletePermsForPrincipalsForRes in interface AuthorizationManager
Parameters:
principalOid - The List of principal identifiers.
resourceId - The resource identifier.
permList - The list of permission oids to be removed.
Throws:
UMException

findRolesForPrincipals

public java.util.Map findRolesForPrincipals(java.util.List principalOid)
                                     throws UMException
Retrieves a Map containing sets of roles assigned to the specified principals. A Map of size zero is returned if no relevant roles are found.

Specified by:
findRolesForPrincipals in interface AuthorizationManager
Parameters:
principalOid - The principal identifiers.
Returns:
A Map of principals whose keys are principal identifiers and whose values are Set objects of roles assigned to the principal either through direct assignment or indirectly via the principal's lineage.
Throws:
UMException

assignRoles

public void assignRoles(java.lang.String[] roleId,
                        java.lang.String[] principalOids)
                 throws UMException
Assigns the specified roles to the given principals. Either all the principals or no principals are assigned the roles.

Specified by:
assignRoles in interface AuthorizationManager
Parameters:
roleId - An array of role names.
principalOids - The principal identifiers.
Throws:
UMException

unassignRoles

public void unassignRoles(java.lang.String[] roleId,
                          java.lang.String[] principalOids)
                   throws UMException
Removes the specified roles from the given principals. Either all the principals or no principals are unassigned the roles.

Specified by:
unassignRoles in interface AuthorizationManager
Parameters:
roleId - An array of role names.
principalOids - The principal identifiers.
Throws:
UMException

areUsersInRole

public java.util.Map areUsersInRole(java.lang.String roleId,
                                    java.util.List principalOid)
                             throws UMException
Determines whether the specified principals have been assigned the given role.

Specified by:
areUsersInRole in interface AuthorizationManager
Parameters:
roleId - The role identifier.
principalOid - The principal identifiers.
Returns:
A Map of principals whose keys are principal identifiers and whose values are boolean values.
Throws:
UMException

hasPermission

public PermissionInfo hasPermission(java.lang.String principalOid,
                                    java.lang.String resourceId,
                                    java.lang.String permissionOid)
                             throws UMException
Determines whether the principal has the permission assigned to it for the specified resource instance.

Specified by:
hasPermission in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
permissionOid - The permission identifier.
Returns:
A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.
Throws:
UMException

hasPermission

public PermissionInfo hasPermission(java.lang.String principalOid,
                                    java.lang.String resourceId,
                                    Permission perm)
                             throws UMException
Determines whether the principal has the permission assigned to it for the specified resource instance.

Specified by:
hasPermission in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
perm - The permission object.
Returns:
A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.
Throws:
UMException

hasPermission

public java.util.Map hasPermission(java.util.List principalOid,
                                   java.lang.String resourceId,
                                   java.lang.String permissionOid)
                            throws UMException
Determines whether the List of principals have the specified permission for the given resource instance.

Specified by:
hasPermission in interface AuthorizationManager
Parameters:
principalOid - The principal identifiers.
resourceId - The resource identifier.
permissionOid - The permission identifier.
Returns:
A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.
Throws:
UMException

hasPermission

public java.util.Map hasPermission(java.util.List principalOid,
                                   java.lang.String resourceId,
                                   Permission perm)
                            throws UMException
Determines whether the List of principals have the specified permission for the given resource instance.

Specified by:
hasPermission in interface AuthorizationManager
Parameters:
principalOid - The principal identifiers.
resourceId - The resource identifier.
perm - The permission object.
Returns:
A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.
Throws:
UMException

getResourcesForPrincipal

public java.util.Set getResourcesForPrincipal(java.lang.String principalOid,
                                              java.lang.String permissionOid)
                                       throws UMException
Retrieves a Set of resource identifiers for which the principal has the specified permission. An empty Set is returned if no relevant resources exist.

Specified by:
getResourcesForPrincipal in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
permissionOid - The permission identifier.
Returns:
A Set of resource identifiers for which the principal has the specified permission.
Throws:
UMException

getResourcesForPrincipals

public java.util.Map getResourcesForPrincipals(java.util.List principalOid,
                                               java.lang.String permissionOid)
                                        throws UMException
Retrieves a Map of resource identifiers for which the principals have the specified permission.

Specified by:
getResourcesForPrincipals in interface AuthorizationManager
Parameters:
principalOid - The principal identifiers.
permissionOid - The permission identifier.
Returns:
A Map whose keys are the principal identifiers and values are Set objects containing resource instances for which the principals have the specified permission.
Throws:
UMException

modifyPermsToPrincipalForRes

public void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                         java.lang.String resourceId,
                                         java.util.List desiredPerms)
                                  throws UMException
Assigns the specified permissions to the principal for the given resource instance. It will delete any extra permissions already assigned directly to the principal. Permissions that are unassigned will be assigned.

Specified by:
modifyPermsToPrincipalForRes in interface AuthorizationManager
Parameters:
principalOid - The principal identifier.
resourceId - The resource identifier.
desiredPerms - The permissions that the principal will have.
Throws:
UMException

findPriPermInfoForRes

public java.util.Map findPriPermInfoForRes(java.lang.String resourceId)
                                    throws UMException
Retrieves a Map of permissions and principals for a given resource instance. Return the map where each key value pair is (principal, permission List for the resource instance). The principal-permssions-Set returned are direct assignments. The api will not do an explicit explosion of groups. The end client can find all the children for a principal (by calling directoryManager.getAllChildren(principalOid)) *if required*. All the children will inherit the mentioned permission List for the principal by virtue of lineage key = PrincipalOid Value = List of Permission objects

Specified by:
findPriPermInfoForRes in interface AuthorizationManager
Parameters:
resourceId - The resource identifier.
Returns:
A Map whose keys are the principal identifiers and whose values are List obejcts containing of permissions.
Throws:
UMException