|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AuthorizationManager
This is the primary interface for authorization.
Method Summary | |
---|---|
java.util.Map |
areUsersInRole(java.lang.String roleId,
java.util.List principalOid)
Determines whether the specified principals have been assigned the given role. |
void |
assignPermToPrincipalForRes(java.lang.String principalOid,
java.lang.String resourceId,
java.util.List permissionOid)
Assigns the specified permissions to the principal for the given resource instance. |
void |
assignPermToPrincipalsForRes(java.lang.String resourceId,
java.util.Map principalPermissionMap)
Assigns the specified permissions to the principals for the given resource instance. |
void |
assignRole(java.lang.String roleId,
java.lang.String[] principalOids)
Assigns the role to the specified principals. |
void |
assignRoles(java.lang.String[] roleId,
java.lang.String[] principalOids)
Assigns the specified roles to the given principals. |
java.lang.String |
createPermission(Permission perm)
Creates a permission for a resource type. |
java.lang.String |
createReliantApplication(ReliantApplication relApp)
Creates a reliant application. |
java.lang.String |
createResourceType(ResourceType resType)
Creates a resource type. |
void |
createRole(Role role)
Creates a role. |
void |
createRole(Role role,
java.util.List addPermissionOids)
Creates a role with specific permissions. |
void |
deletePermsForPrincipalForRes(java.lang.String principalOid,
java.lang.String resourceId,
java.util.List permList)
Removes the specified permissions from the principal for the given resource instance. |
void |
deletePermsForPrincipalsForRes(java.util.List principalOid,
java.lang.String resourceId,
java.util.List permList)
Removes the specified permissions from the List of principals for the given resource instance. |
void |
deleteRole(java.lang.String roleId)
Deletes the role. |
java.util.Map |
findPriPermInfoForRes(java.lang.String resourceId)
Retrieves a Map of permissions and principals for a given resource instance. |
Role |
findRole(java.lang.String roleId)
Retrieves a role. |
java.util.List |
findRoleMembership(RoleMembershipSearchFilter rmb)
Retrieves a List of roles based on specified membership search criteria. |
java.util.List |
findRoles(RoleSearchFilter rsf)
Retrieves a List of roles based on specified search criteria. |
java.util.Set |
findRolesForPrincipal(java.lang.String principalOid)
Finds the roles for a given principal. |
java.util.Map |
findRolesForPrincipals(java.util.List principalOid)
Retrieves a Map containing sets of roles assigned to the specified principals. |
java.util.List |
getAllRolePermissions(java.lang.String roleId)
Retrieves a List of permissions related to the specified role. |
java.util.List |
getPermissions(PermissionSearchFilter psf)
Retrieves a List of permissions related to the specified search filter. |
java.util.List |
getPermissions(java.lang.String ResourceTypeOid)
Retrieves a List of permissions related to the resource type. |
java.util.Set |
getPermsForPrincipalOverRes(java.lang.String principalOid,
java.lang.String resourceId)
Retrieves a Set of permissions for the specified principal and resource instance. |
java.util.Map |
getPermsForPrincipalsOverRes(java.util.List principalOidList,
java.lang.String resourceId)
Retrieves a Map of permissions for the List of specified principals and resource instance. |
ReliantApplication |
getReliantApplication(java.lang.String reliantApplicationName)
Retrieves a reliant application. |
java.util.Set |
getResourcesForPrincipal(java.lang.String principalOid,
java.lang.String permissionOid)
Retrieves a Set of resource identifiers for which the principal has the specified permission. |
java.util.Map |
getResourcesForPrincipals(java.util.List principalOid,
java.lang.String permissionOid)
Retrieves a Map of resource identifiers for which the principals have the specified permission. |
java.util.List |
getResourceType(ResourceTypeSearchFilter rtsf)
Searches for resource types. |
java.util.List |
getSystemPermissions(PermissionSearchFilter psf)
Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter. |
java.util.Map |
hasPermission(java.util.List principalOid,
java.lang.String resourceId,
Permission perm)
Determines whether the List of principals have the specified permission for the given resource instance. |
java.util.Map |
hasPermission(java.util.List principalOid,
java.lang.String resourceId,
java.lang.String permissionOid)
Determines whether the List of principals have the specified permission for the given resource instance. |
PermissionInfo |
hasPermission(java.lang.String principalOid,
java.lang.String resourceId,
Permission perm)
Determines whether the principal has the permission assigned to it for the specified resource instance. |
PermissionInfo |
hasPermission(java.lang.String principalOid,
java.lang.String resourceId,
java.lang.String permissionOid)
Determines whether the principal has the permission assigned to it for the specified resource instance. |
boolean |
isMutable(java.lang.String roleId)
Determines whether the specified role is mutable. |
boolean |
isUserInRole(java.lang.String roleId)
This determines whether the currently authenticated user is in the specified role. |
boolean |
isUserInRole(java.lang.String roleId,
java.lang.String principalOid)
This determines whether the principal has an assigned role. |
void |
modifyDefaultACL(ResourceTypeACL addRtDefACL,
ResourceTypeACL delRtDefACL)
Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered. |
void |
modifyPermsToPrincipalForRes(java.lang.String principalOid,
java.lang.String resourceId,
java.util.List desiredPerms)
Assigns the specified permissions to the principal for the given resource instance. |
void |
modifyPermsToPrincipalForRes(java.lang.String principalOid,
java.lang.String resourceId,
java.util.List delPerm,
java.util.List addPerm)
Assigns and removes the specified permissions from the principal for the given resource instance. |
void |
modifyPermsToPrincipalsForRes(java.util.List principalOid,
java.lang.String resourceId,
java.util.List delPerm,
java.util.List addPerm)
Assigns and removes the specified permissions from the List of principals for the given resource instance. |
void |
modifyRole(java.lang.String roleName,
java.util.List addPermissionOids,
java.util.List removePermissionOids)
Modifies the definition of a role by adding and removing a set of permissions from the definition of the role. |
void |
registerResInstance(java.lang.String resType,
java.util.List resIdList)
Assigns the default access control list (ACL) of the specified resource type to the given resource instances. |
void |
setDefaultACL(ResourceTypeACL rtDefACL)
Specifies the default access control list (ACL) for the given resource type. |
void |
unassignRole(java.lang.String roleId,
java.lang.String[] principalOids)
Unassigns the role from the specified principals. |
void |
unassignRoles(java.lang.String[] roleId,
java.lang.String[] principalOids)
Removes the specified roles from the given principals. |
Method Detail |
---|
boolean isUserInRole(java.lang.String roleId, java.lang.String principalOid) throws UMException
roleId
- The assigned role's identifier.principalOid
- The principal's identifier.
true
if the principal has the assigned role, false
otherwise.
UMException
boolean isUserInRole(java.lang.String roleId) throws UMException
roleId
- The role's identifier.
true
if the currently authenticated user has the specified role, false
otherwise.
UMException
void createRole(Role role) throws UMException
role.setMutableStatus(true)
is not specifically invoked by the caller.
role
- The role to be created.
UMException
void createRole(Role role, java.util.List addPermissionOids) throws UMException
role.setMutableStatus(true)
is not specifically invoked by the caller.
role
- The role to be created.addPermissionOids
- A List
of permissions the principal will have.
UMException
void deleteRole(java.lang.String roleId) throws UMException
roleId
- The role identifier.
UMException
- could be thrown, for example, in cases where an attempt to delete an immutable role has been made.void assignRole(java.lang.String roleId, java.lang.String[] principalOids) throws UMException
roleId
- The role to be assigned.principalOids
- The principals to which the role is to be assigned.
UMException
void unassignRole(java.lang.String roleId, java.lang.String[] principalOids) throws UMException
roleId
- The role to be assigned.principalOids
- The principals from which the role is to be unassigned.
UMException
Role findRole(java.lang.String roleId) throws UMException
roleId
- The role to be retrieved.
UMException
java.util.List findRoles(RoleSearchFilter rsf) throws UMException
List
of roles based on specified search criteria.
rsf
- A search filter that allows you to set multiple clauses for the roles to be retrieved.
List
of roles that were found based on the search filter.
UMException
java.util.Set findRolesForPrincipal(java.lang.String principalOid) throws UMException
principalOid
- The principal's identifier.
Set
of roles associated with the specified principal.
UMException
java.util.List findRoleMembership(RoleMembershipSearchFilter rmb) throws UMException
List
of roles based on specified membership search criteria.
rmb
- A search filter that allows you to set multiple clauses for the roles to be retrieved.
List
of principals (User
/Group
objects).
UMException
ReliantApplication getReliantApplication(java.lang.String reliantApplicationName) throws UMException
reliantApplicationName
- The name of the reliant application.
UMException
java.lang.String createReliantApplication(ReliantApplication relApp) throws UMException
relApp
- The reliant application to be created.
String
identifier of the reliant application that was created.
UMException
- to indicate if the same reliant application is being created again with the same or different system attributes.java.util.List getResourceType(ResourceTypeSearchFilter rtsf) throws UMException
rtsf
- A filter that encapsulates search parameters, as well as global parameters such as the offset and range of returned values.
List
containing the resource types.
UMException
java.lang.String createResourceType(ResourceType resType) throws UMException
resType
- The resource type to be created.
String
identifier of the resource type that was created.
UMException
- to indicate if the same resource type is being created again with the same or different system attributes.java.lang.String createPermission(Permission perm) throws UMException
perm
- The permission to be assigned.
String
identifier of the permission that was created.
UMException
java.util.List getPermissions(java.lang.String ResourceTypeOid) throws UMException
List
of permissions related to the resource type.
The reliant application can use this method to populate its user interface
with the relevant permissions on the permission assignment page.
A list of size zero is returned if no relevant permissions are found.
ResourceTypeOid
- The resource type identifier.
List
of permissions for the specified resource type.
UMException
java.util.List getPermissions(PermissionSearchFilter psf) throws UMException
List
of permissions related to the specified search filter.
A list of size zero is returned if no relevant permissions are found.
psf
- A search filter that allows you to set multiple clauses for the permissions to be retrieved.
List
of permissions that were found.
UMException
java.util.List getSystemPermissions(PermissionSearchFilter psf) throws UMException
List
of all the permissions belonging to all the resource types in the system, according to the specified search filter.
This method is used in the creation of roles. A role may consist of any number of permissions that have been
potentially defined on various resource types. A list of size zero is returned if no relevant permissions are found.
psf
- A search filter that allows you to set multiple clauses for the permissions to be retrieved.
List
of permissions that were found for all the system resource types.
UMException
void setDefaultACL(ResourceTypeACL rtDefACL) throws UMException
rtDefACL
- An object containing the permission and principal identifiers.
UMException
void modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL) throws UMException
addRtDefACL
- The ACL to be added.delRtDefACL
- The ACL to be removed.
UMException
AuthorizationManager.registerResInstance(java.lang.String, java.util.List)
void modifyRole(java.lang.String roleName, java.util.List addPermissionOids, java.util.List removePermissionOids) throws UMException
roleName
- The name of the role.addPermissionOids
- The identifiers of the permissions to be added.removePermissionOids
- The identifiers of the permissions to be removed.
UMException
java.util.List getAllRolePermissions(java.lang.String roleId) throws UMException
List
of permissions related to the specified role.
The reliant application can use this method to dynamically ascertain the permissions for a role.
A list of size zero is returned if no relevant permissions are found.
It is possible that all the permissions in the role definition may be deleted.
This role can still be assigned to principals. However, it would not have any underlying permissions.
In such cases it is assumed that the client will be able to make necessary access-related decisions gracefully,
based on assignment of the role only, and not on its underlying permissions.
roleId
- The role identifier.
List
of permissions related to the specified role.
UMException
boolean isMutable(java.lang.String roleId) throws UMException
roleId
- The role identifier.
true
if the role is mutable, false
otherwise.
UMException
void registerResInstance(java.lang.String resType, java.util.List resIdList) throws UMException
resType
- The resource type.resIdList
- The resource identifiers to which default permissions must be applied.
UMException
void assignPermToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permissionOid) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.permissionOid
- A List
of permissions identifiers that will be assigned to the principal for the given resource.
UMException
void assignPermToPrincipalsForRes(java.lang.String resourceId, java.util.Map principalPermissionMap) throws UMException
resourceId
- The resource identifier.principalPermissionMap
- A Map
whose keys are principal identifiers and
whose values are ArrayList
objects containing permission identifiers
to be assigned to the principal for the given resource instance.
UMException
java.util.Set getPermsForPrincipalOverRes(java.lang.String principalOid, java.lang.String resourceId) throws UMException
Set
of permissions for the specified principal and resource instance.
A Set
of size zero is returned if no relevant permissions are found.
principalOid
- The principal identifier.resourceId
- The resource identifier.
Set
of permissions for the specified principal and resource instance.
UMException
java.util.Map getPermsForPrincipalsOverRes(java.util.List principalOidList, java.lang.String resourceId) throws UMException
Map
of permissions for the List
of specified principals and resource instance.
principalOidList
- The List
of principal identifiers.resourceId
- The resource identifier.
Map
whose keys are principal identifiers and
whose values are Set
objects containing permission identifiers
to be assigned to the principal for the given resource instance.
UMException
void modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.delPerm
- The permissions to be removed from the principal.addPerm
- The permissions to be assigned to the principal.
UMException
void modifyPermsToPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) throws UMException
List
of principals for the given resource instance.
principalOid
- The List
of principal identifiers.resourceId
- The resource identifier.delPerm
- The permissions to be removed from the principal.addPerm
- The permissions to be assigned to the principal.
UMException
void deletePermsForPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permList) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.permList
- The permissions to be removed.
UMException
void deletePermsForPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List permList) throws UMException
List
of principals for the given resource instance.
principalOid
- The List
of principal identifiers.resourceId
- The resource identifier.permList
- The list of permission oids to be removed.
UMException
java.util.Map findRolesForPrincipals(java.util.List principalOid) throws UMException
Map
containing sets of roles assigned to the specified principals.
A Map
of size zero is returned if no relevant roles are found.
principalOid
- The principal identifiers.
Map
of principals whose keys are principal identifiers and whose values are Set
objects of roles
assigned to the principal either through direct assignment or indirectly via the principal's lineage.
UMException
void assignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) throws UMException
roleId
- An array of role names.principalOids
- The principal identifiers.
UMException
void unassignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) throws UMException
roleId
- An array of role names.principalOids
- The principal identifiers.
UMException
java.util.Map areUsersInRole(java.lang.String roleId, java.util.List principalOid) throws UMException
principalOid
- The principal identifiers.roleId
- The role identifier.
Map
of principals whose keys are principal identifiers and whose values are boolean values.
UMException
PermissionInfo hasPermission(java.lang.String principalOid, java.lang.String resourceId, java.lang.String permissionOid) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.permissionOid
- The permission identifier.
PermissionInfo
object containing a flag that indicates whether the permission has been assigned to the principal.
UMException
PermissionInfo hasPermission(java.lang.String principalOid, java.lang.String resourceId, Permission perm) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.perm
- The permission object.
PermissionInfo
object containing a flag that indicates whether the permission has been assigned to the principal.
UMException
java.util.Map hasPermission(java.util.List principalOid, java.lang.String resourceId, java.lang.String permissionOid) throws UMException
List
of principals have the specified permission for the given resource instance.
principalOid
- The principal identifiers.resourceId
- The resource identifier.permissionOid
- The permission identifier.
Map
whose keys are the principal identifiers and values are boolean values
indicating whether the principal has the permission assigned to it for the specified resource instance.
UMException
java.util.Map hasPermission(java.util.List principalOid, java.lang.String resourceId, Permission perm) throws UMException
List
of principals have the specified permission for the given resource instance.
principalOid
- The principal identifiers.resourceId
- The resource identifier.perm
- The permission object.
Map
whose keys are the principal identifiers and values are boolean values
indicating whether the principal has the permission assigned to it for the specified resource instance.
UMException
java.util.Set getResourcesForPrincipal(java.lang.String principalOid, java.lang.String permissionOid) throws UMException
Set
of resource identifiers for which the principal has the specified permission.
An empty Set
is returned if no relevant resources exist.
principalOid
- The principal identifier.permissionOid
- The permission identifier.
Set
of resource identifiers for which the principal has the specified permission.
UMException
java.util.Map getResourcesForPrincipals(java.util.List principalOid, java.lang.String permissionOid) throws UMException
Map
of resource identifiers for which the principals have the specified permission.
principalOid
- The principal identifiers.permissionOid
- The permission identifier.
Map
whose keys are the principal identifiers and values are Set
objects
containing resource instances for which the principals have the specified permission.
UMException
void modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List desiredPerms) throws UMException
principalOid
- The principal identifier.resourceId
- The resource identifier.desiredPerms
- The permissions that the principal will have.
UMException
java.util.Map findPriPermInfoForRes(java.lang.String resourceId) throws UMException
Map
of permissions and principals for a given resource instance.
Return the map where each key value pair is (principal, permission List for the resource instance). The principal-permssions-Set
returned are direct assignments. The api will not do an explicit explosion of groups. The end
client can find all the children for a principal (by calling directoryManager.getAllChildren(principalOid))
*if required*. All the children will inherit the mentioned permission List for the principal by virtue of lineage
key = PrincipalOid
Value = List of Permission objects
resourceId
- The resource identifier.
Map
whose keys are the principal identifiers and whose values are List
obejcts containing
of permissions.
IDPException
IDPSystemException
UMException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |