com.adobe.livecycle.usermanager.client
Class AuthorizationManagerServiceClient

java.lang.Object
  ManagerServiceClient
      com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient

All Implemented Interfaces:

AuthorizationManager

public class AuthorizationManagerServiceClient
extends ManagerServiceClient
implements AuthorizationManager

This is the client implementation of the AuthorizationManager class.

See Also:

AuthorizationManager

Constructor Summary

AuthorizationManagerServiceClient(ServiceClientFactory serviceClientFactory)
Authorization manager service client constructor.

Method Summary

java.util.Map	areUsersInRole(java.lang.String roleId, java.util.List principalOid) Determines whether the specified principals have been assigned the given role.
void	assignPermToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permissionOid) Assigns the specified permissions to the principal for the given resource instance.
void	assignPermToPrincipalsForRes(java.lang.String resourceId, java.util.Map principalPermissionMap) Assigns the specified permissions to the principals for the given resource instance.
void	assignRole(java.lang.String roleId, java.lang.String[] principalOids) Assigns the role to the specified principals.
void	assignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) Assigns the specified roles to the given principals.
java.lang.String	createPermission(Permission perm) Creates a permission for a resource type.
java.lang.String	createReliantApplication(ReliantApplication relApp) Creates a reliant application.
java.lang.String	createResourceType(ResourceType resType) Creates a resource type.
void	createRole(Role role) Creates a role.
void	createRole(Role role, java.util.List addPermissionOids) Creates a role with specific permissions.
void	deletePermsForPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permList) Removes the specified permissions from the principal for the given resource instance.
void	deletePermsForPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List permList) Removes the specified permissions from the List of principals for the given resource instance.
void	deleteRole(java.lang.String roleId) Deletes the role.
java.util.Map	findPriPermInfoForRes(java.lang.String resourceId) Retrieves a Map of permissions and principals for a given resource instance.
Role	findRole(java.lang.String roleId) Retrieves a role.
java.util.List	findRoleMembership(RoleMembershipSearchFilter rmb) Retrieves a List of roles based on specified membership search criteria.
java.util.List	findRoles(RoleSearchFilter rsf) Retrieves a List of roles based on specified search criteria.
java.util.Set	findRolesForPrincipal(java.lang.String principalOid) Finds the roles for a given principal.
java.util.Map	findRolesForPrincipals(java.util.List principalOid) Retrieves a Map containing sets of roles assigned to the specified principals.
java.util.List	getAllRolePermissions(java.lang.String roleId) Retrieves a List of permissions related to the specified role.
java.util.List	getPermissions(PermissionSearchFilter psf) Retrieves a List of permissions related to the specified search filter.
java.util.List	getPermissions(java.lang.String resourceTypeOid) Retrieves a List of permissions related to the resource type.
java.util.Set	getPermsForPrincipalOverRes(java.lang.String principalOid, java.lang.String resourceId) Retrieves a Set of permissions for the specified principal and resource instance.
java.util.Map	getPermsForPrincipalsOverRes(java.util.List principalOidList, java.lang.String resourceId) Retrieves a Map of permissions for the List of specified principals and resource instance.
ReliantApplication	getReliantApplication(java.lang.String reliantApplicationName) Retrieves a reliant application.
java.util.Set	getResourcesForPrincipal(java.lang.String principalOid, java.lang.String permissionOid) Retrieves a Set of resource identifiers for which the principal has the specified permission.
java.util.Map	getResourcesForPrincipals(java.util.List principalOid, java.lang.String permissionOid) Retrieves a Map of resource identifiers for which the principals have the specified permission.
java.util.List	getResourceType(ResourceTypeSearchFilter rtsf) Searches for resource types.
java.util.List	getSystemPermissions(PermissionSearchFilter psf) Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter.
java.util.Map	hasPermission(java.util.List principalOid, java.lang.String resourceId, Permission perm) Determines whether the List of principals have the specified permission for the given resource instance.
java.util.Map	hasPermission(java.util.List principalOid, java.lang.String resourceId, java.lang.String permissionOid) Determines whether the List of principals have the specified permission for the given resource instance.
PermissionInfo	hasPermission(java.lang.String principalOid, java.lang.String resourceId, Permission perm) Determines whether the principal has the permission assigned to it for the specified resource instance.
PermissionInfo	hasPermission(java.lang.String principalOid, java.lang.String resourceId, java.lang.String permissionOid) Determines whether the principal has the permission assigned to it for the specified resource instance.
boolean	isMutable(java.lang.String roleId) Determines whether the specified role is mutable.
boolean	isUserInRole(java.lang.String roleId) This determines whether the currently authenticated user is in the specified role.
boolean	isUserInRole(java.lang.String roleId, java.lang.String principalOid) This determines whether the principal has an assigned role.
void	modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL) Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.
void	modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List desiredPerms) Assigns the specified permissions to the principal for the given resource instance.
void	modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) Assigns and removes the specified permissions from the principal for the given resource instance.
void	modifyPermsToPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) Assigns and removes the specified permissions from the List of principals for the given resource instance.
void	modifyRole(java.lang.String roleName, java.util.List addPermissionOids, java.util.List removePermissionOids) Modifies the definition of a role by adding and removing a set of permissions from the definition of the role.
void	registerResInstance(java.lang.String resType, java.util.List resIdList) Assigns the default access control list (ACL) of the specified resource type to the given resource instances.
void	setDefaultACL(ResourceTypeACL rtDefACL) Specifies the default access control list (ACL) for the given resource type.
void	unassignRole(java.lang.String roleId, java.lang.String[] principalOids) Unassigns the role from the specified principals.
void	unassignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) Removes the specified roles from the given principals.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationManagerServiceClient

public AuthorizationManagerServiceClient(ServiceClientFactory serviceClientFactory)

Authorization manager service client constructor.

Parameters:

serviceClientFactory - The service client factory.

Method Detail

isUserInRole

public boolean isUserInRole(java.lang.String roleId,
                            java.lang.String principalOid)
                     throws UMException

This determines whether the principal has an assigned role.

Specified by:

isUserInRole in interface AuthorizationManager

Parameters:

roleId - The assigned role's identifier.

principalOid - The principal's identifier.

Returns:

true if the principal has the assigned role, false otherwise.

Throws:

UMException

isUserInRole

public boolean isUserInRole(java.lang.String roleId)
                     throws UMException

This determines whether the currently authenticated user is in the specified role. It gathers the information from the context passed into this AuthorizationManger when it was instantiated. If you need to change roles, you must re-authenticate, create a new context, and instantiate a new AuthorizationManager object.

Specified by:

isUserInRole in interface AuthorizationManager

Parameters:

roleId - The role's identifier.

Returns:

true if the currently authenticated user has the specified role, false otherwise.

Throws:

UMException

createReliantApplication

public java.lang.String createReliantApplication(ReliantApplication relApp)
                                          throws UMException

Creates a reliant application.

Specified by:

createReliantApplication in interface AuthorizationManager

Parameters:

relApp - The reliant application to be created.

Returns:

A String identifier of the reliant application that was created.

Throws:

UMException - to indicate if the same reliant application is being created again with the same or different system attributes.

createRole

public void createRole(Role role)
                throws UMException

Creates a role. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Specified by:

createRole in interface AuthorizationManager

Parameters:

role - The role to be created.

Throws:

UMException

createRole

public void createRole(Role role,
                       java.util.List addPermissionOids)
                throws UMException

Creates a role with specific permissions. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Specified by:

createRole in interface AuthorizationManager

Parameters:

role - The role to be created.

addPermissionOids - A List of permissions the principal will have.

Throws:

UMException

deleteRole

public void deleteRole(java.lang.String roleId)
                throws UMException

Deletes the role.

Specified by:

deleteRole in interface AuthorizationManager

Parameters:

roleId - The role identifier.

Throws:

UMException - could be thrown, for example, in cases where an attempt to delete an immutable role has been made.

assignRole

public void assignRole(java.lang.String roleId,
                       java.lang.String[] principalOids)
                throws UMException

Assigns the role to the specified principals. No exception is raised if the same role is reassigned to a given principal. Either all or none of the principals will be assigned the role.

Specified by:

assignRole in interface AuthorizationManager

Parameters:

roleId - The role to be assigned.

principalOids - The principals to which the role is to be assigned.

Throws:

UMException

unassignRole

public void unassignRole(java.lang.String roleId,
                         java.lang.String[] principalOids)
                  throws UMException

Unassigns the role from the specified principals. No exception is raised if the same role is unassigned from a given principal. Either all or none of the principals will be unassigned from the role.

Specified by:

unassignRole in interface AuthorizationManager

Parameters:

roleId - The role to be assigned.

principalOids - The principals from which the role is to be unassigned.

Throws:

UMException

findRole

public Role findRole(java.lang.String roleId)
              throws UMException

Retrieves a role.

Specified by:

findRole in interface AuthorizationManager

Parameters:

roleId - The role to be retrieved.

Returns:

The role.

Throws:

UMException

findRoles

public java.util.List findRoles(RoleSearchFilter rsf)
                         throws UMException

Retrieves a List of roles based on specified search criteria.

Specified by:

findRoles in interface AuthorizationManager

Parameters:

rsf - A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns:

The List of roles that were found based on the search filter.

Throws:

UMException

findRolesForPrincipal

public java.util.Set findRolesForPrincipal(java.lang.String principalOid)
                                    throws UMException

Finds the roles for a given principal.

Specified by:

findRolesForPrincipal in interface AuthorizationManager

Parameters:

principalOid - The principal's identifier.

Returns:

The Set of roles associated with the specified principal.

Throws:

UMException

findRoleMembership

public java.util.List findRoleMembership(RoleMembershipSearchFilter rmb)
                                  throws UMException

Retrieves a List of roles based on specified membership search criteria.

Specified by:

findRoleMembership in interface AuthorizationManager

Parameters:

rmb - A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns:

A List of principals (User/Group objects).

Throws:

UMException

getReliantApplication

public ReliantApplication getReliantApplication(java.lang.String reliantApplicationName)
                                         throws UMException

Retrieves a reliant application.

Specified by:

getReliantApplication in interface AuthorizationManager

Parameters:

reliantApplicationName - The name of the reliant application.

Returns:

The reliant application.

Throws:

UMException

getResourceType

public java.util.List getResourceType(ResourceTypeSearchFilter rtsf)
                               throws UMException

Searches for resource types.

Specified by:

getResourceType in interface AuthorizationManager

Parameters:

rtsf - A filter that encapsulates search parameters, as well as global parameters such as the offset and range of returned values.

Returns:

A List containing the resource types.

Throws:

UMException

createResourceType

public java.lang.String createResourceType(ResourceType resType)
                                    throws UMException

Creates a resource type.

Specified by:

createResourceType in interface AuthorizationManager

Parameters:

resType - The resource type to be created.

Returns:

A String identifier of the resource type that was created.

Throws:

UMException - to indicate if the same resource type is being created again with the same or different system attributes.

createPermission

public java.lang.String createPermission(Permission perm)
                                  throws UMException

Creates a permission for a resource type.

Specified by:

createPermission in interface AuthorizationManager

Parameters:

perm - The permission to be assigned.

Returns:

A String identifier of the permission that was created.

Throws:

UMException

getPermissions

public java.util.List getPermissions(java.lang.String resourceTypeOid)
                              throws UMException

Retrieves a List of permissions related to the resource type. The reliant application can use this method to populate its user interface with the relevant permissions on the permission assignment page. A list of size zero is returned if no relevant permissions are found.

Specified by:

getPermissions in interface AuthorizationManager

Parameters:

resourceTypeOid - The resource type identifier.

Returns:

A List of permissions for the specified resource type.

Throws:

UMException

getPermissions

public java.util.List getPermissions(PermissionSearchFilter psf)
                              throws UMException

Retrieves a List of permissions related to the specified search filter. A list of size zero is returned if no relevant permissions are found.

Specified by:

getPermissions in interface AuthorizationManager

Parameters:

psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns:

A List of permissions that were found.

Throws:

UMException

getSystemPermissions

public java.util.List getSystemPermissions(PermissionSearchFilter psf)
                                    throws UMException

Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter. This method is used in the creation of roles. A role may consist of any number of permissions that have been potentially defined on various resource types. A list of size zero is returned if no relevant permissions are found.

Specified by:

getSystemPermissions in interface AuthorizationManager

Parameters:

psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns:

A List of permissions that were found for all the system resource types.

Throws:

UMException

setDefaultACL

public void setDefaultACL(ResourceTypeACL rtDefACL)
                   throws UMException

Specifies the default access control list (ACL) for the given resource type.

Specified by:

setDefaultACL in interface AuthorizationManager

Parameters:

rtDefACL - An object containing the permission and principal identifiers.

Throws:

UMException

modifyDefaultACL

public void modifyDefaultACL(ResourceTypeACL addRtDefACL,
                             ResourceTypeACL delRtDefACL)
                      throws UMException

Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.

Specified by:

modifyDefaultACL in interface AuthorizationManager

Parameters:

addRtDefACL - The ACL to be added.

delRtDefACL - The ACL to be removed.

Throws:

UMException

See Also:

AuthorizationManager.registerResInstance(java.lang.String, java.util.List)

modifyRole

public void modifyRole(java.lang.String roleName,
                       java.util.List addPermissionOids,
                       java.util.List removePermissionOids)
                throws UMException

Modifies the definition of a role by adding and removing a set of permissions from the definition of the role. Only mutable roles may be modified.

Specified by:

modifyRole in interface AuthorizationManager

Parameters:

roleName - The name of the role.

addPermissionOids - The identifiers of the permissions to be added.

removePermissionOids - The identifiers of the permissions to be removed.

Throws:

UMException

getAllRolePermissions

public java.util.List getAllRolePermissions(java.lang.String roleId)
                                     throws UMException

Retrieves a List of permissions related to the specified role. The reliant application can use this method to dynamically ascertain the permissions for a role. A list of size zero is returned if no relevant permissions are found. It is possible that all the permissions in the role definition may be deleted. This role can still be assigned to principals. However, it would not have any underlying permissions. In such cases it is assumed that the client will be able to make necessary access-related decisions gracefully, based on assignment of the role only, and not on its underlying permissions.

Specified by:

getAllRolePermissions in interface AuthorizationManager

Parameters:

roleId - The role identifier.

Returns:

The List of permissions related to the specified role.

Throws:

UMException

isMutable

public boolean isMutable(java.lang.String roleId)
                  throws UMException

Determines whether the specified role is mutable.

Specified by:

isMutable in interface AuthorizationManager

Parameters:

roleId - The role identifier.

Returns:

true if the role is mutable, false otherwise.

Throws:

UMException

registerResInstance

public void registerResInstance(java.lang.String resType,
                                java.util.List resIdList)
                         throws UMException

Assigns the default access control list (ACL) of the specified resource type to the given resource instances.

Specified by:

registerResInstance in interface AuthorizationManager

Parameters:

resType - The resource type.

resIdList - The resource identifiers to which default permissions must be applied.

Throws:

UMException

assignPermToPrincipalForRes

public void assignPermToPrincipalForRes(java.lang.String principalOid,
                                        java.lang.String resourceId,
                                        java.util.List permissionOid)
                                 throws UMException

Assigns the specified permissions to the principal for the given resource instance.

Specified by:

assignPermToPrincipalForRes in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permissionOid - A List of permissions identifiers that will be assigned to the principal for the given resource.

Throws:

UMException

assignPermToPrincipalsForRes

public void assignPermToPrincipalsForRes(java.lang.String resourceId,
                                         java.util.Map principalPermissionMap)
                                  throws UMException

Assigns the specified permissions to the principals for the given resource instance.

Specified by:

assignPermToPrincipalsForRes in interface AuthorizationManager

Parameters:

resourceId - The resource identifier.

principalPermissionMap - A Map whose keys are principal identifiers and whose values are ArrayList objects containing permission identifiers to be assigned to the principal for the given resource instance.

Throws:

UMException

getPermsForPrincipalOverRes

public java.util.Set getPermsForPrincipalOverRes(java.lang.String principalOid,
                                                 java.lang.String resourceId)
                                          throws UMException

Retrieves a Set of permissions for the specified principal and resource instance. A Set of size zero is returned if no relevant permissions are found.

Specified by:

getPermsForPrincipalOverRes in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

Returns:

A Set of permissions for the specified principal and resource instance.

Throws:

UMException

getPermsForPrincipalsOverRes

public java.util.Map getPermsForPrincipalsOverRes(java.util.List principalOidList,
                                                  java.lang.String resourceId)
                                           throws UMException

Retrieves a Map of permissions for the List of specified principals and resource instance.

Specified by:

getPermsForPrincipalsOverRes in interface AuthorizationManager

Parameters:

principalOidList - The List of principal identifiers.

resourceId - The resource identifier.

Returns:

A Map whose keys are principal identifiers and whose values are Set objects containing permission identifiers to be assigned to the principal for the given resource instance.

Throws:

UMException

modifyPermsToPrincipalForRes

public void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                         java.lang.String resourceId,
                                         java.util.List delPerm,
                                         java.util.List addPerm)
                                  throws UMException

Assigns and removes the specified permissions from the principal for the given resource instance.

Specified by:

modifyPermsToPrincipalForRes in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

delPerm - The permissions to be removed from the principal.

addPerm - The permissions to be assigned to the principal.

Throws:

UMException

modifyPermsToPrincipalsForRes

public void modifyPermsToPrincipalsForRes(java.util.List principalOid,
                                          java.lang.String resourceId,
                                          java.util.List delPerm,
                                          java.util.List addPerm)
                                   throws UMException

Assigns and removes the specified permissions from the List of principals for the given resource instance.

Specified by:

modifyPermsToPrincipalsForRes in interface AuthorizationManager

Parameters:

principalOid - The List of principal identifiers.

resourceId - The resource identifier.

delPerm - The permissions to be removed from the principal.

addPerm - The permissions to be assigned to the principal.

Throws:

UMException

deletePermsForPrincipalForRes

public void deletePermsForPrincipalForRes(java.lang.String principalOid,
                                          java.lang.String resourceId,
                                          java.util.List permList)
                                   throws UMException

Removes the specified permissions from the principal for the given resource instance.

Specified by:

deletePermsForPrincipalForRes in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permList - The permissions to be removed.

Throws:

UMException

deletePermsForPrincipalsForRes

public void deletePermsForPrincipalsForRes(java.util.List principalOid,
                                           java.lang.String resourceId,
                                           java.util.List permList)
                                    throws UMException

Removes the specified permissions from the List of principals for the given resource instance.

Specified by:

deletePermsForPrincipalsForRes in interface AuthorizationManager

Parameters:

principalOid - The List of principal identifiers.

resourceId - The resource identifier.

permList - The list of permission oids to be removed.

Throws:

UMException

findRolesForPrincipals

public java.util.Map findRolesForPrincipals(java.util.List principalOid)
                                     throws UMException

Retrieves a Map containing sets of roles assigned to the specified principals. A Map of size zero is returned if no relevant roles are found.

Specified by:

findRolesForPrincipals in interface AuthorizationManager

Parameters:

principalOid - The principal identifiers.

Returns:

A Map of principals whose keys are principal identifiers and whose values are Set objects of roles assigned to the principal either through direct assignment or indirectly via the principal's lineage.

Throws:

UMException

assignRoles

public void assignRoles(java.lang.String[] roleId,
                        java.lang.String[] principalOids)
                 throws UMException

Assigns the specified roles to the given principals. Either all the principals or no principals are assigned the roles.

Specified by:

assignRoles in interface AuthorizationManager

Parameters:

roleId - An array of role names.

principalOids - The principal identifiers.

Throws:

UMException

unassignRoles

public void unassignRoles(java.lang.String[] roleId,
                          java.lang.String[] principalOids)
                   throws UMException

Removes the specified roles from the given principals. Either all the principals or no principals are unassigned the roles.

Specified by:

unassignRoles in interface AuthorizationManager

Parameters:

roleId - An array of role names.

principalOids - The principal identifiers.

Throws:

UMException

areUsersInRole

public java.util.Map areUsersInRole(java.lang.String roleId,
                                    java.util.List principalOid)
                             throws UMException

Determines whether the specified principals have been assigned the given role.

Specified by:

areUsersInRole in interface AuthorizationManager

Parameters:

roleId - The role identifier.

principalOid - The principal identifiers.

Returns:

A Map of principals whose keys are principal identifiers and whose values are boolean values.

Throws:

UMException

hasPermission

public PermissionInfo hasPermission(java.lang.String principalOid,
                                    java.lang.String resourceId,
                                    java.lang.String permissionOid)
                             throws UMException

Determines whether the principal has the permission assigned to it for the specified resource instance.

Specified by:

hasPermission in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permissionOid - The permission identifier.

Returns:

A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws:

UMException

hasPermission

public PermissionInfo hasPermission(java.lang.String principalOid,
                                    java.lang.String resourceId,
                                    Permission perm)
                             throws UMException

Determines whether the principal has the permission assigned to it for the specified resource instance.

Specified by:

hasPermission in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

perm - The permission object.

Returns:

A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws:

UMException

hasPermission

public java.util.Map hasPermission(java.util.List principalOid,
                                   java.lang.String resourceId,
                                   java.lang.String permissionOid)
                            throws UMException

Determines whether the List of principals have the specified permission for the given resource instance.

Specified by:

hasPermission in interface AuthorizationManager

Parameters:

principalOid - The principal identifiers.

resourceId - The resource identifier.

permissionOid - The permission identifier.

Returns:

A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws:

UMException

hasPermission

public java.util.Map hasPermission(java.util.List principalOid,
                                   java.lang.String resourceId,
                                   Permission perm)
                            throws UMException

Determines whether the List of principals have the specified permission for the given resource instance.

Specified by:

hasPermission in interface AuthorizationManager

Parameters:

principalOid - The principal identifiers.

resourceId - The resource identifier.

perm - The permission object.

Returns:

A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws:

UMException

getResourcesForPrincipal

public java.util.Set getResourcesForPrincipal(java.lang.String principalOid,
                                              java.lang.String permissionOid)
                                       throws UMException

Retrieves a Set of resource identifiers for which the principal has the specified permission. An empty Set is returned if no relevant resources exist.

Specified by:

getResourcesForPrincipal in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

permissionOid - The permission identifier.

Returns:

A Set of resource identifiers for which the principal has the specified permission.

Throws:

UMException

getResourcesForPrincipals

public java.util.Map getResourcesForPrincipals(java.util.List principalOid,
                                               java.lang.String permissionOid)
                                        throws UMException

Retrieves a Map of resource identifiers for which the principals have the specified permission.

Specified by:

getResourcesForPrincipals in interface AuthorizationManager

Parameters:

principalOid - The principal identifiers.

permissionOid - The permission identifier.

Returns:

A Map whose keys are the principal identifiers and values are Set objects containing resource instances for which the principals have the specified permission.

Throws:

UMException

modifyPermsToPrincipalForRes

public void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                         java.lang.String resourceId,
                                         java.util.List desiredPerms)
                                  throws UMException

Assigns the specified permissions to the principal for the given resource instance. It will delete any extra permissions already assigned directly to the principal. Permissions that are unassigned will be assigned.

Specified by:

modifyPermsToPrincipalForRes in interface AuthorizationManager

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

desiredPerms - The permissions that the principal will have.

Throws:

UMException

findPriPermInfoForRes

public java.util.Map findPriPermInfoForRes(java.lang.String resourceId)
                                    throws UMException

Retrieves a Map of permissions and principals for a given resource instance. Return the map where each key value pair is (principal, permission List for the resource instance). The principal-permssions-Set returned are direct assignments. The api will not do an explicit explosion of groups. The end client can find all the children for a principal (by calling directoryManager.getAllChildren(principalOid)) *if required*. All the children will inherit the mentioned permission List for the principal by virtue of lineage key = PrincipalOid Value = List of Permission objects

Specified by:

findPriPermInfoForRes in interface AuthorizationManager

Parameters:

resourceId - The resource identifier.

Returns:

A Map whose keys are the principal identifiers and whose values are List obejcts containing of permissions.

Throws:

UMException