oracle.ifs.beans
Class AccessControlList

java.lang.Object

  |

  +--oracle.ifs.beans.LibraryObject

        |

        +--oracle.ifs.beans.TieLibraryObject

              |

              +--oracle.ifs.beans.PublicObject

                    |

                    +--oracle.ifs.beans.TiePublicObject

                          |

                          +--oracle.ifs.beans.AccessControlList

All Implemented Interfaces:

IfsEventHandler, LibraryObjectInterface, PublicObjectInterface, Traceable

Direct Known Subclasses:

TieAccessControlList

public class AccessControlList

extends TiePublicObject

The AccessControlList class represents a set of access control entries that are referenced by one or more public Objects.

See Also:

AccessLevel, DirectoryObject, DirectoryUser, PublicObject

Field Summary

static java.lang.String	CLASS_NAME This class name for this class.
static java.lang.String	SHARED_ATTRIBUTE An indicator of whether more than one PublicObject refers to this AccessControlList.

Fields inherited from class oracle.ifs.beans.PublicObject

ACL_ATTRIBUTE, ADMINISTRATIONGROUP_ATTRIBUTE, CREATEDATE_ATTRIBUTE, CREATOR_ATTRIBUTE, DELETOR_ATTRIBUTE, DESCRIPTION_ATTRIBUTE, EXPIRATIONDATE_ATTRIBUTE, FAMILY_ATTRIBUTE, FLAGS_ATTRIBUTE, LASTMODIFIER_ATTRIBUTE, LASTMODIFYDATE_ATTRIBUTE, LOCKEDFORSESSION_ATTRIBUTE, LOCKSTATE_ATTRIBUTE, LOCKSTATE_HARDLOCK, LOCKSTATE_SESSIONLOCK, LOCKSTATE_SOFTLOCK, LOCKSTATE_UNLOCK, LOCKSTATE_USERLOCK, NAME_ATTRIBUTE, OWNER_ATTRIBUTE, POLICYBUNDLE_ATTRIBUTE, PROPERTYBUNDLE_ATTRIBUTE, RESOLVEDPUBLICOBJECT_ATTRIBUTE, SECURINGPUBLICOBJECT_ATTRIBUTE

Method Summary

boolean	checkEffectiveAccess(DirectoryObject obj, AccessLevel level) Check to see if specified user has the specified access level on this object.
boolean	checkGrantedAccess(AccessLevel level) Check if current user has the specified access level on this object.
boolean	checkGrantedAccess(DirectoryObject obj, AccessLevel requestedLevel) Check to see if specified user/group has the specified access level on this object.
AccessLevel	getEffectiveAccessLevel(DirectoryObject obj) Returns the effective access level on this object for the specified user.
AccessLevel	getGrantedAccessLevel() Returns the access level on this object for the current user.
AccessLevel	getGrantedAccessLevel(DirectoryObject obj) Returns the access level on this object for a specified DirectoryObject.
AccessControlEntry	grantAccess(AccessControlEntryDefinition aceDef) Add or extend an ACE for this ACL.
void	handleEvent(IfsEvent event) Handles the specified event.
boolean	isShared() Return indication as to whether this is a shared ACL, meaning more than one PublicObject refers to it.
void	removeAccessControlEntry(AccessControlEntry ace) Remove an ACE from this ACL.
AccessControlEntry	revokeAccess(AccessControlEntryDefinition aceDef) Remove or restrict an ACE for this ACL.
void	revokeAllAccess() Remove all ACEs for this ACL.
void	updateAccessControlEntry(AccessControlEntry ace, AccessControlEntryDefinition aceDef) Update an ACE in this ACL.

Methods inherited from class oracle.ifs.beans.PublicObject

addCategory, addRelationship, checkEffectiveAccess, copy, getAcl, getAllFolderPaths, getAllFolderPaths, getAnyFolderPath, getAnyFolderPath, getCategories, getCategories, getCreateDate, getCreator, getDefaultAccessLevel, getDescription, getEffectiveAccessLevel, getExpirationDate, getFamily, getFlags, getFolderReferencesSortSpecification, getLastModifier, getLastModifyDate, getLeftwardRelationshipObjects, getLeftwardRelationshipObjects, getLeftwardRelationships, getLeftwardRelationships, getLockedState, getLockState, getLockStateLabel, getOwner, getPolicyBundle, getPropertyBundle, getResolvedPublicObject, getRightwardRelationshipObjects, getRightwardRelationshipObjects, getRightwardRelationships, getRightwardRelationships, getSecuringPublicObject, hasNameAttribute, isLocked, isLockedForSession, isLockedForSessionByCurrentSession, isVersionable, isVersioned, lock, putPolicy, putProperty, putProperty, removeAllPolicies, removeAllProperties, removePolicy, removePolicy, removeProperty, removeRelationship, setAcl, setDescription, setExpirationDate, setFlags, setFolderReferencesSortSpecification, setOwner, setPolicyBundle, setPropertyBundle, setSecuringPublicObject, toLockStateLabel, toLockStateLabel, toLockStateLabel, unlock

Methods inherited from class oracle.ifs.beans.LibraryObject

equals, free, free, getAttribute, getAttributeByUpperCaseName, getAttributes, getAttributesByUpperCaseNames, getClassId, getClassObject, getDefinition, getId, getLabel, getName, getSession, invokeServerMethod, isInstanceOf, isTraced, lookupInstanceLabel, postEvent, postEvent, renderAsReader, renderAsStream, setAttribute, setAttribute, setAttributes, setAttributes, setName, toString, trace, update

Methods inherited from interface oracle.ifs.common.LibraryObjectInterface

getId

Methods inherited from interface oracle.ifs.common.Traceable

getTraceLogger, isTraced, trace

Field Detail

CLASS_NAME

public static final java.lang.String CLASS_NAME

This class name for this class. Useful for methods that take a class name argument.

SHARED_ATTRIBUTE

public static final java.lang.String SHARED_ATTRIBUTE

An indicator of whether more than one PublicObject refers to this AccessControlList.

Method Detail

getGrantedAccessLevel

public AccessLevel getGrantedAccessLevel()
                                  throws IfsException

Returns the access level on this object for the current user.

Returns:

the AccessLevel set for the current user.

Throws:

IfsException - if operation fails.

getGrantedAccessLevel

public AccessLevel getGrantedAccessLevel(DirectoryObject obj)
                                  throws IfsException

Returns the access level on this object for a specified DirectoryObject.

Parameters:

obj - the DirectoryObject

Returns:

the AccessLevel set for the specified DirectoryObject.

Throws:

IfsException - if operation fails.

checkGrantedAccess

public boolean checkGrantedAccess(AccessLevel level)
                           throws IfsException

Check if current user has the specified access level on this object.

Parameters:

level - specified level.

Returns:

true if current user has at least the specified access.

Throws:

IfsException - if operation fails.

checkGrantedAccess

public boolean checkGrantedAccess(DirectoryObject obj,
                                  AccessLevel requestedLevel)
                           throws IfsException

Check to see if specified user/group has the specified access level on this object.

Parameters:

obj - the DirectoryObject

level - specified level.

Returns:

true if specified user has at least the specified access.

Throws:

IfsException - if operation fails.

getEffectiveAccessLevel

public AccessLevel getEffectiveAccessLevel(DirectoryObject obj)
                                    throws IfsException

Returns the effective access level on this object for the specified user. This override will include the Grant standard permission if grant is available to the specified user inthe defined set of ACEs.

Overrides:

getEffectiveAccessLevel in class PublicObject

Parameters:

user - specified user on which to check Access Control

Returns:

the AccessLevel set for the specified user

Throws:

IfsException - if operation fails.

checkEffectiveAccess

public boolean checkEffectiveAccess(DirectoryObject obj,
                                    AccessLevel level)
                             throws IfsException

Check to see if specified user has the specified access level on this object.

Overrides:

checkEffectiveAccess in class PublicObject

Parameters:

user - specified user on which to check Access Control

level - specified level.

Returns:

true if specified user has at least the specified access.

Throws:

IfsException - if operation fails.

isShared

public boolean isShared()
                 throws IfsException

Return indication as to whether this is a shared ACL, meaning more than one PublicObject refers to it.

Returns:

true if more than one PublicObject refers to this ACL.

Throws:

IfsException - if operation fails.

grantAccess

public AccessControlEntry grantAccess(AccessControlEntryDefinition aceDef)
                               throws IfsException

Add or extend an ACE for this ACL. This adds an ACE which specifies grant access.

Overrides:

grantAccess in class PublicObject

Parameters:

aceDef - AccessControlEntry definition

Returns:

newly added AccessControlEntry

Throws:

IfsException - if operation fails.

revokeAccess

public AccessControlEntry revokeAccess(AccessControlEntryDefinition aceDef)
                                throws IfsException

Remove or restrict an ACE for this ACL. This adds a revoke ACE to this ACL.

Overrides:

revokeAccess in class PublicObject

Parameters:

aceDef - AccessControlEntry definition

Returns:

newly added AccessControlEntry

Throws:

IfsException - if operation fails.

revokeAllAccess

public void revokeAllAccess()
                     throws IfsException

Remove all ACEs for this ACL.

Overrides:

revokeAllAccess in class PublicObject

Throws:

IfsException - if operation fails.

handleEvent

public void handleEvent(IfsEvent event)
                 throws IfsException

Handles the specified event.

Overrides:

handleEvent in class PublicObject

Parameters:

event - the event

Throws:

IfsException - if the operation fails

removeAccessControlEntry

public void removeAccessControlEntry(AccessControlEntry ace)
                              throws IfsException

Remove an ACE from this ACL.

Parameters:

ace - AccessControlEntry to be removed

Throws:

IfsException - if operation fails.

updateAccessControlEntry

public void updateAccessControlEntry(AccessControlEntry ace,
                                     AccessControlEntryDefinition aceDef)
                              throws IfsException

Update an ACE in this ACL.

Parameters:

ace - AccessControlEntry to be updated

aceDef - the definition of the updates

Throws:

IfsException - if operation fails.