PermissionSetManager (Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)
E14650-03

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.jps.service.policystore.entitymanager
Interface PermissionSetManager

All Superinterfaces:: EntityManager

public interface PermissionSetManager

extends EntityManager

An Entity Manager that offers create, read, update and delete of a PermissionSet in a persistent store.

Method Summary
`EntryReference`	`createPermissionSet(PermissionSetEntry permSet)` Create a PermissionSet
`void`	`deletePermissionSet(EntryReference ref, boolean force)` Delete a PermissionSet
`PermissionSetEntry`	`getPermissionSet(java.lang.String permissionSetName)` Get a PermissionSet by Name.
`java.util.List`	`getPermissionSets(PermissionSetSearchQuery query)` Query PermissionSets based upon a search criteria.
`void`	`modifyPermissionSet(EntryReference ref, javax.naming.directory.ModificationItem[] modItems)` Modify the PermissionSet.
`void`	`modifyPermissionSet(EntryReference ref, ResourceActionsEntry resourceActionsToAdd, ResourceActionsEntry resourceActionsToRemove)` Modify the PermissionSet

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager
`resolveReference`

Method Detail

createPermissionSet

EntryReference createPermissionSet(PermissionSetEntry permSet)
                                   throws PolicyObjectAlreadyExistsException,
                                          PolicyStoreException

Create a PermissionSet

Parameters:: permSet - the permission set. The resources referred in the resourceActions in the permSet must already be defined in the policystore.
Returns:: a reference to the PermissionSet created.
Throws:: PolicyObjectAlreadyExistsException - if the permission set exists already; PolicyStoreException - if there was an error while creating the PermissionSet. For example, if the resource instance is not found in the store, a PolicyStoreException is reported.

deletePermissionSet

void deletePermissionSet(EntryReference ref,
                         boolean force)
                         throws PolicyStoreException

Delete a PermissionSet

Parameters:: ref - a reference to the PermissionSet; force - if set to false, a check is performed to determine if there are any grants referencing this PermissionSet. If there are any grants, an exception is raised.
if set to true, any grant referencing this PermissionSet is also deleted along with this PermissionSet.
Throws:: PolicyStoreException - if there was an error while deleting the PermissionSet.; PolicyStoreOperationNotAllowedException - if the PermissionSet being deleted is in use and force flag is false.

modifyPermissionSet

void modifyPermissionSet(EntryReference ref,
                         ResourceActionsEntry resourceActionsToAdd,
                         ResourceActionsEntry resourceActionsToRemove)
                         throws PolicyStoreException

Modify the PermissionSet

If there are any grants referencing this PermissionSet, the grants are also modified.

Parameters:: ref - the reference to the PermissionSet; resourceActionsToAdd - the ResourceActionsEntry to add. It can be null.; resourceActionsToRemove - the ResourceActionsEntry to remove. It can be null. If Non-null, the resourceActionsToRemove must be present in this PermissionSet.
Throws:: PolicyStoreException - if there was an error while modifying the PermissionSet.
If both resourceActionsToAdd and resourceActionsToDelete are both null an InvalidArgumentException is thrown.

modifyPermissionSet

void modifyPermissionSet(EntryReference ref,
                         javax.naming.directory.ModificationItem[] modItems)
                         throws PolicyStoreException

Modify the PermissionSet.

The displayname and description of the permission can be modified by this method.

The following code fragment illustrates how to Replace the display name.

     PermissionSetManager psm; 
     String property2Change = PermissionSetEntry.Properties.PROPERTY_DISPLAY_NAME.name();
     String newValue =  "this is the new description";
     Attribute attr = new BasicAttribute ( property2Change, newValue);
     ModificationItem displayModItem = new ModificationItem ( DirContext.REPLACE_ATTRIBUTE, attr);
     ModificationItem[] allItems = new ModificationItem []{ displayModItem };
     // get psm
     psm.modifyPermissionSet ( ref, allItems );

Parameters:: ref - a reference to the PermissionSet; modItems - an array of modification items.
Throws:: PolicyStoreException - if there was an error while modifying the PermissionSet.

getPermissionSet

PermissionSetEntry getPermissionSet(java.lang.String permissionSetName)
                                    throws PolicyStoreException

Get a PermissionSet by Name.

Parameters:

permissionSetName - name of the PermissionSet.

Returns:

PermissionSetEntry The permission set contains a set of Resource-Actions that constitute the PermissionSet. Every attempt is made to retrieve the display name and description of the Resource. If the resource is not found in the store, the display name and description are set to null.

If the resource is managed in an external store, it is possible the resource has been deleted without the PermissionSet being updated.

If the resoure is managed in the default store, it is also possible for the resource to have been deleted without the PermissionSet having been updated. This is possible in distributed policy environment.

Throws:

PolicyStoreException - if there was an error while searching for the PermissionSet.

getPermissionSets

java.util.List getPermissionSets(PermissionSetSearchQuery query)
                                 throws PolicyStoreException

Query PermissionSets based upon a search criteria. To get all permission sets, use query with ANY MATCHER and null value. Query must not be null. To get all permission sets defined in the scope, set matcher to ANY and value to match to null.

Parameters:: query - search criteria, must not be null.
Returns:: PermissionSetEntry. The display name and description of the Resource is not returned by this method. Their values are set to null in the returned ResourceEntry unlike getPermissionSet(String) which attempts to lookup the description and display name of the resource. Returns an empty list if no permisison set matching the query is found.
If no permissionSets are found, an empty list is returned.
Throws:: PolicyStoreException - if there was an error while querying.; InvalidArgumentException - if query is null.