oracle.apps.fnd.applcore.tags.util
Class FndTagSecurity

java.lang.Object
  oracle.apps.fnd.applcore.tags.util.FndTagSecurity

All Implemented Interfaces:

oracle.webcenter.framework.resource.ResourceAuthorizer

public class FndTagSecurity
extends java.lang.Object
implements oracle.webcenter.framework.resource.ResourceAuthorizer

This is a class that uses FND Data Security to secure the resources that have been tagged. Implementers of this class can if need override method getDataSecurityObjectName(). In addition, if need be they can override the default implementation of getPrimaryKey(String resourceId), getPrivilegeName(String resourceId) and getCompositePrimaryKeySeparator(String resourceId) methods. This class uses DataSecurityAM instance to do Data Security checks of the resources being secured. It has to be noted that the lifecycle of the DataSecurityAM is the same as the lifecycle of the DBTransaction instance returned by getDBTransaction() concrete method, that needs to be implemnted by the developer. The default implementation of getPrimaryKey(String resourceId) assumes that the resourceId represents the primary key of the object and if it holds a composite primary key, the elements of the key are separated by ".". The default implementation of getPrivilegeName(String resourceId) assumes that the "read" privilege is used to secure the resource. The default implementation of getCompositePrimaryKeySeparator(resourceId) assumes that the seperator is ".". This class can also do Function Security check if needed. This requires that the following 3 methods be overloaded. getFSPermissionName(), getFSPermissionAction() and getFSPermissionClass(). The default implementation returns null and no function security check is done. getFSPermissionName() - should provide the name of the permission to check. ex PURCHASE_ORDER_REGION getFSPermissionAction() - should provide the action for the permission, e.g. view, invoke etc. getFSPermissionClass() - should provide the class name that implements the permission, etc. RegionPermission, MethodPermission, or TaskflowPermission For function security check to work, this class requires a code permission grant.

Constructor Summary

FndTagSecurity()

Method Summary

static boolean	checkPermission(java.security.Permission functionPerm)
java.lang.String	getCompositePrimaryKeySeparator(java.lang.String resourceId) The separator used to separate the different parts of the composite primary key, which is concatenated together in resourceId.
java.lang.String	getDataSecurityObjectName()
java.lang.String	getDataSecurityObjectName(java.lang.String resourceId) Gives the name of the object that is secured as defined in FND Data Security system.
java.lang.String	getDataSecurityPrivilegeName()
oracle.jbo.server.DBTransaction	getDBTransaction() Provides a DBTransaction instance that can be used to create a Data Security AM instance that can be used to test tag resource security.
java.lang.String	getFSPermissionAction() Provides the action for the permission, e.g.
java.lang.String	getFSPermissionClass() provide the class name that implements the permission, etc.
java.lang.String	getFSPermissionName() Provides the name of the permission to check.
java.lang.String[]	getPrimaryKey(java.lang.String resourceId) Returns the individuals elements of the Primary Key.
java.lang.String	getPrivilegeName(java.lang.String resourceId) The privilege name to use to secure the tags.
java.util.List<oracle.webcenter.framework.resource.ResourceInfo>	getResourceInfo(java.util.List<java.lang.String> resourceId)
java.util.List<oracle.webcenter.framework.resource.ResourceInfo>	getResourceInfo(oracle.webcenter.framework.service.Scope scope, java.util.List<java.lang.String> resourceId)
oracle.webcenter.framework.resource.ResourceInfo	getResourceInfo(oracle.webcenter.framework.service.Scope scope, java.lang.String resourceId)
oracle.webcenter.framework.resource.ResourceInfo	getResourceInfo(java.lang.String resourceId) Check if the user can view the page
DataSecurityAMImpl	getSecurityAM() Deprecated.
void	setDataSecurityObjectName(java.lang.String dataSecurityObjectName)
void	setDataSecurityPrivilegeName(java.lang.String dataSecurityPrivilegeName)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FndTagSecurity

public FndTagSecurity()

Method Detail

getResourceInfo

public java.util.List<oracle.webcenter.framework.resource.ResourceInfo> getResourceInfo(oracle.webcenter.framework.service.Scope scope,
                                                                                        java.util.List<java.lang.String> resourceId)

Specified by:

getResourceInfo in interface oracle.webcenter.framework.resource.ResourceAuthorizer

getResourceInfo

public java.util.List<oracle.webcenter.framework.resource.ResourceInfo> getResourceInfo(java.util.List<java.lang.String> resourceId)

getResourceInfo

public oracle.webcenter.framework.resource.ResourceInfo getResourceInfo(oracle.webcenter.framework.service.Scope scope,
                                                                        java.lang.String resourceId)

Specified by:

getResourceInfo in interface oracle.webcenter.framework.resource.ResourceAuthorizer

getResourceInfo

public oracle.webcenter.framework.resource.ResourceInfo getResourceInfo(java.lang.String resourceId)

Check if the user can view the page

Parameters:

resourceId - the page name with full path

getSecurityAM

public DataSecurityAMImpl getSecurityAM()

Deprecated.

For Internal ApplCore use only. Provides a DataSecurityAM instance that can be used to do data security checks for tagged resources. DO NOT USE THIS METHOD. IT WILL RESULT IN A CONN LEAK. The defualt implementation tries to find or create an instance of DataSecurityAM from the DBTransaction instance provided by getDBTransaction() method. The implementation is such tht the lifecycle of the Data Security AM is tied to the lifecycle of the DBTransaction instace returned by getDBTransaction() method.

Returns:

DataSecurityAM instance.

See Also:

getDBTransaction(), getSecurityAMInternal

getPrimaryKey

public java.lang.String[] getPrimaryKey(java.lang.String resourceId)

Returns the individuals elements of the Primary Key. Default implementation assumes composite primary key elements which are stored in resourceId are separated by "." This is based on the standards proposed by Apps Team. It returns string array holding the variuos parts of the primary key as defined in the Object defintion in FND Data Security. If you have a different delimiter for pk, then you wiil have to override this method and return a string array of length 5, as that is the maximum number of elemens that can be defined in the primary key of the object that is secured. The limitaiton of 5 comes from the Data Security system.

Returns:

- Returns a String[] of length 5 that holds the various elements of the primary key. If the primary key consists of fewer than 5 elements, the array element must be null.

getPrivilegeName

public java.lang.String getPrivilegeName(java.lang.String resourceId)

The privilege name to use to secure the tags. The default implementation assumes it is "read" privilege.

Returns:

- Privilege Name to use to do tag security check.

getCompositePrimaryKeySeparator

public java.lang.String getCompositePrimaryKeySeparator(java.lang.String resourceId)

The separator used to separate the different parts of the composite primary key, which is concatenated together in resourceId. The default implementation returns ".". If it is not the default, override this method.

Parameters:

resourceId -

Returns:

- The composite Primary key separator as used in resourceId. The default value is "."

getFSPermissionName

public java.lang.String getFSPermissionName()

Provides the name of the permission to check. ex PURCHASE_ORDER_REGION. This method needs to be overloaded if you want Function Security check.

Returns:

getFSPermissionAction

public java.lang.String getFSPermissionAction()

Provides the action for the permission, e.g. view, invoke etc.

Returns:

getFSPermissionClass

public java.lang.String getFSPermissionClass()

provide the class name that implements the permission, etc. RegionPermission, MethodPermission, or TaskflowPermission

Returns:

checkPermission

public static boolean checkPermission(java.security.Permission functionPerm)

getDataSecurityObjectName

public java.lang.String getDataSecurityObjectName(java.lang.String resourceId)

Gives the name of the object that is secured as defined in FND Data Security system. The implementers of this class need to implement this method.

Parameters:

resourceId -

Returns:

- Object name of the resource secured in Data Security system.

setDataSecurityObjectName

public void setDataSecurityObjectName(java.lang.String dataSecurityObjectName)

getDataSecurityObjectName

public java.lang.String getDataSecurityObjectName()

setDataSecurityPrivilegeName

public void setDataSecurityPrivilegeName(java.lang.String dataSecurityPrivilegeName)

getDataSecurityPrivilegeName

public java.lang.String getDataSecurityPrivilegeName()

getDBTransaction

public oracle.jbo.server.DBTransaction getDBTransaction()

Provides a DBTransaction instance that can be used to create a Data Security AM instance that can be used to test tag resource security. The default implementation returns null.

Returns:

- instance of DBTransaction associated with the root Application Module used by the page in which Tag Search is performed.