Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.iam.platform.authopss.api
Interface AdminRoleService

All Known Subinterfaces:
AdminRoleServiceInternal
public interface AdminRoleService

Service interface to query admin roles defined in an OIM installation and manage scoped user memberships in these roles.

Method Summary
 AdminRole addAdminRole(AdminRole adminRole)
          Add an admin role to the application.
 AdminRoleMembership addAdminRoleMembership(AdminRoleMembership membership)
          Add a admin role membership.
 AdminRole getAdminRole(java.lang.String roleName)
          Returns a a admin role matching the given name (case-insensitive).
 AdminRole getAdminRoleForID(java.lang.String roleId)
          Returns a a admin role matching the given name (case-insensitive).
 java.util.List getAdminRoles()
          Returns list of admin roles available in an installation
 java.util.List getAdminRoles(java.lang.String scopeId)
          Returns list of admin roles available within the context of the passed scope-id.
 java.util.List getAdminRolesForUser(java.lang.String userId, java.util.Map paramsMap)
          Get the list of admin roles for passed userId
 java.util.List getGlobalAdminRoles()
          Returns a list of admin roles which should never be assigned within organization scope.
 java.util.List getScopedAdminRoles()
          Returns list of admin roles which must be assigned within a valid organization scope.
 boolean isAuthorizationRequired()
          Convenience method to check if Authorization checks are required or not.
 java.util.List listMembershipsForUserByRoleName(java.lang.String userId, java.util.List roleName)
          Returns a list of user's admin role memberships based on role names..
 java.util.List listMembershipsInScope(java.lang.String scopeId, java.lang.String roleName, boolean includeHierarchy, java.util.Map paramsMap)
          Returns a list of admin role membership in the given scope.
 java.util.List listUsersMembership(java.lang.String userId, java.lang.String roleName, java.lang.String scopeId, boolean includeHierarchy, java.util.Map paramsMap)
          Returns a list of user's admin role memberships based on the parameters.
 java.util.List listUsersMembershipInternal(java.lang.String userId, java.lang.String roleName, java.lang.String scopeId, boolean includeHierarchy)
          Internal API : Should be used only by internal platform classes.
 boolean removeAdminRole(AdminRole adminRole)
          Remove a custom admin role from the application.
 boolean removeAdminRoleMembership(AdminRoleMembership membership)
          Removes a admin role membership
 boolean updateRoleMemberships(AdminRoleMembership roleMembership)
          Method to update the role memberships.

 

Method Detail

getAdminRoles

java.util.List getAdminRoles()
Returns list of admin roles available in an installation
Returns:
list of admin roles

getScopedAdminRoles

java.util.List getScopedAdminRoles()
Returns list of admin roles which must be assigned within a valid organization scope.
Returns:
list of admin roles which must be asigned within a valid organization scope.

getGlobalAdminRoles

java.util.List getGlobalAdminRoles()
Returns a list of admin roles which should never be assigned within organization scope.
Returns:
a list of admin roles which should never be assigned within organization scope.

getAdminRole

AdminRole getAdminRole(java.lang.String roleName)
Returns a a admin role matching the given name (case-insensitive). Null, if admin role is not found for the given name. Partial match is not supported.
Parameters:
roleName - name of the admin role, required, not-null
Returns:
admin role matching given name, or null

getAdminRoleForID

AdminRole getAdminRoleForID(java.lang.String roleId)
Returns a a admin role matching the given name (case-insensitive). Null, if admin role is not found for the given name. Partial match is not supported.
Parameters:
roleId - id of the admin role, required, not-null
Returns:
admin role matching given name, or null

addAdminRole

AdminRole addAdminRole(AdminRole adminRole)
Add an admin role to the application. This method is provided only as a convenience during developement cycle. It is not intended to be used as part application run-time . To use this role, it MUST be associated with the pre-defined application roles.
Parameters:
adminRole - admin role value object
Returns:
persisted admin role object

removeAdminRole

boolean removeAdminRole(AdminRole adminRole)
Remove a custom admin role from the application. This method is provided only as a convenience during developement cycle. It is not intended to be used as part application run-time .
Parameters:
adminRole - role to be removed from the application
Returns:
true, if role was removed successfuly, otherwise false.

addAdminRoleMembership

AdminRoleMembership addAdminRoleMembership(AdminRoleMembership membership)
Add a admin role membership.
Parameters:
membership - a valid membership to add, required
Returns:
membership that got added
Throws:
java.lang.IllegalArgumentException - this runtime exception will be thrown if admin role is global scoped and membership is attempted within a scope.

removeAdminRoleMembership

boolean removeAdminRoleMembership(AdminRoleMembership membership)
Removes a admin role membership
Parameters:
membership - a valid membership to be removed, required
Returns:
-true, if delete successful, false otherwise.

listUsersMembership

java.util.List listUsersMembership(java.lang.String userId,
                                   java.lang.String roleName,
                                   java.lang.String scopeId,
                                   boolean includeHierarchy,
                                   java.util.Map paramsMap)
Returns a list of user's admin role memberships based on the parameters.
Parameters:
userId - a valid user-id, required
roleName - - optional, the Admin role name filter
scopeId - optional, specific scope filter
includeHierarchy - this parameter is honored only when a valid scope id is passed. If true, then include any user's memberships to scope's parent, otherwise include direct scope assignment.
Returns:
a list of user's admin role membership based on parameters.

listMembershipsInScope

java.util.List listMembershipsInScope(java.lang.String scopeId,
                                      java.lang.String roleName,
                                      boolean includeHierarchy,
                                      java.util.Map paramsMap)
Returns a list of admin role membership in the given scope.
Parameters:
scopeId - a valid scope id, required
roleName - - optional, the Admin role name filter
includeHierarchy - If true, then include any memberships in this scope inherited from the parent of this scope, otherwise include only direct membership to the scope.
Returns:
a list of admin role memberships for a given scope

updateRoleMemberships

boolean updateRoleMemberships(AdminRoleMembership roleMembership)
Method to update the role memberships.
Parameters:
rolemembership - that has updated data
Returns:

getAdminRolesForUser

java.util.List getAdminRolesForUser(java.lang.String userId,
                                    java.util.Map paramsMap)
Get the list of admin roles for passed userId
Parameters:
userId -
Returns:
- List of AdminRoles for the passed user.

listMembershipsForUserByRoleName

java.util.List listMembershipsForUserByRoleName(java.lang.String userId,
                                                java.util.List roleName)
Returns a list of user's admin role memberships based on role names..
Parameters:
userId - a valid user-id, required
roleName - - required, the Admin role name filter
Returns:
a list of user's admin role membership based on parameters.

getAdminRoles

java.util.List getAdminRoles(java.lang.String scopeId)
Returns list of admin roles available within the context of the passed scope-id.
Returns:
list of admin roles

listUsersMembershipInternal

java.util.List listUsersMembershipInternal(java.lang.String userId,
                                           java.lang.String roleName,
                                           java.lang.String scopeId,
                                           boolean includeHierarchy)
Internal API : Should be used only by internal platform classes. Returns a list of user's admin role memberships based on the parameters.
Parameters:
userId - a valid user-id, required
roleName - - optional, the Admin role name filter
scopeId - optional, specific scope filter
includeHierarchy - this parameter is honored only when a valid scope id is passed. If true, then include any user's memberships to scope's parent, otherwise include direct scope assignment.
Returns:
a list of user's admin role membership based on parameters.

isAuthorizationRequired

boolean isAuthorizationRequired()
Convenience method to check if Authorization checks are required or not.
Returns:

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.