Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.iam.platform.authopss.api
Interface EntityPublicationService

All Known Subinterfaces:
EntityPublicationServiceInternal
public interface EntityPublicationService

This service class should be used to manage entity publications. It provides methods to create, update, delete entity-publications in the persistent store. Runtime authorization checks are based on these publications and authorization scopes of a logged-in user.

See Also:
EntityPublication, AdminRoleMembership

Method Summary
 java.util.List addEntityPublications(java.util.List entityPublications)
          Publish entity into given scopes.
 java.util.List addEntityPublications(java.util.List entityPublications, boolean persistDependentData)
          Publish entity into given scopes along with the dependent data.
 boolean autoPublish(java.lang.String subjectId, java.util.List entityIds, PolicyConstants.Resources entityType)
          Auto publishes the entity of entityType to the particular scope based on following rules: All Create API versions for role, application instance and entitlements should call a method to publish the new entity in the 'administrative' scopes of the logged in user.
 boolean isAuthorizationRequired()
          Convenience method to check if Authorization checks are required or not.
 java.util.List listEntityPublicationInScope(PolicyConstants.Resources entityType, java.lang.String entityId, java.lang.String scopeId, boolean includeHierarchy, java.util.Map paramsMap)
          Returns a list of publications that publish given entity in a particular scope.
 java.util.List listEntityPublications(PolicyConstants.Resources entityType, java.lang.String entityId, java.util.Map paramsMap)
          Collates and returns a list of scopes in which an entity is published.
 java.util.List listEntityPublicationsInScope(PolicyConstants.Resources entityType, java.lang.String scopeId, java.util.Map paramsMap)
          List all the publications of an entity type in given scope
 java.util.List listEntityPublicationsInternal(PolicyConstants.Resources entityType, java.lang.String entityId)
          Internal API : Should be used only by internal platform classes.
 void refreshObject(java.lang.String entityId, PolicyConstants.Resources entityType)
          Refreshes the publication objects in cachce and brings it in sync with the DB.
 boolean removeEntityPublications(java.util.List entityPublications)
          Remove entity publications from the scopes.
 boolean removeEntityPublications(java.util.List entityPublications, boolean unpublishDependentData)
          Removes the already published entities.
 java.util.List search(EntityPublicationSearchCriteria criteria, java.util.Map paramsMap)
          Searches for publications matching the specified SearchCriteria.
 boolean updateEntityPublications(java.util.List updatedEntityPublications)
          Update entity publications.

 

Method Detail

addEntityPublications

java.util.List addEntityPublications(java.util.List entityPublications)
Publish entity into given scopes. All entries are inserted as a single transaction.
Parameters:
entityPublications - a list of entity publications with valid entity reference and scope reference.
Returns:
List of entity publications with populated-ids that were successfully inserted. EntityPublicationException otherwise.

removeEntityPublications

boolean removeEntityPublications(java.util.List entityPublications)
Remove entity publications from the scopes. All entries are removed as a single transaction. Please Note that though remove works on publicationId, however to do the proper authorization checks it is mandatory that caller also passes entityId, entityType and scopeId as part of passed entity-publication object.
Parameters:
entityPublications - a list of entity publications to be removed.
Returns:
true if all publications were removed successful, otherwise false.

updateEntityPublications

boolean updateEntityPublications(java.util.List updatedEntityPublications)
Update entity publications. Only hierarchy flag can be updated in a publication. To change other attribtes, use add/remove methods. All entries are removed as a single transaction.
Parameters:
updatedEntityPublications - a list of entity publications to be updated.
Returns:
true if all publications were updated successful, otherwise false.

listEntityPublications

java.util.List listEntityPublications(PolicyConstants.Resources entityType,
                                      java.lang.String entityId,
                                      java.util.Map paramsMap)
Collates and returns a list of scopes in which an entity is published.
Parameters:
entityType - valid entity type, required. Currently supported are: - PolicyConstants.Resources.ROLE - for Role publishing. - PolicyConstants.Resources.APPLICATION_INSTANCE - for app-instance publishing. - PolicyConstants.Resources.IT_RESOURCE_ENTITLEMENT - For entitlement publication.
entityId - valid entity id, required
paramsMap - - Map containing the pagination & sorting parameters.
Returns:
a list of scopes in which an entity is published

listEntityPublicationsInScope

java.util.List listEntityPublicationsInScope(PolicyConstants.Resources entityType,
                                             java.lang.String scopeId,
                                             java.util.Map paramsMap)
List all the publications of an entity type in given scope
Parameters:
entityType - valid entity type, required. Currently supported are: - PolicyConstants.Resources.ROLE - for Role publishing. - PolicyConstants.Resources.APPLICATION_INSTANCE - for app-instance publishing. - PolicyConstants.Resources.IT_RESOURCE_ENTITLEMENT - For entitlement publication.
scopeId - scope for which publications are to be searched
paramsMap - - Map containing the pagination & sorting parameters.
Returns:
a list of publications in given scope for given entity type

search

java.util.List search(EntityPublicationSearchCriteria criteria,
                      java.util.Map paramsMap)
Searches for publications matching the specified SearchCriteria. For atribute names allowed in the search criteria and sort criteria Attribute enum in EntityPublication class
Parameters:
criteria - The search criteria based on which entries will be retrieved from the backend.
configParams - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.

The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional.

The SORTORDER configuration parameter indicates the sorting order of the result, SortOrder.ASCENDING and SortOrder.DESCENDING. This parameter is optional.

Returns:
the list of publications that matched the search criteria. This list is filtered based on the attribute and entity permissions of the logged-in User.
Throws:
AccessDeniedException - if the logged-in user does not have the required authorization.

listEntityPublicationInScope

java.util.List listEntityPublicationInScope(PolicyConstants.Resources entityType,
                                            java.lang.String entityId,
                                            java.lang.String scopeId,
                                            boolean includeHierarchy,
                                            java.util.Map paramsMap)
Returns a list of publications that publish given entity in a particular scope. If flag indicates to include publication due to scope hierarchy, then result will contain publications from the parent scopes.
Parameters:
entityType - valid entity type, required. Currently supported are: - PolicyConstants.Resources.ROLE - for Role publishing. - PolicyConstants.Resources.APPLICATION_INSTANCE - for app-instance publishing. - PolicyConstants.Resources.IT_RESOURCE_ENTITLEMENT - For entitlement publication.
entityId - valid entity id, optional
scopeId - scope for which publications are to be searched.
includeHierarchy - if true, any indirect publications through parent hierarchy are included, otherwise excluded from the result.
paramsMap - - Map containing the pagination & sorting parameters.
Returns:
a list of scopes in which an entity is published

autoPublish

boolean autoPublish(java.lang.String subjectId,
                    java.util.List entityIds,
                    PolicyConstants.Resources entityType)
Auto publishes the entity of entityType to the particular scope based on following rules: All Create API versions for role, application instance and entitlements should call a method to publish the new entity in the 'administrative' scopes of the logged in user. Implementation of auto-publish will read admin-role-memberships as given below and use associated organization scopes of the logged in user. - Role -- Role Administrator and Role Authorizer memberships - Application Instance -- Application Instance Administrator and Application Instance Authorizer memberships. - Entitlement -- Entitlement Administrator and Entitlement Authorizer memberships. If we find that logged in user has SYSTEM ADMINISTRATOR or SYSTEM CONFIGURATOR, then auto publish implementation will only publish to TOP without hierarchy. Reason is that the privileged accounts with these roles can also be used for programmatic create of role, application instances and entitlements. We are publishing without hierarchy to be secure by default.
Parameters:
subjectId - - The login credentials of the logged in user.
List(entityId) - - The list of entity-ids for which the auto-publishing needs to be done.
entityType - valid entity type, required. Currently supported are: - PolicyConstants.Resources.ROLE - for Role publishing. - PolicyConstants.Resources.APPLICATION_INSTANCE - for app-instance publishing. - PolicyConstants.Resources.IT_RESOURCE_ENTITLEMENT - For entitlement publication.
Returns:
boolean - if the auto-publishing was successful.

addEntityPublications

java.util.List addEntityPublications(java.util.List entityPublications,
                                     boolean persistDependentData)
Publish entity into given scopes along with the dependent data. Please ensure that list should contain entities with same entity-type. The IDependentDataProvider interface provides the convenience methods for dependent data access. The caller of the method should ensure that IDependentDataProvider is implemented correctly. All entries are inserted as a single transaction.
Parameters:
entityPublications - a list of entity publications with valid entity reference and scope reference.
booelan - flag to indicate to persist the dependent data.
Returns:
List of entity publications with populated-ids that were successfully inserted. EntityPublicationException otherwise.

listEntityPublicationsInternal

java.util.List listEntityPublicationsInternal(PolicyConstants.Resources entityType,
                                              java.lang.String entityId)
Internal API : Should be used only by internal platform classes. Collates and returns a list of scopes in which an entity is published.
Parameters:
entityType - valid entity type, required. Currently supported are: - PolicyConstants.Resources.ROLE - for Role publishing. - PolicyConstants.Resources.APPLICATION_INSTANCE - for app-instance publishing. - PolicyConstants.Resources.IT_RESOURCE_ENTITLEMENT - For entitlement publication.
entityId - valid entity id, required
Returns:
a list of scopes in which an entity is published

isAuthorizationRequired

boolean isAuthorizationRequired()
Convenience method to check if Authorization checks are required or not.
Returns:

removeEntityPublications

boolean removeEntityPublications(java.util.List entityPublications,
                                 boolean unpublishDependentData)
Removes the already published entities. The unpublished entities will no longer appear in org scoped searches. PLEASE NOTE: - Unpublishing will NOT delete the actual entity, it will only remove the availability of the entity from org scope. - Though remove works on publicationId, however to do the proper authorization checks it is mandatory that caller also passes entityId, entityType and scopeId as part of passed entity-publication object.
Parameters:
entityPublications - a list of entity publications to be removed.
unpublishDependentData - boolean parameter to determine if the dependent data also needs to be removed along with passed parent data.
Returns:
true if all publications were removed successful, otherwise false.

refreshObject

void refreshObject(java.lang.String entityId,
                   PolicyConstants.Resources entityType)
Refreshes the publication objects in cachce and brings it in sync with the DB. This method should be called when any attribute of the published entity is changed through separate flow.
Parameters:
entityId -
entityType -

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.