Package   Class  Tree  Index  Help 
Oracle® Content Services Web Services Java API Reference
10g Release 1 (10.1.1)
B19047-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.ifs.fdk
Interface SecurityManager

public interface SecurityManager

The security management public interface.

Method Summary
 Item addGrants(long id, NamedValue[] def, AttributeRequest[] attributes)
          Adds the specified grants to the security configuration of the target object.
 boolean checkPermission(long target, long userOrGroup, long permission)
          Determines whether the given DirectoryObject has the given permission on the given target object.
 Item createRole(long target, NamedValue[] def, AttributeRequest[] attributes)
          Creates a new Role for use in the target domain.
 void deleteRole(long id, NamedValue[] def)
          Deletes a Role.
 Item findRoleByKey(java.lang.String name, AttributeRequest[] attributes)
          Fetches a single OOTB role by its registered role key.
 Item[] getComputedGranteeList(long target, long role, AttributeRequest[] attributes)
          Returns the set of users that are granted the specified role on the specified SecurityConfiguration.
 Item getRole(long id, AttributeRequest[] attributes)
          Fetches a single role
 Item getRoleByName(java.lang.String name, AttributeRequest[] attributes)
          Fetches a single role by its commonname.
 boolean hasOnlyExplicitGrantedAccess(long target, long user)
          Returns true if the specified user has a grant on the specified public object that names the user as the grantee, and the permissions granted by this grant represent all the permissions of that user on the public object.
 boolean hasPropagatingGrants(long target, long user)
          Returns true if the specified user has any grants on the specified SecurityConfiguration that propagated from a parent.
 Item[] listRoles(long id, NamedValue[] options, AttributeRequest[] attributes)
          Returns the available security roles in the domain that apply to the given target object.
 Item[] listRolesByItemType(java.lang.String itemType, NamedValue[] options, AttributeRequest[] attributes)
          Returns the available security roles in the domain that apply to the given target object class.
 void removeSecurityConfiguration(long id)
          Removes the SecurityConfiguration from the target item.
 Item setSecurityConfiguration(long id, NamedValue[] def, AttributeRequest[] attributes)
          Updates the SecurityConfiguration on the target item.
 Item updateRole(long id, NamedValue[] def, AttributeRequest[] attributes)
          Updates a Role.

 

Method Detail

addGrants

public Item addGrants(long id,
                      NamedValue[] def,
                      AttributeRequest[] attributes)
               throws FdkException
Adds the specified grants to the security configuration of the target object.
Parameters:
id - The ID of the target object
def - Attributes for the securityconfiguration.
  • notation: {Attribute name, Attribute type}
  • {Attributes.GRANTS, NamedValueSet[]}, where each row corresponds to a grant whose attributes are:
    • {Attributes.GRANTEE, Long}
    • {Attributes.ROLES, long[]}
    • {Attributes.PROPAGATING, Boolean}
attributes - requested attributes for each item, or null.
Throws:
FdkException - if the operation fails.

checkPermission

public boolean checkPermission(long target,
                               long userOrGroup,
                               long permission)
                        throws FdkException
Determines whether the given DirectoryObject has the given permission on the given target object. Note that this will not check the capability restriction (e.g., if the object is locked), only the raw permission bit. In most cases, callers should check the capabilities; this is done by asking for Attributes.CAPABILITIES. See the Javadoc on that attribute for details.
Parameters:
target - The ID of the target PublicObject.
userOrGroup - The ID of the DirectoryObject.
permission - The long (bit value) representing the permission bit.
Throws:
FdkException - if the operation fails.

createRole

public Item createRole(long target,
                       NamedValue[] def,
                       AttributeRequest[] attributes)
                throws FdkException
Creates a new Role for use in the target domain.
Parameters:
target - The ID of the target domain.
def - Attributes for the new role.
  • notation: {Attribute name, Attribute type}
  • {Attributes.NAME, String}
  • {Attributes.ACCESS_LEVEL, String}
attributes - requested attributes for each item, or null.
Throws:
FdkException - if the operation fails.

deleteRole

public void deleteRole(long id,
                       NamedValue[] def)
                throws FdkException
Deletes a Role.
Parameters:
def - Optional attributes.
Throws:
FdkException - if the operation fails.

findRoleByKey

public Item findRoleByKey(java.lang.String name,
                          AttributeRequest[] attributes)
                   throws FdkException
Fetches a single OOTB role by its registered role key.
Parameters:
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

getComputedGranteeList

public Item[] getComputedGranteeList(long target,
                                     long role,
                                     AttributeRequest[] attributes)
                              throws FdkException
Returns the set of users that are granted the specified role on the specified SecurityConfiguration. This includes users that are granted this role via a grant to a group of which they are a member and users granted the role via a propagating grant from a parent folder. It does not include users who are granted the permissions specified by the role without being specifically granted the role (i.e., using custom roles).
Parameters:
target - The ID of the target security configuration.
role - The ID of the role.
attributes - Attributes on the users to retrieve.
Throws:
FdkException - if the operation fails.

getRole

public Item getRole(long id,
                    AttributeRequest[] attributes)
             throws FdkException
Fetches a single role
Parameters:
id - Id of the role.
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

getRoleByName

public Item getRoleByName(java.lang.String name,
                          AttributeRequest[] attributes)
                   throws FdkException
Fetches a single role by its commonname. Note that this method should not be used for OOTB roles; use findRoleByKey.
Parameters:
name - Common name of the role.
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

hasOnlyExplicitGrantedAccess

public boolean hasOnlyExplicitGrantedAccess(long target,
                                            long user)
                                     throws FdkException
Returns true if the specified user has a grant on the specified public object that names the user as the grantee, and the permissions granted by this grant represent all the permissions of that user on the public object. Returns false if there exist some other grant that grants the user some permission(s) that are not granted by the explicit grant.
Parameters:
target - The ID of the target SecurityConfiguration.
user - The ID of the desired user.
Throws:
FdkException - if the operation fails.

hasPropagatingGrants

public boolean hasPropagatingGrants(long target,
                                    long user)
                             throws FdkException
Returns true if the specified user has any grants on the specified SecurityConfiguration that propagated from a parent. Returns false if no such grants exist.
Parameters:
target - The ID of the target SecurityConfiguration.
user - The ID of the desired user.
Throws:
FdkException - if the operation fails.

listRoles

public Item[] listRoles(long id,
                        NamedValue[] options,
                        AttributeRequest[] attributes)
                 throws FdkException
Returns the available security roles in the domain that apply to the given target object.
Parameters:
id - the id of the target object
options - Options on the retrieved list. Valid options are:
  • notation: {Attribute name, Attribute type}
  • {Options.PRIMARY_SORT_ATTRIBUTE, String}
  • {Options.PRIMARY_SORT_DIRECTION, Boolean}
  • {Options.SECONDARY_SORT_ATTRIBUTE, String}
  • {Options.SECONDARY_SORT_DIRECTION, Boolean}
If an attribute name is specified with no direction, ascending is the default. Attribute names must be valid attributes in Attributes.java and must return values that implement Comparable.
attributes - attributes to retrieve.
Throws:
FdkException - if the operation fails.

listRolesByItemType

public Item[] listRolesByItemType(java.lang.String itemType,
                                  NamedValue[] options,
                                  AttributeRequest[] attributes)
                           throws FdkException
Returns the available security roles in the domain that apply to the given target object class. Use this method for when no object is available (e.g., when setting the security of an object that is yet to be created).
Parameters:
itemType - ItemTypes string representing these supported types:
  • ItemTypes.FOLDER
  • ItemTypes.DOMAIN
  • ItemTypes.CONTAINER
  • ItemTypes.WORKSPACE
  • ItemTypes.DOCUMENT
  • ItemTypes.GROUP
options - Options on the retrieved list. Valid options are:
  • notation: {Attribute name, Attribute type}
  • {Options.PRIMARY_SORT_ATTRIBUTE, String}
  • {Options.PRIMARY_SORT_DIRECTION, Boolean}
  • {Options.SECONDARY_SORT_ATTRIBUTE, String}
  • {Options.SECONDARY_SORT_DIRECTION, Boolean}
If an attribute name is specified with no direction, ascending the default. Attribute names must be valid attributes in Attributes.java and must return values that implement Comparable.
attributes - attributes to retrieve.
Throws:
FdkException - if the operation fails.

removeSecurityConfiguration

public void removeSecurityConfiguration(long id)
                                 throws FdkException
Removes the SecurityConfiguration from the target item.
Parameters:
id - The ID of the target item
Throws:
FdkException - if the operation fails.

setSecurityConfiguration

public Item setSecurityConfiguration(long id,
                                     NamedValue[] def,
                                     AttributeRequest[] attributes)
                              throws FdkException
Updates the SecurityConfiguration on the target item.
Parameters:
id - The ID of the target object
def - Attributes for the securityconfiguration.
  • notation: {Attribute name, Attribute type}
  • {Attributes.GRANTS, NamedValueSet[]}, where each row corresponds to a grant whose attributes are:
    • {Attributes.GRANTEE, Long}
    • {Attributes.ROLES, long[]}
    • {Attributes.PROPAGATING, Boolean}
attributes - requested attributes for each item, or null.
Throws:
FdkException - if the operation fails.

updateRole

public Item updateRole(long id,
                       NamedValue[] def,
                       AttributeRequest[] attributes)
                throws FdkException
Updates a Role.
Parameters:
def - New attributes for the role.
  • notation: {Attribute name, Attribute type}
  • {Attributes.NAME, String}
  • {Attributes.DESCRIPTION, String}
attributes - the requested attributes for the item
Returns:
the updated role
Throws:
FdkException - if the operation fails.

Package Class Tree Index Help
Oracle® Content Services Web Services Java API Reference
10g Release 1 (10.1.1)
B19047-01
PREV CLASS NEXT CLASS FRAMES NO FRAMES
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2002, 2005, Oracle. All rights reserved.