Overview  Package   Class  Tree  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.wles.blm
Class BLMRuleManager

java.lang.Object
  extended bycom.wles.blm.BLMRuleManager
public class BLMRuleManager
extends java.lang.Object

Manages operations on rules. Rules are used to control a subject's access to a resource. Rules can either GRANT, DENY, or DELEGATE rights on resources. Both privilege and role access can be managed via rules. Rules have the following format: effect(action(s), resource(s), subject(s) [,delegator]) if constraint; where effect may be GRANT, DENY, DELEGATE, action may be one or more privileges or roles, resource can be one or more resources, and subjects can be one or more users, groups, or roles. The constraint is a series of boolean operations over attribute values which can be used to further limit the applicability of the rule. You may make use of the wles.util.RuleParser to construct and parse rules using Java objects rather then directly dealing with the above format. Use a BLMContextManager to obtain an instance of a BLMRuleManager.

See Also:
BLMContextManager, RuleParser

Field Summary
static java.lang.String EFFECT_TYPE_ALL
          Specifies rules with any effect.
static java.lang.String EFFECT_TYPE_DELEGATE
          Specifies rules with a DELEGATE effect.
static java.lang.String EFFECT_TYPE_DENY
          Specifies rules with a DENY effect.
static java.lang.String EFFECT_TYPE_GRANT
          Specifies rules with a GRANT effect.
static java.lang.String FILTER_OPERATOR_AND
          Specifies a filter search operator of AND.
static java.lang.String FILTER_OPERATOR_OR
          Specifies a filter search operator of OR.
static int ORDER_BY_DELEGATOR
           
static int ORDER_BY_EFFECT
          Specifies the order type of queryPolicy method.
static int ORDER_BY_PRIVILEGE
           
static int ORDER_BY_RESOURCE
           
static int ORDER_BY_ROLE
           
static int ORDER_BY_SUBJECT
           
static java.lang.String RULE_COMPOUND
           
static java.lang.String RULE_FLAT
          Specifies the result type of queryPolicy method.
 
Method Summary
 void createRule(java.lang.String text)
          Create rule from rule text.
 void deleteQuery(QueryDescription queryDescription)
          To delete a saved Policy Inquiry query.
 java.lang.String filter(RuleTypeEnum ruleType, java.lang.String effectType, java.lang.String[] actions, java.lang.String[] resources, java.lang.String[] subjects, java.lang.String[] delegators, java.lang.String conditionPattern, java.lang.String filterSearchOperator)
          Finds rules according to the selection criteria.
 java.lang.String filterByAttr(RuleTypeEnum ruleType, java.lang.String effectType, java.lang.String[] actions, java.lang.String[] resources, java.lang.String[] subjects, java.lang.String[] delegators, java.lang.String conditionPattern, java.lang.String filterSearchOperator, int sortingOrder, java.lang.String attrName, java.lang.String attrValue)
           
 boolean findRule(java.lang.String cID, java.lang.String ruleText)
          Searches for a rule in a rule collection.
 java.lang.String getAttribute(java.lang.String ruleText, java.lang.String attrName)
           
 int getCount(java.lang.String cID)
          Gets the size of a rule collection.
 java.lang.String[] getReport(java.lang.String cID)
          Returns a report on a rule collection.
 java.lang.String[] getReport(java.lang.String cID, int iStart, int iCount)
          Returns a report on a subset of a rule collection.
 QueryDescription[] listQueries(RuleTypeEnum ruleType, java.lang.String owner, int start, int numRecords)
          Returns an array of QueryDescription of the saved Policy queries.
 void modifyRule(java.lang.String oldRuleText, java.lang.String newRuleText)
          Modifies a rule by rule text.
 java.lang.String queryPolicy(PolicyQuery policyQuery)
          Returns a string that is an ID pointing to the collection of rules retrieved.
 java.lang.String queryPolicyByAttr(PolicyQuery policyQuery, java.lang.String attrName, java.lang.String attrValue)
           
 PolicyQuery readQuery(QueryDescription queryDescription)
          Returns a PolicyQuery of the the content of a saved Policy Inquiry query.
 void release(java.lang.String cID)
          Releases a rule collection.
 void removeRule(java.lang.String ruleText)
          Removes a rule by rule text.
 void saveQuery(QueryDescription queryDescription, PolicyQuery policyQuery, boolean overwrite)
          To create (save) a Policy query if the query does not exist.
 void setAttribute(java.lang.String ruleText, java.lang.String attrName, java.lang.String attrValue)
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

EFFECT_TYPE_ALL

public static final java.lang.String EFFECT_TYPE_ALL
Specifies rules with any effect.

See Also:
Constant Field Values

EFFECT_TYPE_DELEGATE

public static final java.lang.String EFFECT_TYPE_DELEGATE
Specifies rules with a DELEGATE effect.

See Also:
Constant Field Values

EFFECT_TYPE_DENY

public static final java.lang.String EFFECT_TYPE_DENY
Specifies rules with a DENY effect.

See Also:
Constant Field Values

EFFECT_TYPE_GRANT

public static final java.lang.String EFFECT_TYPE_GRANT
Specifies rules with a GRANT effect.

See Also:
Constant Field Values

FILTER_OPERATOR_AND

public static final java.lang.String FILTER_OPERATOR_AND
Specifies a filter search operator of AND.

See Also:
Constant Field Values

FILTER_OPERATOR_OR

public static final java.lang.String FILTER_OPERATOR_OR
Specifies a filter search operator of OR.

See Also:
Constant Field Values

ORDER_BY_DELEGATOR

public static final int ORDER_BY_DELEGATOR
See Also:
Constant Field Values

ORDER_BY_EFFECT

public static final int ORDER_BY_EFFECT
Specifies the order type of queryPolicy method.

See Also:
Constant Field Values

ORDER_BY_PRIVILEGE

public static final int ORDER_BY_PRIVILEGE
See Also:
Constant Field Values

ORDER_BY_RESOURCE

public static final int ORDER_BY_RESOURCE
See Also:
Constant Field Values

ORDER_BY_ROLE

public static final int ORDER_BY_ROLE
See Also:
Constant Field Values

ORDER_BY_SUBJECT

public static final int ORDER_BY_SUBJECT
See Also:
Constant Field Values

RULE_COMPOUND

public static final java.lang.String RULE_COMPOUND
See Also:
Constant Field Values

RULE_FLAT

public static final java.lang.String RULE_FLAT
Specifies the result type of queryPolicy method.

See Also:
Constant Field Values
Method Detail

createRule

public void createRule(java.lang.String text)
                throws com.wles.blm.BLMException,
                       RuleParser.ParsingException
Create rule from rule text.

Parameters:
text - text of the Rule
Throws:
BLMException
RuleParser.ParsingException
See Also:
RuleParser.ParsedRule.generateRuleText()

deleteQuery

public void deleteQuery(QueryDescription queryDescription)
                 throws com.wles.blm.BLMException
To delete a saved Policy Inquiry query. The permission to delete is checked against wles policy.

Parameters:
queryDescription - a description of Policy query, please see QueryDescription for detailed inforamtion
Throws:
BLMException

filter

public java.lang.String filter(RuleTypeEnum ruleType,
                               java.lang.String effectType,
                               java.lang.String[] actions,
                               java.lang.String[] resources,
                               java.lang.String[] subjects,
                               java.lang.String[] delegators,
                               java.lang.String conditionPattern,
                               java.lang.String filterSearchOperator)
                        throws com.wles.blm.BLMException
Finds rules according to the selection criteria. Returns a rule collection ID.

Parameters:
ruleType - rule type, one of: RuleTypeEnum.Policy, RuleTypeEnum.RoleMapping
effectType - one of: EFFECT_TYPE_GRANT, EFFECT_TYPE_DENY, EFFECT_TYPE_DELEGATE, EFFECT_TYPE_ALL
actions - array of privilege or role names as strings. An empty or null array is allowed and will match any action.
resources - array of resources as strings. An empty or null array is allowed and will match any resource.
subjects - array of subjects as strings. An empty or null array is allowed and will match any subject.
delegators - array of delegators as strings (cannot be more than one for AND search). An empty or null array is allowed and will match any delegator.
conditionPattern - condition String. Unlike the other fields in the filter method, the condition filed supports pattern matching, with the use of the * character. An empty or null value is allowed, and will match any condition.
filterSearchOperator - one of: FILTER_OPERATOR_OR, FILTER_OPERATOR_AND
Returns:
Collection ID
Throws:
BLMException
See Also:
getReport(String cID), getReport(String cID, int iStart, int iCount), getCount(String CID), release(String cID), findRule(String cID, String name), EFFECT_TYPE_GRANT, EFFECT_TYPE_DENY, EFFECT_TYPE_DELEGATE, FILTER_OPERATOR_OR, FILTER_OPERATOR_AND

filterByAttr

public java.lang.String filterByAttr(RuleTypeEnum ruleType,
                                     java.lang.String effectType,
                                     java.lang.String[] actions,
                                     java.lang.String[] resources,
                                     java.lang.String[] subjects,
                                     java.lang.String[] delegators,
                                     java.lang.String conditionPattern,
                                     java.lang.String filterSearchOperator,
                                     int sortingOrder,
                                     java.lang.String attrName,
                                     java.lang.String attrValue)
                              throws com.wles.blm.BLMException
Throws:
com.wles.blm.BLMException

findRule

public boolean findRule(java.lang.String cID,
                        java.lang.String ruleText)
                 throws com.wles.blm.BLMException,
                        RuleParser.ParsingException
Searches for a rule in a rule collection.

Parameters:
cID - collection ID of the rule collection
ruleText - text of rule
Returns:
boolean found = true
Throws:
BLMException
RuleParser.ParsingException
See Also:
RuleParser.ParsedRule.generateRuleText()

getAttribute

public java.lang.String getAttribute(java.lang.String ruleText,
                                     java.lang.String attrName)
                              throws com.wles.blm.BLMException,
                                     RuleParser.ParsingException
Throws:
com.wles.blm.BLMException
RuleParser.ParsingException

getCount

public int getCount(java.lang.String cID)
             throws com.wles.blm.BLMException
Gets the size of a rule collection.

Parameters:
cID - ID of the collection
Returns:
the count in the collection
Throws:
BLMException

getReport

public java.lang.String[] getReport(java.lang.String cID)
                             throws com.wles.blm.BLMException
Returns a report on a rule collection.

Parameters:
cID - ID of the collection
Returns:
A String array of rules in text format from the collection.
Throws:
BLMException
See Also:
RuleParser.parseRule(String ruleText)

getReport

public java.lang.String[] getReport(java.lang.String cID,
                                    int iStart,
                                    int iCount)
                             throws com.wles.blm.BLMException
Returns a report on a subset of a rule collection.

Parameters:
cID - ID of the collection
iStart - index of the start of the subset
iCount - size of the subset
Returns:
A String array of rules in text format from the collection.
Throws:
BLMException
See Also:
RuleParser.parseRule(String ruleText)

listQueries

public QueryDescription[] listQueries(RuleTypeEnum ruleType,
                                      java.lang.String owner,
                                      int start,
                                      int numRecords)
                               throws com.wles.blm.BLMException
Returns an array of QueryDescription of the saved Policy queries.

Parameters:
ruleType - an enumeration representing the type of query, can be RuleTypeEnum.Policy or RuleTypeEnum.RoleMapping, see RuleTypeEnum for detailed information.
owner - a String representing the owner of the query, like //user/wles/asiadmin/.
start - skipping this int number of records in the returned result.
numRecords - int number of records requested. A zero (0) represents all records.
Returns:
an array of QueryDescription which includes owner and query name.
Throws:
BLMException - if no record found, it will throw a BLMException which message is "No saved policy inquiry query is found"
See Also:
QueryDescription

modifyRule

public void modifyRule(java.lang.String oldRuleText,
                       java.lang.String newRuleText)
                throws com.wles.blm.BLMException,
                       RuleParser.ParsingException
Modifies a rule by rule text.

Parameters:
oldRuleText - the old rule
newRuleText - the new rule
Throws:
BLMException
RuleParser.ParsingException
See Also:
RuleParser.ParsedRule.generateRuleText()

queryPolicy

public java.lang.String queryPolicy(PolicyQuery policyQuery)
                             throws com.wles.blm.BLMException
Returns a string that is an ID pointing to the collection of rules retrieved. If no rules matches the query the ID will point to an empty collection. Rules type is Policy or RoleMapping.

Parameters:
policyQuery - a query which includes all criteria. Please see class PolicyQuery for detailed information.
Returns:
String ID to the collection
Throws:
BLMException
See Also:
PolicyQuery

queryPolicyByAttr

public java.lang.String queryPolicyByAttr(PolicyQuery policyQuery,
                                          java.lang.String attrName,
                                          java.lang.String attrValue)
                                   throws com.wles.blm.BLMException
Throws:
com.wles.blm.BLMException

readQuery

public PolicyQuery readQuery(QueryDescription queryDescription)
                      throws com.wles.blm.BLMException
Returns a PolicyQuery of the the content of a saved Policy Inquiry query. Please see PolicyQuery for detailed information.

Parameters:
queryDescription - a QueryDescription which includes owner and query name.
Returns:
a PolicyQuery which represents the query data
Throws:
BLMException
See Also:
PolicyQuery, QueryDescription

release

public void release(java.lang.String cID)
             throws com.wles.blm.BLMException
Releases a rule collection. Supplying a null collection id will cause all held collections to be released.

Parameters:
cID - ID of the collection
Returns:
void
Throws:
BLMException

removeRule

public void removeRule(java.lang.String ruleText)
                throws com.wles.blm.BLMException,
                       RuleParser.ParsingException
Removes a rule by rule text.

Parameters:
ruleText - the rule text for the rule remove
Returns:
void
Throws:
BLMException
RuleParser.ParsingException
See Also:
RuleParser.ParsedRule.generateRuleText()

saveQuery

public void saveQuery(QueryDescription queryDescription,
                      PolicyQuery policyQuery,
                      boolean overwrite)
               throws com.wles.blm.BLMException
To create (save) a Policy query if the query does not exist. To modify a Policy query if the query already exists. The permission to create/modify is checked against wles policy.

Parameters:
queryDescription - a description of Policy query. Please see QueryDescription for detailed inforamtion.
policyQuery - a PolicyQuery which representing the query data. Please see PolicyQuery for detailed inforamtion.
overwrite - true/false to overwrite the query if it already exists.
Throws:
BLMException

setAttribute

public void setAttribute(java.lang.String ruleText,
                         java.lang.String attrName,
                         java.lang.String attrValue)
                  throws com.wles.blm.BLMException,
                         RuleParser.ParsingException
Throws:
com.wles.blm.BLMException
RuleParser.ParsingException
Overview  Package   Class  Tree  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2008, Oracle and/or its affiliates. All rights reserved.