|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.bea.ales.management.AdminRole
This class represents Administration Role for Scope.
Inner Class Summary | |
class |
AdminRole.Privilege
|
Field Summary | |
static java.lang.String |
ACTION_MANAGE
ACTION_MANAGE means current role can view and manage the corresponding object |
static java.lang.String |
ACTION_VIEW
ACTION_VIEW means current role can only view the corresponding object |
static java.lang.String |
OBJECT_ACTION
|
static java.lang.String |
OBJECT_APPLICATION
|
static java.lang.String |
OBJECT_AUTHORIZATION_POLICY
|
static java.lang.String |
OBJECT_AUTHORIZATION_POLICY_REPORT
|
static java.lang.String |
OBJECT_CHILD_ORGANIZATION
|
static java.lang.String |
OBJECT_EXTENSION
|
static java.lang.String |
OBJECT_GROUP
|
static java.lang.String |
OBJECT_GROUP_MEMBERSHIP
|
static java.lang.String |
OBJECT_IDENTITY_DIRECTORY
|
static java.lang.String |
OBJECT_POLICY_DISTRIBUTION
|
static java.lang.String |
OBJECT_POLICY_SIMULATOR
|
static java.lang.String |
OBJECT_RESOURCE
|
static java.lang.String |
OBJECT_ROLE
|
static java.lang.String |
OBJECT_ROLE_POLICY
|
static java.lang.String |
OBJECT_ROLE_POLICY_REPORT
|
static java.lang.String |
OBJECT_USER
|
Method Summary | |
AdminRoleMembershipRule |
createMembershipRule(java.util.List subjects,
java.lang.String constraint)
Create the membership rule for this role. |
AdminRoleMembershipRule |
createMembershipRule(java.lang.Object subject,
java.lang.String constraint)
Create the membership rule for this role. |
java.lang.String |
getDescription()
Get the description of the AdminRole |
java.lang.String |
getFullyQualifiedName()
Get the fully qualified name of this admin role |
AdminRole.Privilege[] |
getGrantedPrivileges()
Get all granted privileges |
AdminRoleMembershipRule |
getMembershipRule(java.util.List subjects,
java.lang.String constraint)
|
AdminRoleMembershipRule[] |
getMembershipRules()
Find all related membership rules |
java.lang.String |
getName()
Get the name of this role |
void |
grantPrivilege(AdminRole.Privilege priv)
grant privilege to the admin role |
void |
grantPrivilege(java.lang.String action,
java.lang.String object)
grant privilege to the admin role |
void |
grantPrivileges(AdminRole.Privilege[] privileges)
grant privileges to the admin role |
boolean |
isPrimaryAdminRole()
Test if this AdminRole is primary Admin Role.
|
void |
removeMembershipRule(java.util.List subjects,
java.lang.String constraint)
Remove the membership rule which matches the given parameters. |
void |
removeMembershipRule(java.lang.Object subject,
java.lang.String constraint)
Remove the membership rule which matches the given parameters. |
void |
rename(java.lang.String newName)
Rename the role with the given newName . |
void |
revokePrivilege(AdminRole.Privilege priv)
Revoke the privilege from the admin role |
void |
revokePrivilege(java.lang.String action,
java.lang.String object)
Revoke the privilege from the admin role |
void |
revokePrivileges(AdminRole.Privilege[] privileges)
revoke privileges to the admin role |
void |
setDescription(java.lang.String description)
Set the description of this AdminRole |
Methods inherited from class java.lang.Object |
equals,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
public static final java.lang.String ACTION_VIEW
public static final java.lang.String ACTION_MANAGE
public static final java.lang.String OBJECT_ROLE
public static final java.lang.String OBJECT_RESOURCE
public static final java.lang.String OBJECT_ACTION
public static final java.lang.String OBJECT_EXTENSION
public static final java.lang.String OBJECT_AUTHORIZATION_POLICY
public static final java.lang.String OBJECT_ROLE_POLICY
public static final java.lang.String OBJECT_AUTHORIZATION_POLICY_REPORT
public static final java.lang.String OBJECT_ROLE_POLICY_REPORT
public static final java.lang.String OBJECT_POLICY_SIMULATOR
public static final java.lang.String OBJECT_POLICY_DISTRIBUTION
public static final java.lang.String OBJECT_CHILD_ORGANIZATION
public static final java.lang.String OBJECT_APPLICATION
public static final java.lang.String OBJECT_IDENTITY_DIRECTORY
public static final java.lang.String OBJECT_USER
public static final java.lang.String OBJECT_GROUP
public static final java.lang.String OBJECT_GROUP_MEMBERSHIP
Method Detail |
public void grantPrivileges(AdminRole.Privilege[] privileges) throws ManagementException
privileges
- the privilege list to be grantedpublic void grantPrivilege(java.lang.String action, java.lang.String object) throws ManagementException
action
- object
- public void grantPrivilege(AdminRole.Privilege priv) throws ManagementException
priv
- the privilege to be grantpublic void revokePrivileges(AdminRole.Privilege[] privileges) throws ManagementException
privileges
- the privilege list to be revokedpublic void revokePrivilege(java.lang.String action, java.lang.String object) throws ManagementException
action
- object
- public void revokePrivilege(AdminRole.Privilege priv) throws ManagementException
priv
- public AdminRole.Privilege[] getGrantedPrivileges() throws ManagementException
public AdminRoleMembershipRule createMembershipRule(java.lang.Object subject, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
subject
- subject of the membership rule.
One of possible type of subject is User
or Group
.
If it is null or incorrect type, an IllegalArgumentException will be thrown.constraint
- constraint of the membership rule.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of membership rule.public AdminRoleMembershipRule createMembershipRule(java.util.List subjects, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
subjects
- list of subjects.
If the list is null or empty, an IllegalArgumentException will be thrown.
One of possible type of subject is User
or Group
.
If the element of list is null or its type is incorrect, an IllegalArgumentException will be thrown.constraint
- constraint of the membership rule.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of membership rule.public void removeMembershipRule(java.lang.Object subject, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
subject
- subject of the membership rule.
One of possible type of subject is User
or Group
.
If it is null or incorrect type, an IllegalArgumentException will be thrown.constraint
- constraint of authorization policy.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of the membership rule.public void removeMembershipRule(java.util.List subjects, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
subjects
- list of subjects.
If the list is null or empty, an IllegalArgumentException will be thrown.
One of possible type of subject is User
or Group
.
If the element of list is null or its type is incorrect, an IllegalArgumentException will be thrown.constraint
- constraint of authorization policy.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of the membership rule.public AdminRoleMembershipRule[] getMembershipRules() throws java.lang.IllegalArgumentException, ManagementException
public AdminRoleMembershipRule getMembershipRule(java.util.List subjects, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
subjects
- list of subjects.
If the list is null or empty, an IllegalArgumentException will be thrown.
One of possible type of subject is User
or Group
.
If the element of list is null or its type is incorrect, an IllegalArgumentException will be thrown.constraint
- constraint of authorization policy.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of the membership rule.public void rename(java.lang.String newName) throws ManagementException
newName
.
newName
- the new name desired.public java.lang.String getFullyQualifiedName() throws ManagementException
public java.lang.String getName() throws ManagementException
public java.lang.String getDescription() throws ManagementException
public void setDescription(java.lang.String description) throws ManagementException
description
- the description to setpublic boolean isPrimaryAdminRole() throws ManagementException
AdminRole
is primary Admin Role.
A primary Admin Role is created by default when scope created, which could not be renamed or removed.
Its rights could not be more than parent scope's primary Admin Role.
Its rights could be modified only by user with parent scope's primary Admin Role.
All other Admin Roles, called secondary Admin Role, could not have more rights than primary Admin Role of same Scope.
|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |