|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.bea.ales.management.Role
This class represents role.
Field Summary | |
static java.lang.String |
ROLE_DESCRIBTION
|
Method Summary | |
void |
addDeniedRole(Role role)
Add the role to excluded role list against this role. |
void |
addDeniedRoles(java.util.Collection roles)
Add the set of roles to to excluded role list against this role. |
Role |
cloneTo(Role destination)
Clone this role and all its children to be child of the destination role |
Role |
createChild(java.lang.String nodeName)
Create the child role for this role. |
MembershipRule |
createMembershipRule(PolicyEffectType effect,
java.lang.Object subject,
java.lang.String constraint)
Create the membership rule for this role. |
MembershipRule |
createMembershipRule(PolicyEffectType effect,
Resource resource,
java.lang.Object subject,
User delegator,
java.lang.String constraint)
Create the new membership rule for this role |
void |
deleteChild(Role role)
Delete the child role. |
RoleQueryResult |
getAncestors(java.lang.String filterString)
Find all ancestors of this role that match the given filterString . |
AttributeElement |
getAttribute(java.lang.String name)
Get the attribute from this role by the name. |
AttributeQueryResult |
getAttributes(int queryType)
Get the attributes of this role. |
RoleQueryResult |
getChildren(int queryType,
java.lang.String filterString)
Find all the children of this role which matches the given filterString . |
java.util.Collection |
getDeniedRoles()
Find all excluded roles against this role. |
java.lang.String |
getDescription()
Get the description of the role |
java.lang.String |
getFullyQualifiedRoleName()
Get the fully qualified name of this role |
MembershipRuleQueryResult |
getMembershipRules(PolicyEffectType effectType,
java.util.List resources,
java.util.List subjects,
java.util.List delegators,
java.lang.String constraintPattern,
java.lang.String filterSearchOperator)
Find membership rules according to the provided query criteria. |
java.lang.String |
getName()
Get the name of this role |
Role |
getParent()
Get the parent of this role. |
java.util.Collection |
getRolesDenyMe()
get the set of roles that have this role in their denied roles list. |
void |
moveTo(Role destination)
Move this role to be child of the destination role. |
void |
removeAttributeElement(AttributeElement attributeElement)
Remove the given attribute from this role. |
void |
removeDeniedRole(Role role)
Remove the role from the excluded role list against this role. |
void |
removeDeniedRoles(java.util.Collection rolesList)
Remove the set of roles from the excluded role list against this role. |
void |
removeMembershipRule(MembershipRule rule)
|
void |
removeMembershipRule(PolicyEffectType effect,
Resource resource,
java.lang.Object subject,
User delegator,
java.lang.String constraint)
Remove the membership rule which matches the given parameters. |
void |
rename(java.lang.String newName)
Rename the role with the given newName . |
void |
setAttributeValue(AttributeElement attribute)
Set the attribute value to this role. |
void |
setDescription(java.lang.String description)
Set the description of this role |
Methods inherited from class java.lang.Object |
equals,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
public static java.lang.String ROLE_DESCRIBTION
Method Detail |
public java.lang.String getName() throws ManagementException
public void rename(java.lang.String newName) throws ManagementException
newName
.
newName
- the new name desired.public void setAttributeValue(AttributeElement attribute) throws ManagementException, BadParameterException
attribute
- The name of this passed in attribute is used to find attribute to be set of the role.
The value of this passed in attribute is set to the value of the found attribute of the role.public void removeAttributeElement(AttributeElement attributeElement) throws ManagementException
attribute
- the attribute element to be removed.public AttributeElement getAttribute(java.lang.String name) throws ManagementException
name
- the name of attributepublic AttributeQueryResult getAttributes(int queryType) throws ManagementException
queryType
- - One of:
AttributeQueryResult
public java.lang.String getDescription() throws ManagementException
public void setDescription(java.lang.String description) throws ManagementException
description
- the description to setpublic Role getParent() throws ManagementException
public RoleQueryResult getAncestors(java.lang.String filterString) throws ManagementException
filterString
.
public MembershipRuleQueryResult getMembershipRules(PolicyEffectType effectType, java.util.List resources, java.util.List subjects, java.util.List delegators, java.lang.String constraintPattern, java.lang.String filterSearchOperator) throws java.lang.IllegalArgumentException, ManagementException
effectType
- One of possible values is GRANT, DENY, DELEGATE or ALL.resources
- list of resources as Resource
.
An empty or null list is allowed and will match any resource.subjects
- list of subjects.
One of possible type of subject is User
or Group
.
An empty or null list is allowed and will match any subject.delegators
- list of delegators as User
.
An empty or null list is allowed and will match any delegator.
If the parameter filterSearchOperator is PoliciesManager.FILTER_OPERATOR_AND, the list can not have more than one item.
Otherwise, an IllegalArgumentException will be thrown.constraintPattern
- constraint string. Unlike the other fields in the filter method,
the constraint filed supports pattern matching, with the use of the * character.
An empty or null value is allowed, and will match any constraint.filterSearchOperator
- one of: PoliciesManager.FILTER_OPERATOR_OR, PoliciesManager.FILTER_OPERATOR_ANDpublic MembershipRule createMembershipRule(PolicyEffectType effect, Resource resource, java.lang.Object subject, User delegator, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
effect
- effect of the membership rule.
One of possible values is GRANT, DENY or DELEGATE.
If it is null, an IllegalArgumentException will be thrown.resource
- resource of the membership rule.
If it is null, an IllegalArgumentException will be thrown.subject
- subject of the membership rule.
One of possible type of subject is User
or Group
.
If it is null or incorrect type, an IllegalArgumentException will be thrown.delegator
- delegator of the membership rule.
This parameter is available only when the policy effect is DELEGATE, otherwise it is ignored.
If it is null for delegate policy, an IllegalArgumentException will be thrown.constraint
- constraint of the membership rule.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of membership rule.public MembershipRule createMembershipRule(PolicyEffectType effect, java.lang.Object subject, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
effect
- effect of the membership rule.
One of possible values is GRANT, DENY or DELEGATE.
If it is null, an IllegalArgumentException will be thrown.subject
- subject of the membership rule.
One of possible type of subject is User
or Group
.
If it is null or incorrect type, an IllegalArgumentException will be thrown.constraint
- constraint of the membership rule.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of membership rule.public void removeMembershipRule(PolicyEffectType effect, Resource resource, java.lang.Object subject, User delegator, java.lang.String constraint) throws java.lang.IllegalArgumentException, ManagementException
effect
- effect of membership rule.
One of possible values is GRANT, DENY or DELEGATE.
If it is null, an IllegalArgumentException will be thrown.resource
- resource of the membership rule.
If it is null, an IllegalArgumentException will be thrown.subject
- subject of the membership rule.
One of possible type of subject is User
or Group
.
If it is null or incorrect type, an IllegalArgumentException will be thrown.delegator
- delegator of the membership rule.
This parameter is available only when the policy effect is DELEGATE, otherwise it is ignored.
If it is null for delegate policy, an IllegalArgumentException will be thrown.constraint
- constraint of authorization policy.
The constraint is a series of boolean operations over attribute values
which can be used to further limit the applicability of the membership rule.public void removeMembershipRule(MembershipRule rule) throws ManagementException
public RoleQueryResult getChildren(int queryType, java.lang.String filterString) throws ManagementException
filterString
.
queryType
- - One of:
filterString
- the pattern the children matches.public Role cloneTo(Role destination) throws ManagementException, java.lang.IllegalArgumentException
destination
- the destination role to clone this role to.public void moveTo(Role destination) throws ManagementException, java.lang.IllegalArgumentException
destination
- the destination role to be parent of this role.public Role createChild(java.lang.String nodeName) throws ManagementException
nodeName
- the name of the child role to createpublic void deleteChild(Role role) throws ManagementException, java.lang.IllegalArgumentException
role
- the child role to deletepublic java.util.Collection getDeniedRoles() throws ManagementException
public void addDeniedRole(Role role) throws ManagementException
role
- the role excluded against this role.public void addDeniedRoles(java.util.Collection roles) throws ManagementException
roles
- the set of roles excluded against this role.public void removeDeniedRole(Role role) throws ManagementException
role
- the role to be removed from theexcluded against this role.public void removeDeniedRoles(java.util.Collection rolesList) throws ManagementException
role
- the set of roles to be removed from theexcluded against this role.public java.util.Collection getRolesDenyMe() throws ManagementException
public java.lang.String getFullyQualifiedRoleName() throws ManagementException
|
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |