Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)
E14650-04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.jps.service.policystore.entitymanager
Interface GrantManager

All Superinterfaces:
EntityManager
public interface GrantManager
extends EntityManager

An Entity Manager for Grants.

Method Summary
 java.util.List<GrantEntry> getGrants(GrantSearchQuery query)
          Query the store to retrieve Grants based upon a search criteria.
 java.util.List<GrantEntry> getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries, boolean order)
          Search for Grants based on one or more Application Roles.
 java.util.List<GrantEntry> getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries, boolean appRoleOrder, java.util.List<PermissionSetEntry> permissionSetEntries, boolean permSetOrder)
          Search for Grants based on Application Roles AND Permission Sets.
 java.util.List<GrantEntry> getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries, boolean order)
          Search for Grants based on a PermissionSet.
 void grant(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)
          Grant a named PermissionSet to this group of principals and code source, or otherwise collectively known as the grantee.
 void revoke(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)
          Revoke a grant of a PermissionSet from this set of principals and codesource combination

 

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager
resolveReference

 

Method Detail

getGrantsForApplicationRoles

java.util.List<GrantEntry> getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries,
                                                        boolean order)
                                                        throws PolicyStoreException
Search for Grants based on one or more Application Roles. This method computes grants for direct Application Roles only.
Parameters:
appRoleNameEntries - a list of application roles
order - if true, retrieves grants granted to Application Role1 AND Application Role2 AND ...

If false, retrieves grants granted to Application Role1 OR Application Role2 OR ....

Returns:
Results of the search. If no matching grants found, an empty list is returned.
Throws:
PolicyStoreException - if an error is raised while querying the underlying store.

getGrantsForPermissionSets

java.util.List<GrantEntry> getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries,
                                                      boolean order)
                                                      throws PolicyStoreException
Search for Grants based on a PermissionSet. This method computes grants for direct Application Roles only.
Parameters:
permissionSetEntries - a list of one or more PermissionSets.
order - if true retrieves grants granted to PermissionSet1 AND PermissionSet2 AND ...

If false, retrieves grants granted to PermissionSet1 OR PermissionSet2 OR ...

Returns:
Grants matching the criteria.
Throws:
PolicyStoreException - if an error is raised while querying the underlying store.

getGrantsForApplicationRolesAndPermissionSets

java.util.List<GrantEntry> getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries,
                                                                         boolean appRoleOrder,
                                                                         java.util.List<PermissionSetEntry> permissionSetEntries,
                                                                         boolean permSetOrder)
                                                                         throws PolicyStoreException
Search for Grants based on Application Roles AND Permission Sets. This method computes grants for direct Application Roles only.
Parameters:
appRoleNameEntries - a list of one or more Application Roles.
appRoleOrder - if true, query criteria includes grants granted to Application Role1 AND Application Role2 AND ...

If false, query criteria includes granted to Application Role1 OR Application Role2 OR ....

permissionSetEntries - a list of one or more Permission Sets.
permSetOrder - if true query criteria includes Grants granted to PermissionSet1 AND PermissionSet2 AND ...

If false, query criteria includes grants granted to PermissionSet1 OR PermissionSet2 OR ...

Returns:
Grants satisfying both the above 2 query criterias.
Throws:
PolicyStoreException - if an error is raised while querying the underlying store.

getGrants

java.util.List<GrantEntry> getGrants(GrantSearchQuery query)
                                     throws PolicyStoreException
Query the store to retrieve Grants based upon a search criteria.
Parameters:
query - the criteria.
Returns:
list of GrantEntries.
Throws:
PolicyStoreException - if an error is raised while querying the underlying store.

If the query parameter contains a search by PRINCIPAL where the MATCHER is ANY, then an IllegalArgumentException is thrown.

If the query parameter contains a search by PRINCIPAL where the the MATCHER is anything except EXACT, then the search query may be sub-optimal, depending upon the number of principals that match the criteria.

InvalidArgumentException - if the query parameter contains a list of GrantSearchQuery and the size is 0.

grant

void grant(java.util.Set<PrincipalEntry> principalEntries,
           CodeSourceEntry csEntry,
           java.lang.String permissionSetName)
           throws PolicyObjectAlreadyExistsException,
                  PolicyStoreException
Grant a named PermissionSet to this group of principals and code source, or otherwise collectively known as the grantee.
Parameters:
principalEntries - principal entries that constitute the grantee
csEntry - codesource entry that constitute the grantee
permissionSetName - name of the permission set.
Throws:
PolicyObjectNotFoundException - if the permissionSet cannot be found.
PolicyObjectAlreadyExistsException - if the grantee is already granted the PermissionSet.
PolicyStoreException - if an error occured during this grant operation.

revoke

void revoke(java.util.Set<PrincipalEntry> principalEntries,
            CodeSourceEntry csEntry,
            java.lang.String permissionSetName)
            throws PolicyObjectNotFoundException,
                   PolicyStoreException
Revoke a grant of a PermissionSet from this set of principals and codesource combination
Parameters:
principalEntries - principal entries that constitute the grantee
csEntry - codesource entry that constitute the grantee
permissionSetName - name of the permission set.
Throws:
PolicyObjectNotFoundException - If the permissionSet cannot be found, or If the grantee is not found
PolicyStoreException - if an error occured during this revoke operation.

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services
11g Release 1 (11.1.1)
E14650-04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2011, Oracle. All rights reserved.