Skip navigation links

Package   Class  Tree  Deprecated  Index  Help 
Oracle Content Database Web Services Java API Reference for Oracle WebCenter Suite
10g (10.1.3.2)
B32189-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.ifs.fdk
Class SecurityManager

public interface class SecurityManager

The security management interface.

Method Summary
 Item addGrants(long id, NamedValue[] def, AttributeRequest[] attributes)
          Adds the specified grants to the SecurityConfiguration of the target item.
 boolean checkPermission(long target, long userOrGroup, long permission)
          Determines whether the given DirectoryObject has the given permission on the given target object.
 Item createRole(long target, NamedValue[] def, AttributeRequest[] attributes)
          Creates a new Role for use in the target domain.
 void deleteRole(long id, NamedValue[] def)
          Deletes a Role.
 Item findRoleByKey(java.lang.String name, AttributeRequest[] attributes)
          Fetches a single OOTB role by its registered role key.
 Item[] getComputedGranteeList(long target, long role, AttributeRequest[] attributes)
          Returns the set of users that are granted the specified role on the specified SecurityConfiguration.
 Item getRole(long id, AttributeRequest[] attributes)
          Fetches a single role
 Item getRoleByName(java.lang.String name, AttributeRequest[] attributes)
          Fetches a single role by its commonname.
 boolean hasOnlyExplicitGrantedAccess(long target, long user)
          Returns true if the specified user has a grant on the specified public object that names the user as the grantee, and the permissions granted by this grant represent all the permissions of that user on the public object.
 boolean hasPropagatingGrants(long target, long user)
          Returns true if the specified user has any grants on the specified SecurityConfiguration that propagated from a parent.
 Item[] listRoles(long id, NamedValue[] options, AttributeRequest[] attributes)
          Returns the available security roles in the domain that apply to the given target object.
 Item[] listRolesByItemType(java.lang.String itemType, NamedValue[] options, AttributeRequest[] attributes)
          Returns the available security roles in the domain that apply to the given target object class.
 void removeSecurityConfiguration(long id)
          Removes the SecurityConfiguration from the target item.
 Item setSecurityConfiguration(long id, NamedValue[] def, AttributeRequest[] attributes)
          Updates the SecurityConfiguration of the target item.
 Item updateRole(long id, NamedValue[] def, AttributeRequest[] attributes)
          Updates a Role.

 

Method Detail

getRole

Item getRole(long id,
             AttributeRequest[] attributes)
             throws FdkException
Description copied from interface: SecurityManager
Fetches a single role
Parameters:
id - Id of the role.
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

getRoleByName

Item getRoleByName(java.lang.String name,
                   AttributeRequest[] attributes)
                   throws FdkException
Description copied from interface: SecurityManager
Fetches a single role by its commonname. Note that this method should not be used for OOTB roles; use findRoleByKey.
Parameters:
name - Common name of the role.
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

findRoleByKey

Item findRoleByKey(java.lang.String name,
                   AttributeRequest[] attributes)
                   throws FdkException
Description copied from interface: SecurityManager
Fetches a single OOTB role by its registered role key.
Parameters:
key - Registered role key of the role, which must match one of the ECM_ROLEKEY-prefixed strings in FdkConstants.
attributes - Additional attributes to be fetched.
Throws:
FdkException - if the operation fails.

listRoles

Item[] listRoles(long id,
                 NamedValue[] options,
                 AttributeRequest[] attributes)
                 throws FdkException
Description copied from interface: SecurityManager
Returns the available security roles in the domain that apply to the given target object.
Parameters:
id - the id of the target object
options - Options on the retrieved list. Valid options are:
  • notation: {Attribute name, Attribute type}
  • {Options.PRIMARY_SORT_ATTRIBUTE, String}
  • {Options.PRIMARY_SORT_DIRECTION, Boolean}
  • {Options.SECONDARY_SORT_ATTRIBUTE, String}
  • {Options.SECONDARY_SORT_DIRECTION, Boolean}
If an attribute name is specified with no direction, ascending is the default. Attribute names must be valid attributes in Attributes.java and must return values that implement Comparable.
attributes - attributes to retrieve.
Throws:
FdkException - if the operation fails.

listRolesByItemType

Item[] listRolesByItemType(java.lang.String itemType,
                           NamedValue[] options,
                           AttributeRequest[] attributes)
                           throws FdkException
Description copied from interface: SecurityManager
Returns the available security roles in the domain that apply to the given target object class. Use this method for when no object is available (e.g., when setting the security of an object that is yet to be created).
Parameters:
itemType - ItemTypes string representing these supported types:
  • ItemTypes.FOLDER
  • ItemTypes.DOMAIN
  • ItemTypes.CONTAINER
  • ItemTypes.WORKSPACE
  • ItemTypes.DOCUMENT
  • ItemTypes.GROUP
options - Options on the retrieved list. Valid options are:
  • notation: {Attribute name, Attribute type}
  • {Options.PRIMARY_SORT_ATTRIBUTE, String}
  • {Options.PRIMARY_SORT_DIRECTION, Boolean}
  • {Options.SECONDARY_SORT_ATTRIBUTE, String}
  • {Options.SECONDARY_SORT_DIRECTION, Boolean}
If an attribute name is specified with no direction, ascending the default. Attribute names must be valid attributes in Attributes.java and must return values that implement Comparable.
attributes - attributes to retrieve.
Throws:
FdkException - if the operation fails.

createRole

Item createRole(long target,
                NamedValue[] def,
                AttributeRequest[] attributes)
                throws FdkException
Description copied from interface: SecurityManager
Creates a new Role for use in the target domain.
Parameters:
target - The ID of the target domain.
def - Attributes for the new role.
  • notation: {Attribute name, Attribute type}
  • {Attributes.NAME, String}
  • {Attributes.ACCESS_LEVEL, String}
attributes - requested attributes for each item, or null.
Throws:
FdkException - if the operation fails.

deleteRole

void deleteRole(long id,
                NamedValue[] def)
                throws FdkException
Description copied from interface: SecurityManager
Deletes a Role.
Parameters:
target - The ID of the target role.
def - Optional attributes.
Throws:
FdkException - if the operation fails.

updateRole

Item updateRole(long id,
                NamedValue[] def,
                AttributeRequest[] attributes)
                throws FdkException
Description copied from interface: SecurityManager
Updates a Role.
Parameters:
target - The ID of the target role.
def - New attributes for the role.
  • notation: {Attribute name, Attribute type}
  • {Attributes.NAME, String}
  • {Attributes.DESCRIPTION, String}
attributes - the requested attributes for the item
Returns:
the updated role
Throws:
FdkException - if the operation fails.

setSecurityConfiguration

Item setSecurityConfiguration(long id,
                              NamedValue[] def,
                              AttributeRequest[] attributes)
                              throws FdkException
Description copied from interface: SecurityManager
Updates the SecurityConfiguration of the target item.

Note: to execute this operation asynchronously, specify the optional RUN_ASYNC option with a value of Boolean.TRUE.

Parameters:
id - The ID of the target object
def - Attributes for the securityconfiguration.
  • notation: {Attribute name, Attribute type}
  • {Options.RUN_ASYNC, Boolean}
  • {Attributes.GRANTS, NamedValueSet[]}, where each row corresponds to a grant whose attributes are:
    • {Attributes.GRANTEE, Long}
    • {Attributes.ROLES, long[]}
    • {Attributes.PROPAGATING, Boolean}
attributes - requested attributes for each item, or null.
Returns:
the updated SECURITY_CONFIGURATION, or the BACKGROUND_REQUEST to track the asynchronous operation if the RUN_ASYNC option was specified.
Throws:
FdkException - if the operation fails.

addGrants

Item addGrants(long id,
               NamedValue[] def,
               AttributeRequest[] attributes)
               throws FdkException
Description copied from interface: SecurityManager
Adds the specified grants to the SecurityConfiguration of the target item.

Note: to execute this operation asynchronously, specify the optional RUN_ASYNC option with a value of Boolean.TRUE.

Parameters:
id - The ID of the target object
def - Attributes for the securityconfiguration.
  • notation: {Attribute name, Attribute type}
  • {Options.RUN_ASYNC, Boolean}
  • {Attributes.GRANTS, NamedValueSet[]}, where each row corresponds to a grant whose attributes are:
    • {Attributes.GRANTEE, Long}
    • {Attributes.ROLES, long[]}
    • {Attributes.PROPAGATING, Boolean}
attributes - requested attributes for each item, or null.
Returns:
the updated SECURITY_CONFIGURATION, or the BACKGROUND_REQUEST to track the asynchronous operation if the RUN_ASYNC option was specified.
Throws:
FdkException - if the operation fails.

removeSecurityConfiguration

void removeSecurityConfiguration(long id)
                                 throws FdkException
Description copied from interface: SecurityManager
Removes the SecurityConfiguration from the target item.
Parameters:
id - The ID of the target item
Throws:
FdkException - if the operation fails.

checkPermission

boolean checkPermission(long target,
                        long userOrGroup,
                        long permission)
                        throws FdkException
Description copied from interface: SecurityManager
Determines whether the given DirectoryObject has the given permission on the given target object. Note that this will not check the capability restriction (e.g., if the object is locked), only the raw permission bit. In most cases, callers should check the capabilities; this is done by asking for Attributes.CAPABILITIES. See the Javadoc on that attribute for details.
Parameters:
target - The ID of the target PublicObject.
userOrGroup - The ID of the DirectoryObject.
permission - The long (bit value) representing the permission bit.
Throws:
FdkException - if the operation fails.

getComputedGranteeList

Item[] getComputedGranteeList(long target,
                              long role,
                              AttributeRequest[] attributes)
                              throws FdkException
Description copied from interface: SecurityManager
Returns the set of users that are granted the specified role on the specified SecurityConfiguration. This includes users that are granted this role via a grant to a group of which they are a member and users granted the role via a propagating grant from a parent folder. It does not include users who are granted the permissions specified by the role without being specifically granted the role (i.e., using custom roles).
Parameters:
target - The ID of the target security configuration.
role - The ID of the role.
attributes - Attributes on the users to retrieve.
Throws:
FdkException - if the operation fails.

hasPropagatingGrants

boolean hasPropagatingGrants(long target,
                             long user)
                             throws FdkException
Description copied from interface: SecurityManager
Returns true if the specified user has any grants on the specified SecurityConfiguration that propagated from a parent. Returns false if no such grants exist.
Parameters:
target - The ID of the target SecurityConfiguration.
user - The ID of the desired user.
Throws:
FdkException - if the operation fails.

hasOnlyExplicitGrantedAccess

boolean hasOnlyExplicitGrantedAccess(long target,
                                     long user)
                                     throws FdkException
Description copied from interface: SecurityManager
Returns true if the specified user has a grant on the specified public object that names the user as the grantee, and the permissions granted by this grant represent all the permissions of that user on the public object. Returns false if there exist some other grant that grants the user some permission(s) that are not granted by the explicit grant.
Parameters:
target - The ID of the target SecurityConfiguration.
user - The ID of the desired user.
Throws:
FdkException - if the operation fails.

Skip navigation links

Package   Class  Tree  Deprecated  Index  Help 
Oracle Content Database Web Services Java API Reference for Oracle WebCenter Suite
10g (10.1.3.2)
B32189-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2002, 2006, Oracle. All rights reserved.