|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 1 (11.1.1) E22649-02 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface PolicyManager
A class to hold CRUD methods of policy objects
Method Summary | |
---|---|
PolicyEntry |
createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ResourceActionsEntry> resActs, java.util.List<java.lang.String> permissionSetNames, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) Creates a policy with the given parameters. |
void |
deletePolicy(java.lang.String name) Deletes a policy with the given name |
java.util.List<PolicyEntry> |
getPolicies(PolicySearchQuery query) Gets all policies which satisfy the query |
PolicyEntry |
getPolicy(java.lang.String name) Gets policy by its name |
void |
modifyPolicy(PolicyEntry policy) Persists a revised in-memory PolicyEntry object. |
Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager |
---|
resolveReference |
Method Detail |
---|
PolicyEntry createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ResourceActionsEntry> resActs, java.util.List<java.lang.String> permissionSetNames, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) throws InvalidArgumentException, PolicyObjectAlreadyExistsException, PolicyObjectNotFoundException, PolicyStoreException
cs and principals - one or both of these parameters must be specified. resActs and permissionSetNames - one or both of these parameters must be specified.Policy also defines semantic that describes how specific principals should be handled:
PRINCIPAL_AND_SEMANTIC policy applies to a user if the user matches all principals listed in the policy. For example, if list of principals contains two roles, the user must be member of both roles for policy to apply PRINCIPAL_OR_SEMANTIC policy applies to a user if the user matches at least on of principals listed in the policy. For example, if list of principals contains two roles, the user can be a member of at least one of these roles for policy to apply.
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.displayName
- policy display name, can be either a String value or null.description
- policy description, can be either a String value or null.rule
- PolicyRuleEntry object, the parameter should not be null.principals
- a list of PrincipalEntry object. If cs is null, then list of principals entries should contain at least one element.cs
- a CodeSourceEntry object.If principals is null, then code source entry should be defined.resActs
- a list of ResourceActionsEntry objects.If permissionSetNames is null, then the list of ResourceAcxtionEntries should contain at least one valid element.permissionSetNames
- a list of names of PermissionSetEntry objects.If resActs is null, then the list of PermissionSetNames should contain at least one non-null element.obligations
- a list of ObligationEntry objects, if null is passed in, just ignore it.policySemantic
- semantic of the policy that describes how principals specified in the policy should be handled:
PRINCIPAL_AND_SEMANTIC policy applies to a user if the user matches all principals listed in the policy. For example, if list of principals contains two roles, the user must be member of both roles for policy to apply.
PRINCIPAL_OR_SEMANTIC policy applies to a user if the user matches at least on of principals listed in the policy. For example, if list of principals contains two roles, the user can be a member of at least one of these roles for policy to apply.
InvalidArgumentException
- if the values passed in are invalid, throws out InvalidArgumentException, e.g. passing null value to one of name, rule, permSets, and principals parameters triggers the exception. Also thrown if policy contains ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectAlreadyExistsException
- if the same name policy exists, throws out PolicyObjectAlreadyExistsException.PolicyObjectNotFoundException
- if the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.void deletePolicy(java.lang.String name) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- the name of the policy to be removed, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.InvalidArgumentException
- if an invalid value is passed in, throws out InvalidArgumentException.PolicyObjectNotFoundException
- if the policy specified by name doesn't exist, throws out PolicyObjectNotFoundException.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.java.util.List<PolicyEntry> getPolicies(PolicySearchQuery query) throws InvalidArgumentException, PolicyStoreException
query
- the query object which contains query criteria, please refer to PolicySearchQuery
for detailed setting. The value shoud not be null.InvalidArgumentException
- the exception is reserved for future use.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.PolicyEntry getPolicy(java.lang.String name) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.InvalidArgumentException
- if an invaid value is passed in, throws out InvalidArgumentException.PolicyObjectNotFoundException
- if the specified policy doesn't exist.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.void modifyPolicy(PolicyEntry policy) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
policy
- a modified policy objectInvalidArgumentException
- if null is passed in or the policy object lacks any of name, policy rule, permission set, principal. Also thrown if added ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectNotFoundException
- if the policy doesn't exist in policy repository, or the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.
|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 1 (11.1.1) E22649-02 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |