|
Oracle® Information Rights Management Server Java API Reference 11g Release 1 (11.1.1) E12907-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
oracle.irm.engine.rights.context.ContextOperationsInstance
public final class ContextOperationsInstance
Context related operations. The context related operations cover the tasks that a context manager would typically perform on a ContextInstance
. This includes altering ContextInstance
names and descriptions, specifying the set of ContextInstance
managers and setting ContextInstance
level ItemCode
exclusions. Journal operations are also included. The content journal contains a log of all activity performed on Context
sealed content. This includes actions performed while off-line as well as on-line. It includes actions performed on the desktop as well as actions perform on the server. The journal is filled automatically when users perform actions on content, e.g. when content is opened or printed. Failed actions are also added to the journal.
This class provides static methods for a set of procedural style methods. The methods can be made to appear as global methods by using import static. e.g.
import static oracle.irm.engine.rights.context.ContextOperationsInstance.*;
Method Summary | |
---|---|
static void |
addContextManagers(ContextInstance context, Collection<Account> accounts) Add one or managers to a context. |
static void |
addInspectors(Domain domain, Collection<Account> accounts) Add one or inspectors to a domain. |
static boolean |
contextExists(UUID uuid) Check for a context's existence. |
static int |
countContextsByTemplate(ContextTemplate template) Count the number of contexts created from a template. |
static ContextInstance |
createContextFromTemplate(UUID uuid, ContextTemplate template, Collection<Label> labels, ContextInstance.Visibility visibility, Collection<Account> managers) Create a context. |
static void |
deleteContext(ContextInstance context) Delete a context. |
static int |
deleteContextJournalEntries(ContextInstance context) Deletes all journal entries relating to a context. |
static int |
deleteJournalEntriesByRange(TimeRange range) Delete journal entries that fall in the given time range. |
static KeySet |
generateKeySetForContext(ContextInstance context) Generate a new key set for a context. |
static ContextInstance.Role |
getRole(Account account) Find out if an account has any context based role. |
static ContextInstance.Role |
getRoleForContext(ContextInstance context, Account account) Find out what role an account has within a context. |
static ContextInstance.Role |
getRoleForDomain(Domain domain, Account account) Find out what (context related) role an account has within a domain. |
static Collection<Account> |
listContextManagers(ContextInstance context) List context managers. |
static Collection<ContextInstance> |
listContexts(PageRange pageRange) List contexts that the authenticated principal is authorized to access. |
static Collection<ContextInstance> |
listContextsByAccount(Account account, ContextInstance.Role filter, PageRange pageRange) List contexts managed by a specified account. |
static Collection<ContextInstance> |
listContextsByDomain(Domain domain, PageRange pageRange) List contexts owned by a domain. |
static Collection<Account> |
listInspectors(Domain domain) List inspectors. |
static Collection<ContextInstance> |
listOrphanedContexts(Domain domain) List orphaned contexts. |
static Collection<ContextInstance> |
listTrustedContexts(ContextInstance context) List trusted contexts. |
static Collection<ContextInstance> |
manageOrphanedContexts(Domain domain) Gain management rights for all orphaned contexts. |
static ContextCookie |
peekContent(byte[] content) Peek sealed content. |
static ContextInstance |
refreshContext(ContextInstance context) Refresh a context's properties. |
static void |
removeContextManagers(ContextInstance context, Collection<Account> accounts) Remove one or managers from a context. |
static void |
removeInspectors(Domain domain, Collection<Account> accounts) Remove one or inspectors from a domain. |
static ContextInstance |
saveChangesToContext(ContextInstance context, ContextInstance delta) Save changes to a context. |
static Collection<ContextJournalEntry> |
searchJournal(Collection<String> accountNames, Collection<ItemCode> items, TimeRange timeRange, PageRange pageRange, ContextJournalSorting sorting) Search the context journal. |
static void |
uploadJournalEntries(Collection<ContextJournalEntry> entries) Uploads a set of context journal entries. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static ContextInstance createContextFromTemplate(UUID uuid, ContextTemplate template, Collection<Label> labels, ContextInstance.Visibility visibility, Collection<Account> managers) throws InactiveContextTemplateException, UnknownContextTemplateException, ContextInstanceAlreadyExistsException, IllegalArgumentException, UnsupportedCryptoSchemaException, AuthorizationDeniedException
KeySet
is also generated and associated with the context.
addDomainAdministrators
method. This method can be invoked by users that have the Domain Manager role in the related domain. This role can be assigned using the addDomainManagers
method.
uuid
- uUID for the context. If this UUID is not provided one will be generated automatically. Providing an explicit UUID can be useful to make the context identity deterministic. This parameter is optional, it is valid to pass null.template
- the template.labels
- the context's names and descriptions. This parameter is optional, it is valid to pass null or an empty collection.visibility
- context visibility to inspectors.managers
- additional context managers. This parameter is optional, it is valid to pass null or an empty collection.InactiveContextTemplateException
- inactive context. When creating a context from a template the template must be marked as active.UnknownContextTemplateException
- the context template does not exist.ContextInstanceAlreadyExistsException
- a context instance with the same UUID already exists.IllegalArgumentException
- illegal argument. The template provided must have it's Domain
property specified.UnsupportedCryptoSchemaException
- unsupported cryptographic schema.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static ContextInstance saveChangesToContext(ContextInstance context, ContextInstance delta) throws UnknownContextException, IllegalArgumentException, AuthorizationDeniedException
ContextInstance
by providing two copies. Changes are made by comparing the two copies of the context. If there are no differences in a property then no changes are made to persistent storage for that property. Changes in collection based properties cause additions or removals to occur in persistent storage. For example, if the delta contains a new Label
as compared to the context then a new label will be added.
addContextManagers
method.
context
- the context to compare to the delta.delta
- the changes. The Template
and Uuid
properties must match with the context parameter.UnknownContextException
- the context does not exist.IllegalArgumentException
- illegal argument. If the Template
and Uuid
properties of the delta parameter do not match the context parameter.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static void deleteContext(ContextInstance context) throws CannotRemoveContextInstanceException, AuthorizationDeniedException
ContextInstance
and associated cryptography keys.ContextInstance
also deletes the content related cryptography keys, making content sealed against this Context
permanently inaccessible. Deleting a context also deletes any related journal entries.
addContextManagers
method.
context
- the context.CannotRemoveContextInstanceException
- the context cannot be removed as rights are assigned within the context. A context cannot be deleted if there are any contexts assignments within the context. The context can only be deleted after the rights are unassigned.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static Collection<ContextInstance> listContexts(PageRange pageRange) throws AuthorizationDeniedException, IllegalArgumentException
Visibility
property to the DOMAIN.pageRange
- page range for the search result.AuthorizationDeniedException
- if the authenticated user is not allowed to list contexts. This will typically indicate that the authenticated user no longer exists in the user store. e.g. session is still valid but the user has been deleted from the user store.IllegalArgumentException
- the page range is invalid. The page range is limited to a page size of 5000 items. This is the maximum number of items that can be returned in one request.public static Collection<ContextInstance> listContextsByAccount(Account account, ContextInstance.Role filter, PageRange pageRange) throws IllegalArgumentException
ContextInstance
instances an account can manage.ContextInstance
instances an inspector can view.ContextInstance
instances will be returned.account
- the user account.filter
- the context role filter. This filter allows the contexts to be listed that the account can manage, inspector or both.pageRange
- page range for the search result.IllegalArgumentException
- the page range is invalid. The page range is limited to a page size of 5000 items. This is the maximum number of items that can be returned in one request.public static Collection<ContextInstance> listContextsByDomain(Domain domain, PageRange pageRange) throws UnknownDomainException, IllegalArgumentException
domain
- the domain.pageRange
- page range for the search result.UnknownDomainException
- the domain does not exist.IllegalArgumentException
- the page range is invalid. The page range is limited to a page size of 5000 items. This is the maximum number of items that can be returned in one request.public static Collection<ContextInstance> listOrphanedContexts(Domain domain) throws UnknownDomainException, AuthorizationDeniedException
addDomainAdministrators
method. This method can be invoked by users that have the Domain Manager role in the related domain. This role can be assigned using the addDomainManagers
method. This method can be invoked by users that have the Inspector role in the related context. This role can be assigned using the addInspectors
method.domain
- the domain.UnknownDomainException
- the domain does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static Collection<ContextInstance> listTrustedContexts(ContextInstance context) throws UnknownContextException, AuthorizationDeniedException
addContextManagers
method. This method can be invoked by users that have the Inspector role in the related context. This role can be assigned using the addInspectors
method.
context
- the context.UnknownContextException
- the context does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static int countContextsByTemplate(ContextTemplate template) throws UnknownContextTemplateException
template
- the context template.UnknownContextTemplateException
- the context template does not exist.public static ContextInstance refreshContext(ContextInstance context) throws UnknownContextException, AuthorizationDeniedException
addContextManagers
method. This method can be invoked by users that have the Inspector role in the related context. This role can be assigned using the addInspectors
method.
context
- the context.UnknownContextException
- the context does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static boolean contextExists(UUID uuid)
uuid
- the context UUID.public static Collection<Account> listContextManagers(ContextInstance context) throws UnknownContextException, AuthorizationDeniedException
ContextInstance
classification. A context manager can also specify the context names and descriptions using saveChangesToContext
. A context manager can also specify the context level item exclusions using the same saveChangesToContext
method.
addContextManagers
method. This method can be invoked by users that have the Inspector role in the related context. This role can be assigned using the addInspectors
method.context
- the context.UnknownContextException
- the context does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.addContextManagers
public static void addContextManagers(ContextInstance context, Collection<Account> accounts) throws AccountAlreadyManagerException, UnknownContextException, AuthorizationDeniedException
ContextInstance
will always have at least one manager. When a ContextInstance
has multiple managers, each manager will have equal permissions to perform ContextInstance
related activities.
addContextManagers
method.
context
- the context.accounts
- the accounts. Duplicates are ignored. This parameter is optional, it is valid to pass null or an empty collection.AccountAlreadyManagerException
- one of the provided accounts is already a context manager.UnknownContextException
- the context does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static void removeContextManagers(ContextInstance context, Collection<Account> accounts) throws CannotRemoveManagersException, UnknownContextException, AuthorizationDeniedException
ContextInstance
must have at least one manager.
addContextManagers
method.
context
- the context.accounts
- the accounts. This parameter is optional, it is valid to pass null or an empty collection.CannotRemoveManagersException
- managers cannot be removed, as it would leave the context with no managers.UnknownContextException
- the context does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static Collection<ContextInstance> manageOrphanedContexts(Domain domain) throws UnknownDomainException, AuthorizationDeniedException
addDomainAdministrators
method. This method can be invoked by users that have the Domain Manager role in the related domain. This role can be assigned using the addDomainManagers
method.
domain
- the domain.UnknownDomainException
- the domain does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static Collection<Account> listInspectors(Domain domain) throws UnknownDomainException, AuthorizationDeniedException
addInspectors
.ContextInstance
.
addDomainAdministrators
method.domain
- the domain.UnknownDomainException
- the domain does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static void addInspectors(Domain domain, Collection<Account> accounts) throws AccountAlreadyInspectorException, UnknownDomainException, AuthorizationDeniedException
addDomainAdministrators
method.
domain
- the domain.accounts
- the accounts. Duplicates are ignored. This parameter is optional, it is valid to pass null or an empty collection.AccountAlreadyInspectorException
- one of the provided accounts is already an inspector.UnknownDomainException
- the domain does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static void removeInspectors(Domain domain, Collection<Account> accounts) throws UnknownDomainException, AuthorizationDeniedException
addDomainAdministrators
method.
domain
- the domain.accounts
- the accounts. This parameter is optional, it is valid to pass null or an empty collection.UnknownDomainException
- the domain does not exist.AuthorizationDeniedException
- authorization denied. The authenticated user is not authorized to call this operation.public static ContextInstance.Role getRoleForContext(ContextInstance context, Account account) throws UnknownContextException
context
- the context.account
- the account.UnknownContextException
- the context does not exist.public static ContextInstance.Role getRoleForDomain(Domain domain, Account account) throws UnknownDomainException
domain
- the domain.account
- the account.UnknownDomainException
- the domain does not exist.public static ContextInstance.Role getRole(Account account)
account
- the account.public static Collection<ContextJournalEntry> searchJournal(Collection<String> accountNames, Collection<ItemCode> items, TimeRange timeRange, PageRange pageRange, ContextJournalSorting sorting) throws AuthorizationDeniedException, IllegalArgumentException
accountNames
- the account names. The accounts names are used to perform a sub-string search for context journal entries containing the account names. The number of accounts names that can be provided has an upper limit. The maximum number of account names that can be passed to this function is defined by ContextOperations.MAXIMUM_JOURNAL_SEARCH_ACCOUNTS
. This parameter is optional, it is valid to pass null or an empty collection.items
- the item codes. The item code value is used to perform a sub-string search for context journal entries. For example an item code value of 'report' would match documents where the item code is 'report.doc' and 'report.xls'. This parameter is optional, it is valid to pass null or an empty collection.timeRange
- time range for the search. This parameter is optional, it is valid to pass null.pageRange
- page range for the search result.sorting
- sorting criteria. This parameter is optional, it is valid to pass null.AuthorizationDeniedException
- if the authenticated user is not allowed to search any contexts.IllegalArgumentException
- the page range is invalid. The page range is limited to a page size of 5000 items. This is the maximum number of items that can be returned in one request.public static void uploadJournalEntries(Collection<ContextJournalEntry> entries)
entries
- the context journal entries. This parameter is optional, it is valid to pass null or an empty collection.public static int deleteJournalEntriesByRange(TimeRange range)
range
- the time range.public static int deleteContextJournalEntries(ContextInstance context) throws UnknownContextException
context
- the context for whose journal entries to delete.UnknownContextException
- the context does not exist.deleteContext
public static ContextCookie peekContent(byte[] content) throws UnsupportedClassificationSystemException, ContentParseException, IOException
Context
and ItemCode
from the sealed content public header.content
- sealed content.UnsupportedClassificationSystemException
- if the sealed content is not sealed using the context classification system.ContentParseException
- indicates that there was an issue parsing the sealed content. The exception will contains a reason that identifies which section of the sealed content which caused the parsing to fail.IOException
- an input/output/sealing error occurred peeking the content.public static KeySet generateKeySetForContext(ContextInstance context) throws UnknownContextException
context
- the context.UnknownContextException
- the context does not exist.generateKeySet
|
Oracle® Information Rights Management Server Java API Reference 11g Release 1 (11.1.1) E12907-03 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |