|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 1 (11.1.1) E22649-02 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
oracle.security.jps.search.SearchQuery
oracle.security.jps.service.policystore.search.BaseSearchQuery
oracle.security.jps.service.policystore.search.PolicySearchQuery
public class PolicySearchQuery
A Class to build search criterias to query Policys.
Users can query out policies by given policy name, policy display name, policy description, principal entry, principal, permission set, obligation, attribute, and function.
Note: the method getSearchByValueObject is available, but the method getSearchByValue is not available. Examples:
1. Query by policy name
// query out all policies whose names begin with "IT_" PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, "IT_", BaseSearchQuery.MATCHER.BEGINS_WITH); List<PolicyEntry> policies = policyManager.getPolicies(query);
2. Query by display name
// query out all policies whose display names contains "HR Policy" PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME, false, ComparatorType.EQUALITY, "HR Policy", BaseSearchQuery.MATCHER.CONTAINED_IN); List<PolicyEntry> policies = policyManager.getPolicies(query);
3. Query by description
// query out all policies whose descriptions contains "Financial Department" PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION, false, ComparatorType.EQUALITY, "Financial Department", BaseSearchQuery.MATCHER.CONTAINED_IN); List<PolicyEntry> policies = policyManager.getPolicies(query);
4. Query by principal entry
// query out all policies defined against the principal entry WLSUserImpl(james) PrincipalEntry wcai james = new BasicPrincipalEntry("weblogic.security.principal.WLSUserImpl", "james"); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PRINCIPAL_ENTRY, false, ComparatorType.EQUALITY, james, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
5. Query by permission set
// query out all policies defined against the Permission Set, AccountOperations PermissionSetEntry permSet = permSetManager.getPermissionSet("AccountOperations"); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PERMISSION_SET, false, ComparatorType.EQUALITY, permSet, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
6. Query by obligation
// query out all policies defined with the obligation, SendEmailObligation ObligationEntry sendEmailObligation = new BasicObligation("SendEmailObligation", "", "", null); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION, false, ComparatorType.EQUALITY, sendEmailObligation, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
7. Query by attribute
// query out all policies defined with the attribute, location AttributeEntry location = extensionManager.getAttribute("location"); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.ATTRIBUTE, false, ComparatorType.EQUALITY, location, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
8. Query by function
// query out all policies defined with the function, matchDate FunctionEntry matchDate = extensionManager.getFunction("matchDate"); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.FUNCTION, false, ComparatorType.EQUALITY, matchDate, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
9. Query by resource
// query out all policies defined with the resource, http://www.oracle.com PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.RESOURCE, false, ComparatorType.EQUALITY, "http://www.oracle.com", BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
10. Query by resource name expression
users can have a query based on either a ResourceEntry or a string. If the query is based on a ResourceEntry, matcher should be set to MATCHER.EXACT. If the query is based on a string, matcher can be set to any qualified values (EXACT, BEGINS_WITH, ENDS_WITH, and CONTAINED_IN). The behavior is defined as the following.
a. If MATCHER.EXACT is set and search value matches the expression, the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "http://www.oracle.com", MATCHER.EXACT) returns both Policy1 and Policy2
b. If MATCHER.BEGINS_WITH is set and the expression begins with search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "http://", MATCHER.BEGINS_WITH) returns both Policy1 and Policy2
c. If MATCHER.ENDS_WITH is set and the expression ends with search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, ".com", MATCHER.ENDS_WITH) returns Policy1
d. If MATCHER.CONTAINED_IN is set and the expression contains search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "ttp", MATCHER.CONTAINED_IN) returns both Policy1 and Policy2
Users are also able to build complex search criterias with above elements.
Consider the following example to search Policies which satisfy the criterias:
List<PolicySearchQuery> list = new ArrayList<PolicySearchQuery>(); list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME, false, ComparatorType.EQUALITY, "The Display Name", BaseSearchQuery.MATCHER.EXACT)); list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION, false, ComparatorType.EQUALITY, "The Description", BaseSearchQuery.MATCHER.EXACT)); PolicySearchQuery query = new PolicySearchQuery(list, false, false);
Similarly, we can define an OR-ed query like below.
List<PolicySearchQuery> list = new ArrayList<PolicySearchQuery>(); list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME, false, ComparatorType.EQUALITY, "The Display Name", BaseSearchQuery.MATCHER.EXACT)); list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION, false, ComparatorType.EQUALITY, "The Description", BaseSearchQuery.MATCHER.EXACT)); PolicySearchQuery query = new PolicySearchQuery(list, false, true);
11. Query by principal
// query out all policies defined against the principal. Principal principal = new WLSUserImpl("james"); PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PRINCIPAL, false, ComparatorType.EQUALITY, principal, BaseSearchQuery.MATCHER.EXACT); List<PolicyEntry> policies = policyManager.getPolicies(query);
Below table shows all supported query cases
Search Property | Value Object | Comparator | Matcher | Comments |
ACTION | String: action | ComparatorType.EQUALITY | MATCHER.CONTAINED_IN | Returns the policies which is defined with the given action. Policies that defined with all action keyword of resource types that contain the given action are also returned. |
ALL_ACTION | String | ComparatorType.EQUALITY | MATCHER.ANY | Must supply RESOURCE_TYPE property query at the same time, and RESOURCE_TYPE property query must use EXACT match. Returns policies which are defined with all action keyword or all actions of a resource type |
ATTRIBUTE | String: attribute name, AttributeEntry | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which policy condition uses the given attribute |
DESCRIPTION | String | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies whose description equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
DISPLAY_NAME | String | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies whose display name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
FUNCTION | String: function name, FunctionEntry | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which policy condition uses the given function |
NAME | String | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies whose name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
OBLIGATION | String: obligation name, ObligationEntry | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which there is an obligation matches the given name |
OBLIGATION_ATTRIBUTE_ASSIGNMENT_NAME | String: attribute assignment name | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies in which obligation attribute assignment name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE | AttributeEntry, DataType, RuleExpressionEntry.builtInAttributes | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which the given attribute/built-in attribute/static value is used in obligation attribute assignment |
PERMISSION_SET | PermissionSetEntry | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which the given permission set is used |
PRINCIPAL_ENTRY | PrincipalEntry | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which the given principal entry is used |
PRINCIPAL | Principal | ComparatorType.EQUALITY | MATCHER.EXACT | Returns the policies in which the given principal is used. |
PRINCIPAL_NAME | String: principal name | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies in which the given string/principal name is used |
RESOURCE | String: resource name | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies in which resource name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string/resource name |
RESOURCE_NAME_EXPRESSION | String: resource name expression | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies in which resource name or resource name expression matches the given string |
RESOURCE_TYPE | String: resource type name | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies in which resource type name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
EFFECT | String: effect name (grant/deny) or PolicyRuleEntry.EffectType.GRANT or PolicyRuleEntry.EffectType.DENY | ComparatorType.EQUALITY | MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN | Returns the policies with rule in which effect equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string |
Nested Class Summary | |
---|---|
static class |
PolicySearchQuery.SEARCH_PROPERTY Criterias to search policies By |
Nested classes/interfaces inherited from class oracle.security.jps.search.SearchQuery |
---|
SearchQuery.MATCHER |
Constructor Summary | |
---|---|
PolicySearchQuery() |
|
PolicySearchQuery(java.util.List<PolicySearchQuery> queries, boolean negation, boolean isORMatch) Constructor |
|
PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY property, boolean negation, ComparatorType operator, java.lang.Object valueObject, SearchQuery.MATCHER match) Constructor |
Method Summary | |
---|---|
PolicySearchQuery.SEARCH_PROPERTY |
getSearchByProperty() get the search by property in this search query |
PolicySearchQuery[] |
getSearchQueryInOrder() Get the child search query in this search query. |
Methods inherited from class oracle.security.jps.service.policystore.search.BaseSearchQuery |
---|
getComparator, getQueries, toString |
Methods inherited from class oracle.security.jps.search.SearchQuery |
---|
addBaseQuery, getBaseSearchQueryInOrder, getSearchByPropertyString, getSearchByValue, getSearchByValueObject, getSearchComparator, getSearchQueries, getSearchValueMatch, isANDMatch, isComplexQuery, isNegativeMatch, isORMatch |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
---|
public PolicySearchQuery()
public PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY property, boolean negation, ComparatorType operator, java.lang.Object valueObject, SearchQuery.MATCHER match) throws InvalidArgumentException
property
- search property, see PolicySearchQuery.SEARCH_PROPERTY
for list of valid values. If property is not set to PolicySearchQuery.SEARCH_PROPERTY.NAME
, PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME
, PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION
, PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_NAME
, or PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE
, only ComparatorType.EQUALITY
and BaseSearchQuery.MATCHER#EXACT
is supported. Especially, if property is set to PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE
and valueObject is not an instance of OpssString
, only ComparatorType.EQUALITY
and BaseSearchQuery.MATCHER#EXACT
is supportednegation
- if it's set to falseoperator
- only ComparatorType.EQUALITY
is supported at the point.valueObject
- the search objectmatch
- matcher type, please refer to MATCHER
for details.InvalidArgumentException
- if property is not name, display name or description, and operator is not equality, InvalidArgumentException will be thrownpublic PolicySearchQuery(java.util.List<PolicySearchQuery> queries, boolean negation, boolean isORMatch)
queries
-negation
-isORMatch
-Method Detail |
---|
public PolicySearchQuery.SEARCH_PROPERTY getSearchByProperty()
public PolicySearchQuery[] getSearchQueryInOrder()
|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 1 (11.1.1) E22649-02 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |