|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AppRoleManager
This class manages application roles. It provides methods to create, delete, modify, and find application roles. It also provides methods to grant/revoke members of application roles.
Application role could be granted to normal principal or other application roles, which are called application role members. The principals granted one application role directly are called direct members of the application role, returned by getDirectAppRoleMembers(Class<T> klass, String name). And the principals granted one application role's member are also members of the application role, returned by getAllAppRoleMembers(Class<T> klass, String name)
All the members of the application role will have the application role. For example:
grant RoleA --> user1 grant RoleA --> RoleB grant RoleB --> user2
So principal user1 and application role RoleB are direct members of application role RoleA, and user2 are indirect member of RoleA.
And both Principal user1 and Principal user2 will have all rights granted to RoleA.
Method Summary | ||
---|---|---|
AppRoleEntry |
createAppRole(java.lang.String name, java.lang.String displayName, java.lang.String description) Creates the requested application role in the policy store. |
|
void |
deleteAppRole(java.lang.String name, boolean cascade) Removes the application role from policy store. |
|
|
getAllAppRoleMembers(java.lang.Class<T> klass, java.lang.String name) Get all principals who statically granted the application role directly/indirectly |
|
java.util.List<AppRoleEntry> |
getAllGrantedAppRoles(PrincipalEntry principal) Get the app roles directly or indirectly granted to App roles for the principal |
|
AppRoleEntry |
getAppRole(java.lang.String name) Get Application Role by the given name |
|
java.util.List<AppRoleEntry> |
getAppRoles(AppRoleSearchQuery query) Get Application Roles by the given query |
|
|
getDirectAppRoleMembers(java.lang.Class<T> klass, java.lang.String name) Get all principals who statically granted the application role directly |
|
java.util.List<AppRoleEntry> |
getDirectGrantedAppRoles(PrincipalEntry principal) Get the app roles directly granted to App roles for the principal |
|
void |
grantAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals) Grant the app role to a list of principals |
|
void |
modifyAppRole(AppRoleEntry role) Modify Application Role |
|
void |
revokeAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals) Revoke the app role to a list of principals |
Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager |
---|
resolveReference |
Method Detail |
---|
AppRoleEntry createAppRole(java.lang.String name, java.lang.String displayName, java.lang.String description) throws InvalidArgumentException, PolicyStoreException
name
- the application role namedisplayName
- the display name of application roledescription
- the description of application roleInvalidArgumentException
- if the parameters are invalidPolicyStoreException
- if failed to create application rolePolicyObjectAlreadyExistsException
- if the application role already existsvoid deleteAppRole(java.lang.String name, boolean cascade) throws PolicyStoreException
name
- the application role namecascade
- the flag to do cascade deletionPolicyStoreException
- if failed to delete application roleInvalidArgumentException
- if name is invalidPolicyObjectNotFoundException
- if the application role specified by name doesn't existPolicyStoreOperationNotAllowedException
- if cascade is false while the application role is usedjava.util.List<AppRoleEntry> getAppRoles(AppRoleSearchQuery query) throws InvalidArgumentException, PolicyStoreException
query
- the given query with conditionInvalidArgumentException
- if the parameter is invalidPolicyStoreException
- if failed to query application rolesAppRoleEntry getAppRole(java.lang.String name) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- the application role nameInvalidArgumentException
- if application role name is invalidPolicyObjectNotFoundException
- if the specified application role doesn't existPolicyStoreException
- if failed to get application rolevoid modifyAppRole(AppRoleEntry role) throws InvalidArgumentException, PolicyStoreException
role
- the new application role entry to modifyInvalidArgumentException
- if the application role entry is invalidPolicyObjectNotFoundException
- if the application role doesn't existPolicyStoreException
- if failed to modify application role entryvoid grantAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals) throws InvalidArgumentException, PolicyStoreException
role
- the application role entry to grantprincipals
- the principals to get the application roleInvalidArgumentException
- if the parameters are invalidPolicyObjectNotFoundException
- if the application role doesn't existPolicyStoreException
- if failed to grant application role to pricinpalsvoid revokeAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals) throws InvalidArgumentException, PolicyStoreException
role
- the application role entryprincipals
- the principalsInvalidArgumentException
- if the parameters are invalidPolicyObjectNotFoundException
- if the application role doesn't existPolicyStoreException
- if failed to revoke application rolesjava.util.List<AppRoleEntry> getDirectGrantedAppRoles(PrincipalEntry principal) throws InvalidArgumentException, PolicyStoreException
principal
- the principal to get application rolesInvalidArgumentException
- if the parameter is invalidPolicyStoreException
- if failed to get application rolesjava.util.List<AppRoleEntry> getAllGrantedAppRoles(PrincipalEntry principal) throws InvalidArgumentException, PolicyStoreException
principal
- the principal to get application rolesInvalidArgumentException
- if the parameter is invalidPolicyStoreException
- if failed to get applications roles<T extends PrincipalEntry> java.util.List<T> getDirectAppRoleMembers(java.lang.Class<T> klass, java.lang.String name) throws InvalidArgumentException, PolicyStoreException
klass
- the class type of AppRoleEntry or PrincipalEntry. If it is AppRoleEntry, only return AppRoleEntries. Otherwise return all members.name
- the application role nameInvalidArgumentException
- if the parameters are invalidPolicyObjectNotFoundException
- if the application role doesn't existPolicyStoreException
- if failed to get application role members<T extends PrincipalEntry> java.util.List<T> getAllAppRoleMembers(java.lang.Class<T> klass, java.lang.String name) throws InvalidArgumentException, PolicyStoreException
klass
- the class type of AppRoleEntry or PrincipalEntry. If it is AppRoleEntry, only return AppRoleEntries. Otherwise return all members.name
- the application role nameInvalidArgumentException
- if the parameters are invalidPolicyObjectNotFoundException
- if the application role doesn't existPolicyStoreException
- if failed to get application role members
|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |