|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface PolicyManager
A class to hold CRUD methods of policy objects
Method Summary | |
---|---|
PolicyEntry |
createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PermissionSetEntry> permSets, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) Deprecated. replaced by PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC) |
PolicyEntry |
createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PermissionSetEntry> permSets, java.util.List<PrincipalEntry> principals, java.util.List<ObligationEntry> obligations) Deprecated. replaced by PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC) |
PolicyEntry |
createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ResourceActionsEntry> resActs, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) Deprecated. replaced by PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC) |
PolicyEntry |
createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ResourceActionsEntry> resActs, java.util.List<java.lang.String> permissionSetNames, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) Creates a policy with the given parameters. |
void |
deletePolicy(java.lang.String name) Deletes a policy with the given name, the method assume cascading deletion is disabled. |
void |
deletePolicy(java.lang.String name, boolean cascading) Deletes a policy with the given name |
java.util.List<PolicyEntry> |
getPolicies(PolicySearchQuery query) Gets all policies which satisfy the query |
PolicyEntry |
getPolicy(java.lang.String name) Gets policy by its name |
void |
modifyPolicy(PolicyEntry policy) Persists a revised in-memory PolicyEntry object. |
Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager |
---|
resolveReference |
Method Detail |
---|
@Deprecated
PolicyEntry createPolicy(java.lang.String name,
java.lang.String displayName,
java.lang.String description,
PolicyRuleEntry rule,
java.util.List<PermissionSetEntry> permSets,
java.util.List<PrincipalEntry> principals,
java.util.List<ObligationEntry> obligations)
throws InvalidArgumentException,
PolicyObjectAlreadyExistsException,
PolicyStoreException
PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC)
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.displayName
- policy display name, can be either a String value or null.description
- policy description, can be either a String value or null.rule
- PolicyRuleEntry object, the parameter should not be null.permSets
- a list of PermissionSetEntry objects, the parameter should not be null and should contain at least one element.principals
- a list of PrincipalEntry objects, the parameter should not be null and should contain at least one element.obligations
- a list of ObligationEntry objects, if null is passed in, just ignore it.InvalidArgumentException
- if the values passed in are invalid, throws out InvalidArgumentException, e.g. passing null value to one of name, rule, permSets, and principals parameters or passing an invalid regex for ResourceNameExpression(s) triggers the exception.PolicyObjectAlreadyExistsException
- if the same name policy exists, throws out PolicyObjectAlreadyExistsException.PolicyObjectNotFoundException
- if the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.PolicyEntry createPolicy(java.lang.String name, java.lang.String displayName, java.lang.String description, PolicyRuleEntry rule, java.util.List<PrincipalEntry> principals, CodeSourceEntry cs, java.util.List<ResourceActionsEntry> resActs, java.util.List<java.lang.String> permissionSetNames, java.util.List<ObligationEntry> obligations, PolicyEntry.POLICY_SEMANTIC policySemantic) throws InvalidArgumentException, PolicyObjectAlreadyExistsException, PolicyObjectNotFoundException, PolicyStoreException
cs and principals - one or both of these parameters must be specified. resActs and permissionSetNames - one or both of these parameters must be specified.Policy also defines semantic that describes how specific principals should be handled:
PRINCIPAL_AND_SEMANTIC policy applies to a user if the user matches all principals listed in the policy. For example, if list of principals contains two roles, the user must be member of both roles for policy to apply PRINCIPAL_OR_SEMANTIC policy applies to a user if the user matches at least on of principals listed in the policy. For example, if list of principals contains two roles, the user can be a member of at least one of these roles for policy to apply.
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.displayName
- policy display name, can be either a String value or null.description
- policy description, can be either a String value or null.rule
- PolicyRuleEntry object, the parameter should not be null.principals
- a list of PrincipalEntry object. If cs is null, then list of principals entries should contain at least one element.cs
- a CodeSourceEntry object.If principals is null, then code source entry should be defined.resActs
- a list of ResourceActionsEntry objects.If permissionSetNames is null, then the list of ResourceAcxtionEntries should contain at least one valid element.permissionSetNames
- a list of names of PermissionSetEntry objects.If resActs is null, then the list of PermissionSetNames should contain at least one non-null element.obligations
- a list of ObligationEntry objects, if null is passed in, just ignore it.policySemantic
- semantic of the policy that describes how principals specified in the policy should be handled:
PRINCIPAL_AND_SEMANTIC policy applies to a user if the user matches all principals listed in the policy. For example, if list of principals contains two roles, the user must be member of both roles for policy to apply.
PRINCIPAL_OR_SEMANTIC policy applies to a user if the user matches at least on of principals listed in the policy. For example, if list of principals contains two roles, the user can be a member of at least one of these roles for policy to apply.
InvalidArgumentException
- if the values passed in are invalid, throws out InvalidArgumentException, e.g. passing null value to one of name, rule, permSets, and principals parameters triggers the exception. Also thrown if policy contains ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectAlreadyExistsException
- if the same name policy exists, throws out PolicyObjectAlreadyExistsException.PolicyObjectNotFoundException
- if the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.void deletePolicy(java.lang.String name) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- the name of the policy to be removed, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.InvalidArgumentException
- if an invalid value is passed in, throws out InvalidArgumentException.PolicyObjectNotFoundException
- if the policy specified by name doesn't exist, throws out PolicyObjectNotFoundException.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.void deletePolicy(java.lang.String name, boolean cascading) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- the name of the policy to be removed, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.cascading
- deletion flag, if the flag is set to false and the Policy is referred by a PolicySet, throws out PolicyStoreOperationNotAllowedException. If the flag is set to true and the Policy is referred by a PolicySet, delete the Policy as well as the reference in that PolicySet. If the particular PolicySet has only one Policy reference, delete the PolicySet too.InvalidArgumentException
- if an invalid value is passed in, throws out InvalidArgumentException.PolicyObjectNotFoundException
- if the policy specified by name doesn't exist, throws out PolicyObjectNotFoundException.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.java.util.List<PolicyEntry> getPolicies(PolicySearchQuery query) throws InvalidArgumentException, PolicyStoreException
query
- the query object which contains query criteria, please refer to PolicySearchQuery
for detailed setting. The value shoud not be null.InvalidArgumentException
- the exception is reserved for future use.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.PolicyEntry getPolicy(java.lang.String name) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.InvalidArgumentException
- if an invaid value is passed in, throws out InvalidArgumentException.PolicyObjectNotFoundException
- if the specified policy doesn't exist.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.void modifyPolicy(PolicyEntry policy) throws InvalidArgumentException, PolicyObjectNotFoundException, PolicyStoreException
policy
- a modified policy objectInvalidArgumentException
- if null is passed in or the policy object lacks any of name, policy rule, permission set, principal. Also thrown if added ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectNotFoundException
- if the policy doesn't exist in policy repository, or the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.
@Deprecated
PolicyEntry createPolicy(java.lang.String name,
java.lang.String displayName,
java.lang.String description,
PolicyRuleEntry rule,
java.util.List<PermissionSetEntry> permSets,
java.util.List<PrincipalEntry> principals,
CodeSourceEntry cs,
java.util.List<ObligationEntry> obligations,
PolicyEntry.POLICY_SEMANTIC policySemantic)
throws PolicyStoreException
PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC)
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.displayName
- policy display name, can be either a String value or null.description
- policy description, can be either a String value or null.rule
- PolicyRuleEntry object, the parameter should not be null.permSets
- a list of PermissionSetEntry objects, the parameter should not be null and should contain at least one element.principals
- a list of PrincipalEntry objects, the parameter should not be null and should contain at least one element if cs is null.cs
- a CodeSourceEntry object, the parameter should be null if principals list is not null or emptyobligations
- a list of ObligationEntry objects, if null is passed in, just ignore it.policySemantic
- semantic of the policy.If PolicyEntry.POLICY_SEMANTIC.PRINCIPAL_AND_SEMANTIC is used, a Subject must have all principals in the policy to be granted with the specified permission sets. If PolicyEntry.POLICY_SEMANTIC.PRINCIPAL_OR_SEMANTIC is used, a Subject can be granted with the permission sets if it has any one of the principals.InvalidArgumentException
- if the values passed in are invalid, throws out InvalidArgumentException, e.g. passing null value to one of name, rule, permSets, and principals parameters triggers the exception. Also thrown if policy contains ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectAlreadyExistsException
- if the same name policy exists, throws out PolicyObjectAlreadyExistsException.PolicyObjectNotFoundException
- if the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
- if any internal status error, throws out PolicyStoreException.
@Deprecated
PolicyEntry createPolicy(java.lang.String name,
java.lang.String displayName,
java.lang.String description,
PolicyRuleEntry rule,
java.util.List<PrincipalEntry> principals,
CodeSourceEntry cs,
java.util.List<ResourceActionsEntry> resActs,
java.util.List<ObligationEntry> obligations,
PolicyEntry.POLICY_SEMANTIC policySemantic)
throws PolicyStoreException
PolicyManager#createPolicy(java.lang.String, java.lang.String, java.lang.String, PolicyRuleEntry, java.util.List<PrincipalEntry>, CodeSourceEntry, java.util.List<ResourceActionsEntry>, java.util.List<java.lang.String>, java.util.List<ObligationEntry>, PolicyEntry.POLICY_SEMANTIC)
name
- policy name, the parameter should not be null or empty string. A qualified name should start with a letter or underscore and consist of letter, digit and underscore.displayName
- policy display name, can be either a String value or null.description
- policy description, can be either a String value or null.rule
- PolicyRuleEntry object, the parameter should not be null.resActs
- a list of ResourceActionsEntry objects, the parameter should not be null and should contain at least one element.principals
- a list of PrincipalEntry objects, the parameter should not be null and should contain at least one element if cs is null.cs
- a CodeSourceEntry object, the parameter should be null if principals list is not null or emptyobligations
- a list of ObligationEntry objects, if null is passed in, just ignore it.policySemantic
- semantic of the policy.If PolicyEntry.POLICY_SEMANTIC.PRINCIPAL_AND_SEMANTIC is used, a Subject must have all principals in the policy to be granted with the specified permission sets. If PolicyEntry.POLICY_SEMANTIC.PRINCIPAL_OR_SEMANTIC is used, a Subject can be granted with the permission sets if it has any one of the principals.InvalidArgumentException
- if the values passed in are invalid, throws out InvalidArgumentException, e.g. passing null value to one of name, rule, permSets, and principals parameters triggers the exception. Also thrown if policy contains ResourceAction(s) contain ResourceNameExpression with invalid java regex.PolicyObjectAlreadyExistsException
- if the same name policy exists, throws out PolicyObjectAlreadyExistsException.PolicyObjectNotFoundException
- if the policy components used don't exist, including permission set, function used in policy rule, attribute used in policy rule and obligation.PolicyStoreException
|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |