Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server
11g Release 1 (11.1.1)
E22649-02 ESAPI
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.jps.service.policystore.entitymanager
Interface AppRoleManager

All Superinterfaces:
EntityManager
public interface AppRoleManager
extends EntityManager

This class manages application roles. It provides methods to create, delete, modify, and find application roles. It also provides methods to grant/revoke members of application roles.

Application role could be granted to normal principal or other application roles, which are called application role members. The principals granted one application role directly are called direct members of the application role, returned by getDirectAppRoleMembers(Class<T> klass, String name). And the principals granted one application role's member are also members of the application role, returned by getAllAppRoleMembers(Class<T> klass, String name)

All the members of the application role will have the application role. For example:

        grant RoleA --> user1
        grant RoleA --> RoleB
        grant RoleB --> user2

So principal user1 and application role RoleB are direct members of application role RoleA, and user2 are indirect member of RoleA.

And both Principal user1 and Principal user2 will have all rights granted to RoleA.

Method Summary
 AppRoleEntry createAppRole(java.lang.String name, java.lang.String displayName, java.lang.String description)
          Creates the requested application role in the policy store.
 void deleteAppRole(java.lang.String name, boolean cascade)
          Removes the application role from policy store.
<T extends PrincipalEntry>
java.util.List<T>
getAllAppRoleMembers(java.lang.Class<T> klass, java.lang.String name)
          Get all principals who statically granted the application role directly/indirectly
 java.util.List<AppRoleEntry> getAllGrantedAppRoles(PrincipalEntry principal)
          Get the app roles directly or indirectly granted to App roles for the principal
 AppRoleEntry getAppRole(java.lang.String name)
          Get Application Role by the given name
 java.util.List<AppRoleEntry> getAppRoles(AppRoleSearchQuery query)
          Get Application Roles by the given query
<T extends PrincipalEntry>
java.util.List<T>
getDirectAppRoleMembers(java.lang.Class<T> klass, java.lang.String name)
          Get all principals who statically granted the application role directly
 java.util.List<AppRoleEntry> getDirectGrantedAppRoles(PrincipalEntry principal)
          Get the app roles directly granted to App roles for the principal
 void grantAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals)
          Grant the app role to a list of principals
 void modifyAppRole(AppRoleEntry role)
          Modify Application Role
 void revokeAppRole(AppRoleEntry role, java.util.List<PrincipalEntry> principals)
          Revoke the app role to a list of principals

 

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager
resolveReference

 

Method Detail

createAppRole

AppRoleEntry createAppRole(java.lang.String name,
                           java.lang.String displayName,
                           java.lang.String description)
                           throws InvalidArgumentException,
                                  PolicyStoreException
Creates the requested application role in the policy store.
Parameters:
name - the application role name
displayName - the display name of application role
description - the description of application role
Returns:
the newly created application role as an AppRoleEntry
Throws:
InvalidArgumentException - if the parameters are invalid
PolicyStoreException - if failed to create application role
PolicyObjectAlreadyExistsException - if the application role already exists

deleteAppRole

void deleteAppRole(java.lang.String name,
                   boolean cascade)
                   throws PolicyStoreException
Removes the application role from policy store. If cascade is set to true, remove related objects/policies as well. Otherwise, throw PolicyStoreOperationNotAllowedException
Parameters:
name - the application role name
cascade - the flag to do cascade deletion
Throws:
PolicyStoreException - if failed to delete application role
InvalidArgumentException - if name is invalid
PolicyObjectNotFoundException - if the application role specified by name doesn't exist
PolicyStoreOperationNotAllowedException - if cascade is false while the application role is used

getAppRoles

java.util.List<AppRoleEntry> getAppRoles(AppRoleSearchQuery query)
                                         throws InvalidArgumentException,
                                                PolicyStoreException
Get Application Roles by the given query
Parameters:
query - the given query with condition
Returns:
list of matching application roles
Throws:
InvalidArgumentException - if the parameter is invalid
PolicyStoreException - if failed to query application roles

getAppRole

AppRoleEntry getAppRole(java.lang.String name)
                        throws InvalidArgumentException,
                               PolicyObjectNotFoundException,
                               PolicyStoreException
Get Application Role by the given name
Parameters:
name - the application role name
Returns:
the matched application role with the given name
Throws:
InvalidArgumentException - if application role name is invalid
PolicyObjectNotFoundException - if the specified application role doesn't exist
PolicyStoreException - if failed to get application role

modifyAppRole

void modifyAppRole(AppRoleEntry role)
                   throws InvalidArgumentException,
                          PolicyStoreException
Modify Application Role
Parameters:
role - the new application role entry to modify
Throws:
InvalidArgumentException - if the application role entry is invalid
PolicyObjectNotFoundException - if the application role doesn't exist
PolicyStoreException - if failed to modify application role entry

grantAppRole

void grantAppRole(AppRoleEntry role,
                  java.util.List<PrincipalEntry> principals)
                  throws InvalidArgumentException,
                         PolicyStoreException
Grant the app role to a list of principals
Parameters:
role - the application role entry to grant
principals - the principals to get the application role
Throws:
InvalidArgumentException - if the parameters are invalid
PolicyObjectNotFoundException - if the application role doesn't exist
PolicyStoreException - if failed to grant application role to pricinpals

revokeAppRole

void revokeAppRole(AppRoleEntry role,
                   java.util.List<PrincipalEntry> principals)
                   throws InvalidArgumentException,
                          PolicyStoreException
Revoke the app role to a list of principals
Parameters:
role - the application role entry
principals - the principals
Throws:
InvalidArgumentException - if the parameters are invalid
PolicyObjectNotFoundException - if the application role doesn't exist
PolicyStoreException - if failed to revoke application roles

getDirectGrantedAppRoles

java.util.List<AppRoleEntry> getDirectGrantedAppRoles(PrincipalEntry principal)
                                                      throws InvalidArgumentException,
                                                             PolicyStoreException
Get the app roles directly granted to App roles for the principal
Parameters:
principal - the principal to get application roles
Returns:
list of application roles
Throws:
InvalidArgumentException - if the parameter is invalid
PolicyStoreException - if failed to get application roles

getAllGrantedAppRoles

java.util.List<AppRoleEntry> getAllGrantedAppRoles(PrincipalEntry principal)
                                                   throws InvalidArgumentException,
                                                          PolicyStoreException
Get the app roles directly or indirectly granted to App roles for the principal
Parameters:
principal - the principal to get application roles
Returns:
list of application roles
Throws:
InvalidArgumentException - if the parameter is invalid
PolicyStoreException - if failed to get applications roles

getDirectAppRoleMembers

<T extends PrincipalEntry> java.util.List<T> getDirectAppRoleMembers(java.lang.Class<T> klass,
                                                                     java.lang.String name)
                                                                 throws InvalidArgumentException,
                                                                        PolicyStoreException
Get all principals who statically granted the application role directly
Parameters:
klass - the class type of AppRoleEntry or PrincipalEntry. If it is AppRoleEntry, only return AppRoleEntries. Otherwise return all members.
name - the application role name
Returns:
list of principals
Throws:
InvalidArgumentException - if the parameters are invalid
PolicyObjectNotFoundException - if the application role doesn't exist
PolicyStoreException - if failed to get application role members

getAllAppRoleMembers

<T extends PrincipalEntry> java.util.List<T> getAllAppRoleMembers(java.lang.Class<T> klass,
                                                                  java.lang.String name)
                                                              throws InvalidArgumentException,
                                                                     PolicyStoreException
Get all principals who statically granted the application role directly/indirectly
Parameters:
klass - the class type of AppRoleEntry or PrincipalEntry. If it is AppRoleEntry, only return AppRoleEntries. Otherwise return all members.
name - the application role name
Returns:
list of principals
Throws:
InvalidArgumentException - if the parameters are invalid
PolicyObjectNotFoundException - if the application role doesn't exist
PolicyStoreException - if failed to get application role members

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server
11g Release 1 (11.1.1)
E22649-02 ESAPI
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2011, Oracle. All rights reserved.