PolicySearchQuery (Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server)

Users can query out policies by given policy name, policy display name, policy description, principal entry, principal, permission set, obligation, attribute, and function.
Note: the method getSearchByValueObject is available, but the method getSearchByValue is not available. Examples:
1. Query by policy name

  // query out all policies whose names begin with "IT_"
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.NAME,
       false, ComparatorType.EQUALITY, "IT_", BaseSearchQuery.MATCHER.BEGINS_WITH);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

2. Query by display name

  // query out all policies whose display names contains "HR Policy"
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME,
      false, ComparatorType.EQUALITY, "HR Policy", BaseSearchQuery.MATCHER.CONTAINED_IN);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

3. Query by description

  // query out all policies whose descriptions contains "Financial Department"
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION,
      false, ComparatorType.EQUALITY, "Financial Department", BaseSearchQuery.MATCHER.CONTAINED_IN);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

4. Query by principal entry

  // query out all policies defined against the principal entry WLSUserImpl(james)
  PrincipalEntry wcai james = new BasicPrincipalEntry("weblogic.security.principal.WLSUserImpl", "james");
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PRINCIPAL_ENTRY,
      false, ComparatorType.EQUALITY, james, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

5. Query by permission set

  // query out all policies defined against the Permission Set, AccountOperations
  PermissionSetEntry permSet = permSetManager.getPermissionSet("AccountOperations");
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PERMISSION_SET,
      false, ComparatorType.EQUALITY, permSet, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

6. Query by obligation

  // query out all policies defined with the obligation, SendEmailObligation
  ObligationEntry sendEmailObligation = new BasicObligation("SendEmailObligation", "", "", null);
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION,
      false, ComparatorType.EQUALITY, sendEmailObligation, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

7. Query by attribute

  // query out all policies defined with the attribute, location
  AttributeEntry location = extensionManager.getAttribute("location");
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.ATTRIBUTE,
      false, ComparatorType.EQUALITY, location, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

8. Query by function

  // query out all policies defined with the function, matchDate
  FunctionEntry matchDate = extensionManager.getFunction("matchDate");
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.FUNCTION,
      false, ComparatorType.EQUALITY, matchDate, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

9. Query by resource

 // query out all policies defined with the resource, http://www.oracle.com
 PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.RESOURCE,
         false, ComparatorType.EQUALITY, "http://www.oracle.com", BaseSearchQuery.MATCHER.EXACT);
 List<PolicyEntry> policies = policyManager.getPolicies(query);

10. Query by resource name expression
users can have a query based on either a ResourceEntry or a string. If the query is based on a ResourceEntry, matcher should be set to MATCHER.EXACT. If the query is based on a string, matcher can be set to any qualified values (EXACT, BEGINS_WITH, ENDS_WITH, and CONTAINED_IN). The behavior is defined as the following.
a. If MATCHER.EXACT is set and search value matches the expression, the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "http://www.oracle.com", MATCHER.EXACT) returns both Policy1 and Policy2
b. If MATCHER.BEGINS_WITH is set and the expression begins with search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "http://", MATCHER.BEGINS_WITH) returns both Policy1 and Policy2
c. If MATCHER.ENDS_WITH is set and the expression ends with search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, ".com", MATCHER.ENDS_WITH) returns Policy1
d. If MATCHER.CONTAINED_IN is set and the expression contains search value (literally), the expression based policy is returned.
For example, given two policies:
Policy1 is defined with resource "http://www.oracle.com", Policy2 is defined with resource name expression "http://.*"
PolicySearchQuery(SEARCH_PROPERTY.RESOURCE_NAME_EXPRESSION, false, ComparatorType.EQUALITY, "ttp", MATCHER.CONTAINED_IN) returns both Policy1 and Policy2

Users are also able to build complex search criterias with above elements.

Consider the following example to search Policies which satisfy the criterias:

Contains the permission set MyPermSet
Contains the obligation MyObligation

  List<PolicySearchQuery> list = new ArrayList<PolicySearchQuery>();
  list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME,
    false, ComparatorType.EQUALITY, "The Display Name", BaseSearchQuery.MATCHER.EXACT));
  list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION,
    false, ComparatorType.EQUALITY, "The Description", BaseSearchQuery.MATCHER.EXACT));
  PolicySearchQuery query = new PolicySearchQuery(list, false, false);

Similarly, we can define an OR-ed query like below.

  List<PolicySearchQuery> list = new ArrayList<PolicySearchQuery>();
  list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME,
    false, ComparatorType.EQUALITY, "The Display Name", BaseSearchQuery.MATCHER.EXACT));
  list.add(new PolicySearchQuery( PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION,
    false, ComparatorType.EQUALITY, "The Description", BaseSearchQuery.MATCHER.EXACT));
  PolicySearchQuery query = new PolicySearchQuery(list, false, true);

11. Query by principal

  // query out all policies defined against the principal.
  Principal principal = new WLSUserImpl("james");
  PolicySearchQuery query = new PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY.PRINCIPAL,
      false, ComparatorType.EQUALITY, principal, BaseSearchQuery.MATCHER.EXACT);
  List<PolicyEntry> policies = policyManager.getPolicies(query);

Below table shows all supported query cases

Search Property	Value Object	Comparator	Matcher	Comments
ACTION	String: action	ComparatorType.EQUALITY	MATCHER.CONTAINED_IN	Returns the policies which is defined with the given action. Policies that defined with all action keyword of resource types that contain the given action are also returned.
ALL_ACTION	String	ComparatorType.EQUALITY	MATCHER.ANY	Must supply RESOURCE_TYPE property query at the same time, and RESOURCE_TYPE property query must use EXACT match. Returns policies which are defined with all action keyword or all actions of a resource type
ATTRIBUTE	String: attribute name, AttributeEntry	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which policy condition uses the given attribute
DESCRIPTION	String	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies whose description equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string
DISPLAY_NAME	String	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies whose display name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string
FUNCTION	String: function name, FunctionEntry	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which policy condition uses the given function
NAME	String	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies whose name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string
OBLIGATION	String: obligation name, ObligationEntry	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which there is an obligation matches the given name
OBLIGATION_ATTRIBUTE_ASSIGNMENT_NAME	String: attribute assignment name	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies in which obligation attribute assignment name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string
OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE	AttributeEntry, DataType, RuleExpressionEntry.builtInAttributes	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which the given attribute/built-in attribute/static value is used in obligation attribute assignment
PERMISSION_SET	PermissionSetEntry	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which the given permission set is used
PRINCIPAL_ENTRY	PrincipalEntry	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which the given principal entry is used
PRINCIPAL	Principal	ComparatorType.EQUALITY	MATCHER.EXACT	Returns the policies in which the given principal is used.
PRINCIPAL_NAME	String: principal name	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies in which the given string/principal name is used
RESOURCE	String: resource name	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies in which resource name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string/resource name
RESOURCE_NAME_EXPRESSION	String: resource name expression	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies in which resource name or resource name expression matches the given string
RESOURCE_TYPE	String: resource type name	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.BEGINS_WITH, MATCHER.ENDS_WITH, MATCHER.CONTAINED_IN	Returns the policies in which resource type name equals (MATCHER.EXACT)/begins with (BEGINS_WITH)/ends with (ENDS_WITH)/contains (CONTAINED_IN) the given string
EFFECT	String: effect name (grant/deny) or PolicyRuleEntry.EffectType.GRANT or PolicyRuleEntry.EffectType.DENY	ComparatorType.EQUALITY	MATCHER.EXACT, MATCHER.ANY	Returns the policies with rule in which effect equals (MATCHER.EXACT)/any (ANY) in the given string.

Nested Class Summary
`static class`	`PolicySearchQuery.SEARCH_PROPERTY` Criterias to search policies By

Nested classes/interfaces inherited from class oracle.security.jps.search.SearchQuery
`SearchQuery.MATCHER`

Constructor Summary
`PolicySearchQuery()`
`PolicySearchQuery(java.util.List<PolicySearchQuery> queries, boolean negation, boolean isORMatch)` Constructor
`PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY property, boolean negation, ComparatorType operator, java.lang.Object valueObject, SearchQuery.MATCHER match)` Constructor

Method Summary
`PolicySearchQuery.SEARCH_PROPERTY`	`getSearchByProperty()` get the search by property in this search query
`PolicySearchQuery[]`	`getSearchQueryInOrder()` Get the child search query in this search query.
`boolean`	`isPolicyObjectBasedOnly()` if the search query is based on the Policy object based properties, namely - Name, Display Name and Description only

Methods inherited from class oracle.security.jps.service.policystore.search.BaseSearchQuery
`getComparator, getQueries, toString`

Methods inherited from class oracle.security.jps.search.SearchQuery
`addBaseQuery, getBaseSearchQueryInOrder, getPageInfo, getPreparedQueryId, getSearchByPropertyString, getSearchByValue, getSearchByValueObject, getSearchComparator, getSearchQueries, getSearchValueMatch, hasPageInfo, isANDMatch, isComplexQuery, isNegativeMatch, isORMatch, setPageInfo, setPreparedQueryId, unsetPageInfo`

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Constructor Detail

PolicySearchQuery

public PolicySearchQuery()

PolicySearchQuery

public PolicySearchQuery(PolicySearchQuery.SEARCH_PROPERTY property,
                         boolean negation,
                         ComparatorType operator,
                         java.lang.Object valueObject,
                         SearchQuery.MATCHER match)
                  throws InvalidArgumentException

Constructor

Parameters:: property - search property, see PolicySearchQuery.SEARCH_PROPERTY for list of valid values. If property is not set to PolicySearchQuery.SEARCH_PROPERTY.NAME, PolicySearchQuery.SEARCH_PROPERTY.DISPLAY_NAME, PolicySearchQuery.SEARCH_PROPERTY.DESCRIPTION, PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_NAME, or PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE, only ComparatorType.EQUALITY and BaseSearchQuery.MATCHER#EXACT is supported. Especially, if property is set to PolicySearchQuery.SEARCH_PROPERTY.OBLIGATION_ATTRIBUTE_ASSIGNMENT_VALUE and valueObject is not an instance of OpssString, only ComparatorType.EQUALITY and BaseSearchQuery.MATCHER#EXACT is supported; negation - if it's set to false; operator - only ComparatorType.EQUALITY is supported at the point.; valueObject - the search object; match - matcher type, please refer to MATCHER for details.
Throws:: InvalidArgumentException - if property is not name, display name or description, and operator is not equality, InvalidArgumentException will be thrown

PolicySearchQuery

public PolicySearchQuery(java.util.List<PolicySearchQuery> queries,
                         boolean negation,
                         boolean isORMatch)

Constructor

Parameters:: queries -; negation -; isORMatch -

Method Detail

getSearchByProperty

public PolicySearchQuery.SEARCH_PROPERTY getSearchByProperty()

get the search by property in this search query

Returns:: null if this is a complex search query

getSearchQueryInOrder

public PolicySearchQuery[] getSearchQueryInOrder()

Get the child search query in this search query. Return child queries for a complex query, return empty arry for a simple query

Returns:

isPolicyObjectBasedOnly

public boolean isPolicyObjectBasedOnly()

if the search query is based on the Policy object based properties, namely - Name, Display Name and Description only

Returns:

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server
11g Release 2 (11.1.2)
E27155-03

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.jps.service.policystore.search Class PolicySearchQuery

PolicySearchQuery

PolicySearchQuery

PolicySearchQuery

getSearchByProperty

getSearchQueryInOrder

isPolicyObjectBasedOnly

oracle.security.jps.service.policystore.search
Class PolicySearchQuery