GrantManager (Oracle Fusion Middleware Management Java API Reference for Oracle Platform Security Services)

All Superinterfaces:

EntityManager
```
public interface GrantManager
extends EntityManager
```
An Entity Manager for Grants.

Method Summary

Methods
Modifier and Type	Method and Description
`java.util.List<GrantEntry>`	`getGrants(GrantSearchQuery query)` Query the store to retrieve Grants based upon a search criteria.
`java.util.List<GrantEntry>`	`getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries, boolean order)` Search for Grants based on one or more Application Roles.
`java.util.List<GrantEntry>`	`getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries, boolean appRoleOrder, java.util.List<PermissionSetEntry> permissionSetEntries, boolean permSetOrder)` Search for Grants based on Application Roles AND Permission Sets.
`java.util.List<GrantEntry>`	`getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries, boolean order)` Search for Grants based on a PermissionSet.
`void`	`grant(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)` Grant a named PermissionSet to this group of principals and code source, or otherwise collectively known as the grantee.
`void`	`revoke(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)` Revoke a grant of a PermissionSet from this set of principals and codesource combination

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager
resolveReference

- Method Detail
  - getGrantsForApplicationRoles
```
java.util.List<GrantEntry> getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries,
                                                      boolean order)
                                                        throws PolicyStoreException
```
    Search for Grants based on one or more Application Roles. This method computes grants for direct Application Roles only.
    
    Parameters:
    
    appRoleNameEntries - a list of application roles
    
    order - if true, retrieves grants granted to Application Role1 AND Application Role2 AND ...
    If false, retrieves grants granted to Application Role1 OR Application Role2 OR ....
    
    Returns:
    
    Results of the search. If no matching grants found, an empty list is returned.
    
    Throws:
    
    PolicyStoreException - if an error is raised while querying the underlying store.
  - getGrantsForPermissionSets
```
java.util.List<GrantEntry> getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries,
                                                    boolean order)
                                                      throws PolicyStoreException
```
    Search for Grants based on a PermissionSet. This method computes grants for direct Application Roles only.
    
    Parameters:
    
    permissionSetEntries - a list of one or more PermissionSets.
    
    order - if true retrieves grants granted to PermissionSet1 AND PermissionSet2 AND ...
    If false, retrieves grants granted to PermissionSet1 OR PermissionSet2 OR ...
    
    Returns:
    
    Grants matching the criteria.
    
    Throws:
    
    PolicyStoreException - if an error is raised while querying the underlying store.
  - getGrantsForApplicationRolesAndPermissionSets
```
java.util.List<GrantEntry> getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries,
                                                                       boolean appRoleOrder,
                                                                       java.util.List<PermissionSetEntry> permissionSetEntries,
                                                                       boolean permSetOrder)
                                                                         throws PolicyStoreException
```
    Search for Grants based on Application Roles AND Permission Sets. This method computes grants for direct Application Roles only.
    
    Parameters:
    
    appRoleNameEntries - a list of one or more Application Roles.
    
    appRoleOrder - if true, query criteria includes grants granted to Application Role1 AND Application Role2 AND ...
    If false, query criteria includes granted to Application Role1 OR Application Role2 OR ....
    
    permissionSetEntries - a list of one or more Permission Sets.
    
    permSetOrder - if true query criteria includes Grants granted to PermissionSet1 AND PermissionSet2 AND ...
    If false, query criteria includes grants granted to PermissionSet1 OR PermissionSet2 OR ...
    
    Returns:
    
    Grants satisfying both the above 2 query criterias.
    
    Throws:
    
    PolicyStoreException - if an error is raised while querying the underlying store.
  - getGrants
```
java.util.List<GrantEntry> getGrants(GrantSearchQuery query)
                                     throws PolicyStoreException
```
    Query the store to retrieve Grants based upon a search criteria.
    
    Parameters:
    
    query - the criteria.
    
    Returns:
    
    list of GrantEntries.
    
    Throws:
    
    PolicyStoreException - if an error is raised while querying the underlying store.
    
    java.lang.IllegalArgumentException - If the query parameter contains a search by PRINCIPAL where the MATCHER is ANY.
    If the query parameter contains a search by PRINCIPAL where the the MATCHER is anything except EXACT, then the search query may be sub-optimal, depending upon the number of principals that match the criteria.
    
    InvalidArgumentException - if the query parameter contains a list of GrantSearchQuery and the size is 0.
  - grant
```
void grant(java.util.Set<PrincipalEntry> principalEntries,
         CodeSourceEntry csEntry,
         java.lang.String permissionSetName)
           throws PolicyObjectAlreadyExistsException,
                  PolicyStoreException
```
    Grant a named PermissionSet to this group of principals and code source, or otherwise collectively known as the grantee.
    
    Parameters:
    
    principalEntries - principal entries that constitute the grantee
    
    csEntry - codesource entry that constitute the grantee
    
    permissionSetName - name of the permission set.
    
    Throws:
    
    PolicyObjectNotFoundException - if the permissionSet cannot be found.
    
    PolicyObjectAlreadyExistsException - if the grantee is already granted the PermissionSet.
    
    PolicyStoreException - if an error occured during this grant operation.
  - revoke
```
void revoke(java.util.Set<PrincipalEntry> principalEntries,
          CodeSourceEntry csEntry,
          java.lang.String permissionSetName)
            throws PolicyObjectNotFoundException,
                   PolicyStoreException
```
    Revoke a grant of a PermissionSet from this set of principals and codesource combination
    
    Parameters:
    
    principalEntries - principal entries that constitute the grantee
    
    csEntry - codesource entry that constitute the grantee
    
    permissionSetName - name of the permission set.
    NOTE: If principalEntries is null, all grants of the permissionSetName are revoked.
    
    Throws:
    
    PolicyObjectNotFoundException - If the permissionSet cannot be found, or If the grantee is not found
    
    PolicyStoreException - if an error occured during this revoke operation.

Interface GrantManager

Method Summary

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager

Method Detail

getGrantsForApplicationRoles

getGrantsForPermissionSets

getGrantsForApplicationRolesAndPermissionSets

getGrants

grant

revoke