oracle.iam.accesspolicy.api

Interface AccessPolicyService

public interface AccessPolicyService

Method Summary

Modifier and Type	Method and Description
java.lang.String	createAccessPolicy(AccessPolicy policy) Creates an Access Policy.
void	deleteAccessPolicy(java.lang.String id, boolean revoke) Deletes an Access Policy.
void	evalutePoliciesForUser(java.lang.String userKey) Trigger access policy evaluation for the given user.
java.util.List	findAccessPolicies(SearchCriteria searchCriteria, java.util.Map configParams) Searches Access Policy.
AccessPolicy	getAccessPolicy(java.lang.String id, boolean populateDefaultData) Gets an Access Policy.
java.util.List	getAccessPolicyDefaultChildData(java.lang.String policyID, java.lang.String policyElementID, long appInstanceID, java.lang.String childFormName, SearchCriteria searchCriteria, java.util.Map configParams) Gets the default child data of a given form of an Access Policy element.
DefaultData	getAccessPolicyDefaultData(java.lang.String policyID, java.lang.String policyElementID, boolean populateChildData) Gets the default data of an Access Policy element.
java.util.List	getAssignedRoles(long polKey)
int	getLowestPriority() Returns the lowest priority of all access policies defined.
void	updateAccessPolicy(AccessPolicy policy) Updates an Access Policy.

Method Detail

evalutePoliciesForUser

void evalutePoliciesForUser(java.lang.String userKey)
                     throws NoSuchUserException,
                            AccessPolicyEvaluationUnauthorizedException,
                            AccessPolicyServiceException,
                            AccessPolicyEvaluationException

Trigger access policy evaluation for the given user. This API marks user for policy evaluation by creating/updating an entry in table USER_PROVISIONING_ATTRS. The actual policy evaluation happens via schedule job " Evaluate User Policies"

Parameters:

userKey - - Key of the user for whom access policy evaluation is to be triggered.

Throws:

NoSuchUserException - if user identified by userKey doesn't exist

AccessPolicyEvaluationUnauthorizedException - if the user initiating the access policy evaluation doesn't have the necessary privileges.

AccessPolicyEvaluationException - if an error occurred while evaluating access policies for the user

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

getAccessPolicy

AccessPolicy getAccessPolicy(java.lang.String id,
                             boolean populateDefaultData)
                      throws AccessDeniedException,
                             AccessPolicyServiceException

Gets an Access Policy.

Parameters:

id - - the access policy ID.

- - if the default data should be populated. true means it should populate the default data, false otherwise. Only populate the default data when needed as populating the default data might take some time depends on the number of attributes.

Returns:

an access policy that matches the access policy ID given, null if there is no access policy with the given ID.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

findAccessPolicies

java.util.List findAccessPolicies(SearchCriteria searchCriteria,
                                  java.util.Map configParams)
                           throws AccessDeniedException,
                                  AccessPolicyServiceException

Searches Access Policy.

Parameters:

searchCriteria - - the search criteria.

configParams - - the parameters to further configure the search operation. There are four configuration parameters: start, end, sortAttrName, and order.

Returns:

list of access policies that matches the search criteria. The access policies return here will not have their default data populated.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

getAccessPolicyDefaultData

DefaultData getAccessPolicyDefaultData(java.lang.String policyID,
                                       java.lang.String policyElementID,
                                       boolean populateChildData)
                                throws AccessDeniedException,
                                       AccessPolicyServiceException

Gets the default data of an Access Policy element.

Parameters:

policyID - - the access policy ID.

policyElementID - - the access policy element ID.

populateChildData - - if the child data should be populated. true means it should populate the child data, false otherwise.

Returns:

the default data of the specific access policy element.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

getAccessPolicyDefaultChildData

java.util.List getAccessPolicyDefaultChildData(java.lang.String policyID,
                                               java.lang.String policyElementID,
                                               long appInstanceID,
                                               java.lang.String childFormName,
                                               SearchCriteria searchCriteria,
                                               java.util.Map configParams)
                                        throws AccessDeniedException,
                                               AccessPolicyServiceException

Gets the default child data of a given form of an Access Policy element.

Parameters:

policyID - - the access policy ID.

policyElementID - - the access policy element ID.

appInstanceID - - the application instance ID.

childFormName - - the child form name.

searchCriteria - - the search criteria.

configParams - - the parameters to further configure the search operation. There are four configuration parameters: start, end, sortAttrName, and order.

Returns:

the default child data of the specific form of the specific Access Policy element.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

createAccessPolicy

java.lang.String createAccessPolicy(AccessPolicy policy)
                             throws AccessDeniedException,
                                    AccessPolicyServiceException

Creates an Access Policy.

Parameters:

policy - - access policy to be created.

Returns:

the ID of the newly created access policy.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

updateAccessPolicy

void updateAccessPolicy(AccessPolicy policy)
                 throws AccessDeniedException,
                        AccessPolicyServiceException

Updates an Access Policy.

Parameters:

policy - - access policy to be updated.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

deleteAccessPolicy

void deleteAccessPolicy(java.lang.String id,
                        boolean revoke)
                 throws AccessDeniedException,
                        AccessPolicyServiceException

Deletes an Access Policy.

Parameters:

id - - ID of the access policy to be deleted.

revoke - - if accounts granted by this access policy should be revoked.

Throws:

AccessDeniedException - if logged in user is not authorized to perform this operation.

AccessPolicyServiceException - if any other generic error occurs. The embedded exception indicates the root cause.

getLowestPriority

int getLowestPriority()
               throws AccessPolicyServiceException

Returns the lowest priority of all access policies defined.

Returns:

The lowest priority of all access policies defined.

Throws:

AccessPolicyServiceException - if any error occurs. The embedded exception indicates the root cause.

getAssignedRoles

java.util.List getAssignedRoles(long polKey)
                         throws NoSuchPolicyException

Throws:

NoSuchPolicyException