public interface GrantManager extends EntityManager
Modifier and Type | Method and Description |
---|---|
java.util.List<GrantEntry> |
getGrants(GrantSearchQuery query)
Query the store to retrieve Grants based upon a search criteria.
|
java.util.List<GrantEntry> |
getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries, boolean order)
Search for Grants based on one or more Application Roles.
|
java.util.List<GrantEntry> |
getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries, boolean appRoleOrder, java.util.List<PermissionSetEntry> permissionSetEntries, boolean permSetOrder)
Search for Grants based on Application Roles AND Permission Sets.
|
java.util.List<GrantEntry> |
getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries, boolean order)
Search for Grants based on a PermissionSet.
|
void |
grant(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)
Grant a named PermissionSet to this group of principals and code source, or otherwise collectively known as the grantee.
|
void |
revoke(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName)
Revoke a grant of a PermissionSet from this set of principals and codesource combination
|
resolveReference
java.util.List<GrantEntry> getGrantsForApplicationRoles(java.util.List<AppRoleEntry> appRoleNameEntries, boolean order) throws PolicyStoreException
appRoleNameEntries
- a list of application rolesorder
- if true
, retrieves grants granted to Application Role1 AND Application Role2 AND ...
If false
, retrieves grants granted to Application Role1 OR Application Role2 OR ....
PolicyStoreException
- if an error is raised while querying the underlying store.java.util.List<GrantEntry> getGrantsForPermissionSets(java.util.List<PermissionSetEntry> permissionSetEntries, boolean order) throws PolicyStoreException
permissionSetEntries
- a list of one or more PermissionSets.order
- if true
retrieves grants granted to PermissionSet1 AND PermissionSet2 AND ...
If false
, retrieves grants granted to PermissionSet1 OR PermissionSet2 OR ...
PolicyStoreException
- if an error is raised while querying the underlying store.java.util.List<GrantEntry> getGrantsForApplicationRolesAndPermissionSets(java.util.List<AppRoleEntry> appRoleNameEntries, boolean appRoleOrder, java.util.List<PermissionSetEntry> permissionSetEntries, boolean permSetOrder) throws PolicyStoreException
appRoleNameEntries
- a list of one or more Application Roles.appRoleOrder
- if true
, query criteria includes grants granted to Application Role1 AND Application Role2 AND ...
If false
, query criteria includes granted to Application Role1 OR Application Role2 OR ....
permissionSetEntries
- a list of one or more Permission Sets.permSetOrder
- if true
query criteria includes Grants granted to PermissionSet1 AND PermissionSet2 AND ...
If false
, query criteria includes grants granted to PermissionSet1 OR PermissionSet2 OR ...
PolicyStoreException
- if an error is raised while querying the underlying store.java.util.List<GrantEntry> getGrants(GrantSearchQuery query) throws PolicyStoreException
query
- the criteria.PolicyStoreException
- if an error is raised while querying the underlying store.java.lang.IllegalArgumentException
- If the query parameter contains a search by PRINCIPAL where the MATCHER
is ANY
.
If the query parameter contains a search by PRINCIPAL where the the MATCHER
is anything except EXACT
, then the search query may be sub-optimal, depending upon the number of principals that match the criteria.
InvalidArgumentException
- if the query parameter contains a list of GrantSearchQuery and the size is 0.void grant(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName) throws PolicyObjectAlreadyExistsException, PolicyStoreException
principalEntries
- principal entries that constitute the granteecsEntry
- codesource entry that constitute the granteepermissionSetName
- name of the permission set.PolicyObjectNotFoundException
- if the permissionSet cannot be found.PolicyObjectAlreadyExistsException
- if the grantee is already granted the PermissionSet.PolicyStoreException
- if an error occured during this grant operation.void revoke(java.util.Set<PrincipalEntry> principalEntries, CodeSourceEntry csEntry, java.lang.String permissionSetName) throws PolicyObjectNotFoundException, PolicyStoreException
principalEntries
- principal entries that constitute the granteecsEntry
- codesource entry that constitute the granteepermissionSetName
- name of the permission set.principalEntries
is null, all grants of the permissionSetName
are revoked.PolicyObjectNotFoundException
- If the permissionSet cannot be found, or If the grantee is not foundPolicyStoreException
- if an error occured during this revoke operation.