Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.bea.p13n.entitlements.management
Class RolePolicyManager

java.lang.Object
  extended by com.bea.p13n.entitlements.management.RolePolicyManager

public class RolePolicyManager
extends Object

Provides access to methods for performing role policy management including create, read, modify, and delete actions. Adds methods for managing custom predicate extensions of the entitlements engine. Eases the management of scoped role policies for application controlled scope.

Constructor Summary
RolePolicyManager()
           
 
Method Summary
static void createRolePolicy(RolePolicyItem aRolePolicyItem)
          Creates a new role policy.
static RolePolicyItem getRolePolicy(RolePolicyItem aRolePolicyItem)
          Retrieves an existing role policy.
static Object[][] listRolesForResource(int aResourceScope, String anEntAppName, String aWebAppName, String aResourceId)
          Finds all available role policies given a resourceId and a scope.
static String[] listRolesForResource(String anEntAppName, String aWebAppName, String aResourceId)
          Finds all available role policies given a resourceId.
static void removeRolePolicy(RolePolicyItem aRolePolicyItem)
          Removes an existing role policy.
static boolean rolePolicyExists(RolePolicyItem aRolePolicyItem)
          Tests for an existing role policy.
static boolean rolePolicyHasRefs(RolePolicyItem aRolePolicyItem)
          Checks whether a given Role Policy is currently referenced (i.e.
static void setRolePolicy(RolePolicyItem aRolePolicyItem)
          Updates an existing role policy.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RolePolicyManager

public RolePolicyManager()
Method Detail

createRolePolicy

public static void createRolePolicy(RolePolicyItem aRolePolicyItem)
                             throws com.bea.p13n.entitlements.common.PolicyExistsException,
                                    com.bea.p13n.entitlements.common.PolicyCreateException,
                                    com.bea.p13n.entitlements.common.PolicyNotFoundException,
                                    com.bea.p13n.entitlements.common.PolicyException
Creates a new role policy. A role policy may be predicated on one or more user ids, user group names, and/or a custom predicate. Prior to trying to persist a new role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) (at least one of) aUserList, aGroupList, aRoleSegmentName, 4) aRoleName.

Parameters
aRolePolicyItem - The object containing the required and optional role policy attributes
Throws
com.bea.p13n.entitlements.common.InvalidArgsException
com.bea.p13n.entitlements.common.PolicyExistsException
com.bea.p13n.entitlements.common.PolicyCreateException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyException

getRolePolicy

public static RolePolicyItem getRolePolicy(RolePolicyItem aRolePolicyItem)
                                    throws com.bea.p13n.entitlements.common.PolicyNotFoundException,
                                           com.bea.p13n.entitlements.common.PolicyException
Retrieves an existing role policy. Prior to trying to retrieve the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName.

The returned RolePolicyItem may be used to hold local updates to user lists, group lists, and role segment name changes prior to persisting changes using the setRolePolicy() method.

Parameters
aRolePolicyItem - The object containing the required and optional role policy attributes
Returns
RolePolicyItem or null if none found
Throws
com.bea.p13n.entitlements.common.InvalidArgsException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyException

setRolePolicy

public static void setRolePolicy(RolePolicyItem aRolePolicyItem)
                          throws com.bea.p13n.entitlements.common.PolicyExpressionException,
                                 com.bea.p13n.entitlements.common.PolicyNotFoundException,
                                 com.bea.p13n.entitlements.common.PolicyExistsException,
                                 com.bea.p13n.entitlements.common.PolicyCreateException,
                                 com.bea.p13n.entitlements.common.PolicyException
Updates an existing role policy. Prior to trying to update the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) (at least one of) aUserList, aGroupList, aRoleSegmentName, 4) aRoleName.

Note that if the aRolePolicyItem instance was retrieved using getRolePolicy(), all mandatory fields will already be initialized. The only fields that are updateable in the persisted role policy are the aUserList, aGroupList, aRoleSegmentName and roleDescription.

Parameters
aRolePolicyItem - The object containing the required and optional role policy attributes
Throws
com.bea.p13n.entitlements.common.InvalidArgsException
com.bea.p13n.entitlements.common.PolicyExpressionException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyExistsException
com.bea.p13n.entitlements.common.PolicyCreateException
com.bea.p13n.entitlements.common.PolicyException

removeRolePolicy

public static void removeRolePolicy(RolePolicyItem aRolePolicyItem)
                             throws com.bea.p13n.entitlements.common.PolicyRemoveException,
                                    com.bea.p13n.entitlements.common.PolicyNotFoundException
Removes an existing role policy. Prior to trying to remove the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName. This method should not be called if there are security policies in existence that refer to the role to be deleted. Check for policy references first using rolePolicyHasRefs().

Parameters
aRolePolicyItem - The object containing the required role policy attributes
Throws
com.bea.p13n.entitlements.common.InvalidArgsException
com.bea.p13n.entitlements.common.PolicyNotFoundException
com.bea.p13n.entitlements.common.PolicyRemoveException

rolePolicyExists

public static boolean rolePolicyExists(RolePolicyItem aRolePolicyItem)
Tests for an existing role policy. This method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName.

Parameters
aRolePolicyItem - The object containing the required role policy attributes
Returns
True if policy exists, otherwise false
Throws
com.bea.p13n.entitlements.common.InvalidArgsException

listRolesForResource

public static Object[][] listRolesForResource(int aResourceScope,
                                              String anEntAppName,
                                              String aWebAppName,
                                              String aResourceId)
Finds all available role policies given a resourceId and a scope. Instead of just returning role policies associated at the resource Id (leaf) node, this method may be used to get a full list of role policy names associated with the resource taxonomy given as an input scope.

Parameters
aResourceScope - A global, enterprise, webapp, or application scope defined by the EntitlementConstants class.
anEntAppName - Enterprise Application name
aWebAppName - Webapp name. Unused for Global role inheritance
aResourceId - Application defined resource ID
Returns
An 2D array of all the role policy names that have been persisted against the given resource id and those also inherited by the resource given its taxonomy. The zero'th element [i][0] contains the P13nResource where the String role name (elements [i][1..n]) were found.

listRolesForResource

public static String[] listRolesForResource(String anEntAppName,
                                            String aWebAppName,
                                            String aResourceId)
Finds all available role policies given a resourceId. Returns role policies associated at the resource Id node only (i.e. the leaf role scope).

Parameters
anEntAppName - Enterprise Application name
aResourceId - Application defined resource ID
aWebAppName - Webapp name. Unused for Global role inheritance
Returns
An array of all the role policy names that have been persisted against the given resource id.

rolePolicyHasRefs

public static boolean rolePolicyHasRefs(RolePolicyItem aRolePolicyItem)
                                 throws com.bea.p13n.entitlements.common.PolicyRefException
Checks whether a given Role Policy is currently referenced (i.e. being used by) any Security Policies.

Parameters
aRolePolicyItem - The object containing the required and optional role policy attributes
Returns
boolean True if any Security Policies reference the Role Policy
Throws
com.bea.p13n.entitlements.common.InvalidArgsException
com.bea.p13n.entitlements.common.PolicyRefException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2000, 2008, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates.
Other names may be trademarks of their respective owners.