RolePolicyManager Class

com.bea.p13n.entitlements.management
RolePolicyManager Class

public class RolePolicyManager

    extends Object

Provides access to methods for performing role policy management including create, read, modify, and delete actions. Adds methods for managing custom predicate extensions of the entitlements engine. Eases the management of scoped role policies for application controlled scope.


Hierarchy
Object
  RolePolicyManager

Constructor Summary

RolePolicyManager()

 

Method Summary

public static void
createRolePolicy(RolePolicyItem aRolePolicyItem)
Creates a new role policy.
public static RolePolicyItem
getRolePolicy(RolePolicyItem aRolePolicyItem)
Retrieves an existing role policy.
public static Object[][]
listRolesForResource(int aResourceScope, String anEntAppName, String aWebAppName, String aResourceId)
Finds all available role policies given a resourceId and a scope.
public static String[]
listRolesForResource(String anEntAppName, String aWebAppName, String aResourceId)
Finds all available role policies given a resourceId.
public static void
removeRolePolicy(RolePolicyItem aRolePolicyItem)
Removes an existing role policy.
public static boolean
rolePolicyExists(RolePolicyItem aRolePolicyItem)
Tests for an existing role policy.
public static boolean
rolePolicyHasRefs(RolePolicyItem aRolePolicyItem)
Checks whether a given Role Policy is currently referenced (i.e. being used by) any Security Policies.
public static void
setRolePolicy(RolePolicyItem aRolePolicyItem)
Updates an existing role policy.
 
Methods from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
   

Constructor Detail

RolePolicyManager

public RolePolicyManager()
 

Method Detail

createRolePolicy(RolePolicyItem) Method

public static void createRolePolicy(RolePolicyItem aRolePolicyItem)
Creates a new role policy. A role policy may be predicated on one or more user ids, user group names, and/or a custom predicate. Prior to trying to persist a new role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) (at least one of) aUserList, aGroupList, aRoleSegmentName, 4) aRoleName.

Parameters

aRolePolicyItem
The object containing the required and optional role policy attributes

getRolePolicy(RolePolicyItem) Method

public static RolePolicyItem getRolePolicy(RolePolicyItem aRolePolicyItem)
Retrieves an existing role policy. Prior to trying to retrieve the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName.

The returned RolePolicyItem may be used to hold local updates to user lists, group lists, and role segment name changes prior to persisting changes using the setRolePolicy() method.

Parameters

aRolePolicyItem
The object containing the required and optional role policy attributes

Returns

RolePolicyItem or null if none found

listRolesForResource(int, String, String, String) Method

public static Object[][] listRolesForResource(int aResourceScope, 
                                          String anEntAppName, 
                                          String aWebAppName, 
                                          String aResourceId)
Finds all available role policies given a resourceId and a scope. Instead of just returning role policies associated at the resource Id (leaf) node, this method may be used to get a full list of role policy names associated with the resource taxonomy given as an input scope.

Parameters

aResourceScope
A global, enterprise, webapp, or application scope defined by the EntitlementConstants class.
anEntAppName
Enterprise Application name
aWebAppName
Webapp name. Unused for Global role inheritance
aResourceId
Application defined resource ID

Returns

An 2D array of all the role policy names that have been persisted against the given resource id and those also inherited by the resource given its taxonomy. The zero'th element [i][0] contains the P13nResource where the String role name (elements [i][1..n]) were found.

listRolesForResource(String, String, String) Method

public static String[] listRolesForResource(String anEntAppName, 
                                          String aWebAppName, 
                                          String aResourceId)
Finds all available role policies given a resourceId. Returns role policies associated at the resource Id node, only (i.e. the leaf role scope).

Parameters

anEntAppName
Enterprise Application name
aWebAppName
Application defined resource ID
aResourceId
Webapp name. Unused for Global role inheritance

Returns

An 2D array of all the role policy names that have been persisted against the given resource id and those also inherited by the resource given its taxonomy. The zero'th element [i][0] contains the P13nResource where the String role name (elements [i][1..n]) were found.

removeRolePolicy(RolePolicyItem) Method

public static void removeRolePolicy(RolePolicyItem aRolePolicyItem)
Removes an existing role policy. Prior to trying to remove the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName. This method should not be called if there are security policies in existence that refer to the role to be deleted. Check for policy references first using rolePolicyHasRefs().

Parameters

aRolePolicyItem
The object containing the required role policy attributes

rolePolicyExists(RolePolicyItem) Method

public static boolean rolePolicyExists(RolePolicyItem aRolePolicyItem)
Tests for an existing role policy. This method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) aRoleName.

Parameters

aRolePolicyItem
The object containing the required role policy attributes

Returns

True if policy exists, otherwise false

rolePolicyHasRefs(RolePolicyItem) Method

public static boolean rolePolicyHasRefs(RolePolicyItem aRolePolicyItem)
Checks whether a given Role Policy is currently referenced (i.e. being used by) any Security Policies.

Parameters

aRolePolicyItem
The object containing the required and optional role policy attributes

Returns

boolean True if any Security Policies reference the Role Policy

setRolePolicy(RolePolicyItem) Method

public static void setRolePolicy(RolePolicyItem aRolePolicyItem)
Updates an existing role policy. Prior to trying to update the role policy, this method will check the RolePolicyItem to insure all mandatory fields have been initialized. Mandatory fields are: 1) aResourceScope, 2) (depending on the value of aResourceScope) anEntAppName, aWebAppName, aResourceId, 3) (at least one of) aUserList, aGroupList, aRoleSegmentName, 4) aRoleName.

Note that if the aRolePolicyItem instance was retrieved using getRolePolicy(), all mandatory fields will already be initialized. The only fields that are updateable in the persisted role policy are the aUserList, aGroupList, and aRoleSegmentName.

Parameters

aRolePolicyItem
The object containing the required and optional role policy attributes