|
Novell exteNd Director 5.2 API |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
This provides an interface for the security manager.
Method Summary | |
boolean |
addAccessRightMeta(EbiContext ctx,
EbiAccessRightMeta meta)
Adds the access right meta for a supported element type. |
boolean |
addAcl(EbiContext ctx,
String elementIID,
String elementType,
com.sssw.fw.security.api.Acl acl)
adds the acl of a framework element. |
boolean |
addPrincipalsToAcl(EbiContext ctx,
String elementIID,
String elementType,
String right,
Principal[] principals)
Add/Update Principals for a permission of an element. |
boolean |
addPrincipalsToAcl(EbiContext ctx,
String elementIID,
String elementType,
String right,
String[] prinUUIDs,
String prinType)
Add/Update Principals for a permission of an element. |
boolean |
checkRestrictedAccess(EbiContext ctx,
String elementIID,
String elementType,
String right)
Checks to see if an element permission have restricted access. |
void |
flushRoleCache()
Deprecated. Calling this method will have no effect. The role cache is now automatically flushed when the underlying data store changes. This will be removed in the next version. |
void |
flushRoleCache(String role)
Deprecated. Calling this method will have no effect. The role cache is now automatically flushed when the underlying data store changes. This will be removed in the next version. |
EbiAccessRightMeta |
getAccessRightMeta(EbiContext ctx,
String elementType)
Gets an access right meta for a supported element type in readonly mode. |
Acl |
getAcl(EbiContext ctx,
String elementIID,
String elementType)
Gets an acl object for a framework element. |
EbiAccessRightMeta |
getClonedAccessRightMeta(EbiContext ctx,
String elementType)
Gets an access right meta for a supported element type for modify |
EbiElementTypeMeta |
getClonedElementTypeMeta(EbiContext ctx)
Gets the EbiElementTypeMeta object for modify. |
EbiPermissionMeta |
getClonedPermissionMeta(EbiContext ctx)
Gets the permission meta for the framework for modify. |
EbiElementTypeMeta |
getElementTypeMeta(EbiContext ctx)
Gets the EbiElementTypeMeta object in readonly mode. |
Collection |
getInaccessibleElements(EbiContext context,
String elType,
String[] rights)
For the user whose context is passed in, enumerates all the inaccessbile securable elements of the given type for which the user does not have specific access rights. |
EbiPermissionMeta |
getPermissionMeta(EbiContext ctx)
Gets the permission meta for the framework in readonly mode. |
Principal[] |
getPrincipalsFromAcl(EbiContext ctx,
String elementIID,
String elementType,
String right)
Gets a list of Principals who has a specified permission for a specified element. |
EbiRoleInfo |
getRoleInfo(EbiContext context,
String role)
Gets the role info object for the given role |
EbiRoleInfo[] |
getRoleInfoList(EbiContext context)
Gets the entire list of role info objects. |
String[] |
getSupportedElementTypes(EbiContext ctx)
Gets an array of element types that support ACLs. |
EbiRoleInfo[] |
getUserRoleInfoList(EbiContext context)
Gets the list of roles the current user belongs to |
boolean |
isRole(EbiContext context,
String role)
Checks if a role is a valid role defined. |
boolean |
isUserInRole(EbiContext context,
String role)
Checks to see if the user is in a given security role. |
boolean |
isUserInRoles(EbiContext context,
String[] role)
Checks to see if the user is in a given list of roles Returns true if the user is in any of the roles |
boolean |
modifyAccessRightMeta(EbiContext ctx,
EbiAccessRightMeta meta)
Modifies the access right meta for a supported element type. |
boolean |
modifyAcl(EbiContext ctx,
String elementIID,
String elementType,
com.sssw.fw.security.api.Acl acl)
Modifies the acl of a framework element. |
boolean |
modifyElementTypeMeta(EbiContext ctx,
EbiElementTypeMeta elemTypeMeta)
Modifies the EbiElementTypeMeta object. |
boolean |
modifyPermissionMeta(EbiContext ctx,
EbiPermissionMeta meta)
Modifies the permission meta for the framework. |
boolean |
removeAccessRightMeta(EbiContext ctx,
String elementType)
Removes the access right meta for a supported element type. |
boolean |
removeAcl(EbiContext ctx,
String elementIID,
String elementType)
Removes the acl for a framework element. |
boolean |
removeElementAclForPermission(EbiContext ctx,
String elementIID,
String elementType,
String right,
boolean isRestricted)
Removes acl completely for a specified element permission. |
boolean |
removePrincipalFromAcls(EbiContext ctx,
String prinIID,
String prinType)
Removes all permissions for a principal |
boolean |
removePrincipalsFromAcl(EbiContext ctx,
String elementIID,
String elementType,
String right,
Principal[] prinlist)
Remove Principals for a permission of an object. |
boolean |
removePrincipalsFromAcl(EbiContext ctx,
String elementIID,
String elementType,
String right,
String[] prinUUIDs,
String prinType)
Remove Principals for a permission of an object. |
boolean |
setAcl(EbiContext ctx,
String elementIID,
String elementType,
com.sssw.fw.security.api.Acl acl)
Sets the acl for a framework element. |
boolean |
setRestrictedAccess(EbiContext ctx,
String elementIID,
String elementType,
String right)
Sets an element permission to have restricted access. |
boolean |
setUnRestrictedAccess(EbiContext ctx,
String elementIID,
String elementType,
String right)
Resets an element permission to not have restricted access. |
boolean |
userHasAccessRight(EbiContext context,
Principal prin,
String right,
String elementIID,
String elementType)
Checks to see if the specified principal has the specified access right for a framework element. |
boolean |
userHasAccessRight(EbiContext ctx,
String right,
String elementIID,
String elementType)
Checks to see if the authenticated user in the current security context has the specified access right for a framework element. |
BitSet |
userHasAccessRights(EbiContext ctx,
Principal prin,
String[] elementIIDList,
String elementType,
String[] rights)
Checks to see if a specified principal has access rights to the specified elements. |
BitSet |
userHasAccessRights(EbiContext ctx,
String[] elementIIDList,
String elementType,
String[] rights)
Checks to see if the authenticated user in the current security context has access rights to the specified elements. |
boolean |
validateElementType(EbiContext ctx,
String elementType)
Validates a given framework element type. |
Method Detail |
public boolean userHasAccessRight(EbiContext ctx, String right, String elementIID, String elementType) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.right
- an access right permission.elementIID
- a framework element UUID.elementType
- the element type for the element.public boolean userHasAccessRight(EbiContext context, Principal prin, String right, String elementIID, String elementType) throws EboUnrecoverableSystemException
context
- an EbiContext object.prin
- a Principal object.right
- an access right permission.elementIID
- a framework element UUID.elementType
- the element type for the element.public BitSet userHasAccessRights(EbiContext ctx, String[] elementIIDList, String elementType, String[] rights) throws EboUnrecoverableSystemException
ctx
- an Context object.elementIIDList
- a list of element UUIDs.elementType
- a specified element type.rights
- a list of access right permissions to be checked.public BitSet userHasAccessRights(EbiContext ctx, Principal prin, String[] elementIIDList, String elementType, String[] rights) throws EboUnrecoverableSystemException
ctx
- an Context object.prin
- a specified principal.elementIIDList
- a list of element UUIDs.elementType
- a specified element type.rights
- a list of access right permissions to be checked.public boolean validateElementType(EbiContext ctx, String elementType) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.elementType
- a framework element type.public String[] getSupportedElementTypes(EbiContext ctx) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.public EbiElementTypeMeta getElementTypeMeta(EbiContext ctx) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.public EbiElementTypeMeta getClonedElementTypeMeta(EbiContext ctx) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.public boolean modifyElementTypeMeta(EbiContext ctx, EbiElementTypeMeta elemTypeMeta) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elemTypeMeta
- a modified EbiElementTypeMeta object.public EbiPermissionMeta getPermissionMeta(EbiContext ctx) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.public EbiPermissionMeta getClonedPermissionMeta(EbiContext ctx) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.public boolean modifyPermissionMeta(EbiContext ctx, EbiPermissionMeta meta) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.meta
- an EbiPermissionMeta object.public EbiAccessRightMeta getAccessRightMeta(EbiContext ctx, String elementType) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.element
- type a supported element type.public EbiAccessRightMeta getClonedAccessRightMeta(EbiContext ctx, String elementType) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.element
- type a supported element type.public boolean addAccessRightMeta(EbiContext ctx, EbiAccessRightMeta meta) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.meta
- an EbiAccessRightMeta object for the element type.public boolean modifyAccessRightMeta(EbiContext ctx, EbiAccessRightMeta meta) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.meta
- an EbiAccessRightMeta object for the element type.public boolean removeAccessRightMeta(EbiContext ctx, String elementType) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementType
- a supported element type.public boolean checkRestrictedAccess(EbiContext ctx, String elementIID, String elementType, String right) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element Type for the specified element.right
- an access right permission.public boolean setRestrictedAccess(EbiContext ctx, String elementIID, String elementType, String right) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element Type for the specified element.right
- an access right permission.public boolean setUnRestrictedAccess(EbiContext ctx, String elementIID, String elementType, String right) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element Type for the specified element.right
- an access right permission.public Principal[] getPrincipalsFromAcl(EbiContext ctx, String elementIID, String elementType, String right) throws EboUnrecoverableSystemException
ctx
- an EbiContext objectelementIID
- an element UUID.elementType
- an element Type for the specified elementright
- an access right permission. (e.g., EboPermission.READ)public boolean addPrincipalsToAcl(EbiContext ctx, String elementIID, String elementType, String right, Principal[] principals) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type for the specified element.right
- an access right permission. (e.g., EboPermission.READ)principals
- an array of Principal objects to be added.public boolean addPrincipalsToAcl(EbiContext ctx, String elementIID, String elementType, String right, String[] prinUUIDs, String prinType) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type for the specified element.right
- an access right permission. (e.g., EboPermission.READ)prinUUIDs
- an array of Principal UUIDs to be added. The principal
objects provided in the array must have the principal type specified below.prinType
- a principal type for the list of principal UUIDs,
see EbiSecurityConstants.PRINCIPAL_TYPE_XXXpublic boolean removePrincipalsFromAcl(EbiContext ctx, String elementIID, String elementType, String right, Principal[] prinlist) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type for the specified element.right
- an access right permission. (e.g., EboPermission.READ)principals
- an array of Principals be to removed.public boolean removePrincipalsFromAcl(EbiContext ctx, String elementIID, String elementType, String right, String[] prinUUIDs, String prinType) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type for the specified element.right
- an access right permission. (e.g., EboPermission.READ)prinUUIDs
- an array of Principal UUIDs to be removed. The principal
object provided in the array must have the principal type specified below.prinType
- a principal type for the list of principal UUIDs,
see EbiSecurityConstants.PRINCIPAL_TYPE_XXXEbiSecurityConstants.SECURITY_USER_PRINCIPAL_TYPE
,
EbiSecurityConstants.SECURITY_GROUP_PRINCIPAL_TYPE
public boolean removePrincipalFromAcls(EbiContext ctx, String prinIID, String prinType) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.prinIID
- a principal UUID.prinType
- a principal type, see EbiSecurityConstants.PRINCIPAL_TYPE_XXXpublic boolean removeElementAclForPermission(EbiContext ctx, String elementIID, String elementType, String right, boolean isRestricted) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext objectelementIID
- an element UUID.elementType
- an element type for the specified element.right
- an access right permission. (e.g., EboPermission.READ)isRestricted
- change the specified element permission to be restricted.public Acl getAcl(EbiContext ctx, String elementIID, String elementType) throws EboUnrecoverableSystemException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type for the specified element.public boolean addAcl(EbiContext ctx, String elementIID, String elementType, com.sssw.fw.security.api.Acl acl) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element Type for the specified element.acl
- the acl object for the element.public boolean modifyAcl(EbiContext ctx, String elementIID, String elementType, com.sssw.fw.security.api.Acl acl) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element UUID.elementType
- an element type.acl
- the acl object for the element.public boolean setAcl(EbiContext ctx, String elementIID, String elementType, com.sssw.fw.security.api.Acl acl) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element IID.elementType
- an element type.acl
- the acl object for the element.public boolean removeAcl(EbiContext ctx, String elementIID, String elementType) throws EboUnrecoverableSystemException, EboSecurityException
ctx
- an EbiContext object.elementIID
- an element IID.elementType
- an element type.public boolean isUserInRole(EbiContext context, String role) throws EboUnrecoverableSystemException
context
- an EbiContext object containing the user's principal.role
- The name of the role to check against.public boolean isUserInRoles(EbiContext context, String[] role) throws EboUnrecoverableSystemException
context
- an EbiContext object containing the user's principal.roles
- Array of role namespublic EbiRoleInfo getRoleInfo(EbiContext context, String role) throws EboUnrecoverableSystemException
context
- an EbiContext object containing the user's principal.role
- The name of a role.public EbiRoleInfo[] getRoleInfoList(EbiContext context) throws EboUnrecoverableSystemException
context
- an EbiContextpublic EbiRoleInfo[] getUserRoleInfoList(EbiContext context) throws EboUnrecoverableSystemException
context
- an EbiContextpublic boolean isRole(EbiContext context, String role) throws EboUnrecoverableSystemException
context
- an EbiContext.role
- the name of a role.public void flushRoleCache()
public void flushRoleCache(String role)
public Collection getInaccessibleElements(EbiContext context, String elType, String[] rights) throws EboUnrecoverableSystemException
String[] rights = { EbiPermission.READ, EbiPermission.WRITE }; Iterator iter = secMgr.getInaccessibleElements( context, EbiSharedPageInfo.EL_PORTAL_SHARED_PAGE, rights).iterator(); while (iter.hasNext()) { String uuid = (String)iter.next(); }
Example 2:
Collection docs = // ... get a list of documents Collection inaccDocs = secMgr.getInaccessibleElements( context, EbiDocument.EL_DOCUMENT, rights); docs.removeAll(inaccDocs); // get the list of accessible docs // (this is similar to calling EbiContentMgmtDelegate.getAllAccessible // or findElementsFiltered)
context
- contextelType
- securable element typerights
- a list of access rights to be checked, e.g.
EbiPermission.READ
, EbiPermission.WRITE
,
EbiPermission.EXECUTE
, etc.; note that if multiple rights are
specified, the method will treat the list as a Boolean OR and will
attempt to find elements that have either READ or WRITE or EXECUTE etc.
for the user
|
Novell exteNd Director 5.2 API |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |