Packagecom.adobe.idp.um.api
Interfacepublic interface AuthorizationManager

This is the primary interface for authorization.



Public Methods
 MethodDefined By
  
Map areUsersInRole(String roleId, List principalOid)
Determines whether the specified principals have been assigned the given role.
AuthorizationManager
  
void assignPermToPrincipalForRes(String principalOid, String resourceId, List permissionOid)
Assigns the specified permissions to the principal for the given resource instance.
AuthorizationManager
  
void assignPermToPrincipalsForRes(String resourceId, Map principalPermissionMap)
Assigns the specified permissions to the principals for the given resource instance.
AuthorizationManager
  
void assignRole(String roleId, String[] principalOids)
Assigns the role to the specified principals.
AuthorizationManager
  
void assignRoles(String[] roleId, String[] principalOids)
Assigns the specified roles to the given principals.
AuthorizationManager
  
Creates a permission for a resource type.
AuthorizationManager
  
Creates a reliant application.
AuthorizationManager
  
Creates a resource type.
AuthorizationManager
  
void createRole(Role role)
Creates a role.
AuthorizationManager
  
void createRole(Role role, List addPermissionOids)
Creates a role with specific permissions.
AuthorizationManager
  
void deletePermsForPrincipalForRes(String principalOid, String resourceId, List permList)
Removes the specified permissions from the principal for the given resource instance.
AuthorizationManager
  
void deletePermsForPrincipalsForRes(List principalOid, String resourceId, List permList)
Removes the specified permissions from the List of principals for the given resource instance.
AuthorizationManager
  
void deleteRole(String roleId)
Deletes the role.
AuthorizationManager
  
Map findPriPermInfoForRes(String resourceId)
Retrieves a Map of permissions and principals for a given resource instance.
AuthorizationManager
  
Role findRole(String roleId)
Retrieves a role.
AuthorizationManager
  
Retrieves a List of roles based on specified membership search criteria.
AuthorizationManager
  
Retrieves a List of roles based on specified search criteria.
AuthorizationManager
  
Set findRolesForPrincipal(String principalOid)
Finds the roles for a given principal.
AuthorizationManager
  
Map findRolesForPrincipals(List principalOid)
Retrieves a Map containing sets of roles assigned to the specified principals.
AuthorizationManager
  
List getAllRolePermissions(String roleId)
Retrieves a List of permissions related to the specified role.
AuthorizationManager
  
List getPermissions(String ResourceTypeOid)
Retrieves a List of permissions related to the resource type.
AuthorizationManager
  
Retrieves a List of permissions related to the specified search filter.
AuthorizationManager
  
Set getPermsForPrincipalOverRes(String principalOid, String resourceId)
Retrieves a Set of permissions for the specified principal and resource instance.
AuthorizationManager
  
Map getPermsForPrincipalsOverRes(List principalOidList, String resourceId)
Retrieves a Map of permissions for the List of specified principals and resource instance.
AuthorizationManager
  
ReliantApplication getReliantApplication(String reliantApplicationName)
Retrieves a reliant application.
AuthorizationManager
  
Set getResourcesForPrincipal(String principalOid, String permissionOid)
Retrieves a Set of resource identifiers for which the principal has the specified permission.
AuthorizationManager
  
Map getResourcesForPrincipals(List principalOid, String permissionOid)
Retrieves a Map of resource identifiers for which the principals have the specified permission.
AuthorizationManager
  
Searches for resource types.
AuthorizationManager
  
Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter.
AuthorizationManager
  
PermissionInfo hasPermission(String principalOid, String resourceId, String permissionOid)
Determines whether the principal has the permission assigned to it for the specified resource instance.
AuthorizationManager
  
PermissionInfo hasPermission(String principalOid, String resourceId, Permission perm)
Determines whether the principal has the permission assigned to it for the specified resource instance.
AuthorizationManager
  
Map hasPermission(List principalOid, String resourceId, String permissionOid)
Determines whether the List of principals have the specified permission for the given resource instance.
AuthorizationManager
  
Map hasPermission(List principalOid, String resourceId, Permission perm)
Determines whether the List of principals have the specified permission for the given resource instance.
AuthorizationManager
  
boolean isMutable(String roleId)
Determines whether the specified role is mutable.
AuthorizationManager
  
boolean isUserInRole(String roleId, String principalOid)
This determines whether the principal has an assigned role.
AuthorizationManager
  
boolean isUserInRole(String roleId)
This determines whether the currently authenticated user is in the specified role.
AuthorizationManager
  
void modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL)
Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.
AuthorizationManager
  
void modifyPermsToPrincipalForRes(String principalOid, String resourceId, List delPerm, List addPerm)
Assigns and removes the specified permissions from the principal for the given resource instance.
AuthorizationManager
  
void modifyPermsToPrincipalForRes(String principalOid, String resourceId, List desiredPerms)
Assigns the specified permissions to the principal for the given resource instance.
AuthorizationManager
  
void modifyPermsToPrincipalsForRes(List principalOid, String resourceId, List delPerm, List addPerm)
Assigns and removes the specified permissions from the List of principals for the given resource instance.
AuthorizationManager
  
void modifyRole(String roleName, List addPermissionOids, List removePermissionOids)
Modifies the definition of a role by adding and removing a set of permissions from the definition of the role.
AuthorizationManager
  
void registerResInstance(String resType, List resIdList)
Assigns the default access control list (ACL) of the specified resource type to the given resource instances.
AuthorizationManager
  
Specifies the default access control list (ACL) for the given resource type.
AuthorizationManager
  
void unassignRole(String roleId, String[] principalOids)
Unassigns the role from the specified principals.
AuthorizationManager
  
void unassignRoles(String[] roleId, String[] principalOids)
Removes the specified roles from the given principals.
AuthorizationManager
Method Detail
areUsersInRole()
public Map areUsersInRole(String roleId, List principalOid)

Determines whether the specified principals have been assigned the given role.

Parameters

roleId — The principal identifiers.
 
principalOid — The role identifier.

Returns
A Map of principals whose keys are principal identifiers and whose values are boolean values.

Throws
UMException
assignPermToPrincipalForRes() 
public void assignPermToPrincipalForRes(String principalOid, String resourceId, List permissionOid)

Assigns the specified permissions to the principal for the given resource instance.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
permissionOid — A List of permissions identifiers that will be assigned to the principal for the given resource.


Throws
UMException
assignPermToPrincipalsForRes() 
public void assignPermToPrincipalsForRes(String resourceId, Map principalPermissionMap)

Assigns the specified permissions to the principals for the given resource instance.

Parameters

resourceId — The resource identifier.
 
principalPermissionMap — A Map whose keys are principal identifiers and whose values are ArrayList objects containing permission identifiers to be assigned to the principal for the given resource instance.


Throws
UMException
assignRole() 
public void assignRole(String roleId, String[] principalOids)

Assigns the role to the specified principals. No exception is raised if the same role is reassigned to a given principal. Either all or none of the principals will be assigned the role.

Parameters

roleId — The role to be assigned.
 
principalOids — The principals to which the role is to be assigned.


Throws
UMException
assignRoles() 
public void assignRoles(String[] roleId, String[] principalOids)

Assigns the specified roles to the given principals. Either all the principals or no principals are assigned the roles.

Parameters

roleId — An array of role names.
 
principalOids — The principal identifiers.


Throws
UMException
createPermission() 
public String createPermission(Permission perm)

Creates a permission for a resource type.

Parameters

perm — The permission to be assigned.

Returns
A String identifier of the permission that was created.

Throws
UMException
createReliantApplication() 
public String createReliantApplication(ReliantApplication relApp)

Creates a reliant application.

Parameters

relApp — The reliant application to be created.

Returns
A String identifier of the reliant application that was created.

Throws
UMException — to indicate if the same reliant application is being created again with the same or different system attributes.
createResourceType() 
public String createResourceType(ResourceType resType)

Creates a resource type.

Parameters

resType — The resource type to be created.

Returns
A String identifier of the resource type that was created.

Throws
UMException — to indicate if the same resource type is being created again with the same or different system attributes.
createRole() 
public void createRole(Role role)

Creates a role. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Parameters

role — The role to be created.


Throws
UMException
createRole() 
public void createRole(Role role, List addPermissionOids)

Creates a role with specific permissions. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Parameters

role — The role to be created.
 
addPermissionOids — A List of permissions the principal will have.


Throws
UMException
deletePermsForPrincipalForRes() 
public void deletePermsForPrincipalForRes(String principalOid, String resourceId, List permList)

Removes the specified permissions from the principal for the given resource instance.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
permList — The permissions to be removed.


Throws
UMException
deletePermsForPrincipalsForRes() 
public void deletePermsForPrincipalsForRes(List principalOid, String resourceId, List permList)

Removes the specified permissions from the List of principals for the given resource instance.

Parameters

principalOid — The List of principal identifiers.
 
resourceId — The resource identifier.
 
permList — The permissions to be removed.


Throws
UMException
deleteRole() 
public void deleteRole(String roleId)

Deletes the role.

Parameters

roleId — The role identifier.


Throws
UMException — could be thrown, for example, in cases where an attempt to delete an immutable role has been made.
findPriPermInfoForRes() 
public Map findPriPermInfoForRes(String resourceId)

Retrieves a Map of permissions and principals for a given resource instance. Return the map where each key value pair is (principal, permission List for the resource instance). The principal-permssions-Set returned are direct assignments. The api will not do an explicit explosion of groups. The end client can find all the children for a principal (by calling directoryManager.getAllChildren(principalOid)) *if required*. All the children will inherit the mentioned permission List for the principal by virtue of lineage key = PrincipalOid Value = List of Permission objects

Parameters

resourceId — The resource identifier.

Returns
A Map whose keys are the principal identifiers and whose values are List obejcts containing of permissions.

Throws
IDPException
 
IDPSystemException
findRole() 
public Role findRole(String roleId)

Retrieves a role.

Parameters

roleId — The role to be retrieved.

Returns
The role.

Throws
UMException
findRoleMembership() 
public List findRoleMembership(RoleMembershipSearchFilter rmb)

Retrieves a List of roles based on specified membership search criteria.

Parameters

rmb — A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns
A List of principals (User/Group objects).

Throws
UMException
findRoles() 
public List findRoles(RoleSearchFilter rsf)

Retrieves a List of roles based on specified search criteria.

Parameters

rsf — A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns
The List of roles that were found based on the search filter.

Throws
UMException
findRolesForPrincipal() 
public Set findRolesForPrincipal(String principalOid)

Finds the roles for a given principal.

Parameters

principalOid — The principal's identifier.

Returns
The Set of roles associated with the specified principal.

Throws
UMException
findRolesForPrincipals() 
public Map findRolesForPrincipals(List principalOid)

Retrieves a Map containing sets of roles assigned to the specified principals. A Map of size zero is returned if no relevant roles are found.

Parameters

principalOid — The principal identifiers.

Returns
A Map of principals whose keys are principal identifiers and whose values are Set objects of roles assigned to the principal either through direct assignment or indirectly via the principal's lineage.

Throws
UMException
getAllRolePermissions() 
public List getAllRolePermissions(String roleId)

Retrieves a List of permissions related to the specified role. The reliant application can use this method to dynamically ascertain the permissions for a role. A list of size zero is returned if no relevant permissions are found. It is possible that all the permissions in the role definition may be deleted. This role can still be assigned to principals. However, it would not have any underlying permissions. In such cases it is assumed that the client will be able to make necessary access-related decisions gracefully, based on assignment of the role only, and not on its underlying permissions.

Parameters

roleId — The role identifier.

Returns
The List of permissions related to the specified role.

Throws
UMException
getPermissions() 
public List getPermissions(String ResourceTypeOid)

Retrieves a List of permissions related to the resource type. The reliant application can use this method to populate its user interface with the relevant permissions on the permission assignment page. A list of size zero is returned if no relevant permissions are found.

Parameters

ResourceTypeOid — The resource type identifier.

Returns
A List of permissions for the specified resource type.

Throws
UMException
getPermissions() 
public List getPermissions(PermissionSearchFilter psf)

Retrieves a List of permissions related to the specified search filter. A list of size zero is returned if no relevant permissions are found.

Parameters

psf — A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns
A List of permissions that were found.

Throws
UMException
getPermsForPrincipalOverRes() 
public Set getPermsForPrincipalOverRes(String principalOid, String resourceId)

Retrieves a Set of permissions for the specified principal and resource instance. A Set of size zero is returned if no relevant permissions are found.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.

Returns
A Set of permissions for the specified principal and resource instance.

Throws
UMException
getPermsForPrincipalsOverRes() 
public Map getPermsForPrincipalsOverRes(List principalOidList, String resourceId)

Retrieves a Map of permissions for the List of specified principals and resource instance.

Parameters

principalOidList — The List of principal identifiers.
 
resourceId — The resource identifier.

Returns
A Map whose keys are principal identifiers and whose values are Set objects containing permission identifiers to be assigned to the principal for the given resource instance.

Throws
UMException
getReliantApplication() 
public ReliantApplication getReliantApplication(String reliantApplicationName)

Retrieves a reliant application.

Parameters

reliantApplicationName — The name of the reliant application.

Returns
The reliant application.

Throws
UMException
getResourcesForPrincipal() 
public Set getResourcesForPrincipal(String principalOid, String permissionOid)

Retrieves a Set of resource identifiers for which the principal has the specified permission. An empty Set is returned if no relevant resources exist.

Parameters

principalOid — The principal identifier.
 
permissionOid — The permission identifier.

Returns
A Set of resource identifiers for which the principal has the specified permission.

Throws
UMException
getResourcesForPrincipals() 
public Map getResourcesForPrincipals(List principalOid, String permissionOid)

Retrieves a Map of resource identifiers for which the principals have the specified permission.

Parameters

principalOid — The principal identifiers.
 
permissionOid — The permission identifier.

Returns
A Map whose keys are the principal identifiers and values are Set objects containing resource instances for which the principals have the specified permission.

Throws
UMException
getResourceType() 
public List getResourceType(ResourceTypeSearchFilter rtsf)

Searches for resource types.

Parameters

rtsf — A filter that encapsulates search parameters, as well as global parameters such as the offset and range of returned values.

Returns
A List containing the resource types.

Throws
UMException
getSystemPermissions() 
public List getSystemPermissions(PermissionSearchFilter psf)

Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter. This method is used in the creation of roles. A role may consist of any number of permissions that have been potentially defined on various resource types. A list of size zero is returned if no relevant permissions are found.

Parameters

psf — A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns
A List of permissions that were found for all the system resource types.

Throws
UMException
hasPermission() 
public PermissionInfo hasPermission(String principalOid, String resourceId, String permissionOid)

Determines whether the principal has the permission assigned to it for the specified resource instance.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
permissionOid — The permission identifier.

Returns
A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws
UMException
hasPermission() 
public PermissionInfo hasPermission(String principalOid, String resourceId, Permission perm)

Determines whether the principal has the permission assigned to it for the specified resource instance.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
perm — The permission object.

Returns
A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws
UMException
hasPermission() 
public Map hasPermission(List principalOid, String resourceId, String permissionOid)

Determines whether the List of principals have the specified permission for the given resource instance.

Parameters

principalOid — The principal identifiers.
 
resourceId — The resource identifier.
 
permissionOid — The permission identifier.

Returns
A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws
UMException
hasPermission() 
public Map hasPermission(List principalOid, String resourceId, Permission perm)

Determines whether the List of principals have the specified permission for the given resource instance.

Parameters

principalOid — The principal identifiers.
 
resourceId — The resource identifier.
 
perm — The permission object.

Returns
A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws
UMException
isMutable() 
public boolean isMutable(String roleId)

Determines whether the specified role is mutable.

Parameters

roleId — The role identifier.

Returns
true if the role is mutable, false otherwise.

Throws
UMException
isUserInRole() 
public boolean isUserInRole(String roleId, String principalOid)

This determines whether the principal has an assigned role.

Parameters

roleId — The assigned role's identifier.
 
principalOid — The principal's identifier.

Returns
true if the principal has the assigned role, false otherwise.

Throws
UMException
isUserInRole() 
public boolean isUserInRole(String roleId)

This determines whether the currently authenticated user is in the specified role. It gathers the information from the context passed into this AuthorizationManger when it was instantiated. If you need to change roles, you must re-authenticate, create a new context, and instantiate a new AuthorizationManager object.

Parameters

roleId — The role's identifier.

Returns
true if the currently authenticated user has the specified role, false otherwise.

Throws
UMException
modifyDefaultACL() 
public void modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL)

Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.

Parameters

addRtDefACL — The ACL to be added.
 
delRtDefACL — The ACL to be removed.


Throws
UMException

See also

modifyPermsToPrincipalForRes() 
public void modifyPermsToPrincipalForRes(String principalOid, String resourceId, List delPerm, List addPerm)

Assigns and removes the specified permissions from the principal for the given resource instance.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
delPerm — The permissions to be removed from the principal.
 
addPerm — The permissions to be assigned to the principal.


Throws
UMException
modifyPermsToPrincipalForRes() 
public void modifyPermsToPrincipalForRes(String principalOid, String resourceId, List desiredPerms)

Assigns the specified permissions to the principal for the given resource instance. It will delete any extra permissions already assigned directly to the principal. Permissions that are unassigned will be assigned.

Parameters

principalOid — The principal identifier.
 
resourceId — The resource identifier.
 
desiredPerms — The permissions that the principal will have.


Throws
UMException
modifyPermsToPrincipalsForRes() 
public void modifyPermsToPrincipalsForRes(List principalOid, String resourceId, List delPerm, List addPerm)

Assigns and removes the specified permissions from the List of principals for the given resource instance.

Parameters

principalOid — The List of principal identifiers.
 
resourceId — The resource identifier.
 
delPerm — The permissions to be removed from the principal.
 
addPerm — The permissions to be assigned to the principal.


Throws
UMException
modifyRole() 
public void modifyRole(String roleName, List addPermissionOids, List removePermissionOids)

Modifies the definition of a role by adding and removing a set of permissions from the definition of the role. Only mutable roles may be modified.

Parameters

roleName — The name of the role.
 
addPermissionOids — The identifiers of the permissions to be added.
 
removePermissionOids — The identifiers of the permissions to be removed.


Throws
UMException
registerResInstance() 
public void registerResInstance(String resType, List resIdList)

Assigns the default access control list (ACL) of the specified resource type to the given resource instances.

Parameters

resType — The resource type.
 
resIdList — The resource identifiers to which default permissions must be applied.


Throws
UMException
setDefaultACL() 
public void setDefaultACL(ResourceTypeACL rtDefACL)

Specifies the default access control list (ACL) for the given resource type.

Parameters

rtDefACL — An object containing the permission and principal identifiers.


Throws
UMException
unassignRole() 
public void unassignRole(String roleId, String[] principalOids)

Unassigns the role from the specified principals. No exception is raised if the same role is unassigned from a given principal. Either all or none of the principals will be unassigned from the role.

Parameters

roleId — The role to be assigned.
 
principalOids — The principals from which the role is to be unassigned.


Throws
UMException
unassignRoles() 
public void unassignRoles(String[] roleId, String[] principalOids)

Removes the specified roles from the given principals. Either all the principals or no principals are unassigned the roles.

Parameters

roleId — An array of role names.
 
principalOids — The principal identifiers.


Throws
UMException




 

Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/livecycle/8.2/programLC/programmer/javadoc/com/adobe/idp/um/api/AuthorizationManager.html