Index

DKACLMgmtFed

Purpose:

This class represents and implements datastore ACL functions, for example privileges, privilege sets, and ACL.

Class summary:

class DKEXPORT DKACLMgmtFed : public dkAuthorizationMgmt {
public:
    DKACLMgmtFed();
    DKACLMgmtFed(dkDatastore* ds);
    DKACLMgmtFed(dkDatastore ds, int accessLevel);
    virtual ~DKACLMgmtFed();
    
    virtual void add(dkAccessControlList* aclObj);
    virtual void add(dkPrivilege* privObj);
    virtual void add(dkPrivilegeGroup* privGroupObj);
    virtual void add(dkPrivilegeSet* privSetObj);
    void addACLRule(long aclCode, const char* userId, short patronType, long privSetCode);
    void addDomainACL(const char* domainName, const char** aclNames,long count);
    void addDomainPrivilegeSet(const char* domainName, const char** privSetNames,long count);
    virtual void clearCache();
    virtual dkAccessControlList* createAccessControlList();
    virtual dkPrivilege* createPrivilege();
    virtual dkPrivilegeGroup* createPrivilegeGroup();
    virtual dkPrivilegeSet* createPrivilegeSet();
    virtual void del(dkAccessControlList* acl);
    virtual void del(dkPrivilege* priv);
    virtual void del(dkPrivilegeGroup* privGroup);
    virtual void del(dkPrivilegeSet* privSet);
    void deleteACLRule(long aclCode, const char* userId);
    dkAccessControlList* getAccessControlList(const char* name);
    //Deprecated
    virtual dkCollection* getAccessControlLists();
    //Deprecated
    virtual DKString* getACLNames(long& arraySize);
    dkPrivilege* getPrivilege(const char* name);
    dkPrivilegeGroup* getPrivilegeGroup(const char* name);
    dkPrivilegeSet* getPrivilegeSet(const char* name);
    //Deprecated
    virtual DKString* getPrivilegeSetNames(long& arraySize);
    //Deprecated
    virtual dkCollection* getPrivilegeSets();
    virtual DKBoolean isAuthorized (int privId, const char* ACLName, const char* usrGrpName, short usrGrpType);
    virtual DKBoolean isAuthorized (int privId, dkPrivilegeSet* privSet);
    DKBoolean* isAuthorized (char** accessControlListNames, long arrSize, char* privilegeName);
    //Deprecated
    DKBoolean isCacheEnabled();
    DKBoolean isTraceEnabled();
    DKString* listAccessControlListNames(const char* domainName,long& arraySize);
    virtual DKString* listAccessControlListNames(long& arraySize);
    virtual dkCollection* listAccessControlLists();
    dkCollection* listAccessControlLists(const char* domainName);
    dkCollection* listACLData(long id);
    dkCollection* listACLData(const char* name);
    dkCollection* listGeneralPrivileges();
    virtual DKString* listPrivilegeGroupNames(long& arraySize);
    virtual dkCollection* listPrivilegeGroups();
    virtual DKString* listPrivilegeNames(long& arraySize);
    virtual dkCollection* listPrivileges();
    DKString* listPrivilegeSetNames(const char* domainName,long& arraySize);
    virtual DKString* listPrivilegeSetNames(long& arraySize);
    virtual dkCollection* listPrivilegeSets();
    dkCollection* listPrivilegeSets(const char* domainName);
    dkCollection* listPrivInGroup(long id);
    dkCollection* listPrivInGroup(const char* name);
    dkCollection* listPrivInSet(long id);
    dkCollection* listPrivInSet(const char* name);
    void removeDomainACL(const char* domainName, const char** aclNames,long count);
    void removeDomainPrivilegeSet(const char* domainName, const char** privSetNames,long count);
    //Deprecated
    virtual void removeAccessControlList (const char* aclName);
    //Deprecated
    virtual void removePrivilegeSet (const char* privName);
    dkAccessControlList* retrieveAccessControlList(long id);
    virtual dkAccessControlList* retrieveAccessControlList(const char* name);
    dkPrivilege* retrievePrivilege(long id);
    virtual dkPrivilege* retrievePrivilege(const char* name);
    dkPrivilegeGroup* retrievePrivilegeGroup(long id);
    virtual dkPrivilegeGroup* retrievePrivilegeGroup(const char* name);
    dkPrivilegeSet* retrievePrivilegeSet(long id);
    virtual dkPrivilegeSet* retrievePrivilegeSet(const char* name);
    dkPrivilegeSet* retrieveUserGroupPrivilegeSet(const char* userGroupId);
    dkPrivilegeSet* retrieveUserPrivilegeSet(const char* userId);
    void setAccessLevel(int accessLevel);
    //Deprecated
    void setCacheEnabled(DKBoolean isEnabled);
    void setTraceEnabled(DKBoolean isEnabled);
    virtual void update(dkAccessControlList* acl);
    virtual void update(dkPrivilege* priv);
    virtual void update(dkPrivilegeGroup* acl);
    virtual void update(dkPrivilegeSet* privSet);
    void updateACLRule(long aclCode, const char* userId, short patronType, long privSetCode);
};

Members:

Constructors and destructor
Constructs a server definition for Fed.
DKACLMgmtFed();
DKACLMgmtFed (dkDatastore* ds);
//Deprecated
DKACLMgmtFed(dkDatastore ds, int accessLevel);
virtual ~DKACLMgmtFed ();
 

Member functions

add
Adds privilegeGroup,privilege,privilege Set or AccessControlList into the persistent store.
virtual void add(dkPrivilegeGroup* privGroupObj);
virtual void add(dkPrivilege* privObj);
virtual void add(dkPrivilegeSet* privSetObj);
virtual void add(dkAccessControlList* aclObj);

addACLRule
Adds an ACL rule to an existing access control list in the persistent datastore.
void addACLRule(long aclCode,const char* userId, short patronType, long privSetCode);

addDomainACL
Adds one or more access control lists into a domain in the persistent store.
void addDomainACL(const char* domainName, const char** aclNames,long count);

addDomainPrivilegeSet
Adds one or more privilege sets into a domain in the persistent store.
void addDomainPrivilegeSet(const char* domainName, const char** privSetNames,long count);

clearCache
Clears all cache data.
virtual void clearCache();

createAccessControlList
Create a DKAccessControlListFed instance.
dkAccessControlList* createAccessControlList();

createPrivilege
Create a DKPrivilgeFed instance.
dkPrivilege* createPrivilege();

createPrivilegeGroup
Create a DKPrivilgeGroupFed instance.
dkPrivilegeGroup* createPrivilegeGroup();

del
Deletes privilegeGroup,privilege,privilege Set or AccessControlList from the persistent store.
virtual void del(dkPrivilegeGroup* privGroupObj);
virtual void del(dkPrivilege* privObj);
virtual void del(dkPrivilegeSet* privSetObj);
virtual void del(dkAccessControlList* aclObj);

deleteACLRule
Deletes an ACL rule which is indicated by the userid from an existing access.
void deleteACLRule(long aclCode,const char* userId);

getAccessControlList
Gets an access control list from memory.
dkAccessControlList* getAccessControlList(const char* name);

getAccessControlLists
Gets a collection of access control list objects.
virtual dkCollection* getAccessControlLists();

getACLNames
Gets a list of access list names.
virtual DKString* getACLNames(long& arraySize);

getPrivilege
Gets a privilege from memory.
dkPrivilege* getPrivilege(const char* name);

getPrivilegeGroup
Gets a privilege group from memory.
dkPrivilegeGroup* getPrivilegeGroup(const char* name);

getPrivilegeSet
Gets a privilege set from memory.
dkPrivilegeSet* getPrivilegeSet(const char* name);

getPrivilegeSetNames
Deprecated,has no meaning.
virtual DKString* getPrivilegeSetNames(long& arraySize);

getPrivilegeSets
Gets a privilege sets from memory.
virtual dkCollection* getPrivilegeSets();

isAuthorized
Checks authorization based on userid, ACL name and privilege id.
virtual DKBoolean isAuthorized (int privId, const char* ACLName, const char* usrGrpName, short usrGrpType);

isAuthorized
Checks authorization based on privilege id and privilege set object.
virtual DKBoolean isAuthorized(int privId, dkPrivilegeSet* privObj);

isAuthorized
Gets an array of boolean values of whether the given privilegeName is allowable for the given logon userid with the given list of access control list names.
DKBoolean* isAuthorized (char** aclnames, long numOfACLs, char* privilegeName);

isCacheEnabled
Checks to see if cache is currently enabled.
DKBoolean isCacheEnabled();

isTraceEnabled
Checks to see if trace is currently enabled.
DKBoolean isTraceEnabled();

listAccessControlListNames
Lists names of domain access control lists from persistent datastore.
DKString* listAccessControlListNames(const char* domainName,long& arraySize);

listAccessControlListNames
Lists access control lists names from the persistent datastore.
virtual DKString* listAccessControlListNames(long& arraySize);

listAccessControlLists
Lists access control lists for given domain from persistent datastore.
dkCollection* listAccessControlLists(const char* domainName);

listAccessControlLists
Lists access control lists from persistent datastore.
virtual dkCollection* listAccessControlLists();

listACLData
List ACL data from the persistent store.
dkCollection* listACLData(const char* name);
dkCollection* listACLData(long id);

listGeneralPrivileges
List general privileges for logon user.
dkCollection* listGeneralPrivileges();

listPrivilegeGroupNames
Lists privilege group names from persistent datastore.
virtual DKString* listPrivilegeGroupNames(long& arraySize);

listPrivilegeGroups
Lists privilege groups from persistent datastore.
virtual dkCollection* listPrivilegeGroups();

listPrivilegeNames
Lists privilege names from persistent datastore.
virtual DKString* listPrivilegeNames(long& arraySize);

listPrivileges
Lists privileges from persistent datastore.
virtual dkCollection* listPrivileges();

listPrivilegeSetNames
Lists privilege set names from persistent datastore.
virtual DKString* listPrivilegeSetNames(long& arraySize);

listPrivilegeSets
Lists privilege sets from persistent datastore.
virtual dkCollection* listPrivilegeSets();

listPrivInGroup
Lists privileges in a privilege group from the persistent store.
dkCollection* listPrivInGroup(const char* name);
dkCollection* listPrivInGroup(long id);

listPrivInSet
Lists privileges in a privilege set from the persistent store.
dkCollection* listPrivInSet(const char* name);
dkCollection* listPrivInSet(long id);

removeDomainACL
Remove one or more access control lists into a domain in the persistent store.
void removeDomainACL(const char* domainName, const char** aclNames,long count);

removeDomainPrivilegeSet
Remove one or more privilege sets from a domain in the persistent store.
void removeDomainPrivilegeSet(const char* domainName, const char** privSetNames,long count);
 

removeAccessControlList
Deprecated, has no meaning.
virtual void removeAccessControlList (const char* aclName);
 

removePrivilegeSet
Deprecated, has no meaning.
virtual void removePrivilegeSet (const char* privName);

retrieveAccessControlList
Retrieve an access control list from the persistent store.
virtual dkAccessControlList* retrieveAccessControlList(const char* name);
dkAccessControlList* retrieveAccessControlList(long id);

retrievePrivilege
Retrieve a privilege from the persistent store.
virtual dkPrivilege* retrievePrivilege(const char* name);
dkPrivilege* retrievePrivilege(long id);

retrievePrivilegeGroup
Retrieve a privilege group from the persistent store.
virtual dkPrivilegeGroup* retrievePrivilegeGroup(const char* name);
dkPrivilegeGroup* retrievePrivilegeGroup(long id);

retrievePrivilegeSet
Retrieve a privilege set from the persistent store.
virtual dkPrivilegeSet* retrievePrivilegeSet(const char* name);
dkPrivilegeSet* retrievePrivilegeSet(long id);

retrieveUserGroupPrivilegeSet
Retrieves the privilege set object from persistent datastore based on the specified user group.
dkPrivilegeSet* retrieveUserGroupPrivilegeSet(const char* userGroupId);

retrieveUserGroupPrivilegeSet
Retrieves the privilege set object from persistent datastore based on the specified user group.
dkPrivilegeSet* retrieveUserGroupPrivilegeSet(const char* userGroupId);

retrieveUserPrivilegeSet
Retrieves the privilege set object from persistent datastore based on the specified user.
dkPrivilegeSet* retrieveUserPrivilegeSet(const char* userId);

setAccessLevel
Set the AccessLevel.
void setAccessLevel(int accessLevel);

setCacheEnabled
Sets whether data should be cached for performance.
void setCacheEnabled(DKBoolean isEnabled);

setTraceEnabled
Sets whether we should turn on trace for debuggin purpose.
void setTraceEnabled(DKBoolean isEnabled);

update
Updates privilegeGroup,privilege,privilege Set or AccessControlList in the persistent store.
virtual void update(dkPrivilegeGroup* privGroupObj);
virtual void update(dkPrivilege* privObj);
virtual void update(dkPrivilegeSet* privSetObj);
virtual void update(dkAccessControlList* aclObj);

updateACLRule
Updates patron type and privilege set associated with a user id in an existing access control list in the persistent datastore.
void updateACLRule(long aclCode,const char* userId, short patronType, long privSetCode);

(c) Copyright International Business Machines Corporation 1996, 2003. IBM Corp. All rights reserved.