|
Enterprise Information Portal APIs |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt | +--com.ibm.mm.sdk.common.DKAuthorizationMgmtICM
Use this class to represent and manage the authorization of the ICM datastore.
Fields inherited from interface com.ibm.mm.sdk.common.DKMessageId |
For details, see the class or interface |
Constructor Summary | |
DKAuthorizationMgmtICM(dkDatastore ds)
Constructs and initializes an authorization management class associated with a given datastore The datastore object shuold have a valid connection to the datastore. |
Method Summary | |
void |
add(dkAccessControlList aclObj)
adds an access control list into the datastore. |
void |
add(dkPrivilege privObj)
adds a privilege to the datastore. |
void |
add(dkPrivilegeGroup privGroupObj)
adds a privilege group into the datastore. |
void |
add(dkPrivilegeSet privSetObj)
adds a privilege set into the datastore. |
void |
addACLRule(long aclCode,
java.lang.String userId,
short patronType,
long privSetCode)
Adds an ACL rule to an existing access control list in the datastore |
void |
addDomainACL(java.lang.String domainName,
java.lang.String[] aclNames)
adds one or more access control lists into a domain with of the specified name in the datastore. |
void |
addDomainPrivilegeSet(java.lang.String domainName,
java.lang.String[] privSetNames)
adds one or more privilege sets into a domain of the specified name in the datastore |
void |
clearCache()
Clears all cache data The lists: ACL list, Priv Set List, Priv Group List, Priv List, ACL Name list, Priv set name list, priv group name list, priv name list, acl id list. |
dkAccessControlList |
createAccessControlList()
Create a DKAccessControlListICM instance |
dkPrivilege |
createPrivilege()
Create a DKPrivilgeICM instance |
dkPrivilegeGroup |
createPrivilegeGroup()
Create a DKPrivilgeICMGroup instance |
dkPrivilegeSet |
createPrivilegeSet()
Create a DKPrivilgeICMSet instance |
void |
del(dkAccessControlList aclObj)
deletes an access control list from the datastore. |
void |
del(dkPrivilege privObj)
deletes a privilege from the datastore. |
void |
del(dkPrivilegeGroup privGroupObj)
deletes a privilege group from the datastore. |
void |
del(dkPrivilegeSet privSetObj)
deletes a privilege set from the datastore. |
void |
deleteACLRule(long aclCode,
java.lang.String userId)
Deletes an ACL rule for the specified user name (user id) in the datastore. |
dkAccessControlList |
getAccessControlList(java.lang.String name)
Gets an access control list with the specified name from cache |
dkPrivilege |
getPrivilege(java.lang.String name)
Gets the privilege of the specified name from memory cache, a memory-only function |
dkPrivilegeGroup |
getPrivilegeGroup(java.lang.String name)
Gets a privilege group from cache. |
dkPrivilegeSet |
getPrivilegeSet(java.lang.String name)
Gets a privilege set of the specified name from memory cache. |
boolean[] |
isAuthorized(java.lang.String[] accessControlListNames,
java.lang.String privilegeName)
Gets an array of booleans indicating values of whether the given privilegeName is allowable for the given logon userid with the given list of access control list names. |
java.lang.String[] |
listAccessControlListNames()
lists the names of the access control lists from the datastore If the cache is enabled and if a cached copy is available then the access control lists are retrieved from the memory cache. |
java.lang.String[] |
listAccessControlListNames(java.lang.String domainName)
lists the names of the access control lists in a specified domain from the datastore. |
dkCollection |
listAccessControlLists()
lists access control lists from the datastore. |
dkCollection |
listAccessControlLists(java.lang.String domainName)
lists access control lists in a specified domain from the datastore. |
dkCollection |
listACLData(java.lang.String name)
list ACL data of an access control list with the specified names from the datastore |
dkCollection |
listGeneralPrivileges()
lists general privileges for the current (or this) user. |
java.lang.String[] |
listPrivilegeGroupNames()
lists the names of privilege groups from the datastore. |
dkCollection |
listPrivilegeGroups()
lists privilege groups from the datastore. |
java.lang.String[] |
listPrivilegeNames()
Lists the names of the privileges available in the datastore. |
dkCollection |
listPrivileges()
Lists a collection of privileges from the datastore. |
java.lang.String[] |
listPrivilegeSetNames()
lists the names of privilege sets from the datastore. |
java.lang.String[] |
listPrivilegeSetNames(java.lang.String domainName)
lists privilege set names in a specified domain from the datastore. |
dkCollection |
listPrivilegeSets()
lists the privilege sets from the datastore.If the cache is enabled and if a cached copy is available then the list of privilege sets is returned from the memory cache. |
dkCollection |
listPrivilegeSets(java.lang.String domainName)
Lists the privilege sets in a specified domain from the datastore. |
dkCollection |
listPrivInGroup(java.lang.String name)
lists privileges in thea privilege group with the specified name from the datastore. |
dkCollection |
listPrivInSet(java.lang.String name)
lists privileges in a privilege set of the specified name from the datastore |
void |
removeDomainACL(java.lang.String domainName,
java.lang.String[] aclNames)
removes one or more access control lists into a domain in the datastore |
void |
removeDomainPrivilegeSet(java.lang.String domainName,
java.lang.String[] privSetNames)
removes one or more privilege sets from the specified domain name in the datastore |
dkAccessControlList |
retrieveAccessControlList(java.lang.String name)
retrieves an access control list from the datastore. |
dkPrivilege |
retrievePrivilege(java.lang.String name)
retrieves a privilege of the specified name from the datastore. |
dkPrivilegeGroup |
retrievePrivilegeGroup(java.lang.String name)
retrieve a privilege group from the datastore. |
dkPrivilegeSet |
retrievePrivilegeSet(java.lang.String name)
retrieves a privilege set from the datastore. |
dkPrivilegeSet |
retrieveUserPrivilegeSet(java.lang.String userId)
Retrieves the specified user's default privilege set from the datastore. |
void |
setDatastore(dkDatastore ds)
Sets the datastore object which is to be managed |
void |
update(dkAccessControlList aclObj)
updates an access control list from the datastore. |
void |
update(dkPrivilege privObj)
updates a privilege in the datastore. |
void |
update(dkPrivilegeGroup privGroupObj)
updates a privilege group from the datastore. |
void |
update(dkPrivilegeSet privSetObj)
updates a privilege set from the datastore. |
void |
updateACLRule(long aclCode,
java.lang.String userId,
short patronType,
long privSetCode)
Updates patron type and privilege set associated with a user id in an existing access control list in the datastore Should both patrontype AND privsetcode be updated or just one can be updated. |
Methods inherited from class com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt |
deleteAccessControlList, deletePrivilege, deletePrivilegeGroup, deletePrivilegeSet, getDatastore, retrieveUserGroupPrivilegeSet |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public DKAuthorizationMgmtICM(dkDatastore ds)
This class provides the methods to manage the helper classes: DKPrivilegeICM, DKPrivilegeSetICM, and DKPrivilegeGroupICM, and DKAccessControlListICM. This object can also be accessed from the DKDatastoreAdminICM object.
DKDatstoreICM ds = new DKDatastoreICM(); ds.connect("icmnlsdb", "icmadmin" ,"password" ,""); dkDatastoreDef dsDef = (dkDatastoreDef) ds.datastoreDef(); DKDatastoreAdminICM dsAdm = (DKDatastoreAdminICM) dsDef.datastoreAdmin(); DKAuthorizationMgmtICM aclMgmt = (DKAuthorizationMgmtICM) dsAdmin.authorizationMgmt();
ds
- a reference to the datastore object which this object intends to manageDKDatastoreICM
,
DKDatasotreAdminICM
,
DKPrivilegeICM
,
DKPrivilegeSetICM
,
DKPrivilegeGroupICM
,
DKAccessControlListICM
Method Detail |
public void setDatastore(dkDatastore ds)
setDatastore
in class dkAbstractAuthorizationMgmt
ds
- dkDatastore - datastore object
Note: The cache is cleared when the datastore is set.public dkCollection listPrivileges() throws DKException, java.lang.Exception
listPrivileges
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeICM
public java.lang.String[] listPrivilegeNames() throws DKException, java.lang.Exception
listPrivilegeNames
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occurspublic void add(dkPrivilege privObj) throws DKException, java.lang.Exception
add
in class dkAbstractAuthorizationMgmt
privObj
- a DKPrivilegeICM to be added to the datastoreDKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeICM
public void del(dkPrivilege privObj) throws DKException, java.lang.Exception
del
in class dkAbstractAuthorizationMgmt
privObj
- the privilege to be deletedDKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeICM
public void update(dkPrivilege privObj) throws DKException, java.lang.Exception
update
in class dkAbstractAuthorizationMgmt
privObj
- a DKPrivilegeICM object to be updated in the datastoreDKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeICM
public dkPrivilege retrievePrivilege(java.lang.String name) throws DKException, java.lang.Exception
retrievePrivilege
in class dkAbstractAuthorizationMgmt
name
- the name of the privilege to be retrievedDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilege
,
DKPrivilegeICM
public dkPrivilege getPrivilege(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the privilegeDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilege
,
DKPrivilegeICM
public dkCollection listPrivilegeSets(java.lang.String domainName) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the privilege sets belongDKException
- when error occursjava.lang.Exception
- when error occurspublic java.lang.String[] listPrivilegeSetNames(java.lang.String domainName) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the privilege sets belongDKException
- when error occursjava.lang.Exception
- when error occurspublic dkCollection listPrivilegeSets() throws DKException, java.lang.Exception
listPrivilegeSets
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occurspublic java.lang.String[] listPrivilegeSetNames() throws DKException, java.lang.Exception
listPrivilegeSetNames
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeSetICM
public void add(dkPrivilegeSet privSetObj) throws DKAlreadyExistException, DKException, java.lang.Exception
add
in class dkAbstractAuthorizationMgmt
privSetObj
- a DKPrivilegeSetICM object which is to be added to the datastoreDKAlreadyExistException
- when the specified privilege set object already exist.DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeSetICM
public void addDomainPrivilegeSet(java.lang.String domainName, java.lang.String[] privSetNames) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the privilege sets to be addedprivSetNames
- an array of the privilege set names to be added to the domainDKException
- when error occurs, for example: if one or more privilege sets in the list do not exist in the domainjava.lang.Exception
- when error occurspublic void del(dkPrivilegeSet privSetObj) throws DKNotExistException, DKException, java.lang.Exception
del
in class dkAbstractAuthorizationMgmt
privSetObj
- the privilege set to be deletedDKNotExistException
- when the specified privilege set object does not existDKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeSetICM
public void removeDomainPrivilegeSet(java.lang.String domainName, java.lang.String[] privSetNames) throws DKException, java.lang.Exception
domainName
- the name of the domain from which the privilege sets are to be removedprivSetNames
- an array of privilege set names to be removed from the domain of the specifed nameDKException
- when error occurs, for example:if one or more privilege sets in the list do not exist in the domainjava.lang.Exception
- when error occurspublic void update(dkPrivilegeSet privSetObj) throws DKNotExistException, DKException, java.lang.Exception
update
in class dkAbstractAuthorizationMgmt
privSetObj
- the privilege set object to be updatedDKNotExistException
- when the specified privilege set object does not existDKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeSetICM
public dkPrivilegeSet retrievePrivilegeSet(java.lang.String name) throws DKNotExistException, DKException, java.lang.Exception
retrievePrivilegeSet
in class dkAbstractAuthorizationMgmt
name
- the name of the privilege set to be retrievedDKNotExistException
- when the specified privilege set object does not existDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilegeSet
,
DKPrivilegeSetICM
public dkPrivilegeSet getPrivilegeSet(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the privilege set to be retrieved.DKException
- when error occursjava.lang.Exception
- when error occursdkPrivilegeSet
,
DKPrivilegeSetICM
public dkCollection listPrivInSet(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the privilege set whose privileges are to be retrieved from the datastoreDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilege
,
DKPrivilegeICM
,
dkPrivilegeSet
,
DKPrivilegeSetICM
public dkPrivilegeSet retrieveUserPrivilegeSet(java.lang.String userId) throws DKException, java.lang.Exception
retrieveUserPrivilegeSet
in class dkAbstractAuthorizationMgmt
userName
- - name of the user whose privilege set is to be retrieved.DKException
- if errors occurjava.lang.Exception
- if errors occurpublic dkCollection listPrivilegeGroups() throws DKException, java.lang.Exception
listPrivilegeGroups
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeGroupICM
public java.lang.String[] listPrivilegeGroupNames() throws DKException, java.lang.Exception
listPrivilegeGroupNames
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeGroupICM
public void add(dkPrivilegeGroup privGroupObj) throws DKAlreadyExistException, DKException, java.lang.Exception
add
in class dkAbstractAuthorizationMgmt
privGroupObj
- a DKPrivilegeGroupICM to be added to the datastoreDKAlreadyExistException
- when the specified privilege group object already exist.DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeGroupICM
public void del(dkPrivilegeGroup privGroupObj) throws DKNotExistException, DKException, java.lang.Exception
del
in class dkAbstractAuthorizationMgmt
privGroupObj
- the privilege group to be deletedDKNoExistException
- when the specified privilege group object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeGroupICM
public void update(dkPrivilegeGroup privGroupObj) throws DKNotExistException, DKException, java.lang.Exception
update
in class dkAbstractAuthorizationMgmt
privGroupObj
- the privilege group to be updatedDKNotExistException
- when the specified privilege group object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursDKPrivilegeGroupICM
public dkPrivilegeGroup retrievePrivilegeGroup(java.lang.String name) throws DKNotExistException, DKException, java.lang.Exception
retrievePrivilegeGroup
in class dkAbstractAuthorizationMgmt
name
- the name of the privilege group to be retrievedDKNoExistException
- when the specified privilege group object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursdkPrivilegeGroup
,
DKPrivilegeGroupICM
public dkPrivilegeGroup getPrivilegeGroup(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the privilege groupDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilegeGroup
,
DKPrivilegeGroupICM
public dkCollection listPrivInGroup(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the privilege group whose privileges are to be retrieved from the datastoreDKException
- when error occursjava.lang.Exception
- when error occursdkPrivilegeGroup
,
DKPrivilegeGroupICM
public dkCollection listAccessControlLists(java.lang.String domainName) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the access control lists belongDKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public java.lang.String[] listAccessControlListNames(java.lang.String domainName) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the access control lists belongDKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public dkCollection listAccessControlLists() throws DKException, java.lang.Exception
listAccessControlLists
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public java.lang.String[] listAccessControlListNames() throws DKException, java.lang.Exception
listAccessControlListNames
in class dkAbstractAuthorizationMgmt
DKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public void add(dkAccessControlList aclObj) throws DKAlreadyExistException, DKException, java.lang.Exception
add
in class dkAbstractAuthorizationMgmt
privObj
- a DKAccessControlListICM to be added to the datastoreDKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public void addDomainACL(java.lang.String domainName, java.lang.String[] aclNames) throws DKException, java.lang.Exception
domainName
- the name of the domain to which the access control list are to be addedaclNames
- the array of access control list namesDKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public void del(dkAccessControlList aclObj) throws DKNotExistException, DKException, java.lang.Exception
del
in class dkAbstractAuthorizationMgmt
aclObj
- the access control list to be deletedDKNoExistException
- when the specified ACL object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public void removeDomainACL(java.lang.String domainName, java.lang.String[] aclNames) throws DKException, java.lang.Exception
public void update(dkAccessControlList aclObj) throws DKNotExistException, DKException, java.lang.Exception
update
in class dkAbstractAuthorizationMgmt
aclObj
- the access control list to be updatedDKNotExistException
- when the specified ACL object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursDKAccessControlListICM
public dkAccessControlList retrieveAccessControlList(java.lang.String name) throws DKNotExistException, DKException, java.lang.Exception
retrieveAccessControlList
in class dkAbstractAuthorizationMgmt
name
- the name of the access control list to be retrievedDKNoExistException
- when the specified ACL object does not exist.DKException
- when error occursjava.lang.Exception
- when error occursdkAccessControlList
,
DKAccessControlListICM
public dkAccessControlList getAccessControlList(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the access control listDKException
- when error occursjava.lang.Exception
- when error occursdkAccessControlList
,
DKAccessControlListICM
public dkCollection listACLData(java.lang.String name) throws DKException, java.lang.Exception
name
- the name of the access control list whose data are to be retrieved from the datastoreDKException
- when error occursjava.lang.Exception
- when error occursDKACLData
,
dkAccessControlList
,
DKAccessControlListICM
public void addACLRule(long aclCode, java.lang.String userId, short patronType, long privSetCode) throws DKAlreadyExistException, DKException, java.lang.Exception
aclCode
- the acl code of the access control listuserId
- the user id to be added to the access control listpatronType
- the type of the user: either DK_CM_PATRON_TYPE_USER, DK_CM_PATRON_TYPE_GROUP,
or DK_CM_PATRON_TYPE_PUBLICprivSetCode
- the privilege set code to be added to the access control listDKAlreadyExistException
- when the specified ACL rule already exist.DKException
- when error occursjava.lang.Exception
- when error occurspublic void updateACLRule(long aclCode, java.lang.String userId, short patronType, long privSetCode) throws DKNotExistException, DKException, java.lang.Exception
aclCode
- the acl code of the access control listuserId
- the user id of which the associated user kind and privilege set are to be updatedpatronType
- the type of the user to be updated: either DK_CM_PATRON_TYPE_USER, DK_CM_PATRON_TYPE_GROUP,
or DK_CM_PATRON_TYPE_PUBLICprivSetCode
- the privilege set code to be updated in the access control listDKNoExistException
- when the specified ACL rule does not exist.DKException
- when error occursjava.lang.Exception
- when error occurspublic void deleteACLRule(long aclCode, java.lang.String userId) throws DKNotExistException, DKException, java.lang.Exception
aclCode
- the acl code of the access control listuserId
- the user id to be deleted from the access control listDKNoExistException
- when the specified ACL rule does not assigned to the user.DKException
- when error occursjava.lang.Exception
- when error occurspublic boolean[] isAuthorized(java.lang.String[] accessControlListNames, java.lang.String privilegeName) throws DKException, java.lang.Exception
accessControlListNames
- an array of access control list names to be checked againstprivilegeName
- name of a privilege to be checked againstDKException
- java.lang.Exception
- public dkCollection listGeneralPrivileges() throws DKException, java.lang.Exception
DKException
- java.lang.Exception
- public void clearCache()
clearCache
in class dkAbstractAuthorizationMgmt
public dkPrivilege createPrivilege()
createPrivilege
in class dkAbstractAuthorizationMgmt
com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
DKException
- if errorpublic dkPrivilegeSet createPrivilegeSet()
createPrivilegeSet
in class dkAbstractAuthorizationMgmt
com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
DKException
- if errorpublic dkPrivilegeGroup createPrivilegeGroup()
createPrivilegeGroup
in class dkAbstractAuthorizationMgmt
com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
DKException
- if errorpublic dkAccessControlList createAccessControlList()
createAccessControlList
in class dkAbstractAuthorizationMgmt
com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
DKException
- if error
|
EIP Java APIs | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |