Index

DKPrivilegeSetICM

Purpose:

A Content Manager privilege set is a named group of privileges. The purpose of using privilege sets is to ease system administration. Content Manager privileges must be grouped into privilege sets before they can be granted to users or used to define ACLs. Privilege sets granted to users are called user privileges. They define the individual users' individual bounds on using the system. When applied to ACL specifications, the privilege set specifies the limits of the operations allowed on the bound controlled entity. Only individual users can be associated with privilege sets. User groups cannot hold privilege sets for their members.

The DKPrivilegeSetICM class is used to represent Content Manager privilege sets.

See Also: DKPrivilegetICM, DKPrivilegeGroupICM, DKAccessControlListICM.

Since: Version 8

Class summary:

class DKEXPORT DKPrivilegeSetICM : public dkPrivilegeSet
 {
 public:
    DKPrivilegeSetICM();
    DKPrivilegeSetICM(dkDatastore* ds);
    virtual ~DKPrivilegeSetICM();
    virtual void addPrivilege(dkPrivilege* privObj);
    virtual void addPrivilegeGroup(dkPrivilegeGroup* privGroupObj);
    virtual void clearCache ();
    long getID();
    DKAdminDomainDefICM* getAdminDomain();
    DKBoolean isRetrieved();
    virtual DKString* listPrivilegeNames(long& arraySize);
    virtual dkCollection* listPrivileges();
    virtual void removePrivilege(const char* privName);
    void removePrivilege(long privId);
    void setID(long id);
    void setAdminDomain(DKAdminDomainDefICM* domain);
    void setRetrieved(DKBoolean isRetrieved);
 };

Members:

Constructors and destructor
DKPrivilegeSetICM();

Default constructor. Constructs and initializes a privilege set object that is currently not associated with any datastore instance.

DKPrivilegeSetICM(dkDatastore* ds);

Constructor that takes a datastore instance as a parameter. The returned privilege set instance is associated with the datastore instance. Equivalent to calling the default constructor followed by the setDatastore method on the created privilege set instance. Parameters: ds - datastore reference. Should be an instance of DKDatastoreICM.

virtual ~DKPrivilegeSetICM();

Destructor for this object.

Member functions

addPrivilege
Adds a new privilege to the in-memory (cached) representation of the privilege set instance. No datastore call is initiated as a result of calling this method. Parameters: privObj - a valid DKPriviligeICM instance. Throws:
  • DKAlreadyExitsException - if the privObj already exists in this DKPrivilegeSetICM object.
  • DKException - when error occurs .

virtual void addPrivilege(dkPrivilege* privObj);

addPrivilegeGroup
Adds a privilege group to the in-memory (cached) representation of the privilege set instance. No datastore call is initiated as a result of calling this method. Parameters: privGroupObj -valid privilege group object as an instance of DKPriviligeGroupICM. Throws:
  • DKAlreadyExitsException - if the privObj already exists in this DKPrivilegeSetICM object.
  • DKException - when error occurs .

virtual void addPrivilegeGroup(dkPrivilegeGroup* privGroupObj);

clearCache
Clears the privilege set cache by removing all contained privileges from the in-memory (cached) representation of this privilege set. No datastore call is initiated as a result of calling this method.
virtual void clearCache ();

getID
Returns the identifier associated with this privilege set instance. Parameters: id -the new identifier to be associated with this privilege set instance. Returns: identifier for this privilege set instance.
long getID();

getAdminDomains
Retrieves the collection of domains with which this privilege set instance is associated. Returns: returned list contains one or more DKAdminDomainDefICM object instances with which this privilege set is associated. See Also:DKAdminDomainDefICM.
DKAdminDomainDefICM* getAdminDomain();

isRetrieved
Checks to see if the privileges comprising this privilege set have been retrieved from the persistent store. Returns: true if the privileges have already retrieved, false otherwise.
DKBoolean isRetrieved();

listPrivilegeNames
Retrieves the name of all the privileges associated with this privilege set from the persistent store. if caching is turned off or if caching is on but the privilege names have not yet been retrieved into the in-memory cache. If caching is turned on and the privilege names have already been retrieved into the in-memory cache, then return the privilege names from the in-memory cache. Parameters: arraySize - array size of names of the privileges associated with this privilege set. Returns: an array of names for all the privileges associated with this privilege set. Throws: DKException - when error occurs in the server.
virtual DKString* listPrivilegeNames(long& arraySize);

listPrivileges
Retrieves the list of privileges associated with this privilege set from the persistent store. if caching is turned off or if caching is on but the privileges have not yet been retrieved into the in-memory cache. If caching is turned on and the privileges have already been retrieved into the in-memory cache, then return the privileges from the in-memory cache. Returns: Each item in the returned collection is an instance of type DKPrivilegeICM. Throws: DKException - when error occurs in the server.
virtual dkCollection* listPrivileges();

removePrivilege
Removes the privilege object corresponding to the privilege name specified in the input parameter, from the in-memory representation of this privilege set instance. No datastore call is initiated as a result of calling this method. Parameters: privName - name of the privilege to be removed. Returns: Each item in the returned collection is an instance of type DKPrivilegeICM. Throws:
  • DKNotExistException - if the privilege name does not exist in this privilege set.
  • DKException - when error occurs in the server.

virtual void removePrivilege(const char* privName);

removePrivilege
Removes the privilege object instance corresponding to the privilege identifier specified in the input parameter, from the in-memory representation of this privilege set instance. No datastore call is initiated as a result of calling this method. Parameters: priv_id - identifier of the privilege to be removed. Returns:Each item in the returned collection is an instance of type DKPrivilegeICM. Throws:
  • DKNotExistException - if the privilege does not exist in this privilege set.
  • DKException - when error occurs in the server.

virtual void removePrivilege(const char* privName);  

setID
Sets the privilege group identifier. Parameters: id -the new identifier to be associated with this privilege set instance.
void setID(long id);

setAdminDomains
Sets the admininstration domains that this privilege set object is associated with. Parameters: collDomain - collection of DKAdminDomainDefICM object instances with which this privilege set will henceforth be associated. See Also:DKAdminDomainDefICM

void setAdminDomain(DKAdminDomainDefICM* domain)

setRetrieved
Sets a value that determines whether the privileges comprising this privilege set was retrieved from the persistent store or not. Parameters: isRetrieved - if true, the privileges comprising this privilege set are considered to have been retrieved from the persistent store; if false, the privileges comprising this privilege set are considered to not have been retrieved.
void setRetrieved(DKBoolean isRetrieved); 

(c) Copyright International Business Machines Corporation 1996, 2003. IBM Corp. All rights reserved.