Enterprise Information Portal APIs

com.ibm.mm.sdk.common
Class DKAuthorizationMgmtICM

java.lang.Object
  |
  +--com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
        |
        +--com.ibm.mm.sdk.common.DKAuthorizationMgmtICM
All Implemented Interfaces:
dkAuthorizationMgmt, DKMessageId, java.io.Serializable

public class DKAuthorizationMgmtICM
extends dkAbstractAuthorizationMgmt
implements java.io.Serializable

Use this class to represent and manage the authorization of the ICM datastore.

See Also:
Serialized Form

Fields inherited from interface com.ibm.mm.sdk.common.DKMessageId
    For details, see the class or interface
 
Constructor Summary
DKAuthorizationMgmtICM(dkDatastore ds)
          Constructs and initializes an authorization management class associated with a given datastore The datastore object shuold have a valid connection to the datastore.
 
Method Summary
 void add(dkAccessControlList aclObj)
          adds an access control list into the datastore.
 void add(dkPrivilege privObj)
          adds a privilege to the datastore.
 void add(dkPrivilegeGroup privGroupObj)
          adds a privilege group into the datastore.
 void add(dkPrivilegeSet privSetObj)
          adds a privilege set into the datastore.
 void addACLRule(long aclCode, java.lang.String userId, short patronType, long privSetCode)
          Adds an ACL rule to an existing access control list in the datastore
 void addDomainACL(java.lang.String domainName, java.lang.String[] aclNames)
          adds one or more access control lists into a domain with of the specified name in the datastore.
 void addDomainPrivilegeSet(java.lang.String domainName, java.lang.String[] privSetNames)
          adds one or more privilege sets into a domain of the specified name in the datastore
 void clearCache()
          Clears all cache data The lists: ACL list, Priv Set List, Priv Group List, Priv List, ACL Name list, Priv set name list, priv group name list, priv name list, acl id list.
 dkAccessControlList createAccessControlList()
          Create a DKAccessControlListICM instance
 dkPrivilege createPrivilege()
          Create a DKPrivilgeICM instance
 dkPrivilegeGroup createPrivilegeGroup()
          Create a DKPrivilgeICMGroup instance
 dkPrivilegeSet createPrivilegeSet()
          Create a DKPrivilgeICMSet instance
 void del(dkAccessControlList aclObj)
          deletes an access control list from the datastore.
 void del(dkPrivilege privObj)
          deletes a privilege from the datastore.
 void del(dkPrivilegeGroup privGroupObj)
          deletes a privilege group from the datastore.
 void del(dkPrivilegeSet privSetObj)
          deletes a privilege set from the datastore.
 void deleteACLRule(long aclCode, java.lang.String userId)
          Deletes an ACL rule for the specified user name (user id) in the datastore.
 dkAccessControlList getAccessControlList(java.lang.String name)
          Gets an access control list with the specified name from cache
 dkPrivilege getPrivilege(java.lang.String name)
          Gets the privilege of the specified name from memory cache, a memory-only function
 dkPrivilegeGroup getPrivilegeGroup(java.lang.String name)
          Gets a privilege group from cache.
 dkPrivilegeSet getPrivilegeSet(java.lang.String name)
          Gets a privilege set of the specified name from memory cache.
 boolean[] isAuthorized(java.lang.String[] accessControlListNames, java.lang.String privilegeName)
          Gets an array of booleans indicating values of whether the given privilegeName is allowable for the given logon userid with the given list of access control list names.
 java.lang.String[] listAccessControlListNames()
          lists the names of the access control lists from the datastore If the cache is enabled and if a cached copy is available then the access control lists are retrieved from the memory cache.
 java.lang.String[] listAccessControlListNames(java.lang.String domainName)
          lists the names of the access control lists in a specified domain from the datastore.
 dkCollection listAccessControlLists()
          lists access control lists from the datastore.
 dkCollection listAccessControlLists(java.lang.String domainName)
          lists access control lists in a specified domain from the datastore.
 dkCollection listACLData(java.lang.String name)
          list ACL data of an access control list with the specified names from the datastore
 dkCollection listGeneralPrivileges()
          lists general privileges for the current (or this) user.
 java.lang.String[] listPrivilegeGroupNames()
          lists the names of privilege groups from the datastore.
 dkCollection listPrivilegeGroups()
          lists privilege groups from the datastore.
 java.lang.String[] listPrivilegeNames()
          Lists the names of the privileges available in the datastore.
 dkCollection listPrivileges()
          Lists a collection of privileges from the datastore.
 java.lang.String[] listPrivilegeSetNames()
          lists the names of privilege sets from the datastore.
 java.lang.String[] listPrivilegeSetNames(java.lang.String domainName)
          lists privilege set names in a specified domain from the datastore.
 dkCollection listPrivilegeSets()
          lists the privilege sets from the datastore.If the cache is enabled and if a cached copy is available then the list of privilege sets is returned from the memory cache.
 dkCollection listPrivilegeSets(java.lang.String domainName)
          Lists the privilege sets in a specified domain from the datastore.
 dkCollection listPrivInGroup(java.lang.String name)
          lists privileges in thea privilege group with the specified name from the datastore.
 dkCollection listPrivInSet(java.lang.String name)
          lists privileges in a privilege set of the specified name from the datastore
 void removeDomainACL(java.lang.String domainName, java.lang.String[] aclNames)
          removes one or more access control lists into a domain in the datastore
 void removeDomainPrivilegeSet(java.lang.String domainName, java.lang.String[] privSetNames)
          removes one or more privilege sets from the specified domain name in the datastore
 dkAccessControlList retrieveAccessControlList(java.lang.String name)
          retrieves an access control list from the datastore.
 dkPrivilege retrievePrivilege(java.lang.String name)
          retrieves a privilege of the specified name from the datastore.
 dkPrivilegeGroup retrievePrivilegeGroup(java.lang.String name)
          retrieve a privilege group from the datastore.
 dkPrivilegeSet retrievePrivilegeSet(java.lang.String name)
          retrieves a privilege set from the datastore.
 dkPrivilegeSet retrieveUserPrivilegeSet(java.lang.String userId)
          Retrieves the specified user's default privilege set from the datastore.
 void setDatastore(dkDatastore ds)
          Sets the datastore object which is to be managed
 void update(dkAccessControlList aclObj)
          updates an access control list from the datastore.
 void update(dkPrivilege privObj)
          updates a privilege in the datastore.
 void update(dkPrivilegeGroup privGroupObj)
          updates a privilege group from the datastore.
 void update(dkPrivilegeSet privSetObj)
          updates a privilege set from the datastore.
 void updateACLRule(long aclCode, java.lang.String userId, short patronType, long privSetCode)
          Updates patron type and privilege set associated with a user id in an existing access control list in the datastore Should both patrontype AND privsetcode be updated or just one can be updated.
 
Methods inherited from class com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
deleteAccessControlList, deletePrivilege, deletePrivilegeGroup, deletePrivilegeSet, getDatastore, retrieveUserGroupPrivilegeSet
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DKAuthorizationMgmtICM

public DKAuthorizationMgmtICM(dkDatastore ds)
Constructs and initializes an authorization management class associated with a given datastore The datastore object shuold have a valid connection to the datastore.

This class provides the methods to manage the helper classes: DKPrivilegeICM, DKPrivilegeSetICM, and DKPrivilegeGroupICM, and DKAccessControlListICM. This object can also be accessed from the DKDatastoreAdminICM object.

  DKDatstoreICM ds = new DKDatastoreICM();
  ds.connect("icmnlsdb", "icmadmin" ,"password" ,"");
  dkDatastoreDef dsDef = (dkDatastoreDef) ds.datastoreDef();
  DKDatastoreAdminICM dsAdm = (DKDatastoreAdminICM) dsDef.datastoreAdmin();
  DKAuthorizationMgmtICM aclMgmt = (DKAuthorizationMgmtICM) dsAdmin.authorizationMgmt();
  
Parameters:
ds - a reference to the datastore object which this object intends to manage
See Also:
DKDatastoreICM, DKDatasotreAdminICM, DKPrivilegeICM, DKPrivilegeSetICM, DKPrivilegeGroupICM, DKAccessControlListICM
Method Detail

setDatastore

public void setDatastore(dkDatastore ds)
Sets the datastore object which is to be managed
Overrides:
setDatastore in class dkAbstractAuthorizationMgmt
Parameters:
ds - dkDatastore - datastore object Note: The cache is cleared when the datastore is set.

listPrivileges

public dkCollection listPrivileges()
                            throws DKException,
                                   java.lang.Exception
Lists a collection of privileges from the datastore. If the cache is enabled and if the list is available in the memory then the list is returned from the memory. When cache is enabled the collection returned refers to the copy maintained internally. if cache is disenabled then no collection of privileges will be maintained internally.
Overrides:
listPrivileges in class dkAbstractAuthorizationMgmt
Returns:
a collection of DKPrivilegeICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeICM

listPrivilegeNames

public java.lang.String[] listPrivilegeNames()
                                      throws DKException,
                                             java.lang.Exception
Lists the names of the privileges available in the datastore. If the cache is enabled and if the privilege names list is available then it is returned from the memory.
Overrides:
listPrivilegeNames in class dkAbstractAuthorizationMgmt
Returns:
A string array of the names of privileges.
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs

add

public void add(dkPrivilege privObj)
         throws DKException,
                java.lang.Exception
adds a privilege to the datastore. If the cache is enabled, then it is also added to the cache.
Overrides:
add in class dkAbstractAuthorizationMgmt
Parameters:
privObj - a DKPrivilegeICM to be added to the datastore
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeICM

del

public void del(dkPrivilege privObj)
         throws DKException,
                java.lang.Exception
deletes a privilege from the datastore. If cache is enabled, it deleted from the cache.
Overrides:
del in class dkAbstractAuthorizationMgmt
Parameters:
privObj - the privilege to be deleted
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeICM

update

public void update(dkPrivilege privObj)
            throws DKException,
                   java.lang.Exception
updates a privilege in the datastore. If cache is enabled, also update it in the cache.
Overrides:
update in class dkAbstractAuthorizationMgmt
Parameters:
privObj - a DKPrivilegeICM object to be updated in the datastore
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeICM

retrievePrivilege

public dkPrivilege retrievePrivilege(java.lang.String name)
                              throws DKException,
                                     java.lang.Exception
retrieves a privilege of the specified name from the datastore. If the cache is enabled and if a cached copy is available then the privilege is returned from the memory cache.
Overrides:
retrievePrivilege in class dkAbstractAuthorizationMgmt
Parameters:
name - the name of the privilege to be retrieved
Returns:
a dkPrivilege object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilege, DKPrivilegeICM

getPrivilege

public dkPrivilege getPrivilege(java.lang.String name)
                         throws DKException,
                                java.lang.Exception
Gets the privilege of the specified name from memory cache, a memory-only function
Parameters:
name - the name of the privilege
Returns:
a dkPrivilege object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilege, DKPrivilegeICM

listPrivilegeSets

public dkCollection listPrivilegeSets(java.lang.String domainName)
                               throws DKException,
                                      java.lang.Exception
Lists the privilege sets in a specified domain from the datastore. To just get the privilege set names use the method - public java.lang.String [] listPrivilegeSetNames (java.lang.String domainName)
Parameters:
domainName - the name of the domain to which the privilege sets belong
Returns:
a collection of DKPrivilegeSetICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:

listPrivilegeSetNames

public java.lang.String[] listPrivilegeSetNames(java.lang.String domainName)
                                         throws DKException,
                                                java.lang.Exception
lists privilege set names in a specified domain from the datastore. To get the privilege set objects use the method - public java.lang.String [] listPrivilegeSetNames (java.lang.String domainName)
Parameters:
domainName - the name of the domain to which the privilege sets belong
Returns:
an array of the names of privilege set
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:

listPrivilegeSets

public dkCollection listPrivilegeSets()
                               throws DKException,
                                      java.lang.Exception
lists the privilege sets from the datastore.If the cache is enabled and if a cached copy is available then the list of privilege sets is returned from the memory cache.
Overrides:
listPrivilegeSets in class dkAbstractAuthorizationMgmt
Returns:
a collection of DKPrivilegeSetICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:

listPrivilegeSetNames

public java.lang.String[] listPrivilegeSetNames()
                                         throws DKException,
                                                java.lang.Exception
lists the names of privilege sets from the datastore. If the cache is enabled and if a cached copy is available then the list of privilege set names is returned from the memory cache.
Overrides:
listPrivilegeSetNames in class dkAbstractAuthorizationMgmt
Returns:
a string array of the names of privilege sets
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeSetICM

add

public void add(dkPrivilegeSet privSetObj)
         throws DKAlreadyExistException,
                DKException,
                java.lang.Exception
adds a privilege set into the datastore. If the cache is enabled, it is also added to the cache.
Overrides:
add in class dkAbstractAuthorizationMgmt
Parameters:
privSetObj - a DKPrivilegeSetICM object which is to be added to the datastore
Throws:
DKAlreadyExistException - when the specified privilege set object already exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeSetICM

addDomainPrivilegeSet

public void addDomainPrivilegeSet(java.lang.String domainName,
                                  java.lang.String[] privSetNames)
                           throws DKException,
                                  java.lang.Exception
adds one or more privilege sets into a domain of the specified name in the datastore
Parameters:
domainName - the name of the domain to which the privilege sets to be added
privSetNames - an array of the privilege set names to be added to the domain
Throws:
DKException - when error occurs, for example: if one or more privilege sets in the list do not exist in the domain
java.lang.Exception - when error occurs

del

public void del(dkPrivilegeSet privSetObj)
         throws DKNotExistException,
                DKException,
                java.lang.Exception
deletes a privilege set from the datastore. If cache is on, it is also deleted from the cache.
Overrides:
del in class dkAbstractAuthorizationMgmt
Parameters:
privSetObj - the privilege set to be deleted
Throws:
DKNotExistException - when the specified privilege set object does not exist
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeSetICM

removeDomainPrivilegeSet

public void removeDomainPrivilegeSet(java.lang.String domainName,
                                     java.lang.String[] privSetNames)
                              throws DKException,
                                     java.lang.Exception
removes one or more privilege sets from the specified domain name in the datastore
Parameters:
domainName - the name of the domain from which the privilege sets are to be removed
privSetNames - an array of privilege set names to be removed from the domain of the specifed name
Throws:
DKException - when error occurs, for example:if one or more privilege sets in the list do not exist in the domain
java.lang.Exception - when error occurs

update

public void update(dkPrivilegeSet privSetObj)
            throws DKNotExistException,
                   DKException,
                   java.lang.Exception
updates a privilege set from the datastore. If cache is on, it also updates in the cache.
Overrides:
update in class dkAbstractAuthorizationMgmt
Parameters:
privSetObj - the privilege set object to be updated
Throws:
DKNotExistException - when the specified privilege set object does not exist
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeSetICM

retrievePrivilegeSet

public dkPrivilegeSet retrievePrivilegeSet(java.lang.String name)
                                    throws DKNotExistException,
                                           DKException,
                                           java.lang.Exception
retrieves a privilege set from the datastore. If the cache is turned on and if a cached copy is available then the privilege set is retrieved from the memory cache.
Overrides:
retrievePrivilegeSet in class dkAbstractAuthorizationMgmt
Parameters:
name - the name of the privilege set to be retrieved
Returns:
a dkPrivilegeSet object
Throws:
DKNotExistException - when the specified privilege set object does not exist
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilegeSet, DKPrivilegeSetICM

getPrivilegeSet

public dkPrivilegeSet getPrivilegeSet(java.lang.String name)
                               throws DKException,
                                      java.lang.Exception
Gets a privilege set of the specified name from memory cache.
Parameters:
name - the name of the privilege set to be retrieved.
Returns:
a dkPrivilegeSet object.
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilegeSet, DKPrivilegeSetICM

listPrivInSet

public dkCollection listPrivInSet(java.lang.String name)
                           throws DKException,
                                  java.lang.Exception
lists privileges in a privilege set of the specified name from the datastore
Parameters:
name - the name of the privilege set whose privileges are to be retrieved from the datastore
Returns:
a collection of the DKPrivilegeICM object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilege, DKPrivilegeICM, dkPrivilegeSet, DKPrivilegeSetICM

retrieveUserPrivilegeSet

public dkPrivilegeSet retrieveUserPrivilegeSet(java.lang.String userId)
                                        throws DKException,
                                               java.lang.Exception
Retrieves the specified user's default privilege set from the datastore.
Overrides:
retrieveUserPrivilegeSet in class dkAbstractAuthorizationMgmt
Parameters:
userName - - name of the user whose privilege set is to be retrieved.
Throws:
DKException - if errors occur
java.lang.Exception - if errors occur

listPrivilegeGroups

public dkCollection listPrivilegeGroups()
                                 throws DKException,
                                        java.lang.Exception
lists privilege groups from the datastore. If the cache is enabled and if a cached copy is available then the privilege groups are retrieved from the memory cache.
Overrides:
listPrivilegeGroups in class dkAbstractAuthorizationMgmt
Returns:
a collection of DKPrivilegeGroupICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeGroupICM

listPrivilegeGroupNames

public java.lang.String[] listPrivilegeGroupNames()
                                           throws DKException,
                                                  java.lang.Exception
lists the names of privilege groups from the datastore. If the cache is enabled and if a cached copy is available then the privilege groups are retrieved from the memory cache.
Overrides:
listPrivilegeGroupNames in class dkAbstractAuthorizationMgmt
Returns:
an array of the names of the privilege groups
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeGroupICM

add

public void add(dkPrivilegeGroup privGroupObj)
         throws DKAlreadyExistException,
                DKException,
                java.lang.Exception
adds a privilege group into the datastore. If the cache is enabled, it also added to the cache.
Overrides:
add in class dkAbstractAuthorizationMgmt
Parameters:
privGroupObj - a DKPrivilegeGroupICM to be added to the datastore
Throws:
DKAlreadyExistException - when the specified privilege group object already exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeGroupICM

del

public void del(dkPrivilegeGroup privGroupObj)
         throws DKNotExistException,
                DKException,
                java.lang.Exception
deletes a privilege group from the datastore. If cache is enabled, it also deletes from the cache
Overrides:
del in class dkAbstractAuthorizationMgmt
Parameters:
privGroupObj - the privilege group to be deleted
Throws:
DKNoExistException - when the specified privilege group object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeGroupICM

update

public void update(dkPrivilegeGroup privGroupObj)
            throws DKNotExistException,
                   DKException,
                   java.lang.Exception
updates a privilege group from the datastore. If cache is enabled, then also update it from the cache.
Overrides:
update in class dkAbstractAuthorizationMgmt
Parameters:
privGroupObj - the privilege group to be updated
Throws:
DKNotExistException - when the specified privilege group object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKPrivilegeGroupICM

retrievePrivilegeGroup

public dkPrivilegeGroup retrievePrivilegeGroup(java.lang.String name)
                                        throws DKNotExistException,
                                               DKException,
                                               java.lang.Exception
retrieve a privilege group from the datastore. If the cache is turned on and if a cached copy is available then the privilege groups are retrieved from the memory cache.
Overrides:
retrievePrivilegeGroup in class dkAbstractAuthorizationMgmt
Parameters:
name - the name of the privilege group to be retrieved
Returns:
a dkPrivilegeGroup object
Throws:
DKNoExistException - when the specified privilege group object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilegeGroup, DKPrivilegeGroupICM

getPrivilegeGroup

public dkPrivilegeGroup getPrivilegeGroup(java.lang.String name)
                                   throws DKException,
                                          java.lang.Exception
Gets a privilege group from cache.
Parameters:
name - the name of the privilege group
Returns:
a dkPrivilegeGroup object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilegeGroup, DKPrivilegeGroupICM

listPrivInGroup

public dkCollection listPrivInGroup(java.lang.String name)
                             throws DKException,
                                    java.lang.Exception
lists privileges in thea privilege group with the specified name from the datastore.
Parameters:
name - the name of the privilege group whose privileges are to be retrieved from the datastore
Returns:
a collection of DKPrivilegeGroupICM object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkPrivilegeGroup, DKPrivilegeGroupICM

listAccessControlLists

public dkCollection listAccessControlLists(java.lang.String domainName)
                                    throws DKException,
                                           java.lang.Exception
lists access control lists in a specified domain from the datastore.
Parameters:
domainName - the name of the domain to which the access control lists belong
Returns:
a collection of DKAccessControlListICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

listAccessControlListNames

public java.lang.String[] listAccessControlListNames(java.lang.String domainName)
                                              throws DKException,
                                                     java.lang.Exception
lists the names of the access control lists in a specified domain from the datastore.
Parameters:
domainName - the name of the domain to which the access control lists belong
Returns:
an array of the names of the access control lists
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

listAccessControlLists

public dkCollection listAccessControlLists()
                                    throws DKException,
                                           java.lang.Exception
lists access control lists from the datastore. If the cache is enabled and if a cached copy is available then the access control lists are retrieved from the memory cache.
Overrides:
listAccessControlLists in class dkAbstractAuthorizationMgmt
Returns:
a collection of DKAccessControlListICM objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

listAccessControlListNames

public java.lang.String[] listAccessControlListNames()
                                              throws DKException,
                                                     java.lang.Exception
lists the names of the access control lists from the datastore If the cache is enabled and if a cached copy is available then the access control lists are retrieved from the memory cache.
Overrides:
listAccessControlListNames in class dkAbstractAuthorizationMgmt
Returns:
an array of the names of access control lists
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

add

public void add(dkAccessControlList aclObj)
         throws DKAlreadyExistException,
                DKException,
                java.lang.Exception
adds an access control list into the datastore. If the cache is enabled, it also added to the cache.
Overrides:
add in class dkAbstractAuthorizationMgmt
Parameters:
privObj - a DKAccessControlListICM to be added to the datastore
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

addDomainACL

public void addDomainACL(java.lang.String domainName,
                         java.lang.String[] aclNames)
                  throws DKException,
                         java.lang.Exception
adds one or more access control lists into a domain with of the specified name in the datastore.
Parameters:
domainName - the name of the domain to which the access control list are to be added
aclNames - the array of access control list names
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

del

public void del(dkAccessControlList aclObj)
         throws DKNotExistException,
                DKException,
                java.lang.Exception
deletes an access control list from the datastore. If cache is enabled, it also deleted from the cache.
Overrides:
del in class dkAbstractAuthorizationMgmt
Parameters:
aclObj - the access control list to be deleted
Throws:
DKNoExistException - when the specified ACL object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

removeDomainACL

public void removeDomainACL(java.lang.String domainName,
                            java.lang.String[] aclNames)
                     throws DKException,
                            java.lang.Exception
removes one or more access control lists into a domain in the datastore

update

public void update(dkAccessControlList aclObj)
            throws DKNotExistException,
                   DKException,
                   java.lang.Exception
updates an access control list from the datastore. If cache is on, it also updated from the cache.
Overrides:
update in class dkAbstractAuthorizationMgmt
Parameters:
aclObj - the access control list to be updated
Throws:
DKNotExistException - when the specified ACL object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKAccessControlListICM

retrieveAccessControlList

public dkAccessControlList retrieveAccessControlList(java.lang.String name)
                                              throws DKNotExistException,
                                                     DKException,
                                                     java.lang.Exception
retrieves an access control list from the datastore. If the cache is enabled and if a cached copy is available then the access control lists are retrieved from the memory cache.
Overrides:
retrieveAccessControlList in class dkAbstractAuthorizationMgmt
Parameters:
name - the name of the access control list to be retrieved
Returns:
a dkAccessControlList object
Throws:
DKNoExistException - when the specified ACL object does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkAccessControlList, DKAccessControlListICM

getAccessControlList

public dkAccessControlList getAccessControlList(java.lang.String name)
                                         throws DKException,
                                                java.lang.Exception
Gets an access control list with the specified name from cache
Parameters:
name - the name of the access control list
Returns:
a dkAccessControlList object
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
dkAccessControlList, DKAccessControlListICM

listACLData

public dkCollection listACLData(java.lang.String name)
                         throws DKException,
                                java.lang.Exception
list ACL data of an access control list with the specified names from the datastore
Parameters:
name - the name of the access control list whose data are to be retrieved from the datastore
Returns:
a collection of DKACLData objects
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs
See Also:
DKACLData, dkAccessControlList, DKAccessControlListICM

addACLRule

public void addACLRule(long aclCode,
                       java.lang.String userId,
                       short patronType,
                       long privSetCode)
                throws DKAlreadyExistException,
                       DKException,
                       java.lang.Exception
Adds an ACL rule to an existing access control list in the datastore
Parameters:
aclCode - the acl code of the access control list
userId - the user id to be added to the access control list
patronType - the type of the user: either DK_CM_PATRON_TYPE_USER, DK_CM_PATRON_TYPE_GROUP, or DK_CM_PATRON_TYPE_PUBLIC
privSetCode - the privilege set code to be added to the access control list
Throws:
DKAlreadyExistException - when the specified ACL rule already exist.
DKException - when error occurs
java.lang.Exception - when error occurs

updateACLRule

public void updateACLRule(long aclCode,
                          java.lang.String userId,
                          short patronType,
                          long privSetCode)
                   throws DKNotExistException,
                          DKException,
                          java.lang.Exception
Updates patron type and privilege set associated with a user id in an existing access control list in the datastore Should both patrontype AND privsetcode be updated or just one can be updated.
Parameters:
aclCode - the acl code of the access control list
userId - the user id of which the associated user kind and privilege set are to be updated
patronType - the type of the user to be updated: either DK_CM_PATRON_TYPE_USER, DK_CM_PATRON_TYPE_GROUP, or DK_CM_PATRON_TYPE_PUBLIC
privSetCode - the privilege set code to be updated in the access control list
Throws:
DKNoExistException - when the specified ACL rule does not exist.
DKException - when error occurs
java.lang.Exception - when error occurs

deleteACLRule

public void deleteACLRule(long aclCode,
                          java.lang.String userId)
                   throws DKNotExistException,
                          DKException,
                          java.lang.Exception
Deletes an ACL rule for the specified user name (user id) in the datastore.
Parameters:
aclCode - the acl code of the access control list
userId - the user id to be deleted from the access control list
Throws:
DKNoExistException - when the specified ACL rule does not assigned to the user.
DKException - when error occurs
java.lang.Exception - when error occurs

isAuthorized

public boolean[] isAuthorized(java.lang.String[] accessControlListNames,
                              java.lang.String privilegeName)
                       throws DKException,
                              java.lang.Exception
Gets an array of booleans indicating values of whether the given privilegeName is allowable for the given logon userid with the given list of access control list names.
Parameters:
accessControlListNames - an array of access control list names to be checked against
privilegeName - name of a privilege to be checked against
Returns:
an array of boolean values for each access control list
Throws:
DKException -  
java.lang.Exception -  

listGeneralPrivileges

public dkCollection listGeneralPrivileges()
                                   throws DKException,
                                          java.lang.Exception
lists general privileges for the current (or this) user.
Returns:
a collection of DKPrivilegeICM objects
Throws:
DKException -  
java.lang.Exception -  

clearCache

public void clearCache()
Clears all cache data The lists: ACL list, Priv Set List, Priv Group List, Priv List, ACL Name list, Priv set name list, priv group name list, priv name list, acl id list. will be cleared.
Overrides:
clearCache in class dkAbstractAuthorizationMgmt

createPrivilege

public dkPrivilege createPrivilege()
Create a DKPrivilgeICM instance
Overrides:
createPrivilege in class dkAbstractAuthorizationMgmt
Following copied from class: com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
Returns:
privilege object
Throws:
DKException - if error

createPrivilegeSet

public dkPrivilegeSet createPrivilegeSet()
Create a DKPrivilgeICMSet instance
Overrides:
createPrivilegeSet in class dkAbstractAuthorizationMgmt
Following copied from class: com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
Returns:
privilege set object
Throws:
DKException - if error

createPrivilegeGroup

public dkPrivilegeGroup createPrivilegeGroup()
Create a DKPrivilgeICMGroup instance
Overrides:
createPrivilegeGroup in class dkAbstractAuthorizationMgmt
Following copied from class: com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
Returns:
privilege group object
Throws:
DKException - if error

createAccessControlList

public dkAccessControlList createAccessControlList()
Create a DKAccessControlListICM instance
Overrides:
createAccessControlList in class dkAbstractAuthorizationMgmt
Following copied from class: com.ibm.mm.sdk.common.dkAbstractAuthorizationMgmt
Returns:
access control list object
Throws:
DKException - if error

EIP Java APIs

(c) Copyright International Business Machines Corporation 1996, 2002. IBM Corp. All rights reserved.