Enterprise Information Portal APIs

com.ibm.mm.sdk.common
Class DKAccessControlListICM

java.lang.Object
  |
  +--com.ibm.mm.sdk.common.dkAbstractAccessControlList
        |
        +--com.ibm.mm.sdk.common.DKAccessControlListICM
All Implemented Interfaces:
dkAccessControlList, DKMessageId, java.io.Serializable

public class DKAccessControlListICM
extends dkAbstractAccessControlList
implements java.io.Serializable

The Content Manager version 8 access control model is applied at the level of the controlled entity. A controlled entity is a unit of protected user data. In different Content Manager installations, the controlled entity can be an individual item, item-type, or the entire library. Operations on the controlled entities are regulated by one or more control rules. The access control list (ACL) is the container for these control rules. The DKAccessControlListICM class represents a Content Manager version 8 ACL. Every controlled entity in a Content Manager system must be bound to an ACL. Default settings can be configured by the system administrator, if appropriate. An ACL is associated with an item type to enforce access control at the item type level. Similarly, an item level access control is established by binding an ACL to the desired item when the item is created. When a user initiates an operation on the item, the system will check the user's privilege and the ACL associated with this item to determine if this user has the right to perform such an operation on this item. The right to access an item also requires the right to access the item type based on which this item type is defined. An ACL is created by calling one of its multiple constructors. If the datastore with which this ACL shall be associated is known at the time of object creation, then one of the constructors that take a datastore parameter is used. Otherwise, the default constructor is used and the setDatastore method is called on the created ACL instance once the datastore instance has also been created.

See Also:
DKPrivilegeICM, Serialized Form

Fields inherited from interface com.ibm.mm.sdk.common.DKMessageId
    For details, see the class or interface
 
Constructor Summary
DKAccessControlListICM()
          Constructs and initializes an access control list class that is not currently associated with any datastore instance.
DKAccessControlListICM(dkDatastore ds)
          Constructor that takes a datastore instance as a parameter.
DKAccessControlListICM(dkDatastore ds, java.lang.String name)
          Constructor that takes a datastore instance and a name as a parameter.
 
Method Summary
 void addACLData(DKACLData aclData)
          Adds the specified access control rule to the in-memory (cached) representation of this ACL object instance Adds
 void clearCache()
          Removes all the access control rules from the in-memory (cached) representation of this ACL object instance.
 dkCollection getAdminDomains()
          Retrieves the collection of domains with which this ACL instance is associated.
 long getID()
          Retrieves the identifier for this ACL.
 dkCollection listACLData()
          Retrieves the access control data associated with this object from the datastore if the cache is turned off or if cache is on but the access control rules have not yet been retrieved into it.
 java.lang.String[] listGroups()
          Retrieves the list of user groups associated with this ACL from the in-memory (cached) representation of this object instance.
 java.lang.String[] listUsers()
          Retrieves the list of users associated with this ACL from the in-memory (cached) representation of this object instance.
 java.lang.String[] listUsrGrps()
          Retrieves the list of users and user groups associated with this ACL from the in-memory (cached) representation of this object instance.
 void removeACLData(DKACLData aclData)
          Removes the specified access control rule from the in-memory (cached) representation of this ACL object instance.
 void setAdminDomains(dkCollection collDomain)
          Sets the admininstration domains that this ACL object instance is associated with.
 void setID(long id)
          Sets the identifier for this access control listobject
 
Methods inherited from class com.ibm.mm.sdk.common.dkAbstractAccessControlList
getDatastore, getDescription, getName, setDatastore, setDescription, setName
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DKAccessControlListICM

public DKAccessControlListICM()
Constructs and initializes an access control list class that is not currently associated with any datastore instance.

DKAccessControlListICM

public DKAccessControlListICM(dkDatastore ds)
Constructor that takes a datastore instance as a parameter. The returned ACL instance is associated with the datastore instance. Equivalent to calling the default constructor followed by the setDatastore method on the created object
Parameters:
ds - datastore object as an instance of DKDatastoreICM

DKAccessControlListICM

public DKAccessControlListICM(dkDatastore ds,
                              java.lang.String name)
Constructor that takes a datastore instance and a name as a parameter. The returned ACL instance is associated with the datastore instance and has a name. Equivalent to calling the default constructor, followed by the setDatastore and setName methods on the created object.
Parameters:
ds - datastore refrence as an instance of DKDatastoreICM
name - name for the of the created access control list
Method Detail

setID

public void setID(long id)
Sets the identifier for this access control listobject
Parameters:
id - new identifier value for to be set to this ACL object

getID

public long getID()
Retrieves the identifier for this ACL.
Returns:
identifier for of this ACL object

setAdminDomains

public void setAdminDomains(dkCollection collDomain)
Sets the admininstration domains that this ACL object instance is associated with. The input parameter is a collection of DKAdminDomainDefICM object instances with which this ACL will henceforth be associated.
Parameters:
collDomain - a collection of DKAdminDomainDefICM objects that this ACL object will be associated with

getAdminDomains

public dkCollection getAdminDomains()
Retrieves the collection of domains with which this ACL instance is associated. The returned list contains one or more DKAdminDomainDefICM object instances with which this ACL is associated.
Returns:
the collection of DKAdminDomainDefICM objects that this ACL object is associated with

listACLData

public dkCollection listACLData()
                         throws DKException,
                                java.lang.Exception
Retrieves the access control data associated with this object from the datastore if the cache is turned off or if cache is on but the access control rules have not yet been retrieved into it. If cache is turned on and the access control rules have already been retrieved into it memory, then return the access control rules from the memory cache.
Overrides:
listACLData in class dkAbstractAccessControlList
Returns:
a collection of DKACLData object
Throws:
DKException - if error occurs
java.lang.Exception - if error occurs
See Also:
DKACLData

listUsrGrps

public java.lang.String[] listUsrGrps()
                               throws DKException
Retrieves the list of users and user groups associated with this ACL from the in-memory (cached) representation of this object instance. No datastore call is initiated as a result of calling this method.
Overrides:
listUsrGrps in class dkAbstractAccessControlList
Returns:
an array of user and user group names as string variables
Throws:
DKException - when error occurs

listUsers

public java.lang.String[] listUsers()
                             throws DKException
Retrieves the list of users associated with this ACL from the in-memory (cached) representation of this object instance. No datastore call is initiated as a result of calling this method.
Overrides:
listUsers in class dkAbstractAccessControlList
Returns:
an array of user identifier as string variables.
Throws:
DKException - when error occurs

listGroups

public java.lang.String[] listGroups()
                              throws DKException
Retrieves the list of user groups associated with this ACL from the in-memory (cached) representation of this object instance. No datastore call is initiated as a result of calling this method.
Overrides:
listGroups in class dkAbstractAccessControlList
Returns:
an array of user group names as string variables
Throws:
DKException - when error occurs

addACLData

public void addACLData(DKACLData aclData)
                throws DKAlreadyExistException,
                       DKException
Adds the specified access control rule to the in-memory (cached) representation of this ACL object instance Adds
Overrides:
addACLData in class dkAbstractAccessControlList
Parameters:
aclData - an access control rule as an instance of DKACLData object
Throws:
DKAlreadyExistException - if the user/user group specified in this ACL rule already exists in the other ACL rules already associated with this object
DKException - when error occurs

removeACLData

public void removeACLData(DKACLData aclData)
                   throws DKNotExistException,
                          DKException
Removes the specified access control rule from the in-memory (cached) representation of this ACL object instance.
Overrides:
removeACLData in class dkAbstractAccessControlList
Parameters:
aclData - the access control rule as an instance of DKACLData to be removed
Throws:
DKNotExistException - if the user/user group specified in this ACL rule does not exist in any of the other ACL rules already associated with this object
DKException - when error occurs

clearCache

public void clearCache()
                throws DKException,
                       java.lang.Exception
Removes all the access control rules from the in-memory (cached) representation of this ACL object instance.
Overrides:
clearCache in class dkAbstractAccessControlList
Throws:
DKException - when error occurs
java.lang.Exception - when error occurs

EIP Java APIs

(c) Copyright International Business Machines Corporation 1996, 2002. IBM Corp. All rights reserved.