public interface IAccessPolicy extends IBizPolicy
Modifier and Type | Method and Description |
---|---|
int |
getAccess(IContext context,
IThingID itemID,
IURI userID)
Deprecated.
use
getAccessEx(IContext, IThingID, IURI) instead |
Collection<Integer> |
getAccessEx(IContext context,
IThingID itemID,
IURI userID)
Returns access rights that user has for the given thing.
|
IListView<IAceView> |
getAclView(IContext context,
IThingID itemID)
Returns list of access control entries for this item
|
String |
getAuthScheme(IContext context,
IThingID itemId)
Queries the authLevel of the resource.
|
IListView<IView> |
getRightsForType(IContext context,
String xtypeName)
Returns list view of all rights registered with the given xtype/basic type
|
IThingID |
getSecurityRealm(IContext context,
IThingID itemID)
Retrieves and returns security policy associated with the item
|
boolean |
isAnonymous(IContext context,
IThingID itemId)
Verifies whether specified resource is anonymous.
|
IListView<IView> |
listSecurityRealmObjects(IContext context,
IThingID securityRealmID)
Returns list view of all objects assigned this security realm.
|
IListView<IView> |
listSecurityReamObjects(IContext context,
IThingID securityRealmID)
Deprecated.
use
listSecurityRealmObjects(IContext, IThingID) instead |
void |
removeAces(IContext context,
IThingID itemId,
List<? extends IURI> principalIds,
boolean recursive)
Removes the access entries of the specified item.
|
void |
removeSecurityRealm(IContext context,
IThingID itemID,
IThingID securityRealmID,
boolean recursive)
Removes security policy from the object
|
void |
setAces(IContext context,
IThingID itemId,
List<? extends IURI> principalIds,
boolean recursive,
int grant,
int deny,
int exclusive,
int delegate,
int mask)
Deprecated.
|
void |
setAcesEx(IContext context,
IThingID itemId,
List<? extends IURI> principalIds,
boolean recursive,
Collection<? extends Object> granted,
Collection<? extends Object> denied,
Collection<? extends Object> exclusive)
Sets the access for the specified item.
|
void |
setAnonymous(IContext context,
IThingID itemId,
boolean recursive,
boolean isAnonymous)
Set specified resource either as anonymous.
|
void |
setAuthScheme(IContext context,
IThingID itemId,
boolean recursive,
String authLevel)
Sets the authentication level of this thing
|
void |
setSecurityRealm(IContext context,
IThingID itemID,
IThingID securityRealmID,
boolean recursive)
Sets security policy to the object
|
getComponentData, getComponentName, getComponentProvider, getURI, isInitialized, setComponentData, setComponentProvider
init, shutdown
@Deprecated void setAces(IContext context, IThingID itemId, List<? extends IURI> principalIds, boolean recursive, int grant, int deny, int exclusive, int delegate, int mask) throws BizException
setAcesEx(IContext, IThingID, List, boolean, Collection, Collection, Collection)
insteadcontext
- Command context (user state information).itemId
- Item whose access entries to set.principalIds
- List of IURI
s for which to add or modify access.recursive
- True if the access modification should be applied to this item's descendants.grant
- Bit set of rights to grant.deny
- Bit set of rights to deny.exclusive
- Bit set of rights to grant exclusively.delegate
- Bit set of rights that may be delegated.mask
- Bit set of rights to modify. When adding or modifying a particular right set
(like grant or deny) only the intersection of this and the particular right set apply.BizException
- TODO: delegate and mask are unused and should be deprected/removed.void setAcesEx(IContext context, IThingID itemId, List<? extends IURI> principalIds, boolean recursive, Collection<? extends Object> granted, Collection<? extends Object> denied, Collection<? extends Object> exclusive) throws BizException
context
- current contextitemId
- item to set aces onprincipalIds
- principals listrecursive
- whether set aces recursivegranted
- list of granted rights. This is a list of String names of rights or Integer right valuesdenied
- list of denied rights. This is a list of String names of rights or Integer right valuesexclusive
- list of denied rights. This is a list of String names of rights or Integer right valuesBizException
@Deprecated int getAccess(IContext context, IThingID itemID, IURI userID) throws BizException
getAccessEx(IContext, IThingID, IURI)
insteadcontext
- Command contextitemID
- item whose access should be retrieveduserID
- user whose access shouild be retrievedBizException
IListView<IView> getRightsForType(IContext context, String xtypeName) throws BizException
context
- current contextxtypeName
- xtype or base type nameBizException
Collection<Integer> getAccessEx(IContext context, IThingID itemID, IURI userID) throws BizException
context
- Command contextitemID
- item whose access should be retrieveduserID
- user whose access shouild be retrievedBizException
IListView<IAceView> getAclView(IContext context, IThingID itemID) throws BizException
context
- executing contextitemID
- item to retrieve access control listIAceView
objectsBizException
void removeAces(IContext context, IThingID itemId, List<? extends IURI> principalIds, boolean recursive) throws BizException
context
- Command context (user state information).itemId
- Item whose access entries to remove.principalIds
- List of IURI
s for which to add or modify access.recursive
- True if the access modification should be applied to this item's descendants.BizException
void setAnonymous(IContext context, IThingID itemId, boolean recursive, boolean isAnonymous) throws BizException
1) The authLevel on the thing will change. IThingBaseView.getAuthLevel()
2) Authentication will not be required to access this thing
This is really just a convience function for checking to see if getAuthScheme(com.webmethods.portal.bizPolicy.IContext, com.webmethods.portal.service.meta2.thing.IThingID)
is equal to anonymouscontext
- Command context (user state information).itemId
- Item whose anonymous setting to change.recursive
- True if the access modification should be applied to this item's descendants.isAnonymous
- whether or not to set this as anonymousBizException
boolean isAnonymous(IContext context, IThingID itemId) throws BizException
context
- Command context (user state information).itemId
- Item whose anonymous setting to query.BizException
void setAuthScheme(IContext context, IThingID itemId, boolean recursive, String authLevel) throws BizException
context
- Command context (user state information).itemId
- Item whose authLevel setting to change.recursive
- True if the access modification should be applied to this item's descendants.authLevel
- the name of the auth scheme: 'default', 'fullAccess', 'anonymous', 'basic', 'ntlm'BizException
IAccessMechanics.AUTH_LEVEL_DEFAULT
,
IAccessMechanics.AUTH_LEVEL_FULL_ACCESS
,
IAccessMechanics.AUTH_LEVEL_ANONYMOUS
,
IAccessMechanics.AUTH_LEVEL_BASIC
,
IAccessMechanics.AUTH_LEVEL_NTLM
String getAuthScheme(IContext context, IThingID itemId) throws BizException
context
- Command context (user state information).itemId
- Item whose authLevel setting to query.BizException
IAccessMechanics.AUTH_LEVEL_DEFAULT
,
IAccessMechanics.AUTH_LEVEL_FULL_ACCESS
,
IAccessMechanics.AUTH_LEVEL_ANONYMOUS
,
IAccessMechanics.AUTH_LEVEL_BASIC
,
IAccessMechanics.AUTH_LEVEL_NTLM
void setSecurityRealm(IContext context, IThingID itemID, IThingID securityRealmID, boolean recursive) throws BizException
context
- Command contextitemID
- item thing ID to set policy onsecurityRealmID
- policy thing IDrecursive
- whether to set policy recursivelyBizException
IThingID getSecurityRealm(IContext context, IThingID itemID) throws BizException
context
- Command contextitemID
- item thing IDBizException
void removeSecurityRealm(IContext context, IThingID itemID, IThingID securityRealmID, boolean recursive) throws BizException
context
- command contextitemID
- item thing IDsecurityRealmID
- policy thing IDBizException
IListView<IView> listSecurityRealmObjects(IContext context, IThingID securityRealmID) throws BizException
securityRealmID
- BizException
@Deprecated IListView<IView> listSecurityReamObjects(IContext context, IThingID securityRealmID) throws BizException
listSecurityRealmObjects(IContext, IThingID)
insteadsecurityRealmID
- BizException