Skip navigation links

oracle.security.jps.service.policystore.entitymanager
Interface PermissionSetManager

All Superinterfaces:

EntityManager

public interface PermissionSetManager

extends EntityManager

An Entity Manager that offers create, read, update and delete of a PermissionSet in a persistent store.

Method Summary

EntryReference	createPermissionSet(PermissionSetEntry permSet) Create a PermissionSet
void	deletePermissionSet(EntryReference ref, boolean force) Delete a PermissionSet
PermissionSetEntry	getPermissionSet(java.lang.String permissionSetName) Get a PermissionSet by Name.
java.util.List<PermissionSetEntry>	getPermissionSets(PermissionSetSearchQuery query) Query PermissionSets based upon a search criteria.
void	modifyPermissionSet(EntryReference ref, javax.naming.directory.ModificationItem[] modItems) Modify the PermissionSet.
void	modifyPermissionSet(EntryReference ref, ResourceActionsEntry resourceActionsToAdd, ResourceActionsEntry resourceActionsToDelete) Modify the PermissionSet

Methods inherited from interface oracle.security.jps.service.policystore.entitymanager.EntityManager

resolveReference

Method Detail

createPermissionSet

EntryReference createPermissionSet(PermissionSetEntry permSet)
                                   throws PolicyStoreException

Create a PermissionSet

Parameters:

permSet - the permission set

Returns:

a reference to the PermissionSet created.

Throws:

PolicyStoreException - if there was an error while creating the PermissionSet.

deletePermissionSet

void deletePermissionSet(EntryReference ref,
                         boolean force)
                         throws PolicyStoreException

Delete a PermissionSet

Parameters:

ref - a reference to the PermissionSet

force - if set to false, a check is performed to determine if there are any grants referencing this PermissionSet. If there are any grants, an exception is raised.

if set to true, any grant referencing this PermissionSet is also deleted along with this PermissionSet.

Throws:

PolicyStoreException - if there was an error while deleting the PermissionSet.

modifyPermissionSet

void modifyPermissionSet(EntryReference ref,
                         ResourceActionsEntry resourceActionsToAdd,
                         ResourceActionsEntry resourceActionsToDelete)
                         throws PolicyStoreException

Modify the PermissionSet

If there are any grants referencing this PermissionSet, the grants are also modified.

Parameters:

ref - the reference to the PermissionSet

resourceActionstoAdd - the ResourceActionsEntry to add. It can be null.

resourceActionsToRemove - the ResourceActionsEntry to remove. It can be null. If Non-null, the resourceActionsToRemove must be present in this PermissionSet.

Throws:

PolicyStoreException - if there was an error while modifying the PermissionSet.

If both resourceActionsToAdd and resourceActionsToDelete are both null an InvalidArgumentException is thrown.

modifyPermissionSet

void modifyPermissionSet(EntryReference ref,
                         javax.naming.directory.ModificationItem[] modItems)
                         throws PolicyStoreException

Modify the PermissionSet.

The displayname and description of the permission can be modified by this method.

The following code fragment illustrates how to Replace the display name.

     PermissionSetManager psm; 
     String property2Change = PermissionSetEntry.Properties.PROPERTY_DISPLAY_NAME.name();
     String newValue =  "this is the new description";
     Attribute attr = new BasicAttribute ( property2Change, newValue);
     ModificationItem displayModItem = new ModificationItem ( DirContext.REPLACE_ATTRIBUTE, attr);
     ModificationItem[] allItems = new ModificationItem []{ displayModItem };
     // get psm
     psm.modifyPermissionSet ( ref, allItems );
 

Parameters:

ref - a reference to the PermissionSet

modItems - an array of modification items.

Throws:

PolicyStoreException - if there was an error while modifying the PermissionSet.

getPermissionSet

PermissionSetEntry getPermissionSet(java.lang.String permissionSetName)
                                    throws PolicyStoreException

Get a PermissionSet by Name.

Parameters:

permissionSetName - name of the PermissionSet.

Returns:

PermissionSetEntry The permission set contains a set of Resource-Actions that constitute the PermissionSet. Every attempt is made to retrieve the display name and description of the Resource. If the resource is not found in the store, the display name and description are set to null.

If the resource is managed in an external store, it is possible the resource has been deleted without the PermissionSet being updated.

If the resoure is managed in the default store, it is also possible for the resource to have been deleted without the PermissionSet having been updated. This is possible in distributed policy environment.

Throws:

PolicyStoreException - if there was an error while searching for the PermissionSet.

getPermissionSets

java.util.List<PermissionSetEntry> getPermissionSets(PermissionSetSearchQuery query)
                                                     throws PolicyStoreException

Query PermissionSets based upon a search criteria. To get all permission sets, use query with ANY MATCHER and null value. Query must not be null. To get all permission sets defined in the scope, set matcher to ANY and value to match to null.

Parameters:

query - search criteria, must not be null.

Returns:

PermissionSetEntry. The display name and description of the Resource is not returned by this method. Their values are set to null in the returned ResourceEntry unlike getPermissionSet(String) which attempts to lookup the description and display name of the resource. Returns an empty list if no permisison set matching the query is found.

If no permissionSets are found, an empty list is returned.

Throws:

PolicyStoreException - if there was an error while querying.

InvalidArgumentException - if query is null.

Skip navigation links