AuthorizationAdminAPIImpl (Server 6.0.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.metamatrix.platform.admin.apiimpl
Class AuthorizationAdminAPIImpl

java.lang.Object
  com.metamatrix.platform.admin.apiimpl.SubSystemAdminAPIImpl
      com.metamatrix.platform.admin.apiimpl.AuthorizationAdminAPIImpl

All Implemented Interfaces:: AuthorizationAdminAPI, SubSystemAdminAPI, java.io.Serializable

public class AuthorizationAdminAPIImpl
extends SubSystemAdminAPIImpl
implements AuthorizationAdminAPI
extends SubSystemAdminAPIImpl
implements AuthorizationAdminAPI

See Also:: Serialized Form

Method Summary
`void`	`addPrincipalsToRole(java.util.Set principals, java.lang.String roleName)` Add the given set of principals to the given role.
`void`	`addPrincipalToRoles(MetaMatrixPrincipalName principal, java.util.Collection roleNames)` Add the given principal to the given roles.
`java.lang.Boolean`	`containsPolicy(AuthorizationPolicyID policyID)`
`AuthorizationEditor`	`createEditor()` Returns a `AuthorizationObjectEditor` to perform editing operations on a entitlement type object.
`java.util.Set`	`executeTransaction(java.util.List actions)`
`java.util.Collection`	`findAllPolicyIDs()` Get all policyIDs in the system except those that we want to filter from the console.
`java.util.Collection`	`findPolicyIDs(java.util.Collection principals)`
`java.util.List`	`getElementEntitlements(AuthorizationRealm realm, java.lang.String elementNamePattern)` Returns a `List` of entitlements to the given element pattern in the given realm.
`java.util.List`	`getGroupEntitlements(AuthorizationRealm realm, java.lang.String fullyQualifiedGroupName)` Returns a `List` of entitlements to the given fully qualified group name in the given realm.
`static AuthorizationAdminAPI`	`getInstance()`
`java.util.Collection`	`getPolicies(java.util.Collection policyIDs)`
`AuthorizationPolicy`	`getPolicy(AuthorizationPolicyID policyID)`
`java.util.Collection`	`getPolicyIDsForResourceInRealm(AuthorizationRealm realm, java.lang.String resourceName)` Returns a `Collection` of `AuthorizationPolicyID`s that have `AuthorizationPermissions` on the given resource that exists in the given `AuthorizationRealm`.
`java.util.Collection`	`getPolicyIDsInPartialRealm(AuthorizationRealm realm)` Returns a `Collection` of `AuthorizationPolicyID`s that have `AuthorizationPermissions` that exist in the given partial `AuthorizationRealm`. The implementation is such that all `AuthorizationPolicyID`s whose `AuthorizationRealm` starts with the given `AuthorizationRealm` are returned.
`java.util.Collection`	`getPolicyIDsInRealm(AuthorizationRealm realm)` Returns a `Collection` of `AuthorizationPolicyID`s in the given `AuthorizationRealm`.
`java.util.Collection`	`getPolicyIDsWithPermissionsInRealm(AuthorizationRealm realm)` Returns a `Collection` of `AuthorizationPolicyID`s that have `AuthorizationPermission`s in the given `AuthorizationRealm`. NOTE: It is the responsibility of the caller to determine which of the `AuthorizationPolicy`'s `AuthorizationPermission`s are actually in the given `AuthorizationRealm`.
`java.util.Collection`	`getPrincipalsForRole(java.lang.String roleName)`
`java.util.Collection`	`getRealmNames()` Obtain the names of all of the realms known to the system.
`java.util.Map`	`getRoleDescriptions()`
`java.util.Collection`	`getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)` Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.
`boolean`	`isCallerInRole(SessionToken caller, java.lang.String roleName)` Verify that caller is in the specified logical role.
`boolean`	`isSuperUser(java.lang.String username)` Return true is given username is a super user
`void`	`removePolicy(AuthorizationPolicyID policyID)` Remove the policy with the specified ID.
`java.lang.Boolean`	`removePrincipalFromAllPolicies(MetaMatrixPrincipalName principal)`
`void`	`removePrincipalsFromRole(java.util.Set principals, java.lang.String roleName)` Remove the given set of principals from the given role.

Methods inherited from class com.metamatrix.platform.admin.apiimpl.SubSystemAdminAPIImpl
`getSessionID`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

getInstance

public static AuthorizationAdminAPI getInstance()

createEditor

public AuthorizationEditor createEditor()
                                 throws InvalidSessionException,
                                        AuthorizationException,
                                        MetaMatrixComponentException

Returns a AuthorizationObjectEditor to perform editing operations on a entitlement type object. The editing process will create actions for each specific type of editing operation. Those actions are what need to be submitted to the AuthorizationService for actual updates to occur.

Specified by:: createEditor in interface AuthorizationAdminAPI

Returns:: AuthorizationObjectEditor
Throws:: InvalidSessionException; AuthorizationException; MetaMatrixComponentException

getRealmNames

public java.util.Collection getRealmNames()
                                   throws InvalidSessionException,
                                          AuthorizationException,
                                          MetaMatrixComponentException

Obtain the names of all of the realms known to the system.

Specified by:: getRealmNames in interface AuthorizationAdminAPI

Returns:: the set of realm names
Throws:: InvalidSessionException - if the SessionToken is not valid or is expired; AuthorizationException - if the caller is unable to perform this operation; MetaMatrixComponentException - if this service has trouble communicating.

getRoleDescriptions

public java.util.Map getRoleDescriptions()
                                  throws AuthorizationException,
                                         InvalidSessionException,
                                         MetaMatrixComponentException

Specified by:: getRoleDescriptions in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

getPrincipalsForRole

public java.util.Collection getPrincipalsForRole(java.lang.String roleName)
                                          throws AuthorizationException,
                                                 InvalidSessionException,
                                                 MetaMatrixComponentException

Specified by:: getPrincipalsForRole in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

getRoleNamesForPrincipal

public java.util.Collection getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)
                                              throws AuthorizationException,
                                                     InvalidSessionException,
                                                     MetaMatrixComponentException

Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.

Specified by:: getRoleNamesForPrincipal in interface AuthorizationAdminAPI

Parameters:: principal - MetaMatrixPrincipalName for which roles are sought
Returns:: The Collection of role names the principal is assigned.
Throws:: InvalidSessionException - if the administrative session is invalid; AuthorizationException - if administrator does not have the authority to perform the requested operation.; MetaMatrixComponentException - if this service has trouble communicating.

addPrincipalsToRole

public void addPrincipalsToRole(java.util.Set principals,
                                java.lang.String roleName)
                         throws AuthorizationException,
                                InvalidSessionException,
                                MetaMatrixComponentException

Add the given set of principals to the given role.

Specified by:: addPrincipalsToRole in interface AuthorizationAdminAPI

Parameters:: principals - Set of MetaMatrixPrincipalNames to which to add.; roleName - The name of the role to which to add the principals.
Throws:: InvalidSessionException - if the administrative session is invalid; AuthorizationException - if admninistrator does not have the authority to perform the requested operation.; MetaMatrixComponentException - if this service has trouble communicating.

addPrincipalToRoles

public void addPrincipalToRoles(MetaMatrixPrincipalName principal,
                                java.util.Collection roleNames)
                         throws AuthorizationException,
                                InvalidSessionException,
                                MetaMatrixComponentException

Add the given principal to the given roles.

Parameters:: principal - The MetaMatrixPrincipalName to add; roleNames - The Collection of String role names of which to add the principal.
Throws:: InvalidSessionException - if the administrative session is invalid; AuthorizationException - if admninistrator does not have the authority to perform the requested operation.; MetaMatrixComponentException - if this service has trouble communicating.

removePrincipalsFromRole

public void removePrincipalsFromRole(java.util.Set principals,
                                     java.lang.String roleName)
                              throws AuthorizationException,
                                     InvalidSessionException,
                                     MetaMatrixComponentException

Remove the given set of principals from the given role.

Specified by:: removePrincipalsFromRole in interface AuthorizationAdminAPI

Parameters:: principals - Set of MetaMatrixPrincipalNames to remove.; roleName - The name of the role from which to remove the principals.
Throws:: InvalidSessionException - if the administrative session is invalid; AuthorizationException - if admninistrator does not have the authority to perform the requested operation.; MetaMatrixComponentException - if this service has trouble communicating.

removePolicy

public void removePolicy(AuthorizationPolicyID policyID)
                  throws AuthorizationException,
                         InvalidSessionException,
                         MetaMatrixComponentException

Remove the policy with the specified ID.

Specified by:: removePolicy in interface AuthorizationAdminAPI

Parameters:: policyID - the ID of the policy that is to be removed.
Throws:: InvalidSessionException - if the sessionToken is not valid or is expired; AuthorizationException - if the caller is unable to perform this operation; MetaMatrixComponentException - if this service is unable to locate resources required for this operation

findAllPolicyIDs

public java.util.Collection findAllPolicyIDs()
                                      throws AuthorizationException,
                                             InvalidSessionException,
                                             MetaMatrixComponentException

Get all policyIDs in the system except those that we want to filter from the console.

Specified by:: findAllPolicyIDs in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

findPolicyIDs

public java.util.Collection findPolicyIDs(java.util.Collection principals)
                                   throws AuthorizationException,
                                          InvalidSessionException,
                                          MetaMatrixComponentException

Specified by:: findPolicyIDs in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

getPolicies

public java.util.Collection getPolicies(java.util.Collection policyIDs)
                                 throws AuthorizationException,
                                        InvalidSessionException,
                                        MetaMatrixComponentException

Specified by:: getPolicies in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

containsPolicy

public java.lang.Boolean containsPolicy(AuthorizationPolicyID policyID)
                                 throws AuthorizationException,
                                        InvalidSessionException,
                                        MetaMatrixComponentException

Specified by:: containsPolicy in interface AuthorizationAdminAPI

Throws:: AuthorizationException; InvalidSessionException; MetaMatrixComponentException

getPolicy

public AuthorizationPolicy getPolicy(AuthorizationPolicyID policyID)
                              throws AuthorizationException,
                                     AuthorizationMgmtException,
                                     InvalidSessionException,
                                     MetaMatrixComponentException

Specified by:: getPolicy in interface AuthorizationAdminAPI

Throws:: AuthorizationException; AuthorizationMgmtException; InvalidSessionException; MetaMatrixComponentException

executeTransaction

public java.util.Set executeTransaction(java.util.List actions)
                                 throws AuthorizationException,
                                        AuthorizationMgmtException,
                                        InvalidSessionException,
                                        MetaMatrixComponentException

Specified by:: executeTransaction in interface AuthorizationAdminAPI

Throws:: AuthorizationException; AuthorizationMgmtException; InvalidSessionException; MetaMatrixComponentException

removePrincipalFromAllPolicies

public java.lang.Boolean removePrincipalFromAllPolicies(MetaMatrixPrincipalName principal)
                                                 throws AuthorizationException,
                                                        AuthorizationMgmtException,
                                                        InvalidSessionException,
                                                        MetaMatrixComponentException

Specified by:: removePrincipalFromAllPolicies in interface AuthorizationAdminAPI

Throws:: AuthorizationException; AuthorizationMgmtException; InvalidSessionException; MetaMatrixComponentException

getPolicyIDsWithPermissionsInRealm

public java.util.Collection getPolicyIDsWithPermissionsInRealm(AuthorizationRealm realm)
                                                        throws AuthorizationException,
                                                               AuthorizationMgmtException,
                                                               InvalidSessionException,
                                                               MetaMatrixComponentException

Returns a Collection of AuthorizationPolicyIDs that have AuthorizationPermissions in the given AuthorizationRealm.
NOTE: It is the responsibility of the caller to determine which of the AuthorizationPolicy's AuthorizationPermissions are actually in the given AuthorizationRealm. The AuthorizationPolicy may span AuthorizationRealms.

Specified by:: getPolicyIDsWithPermissionsInRealm in interface AuthorizationAdminAPI

Parameters:: realm - The realm in which to search for AuthorizationPermissions.
Returns:: The collection of AuthorizationPolicyIDs that have permissions in the given realm - possibly empty but never null.
Throws:: AuthorizationException - if admninistrator does not have the authority to preform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.; MetaMatrixComponentException - if this service has trouble communicating.; InvalidSessionException

getPolicyIDsInRealm

public java.util.Collection getPolicyIDsInRealm(AuthorizationRealm realm)
                                         throws AuthorizationException,
                                                AuthorizationMgmtException,
                                                InvalidSessionException,
                                                MetaMatrixComponentException

Returns a Collection of AuthorizationPolicyIDs in the given AuthorizationRealm.
This method will only work for Data Access Authorizations because the realm is encoded in a Data Access policy name. NOTE: It is the responsibility of the caller to determine which of the AuthorizationPolicy's AuthorizationPermissions are actually in the given AuthorizationRealm. The AuthorizationPolicy may span AuthorizationRealms.

Specified by:: getPolicyIDsInRealm in interface AuthorizationAdminAPI

Parameters:: realm - The realm in which to search for AuthorizationPermissions.
Returns:: The collection of AuthorizationPolicyIDs that have permissions in the given realm - possibly empty but never null.
Throws:: AuthorizationException - if admninistrator does not have the authority to preform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.; MetaMatrixComponentException - if this service has trouble communicating.; InvalidSessionException

getPolicyIDsInPartialRealm

public java.util.Collection getPolicyIDsInPartialRealm(AuthorizationRealm realm)
                                                throws AuthorizationException,
                                                       AuthorizationMgmtException,
                                                       InvalidSessionException,
                                                       MetaMatrixComponentException

Returns a Collection of AuthorizationPolicyIDs that have AuthorizationPermissions that exist in the given partial AuthorizationRealm.
The implementation is such that all AuthorizationPolicyIDs whose AuthorizationRealm starts with the given AuthorizationRealm are returned.

Specified by:: getPolicyIDsInPartialRealm in interface AuthorizationAdminAPI

Parameters:: realm - The partial realm in which to search for AuthorizationPermissions whose realm name starts with the given realm.
Returns:: The collection of AuthorizationPolicyIDs that have permissions in the given partial realm - possibly empty but never null.
Throws:: AuthorizationException - if admninistrator does not have the authority to preform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.; MetaMatrixComponentException - if this service has trouble communicating.; InvalidSessionException

getPolicyIDsForResourceInRealm

public java.util.Collection getPolicyIDsForResourceInRealm(AuthorizationRealm realm,
                                                           java.lang.String resourceName)
                                                    throws AuthorizationException,
                                                           AuthorizationMgmtException,
                                                           InvalidSessionException,
                                                           MetaMatrixComponentException

Returns a Collection of AuthorizationPolicyIDs that have AuthorizationPermissions on the given resource that exists in the given AuthorizationRealm.

Specified by:: getPolicyIDsForResourceInRealm in interface AuthorizationAdminAPI

Parameters:: realm - The realm in which to search for AuthorizationPermissions.; resourceName - The resource for which to search for AuthorizationPermissions.
Returns:: The collection of AuthorizationPolicyIDs that have permissions on the given resource - possibly empty but never null.
Throws:: AuthorizationException - if admninistrator does not have the authority to preform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.; MetaMatrixComponentException - if this service has trouble communicating.; InvalidSessionException

isCallerInRole

public boolean isCallerInRole(SessionToken caller,
                              java.lang.String roleName)
                       throws AuthorizationException,
                              AuthorizationMgmtException,
                              InvalidSessionException,
                              MetaMatrixComponentException

Verify that caller is in the specified logical role.

Specified by:: isCallerInRole in interface AuthorizationAdminAPI

Parameters:: caller - The session token of the MetaMatrix principle involking an administrative method.
Returns:: true if caller's session token is valid and he is a MetaMatrix administrator.
Throws:: AuthorizationMgmtException - if this service has trouble connecting to services it uses.; AuthorizationException; InvalidSessionException; MetaMatrixComponentException

isSuperUser

public boolean isSuperUser(java.lang.String username)
                    throws ServiceException,
                           MembershipServiceException,
                           MetaMatrixComponentException

Return true is given username is a super user

Specified by:: isSuperUser in interface AuthorizationAdminAPI

Parameters:: username - - The user to verify as super user
Returns:: true if given user is a super user
Throws:: ServiceException; MembershipServiceException; MetaMatrixComponentException
See Also:: AuthorizationAdminAPI.isSuperUser(java.lang.String)

getGroupEntitlements

public java.util.List getGroupEntitlements(AuthorizationRealm realm,
                                           java.lang.String fullyQualifiedGroupName)
                                    throws AuthorizationException,
                                           AuthorizationMgmtException,
                                           InvalidSessionException,
                                           MetaMatrixComponentException

Returns a List of entitlements to the given fully qualified group name in the given realm.

The list contains objects of type UserEntitlementInfo which will contain all user entitlement information for each group found. Each of these objects will contain 1 or more objects of type GranteeEntitlementEntry which contain the Grantee's name the entitlement Grantor or entity specifying the Grantee is entitled and the Allowed Actions the Grantee is entitled to perform on the group.

The attributes availible are:

VDB Name
VDB Version
Group Name (fully qualified)

Grantee Name; Grantor Name; Allowed Actions (A String[] of one or more of {CREATE, READ, UPDATE, DELETE})
...

Specified by:: getGroupEntitlements in interface AuthorizationAdminAPI

Parameters:: realm - The realm in which the element must live.; fullyQualifiedGroupName - The resource for which to look up permissions.
Returns:: The List of entitlements to the given element in the given realm - May be empty but never null.
Throws:: AuthorizationException - if admninistrator does not have the authority to preform the action.; AuthorizationMgmtException - if an error occurs in the Authorization store.; MetaMatrixComponentException - if this service has trouble communicating.; InvalidSessionException

getElementEntitlements

public java.util.List getElementEntitlements(AuthorizationRealm realm,
                                             java.lang.String elementNamePattern)
                                      throws AuthorizationException,
                                             AuthorizationMgmtException,
                                             InvalidSessionException,
                                             MetaMatrixComponentException

Returns a List of entitlements to the given element pattern in the given realm.

The list contains objects of type UserEntitlementInfo which will contain all user entitlement information for each element found. Each of these objects will contain 1 or more objects of type GranteeEntitlementEntry which contain the Grantee's name the entitlement Grantor or entity specifying the Grantee is entitled and the Allowed Actions the Grantee is entitled to perform on the element.