com.adobe.idp.um.api
Interface AuthorizationManager

All Known Implementing Classes:

AuthorizationManagerServiceClient

public interface AuthorizationManager

This is the primary interface for LiveCycle authorization. You can use an object of this type to add and remove permissions to users and groups. To see an object of this type used in a code example, see the Managing Roles and Permissions using the Java API quick start in Programming with LiveCycle ES4.

Method Summary

java.util.Map	areUsersInRole(java.lang.String roleId, java.util.List principalOid) Determines whether the specified principals have been assigned the given role.
void	assignPermToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permissionOid) Assigns the specified permissions to the principal for the given resource instance.
void	assignPermToPrincipalsForRes(java.lang.String resourceId, java.util.Map principalPermissionMap) Assigns the specified permissions to the principals for the given resource instance.
void	assignRole(java.lang.String roleId, java.lang.String[] principalOids) Assigns the role to the specified principals.
void	assignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) Assigns the specified roles to the given principals.
java.lang.String	createPermission(Permission perm) Creates a permission for a resource type.
java.lang.String	createReliantApplication(ReliantApplication relApp) Creates a reliant application.
java.lang.String	createResourceType(ResourceType resType) Creates a resource type.
void	createRole(Role role) Creates a role.
void	createRole(Role role, java.util.List addPermissionOids) Creates a role with specific permissions.
void	deletePermsForPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List permList) Removes the specified permissions from the principal for the given resource instance.
void	deletePermsForPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List permList) Removes the specified permissions from the List of principals for the given resource instance.
void	deleteRole(java.lang.String roleId) Deletes the role.
java.util.Map	findPriPermInfoForRes(java.lang.String resourceId) Retrieves a Map of permissions and principals for a given resource instance.
Role	findRole(java.lang.String roleId) Retrieves a role.
java.util.List	findRoleMembership(RoleMembershipSearchFilter rmb) Retrieves a List of roles based on specified membership search criteria.
java.util.List	findRoles(RoleSearchFilter rsf) Retrieves a List of roles based on specified search criteria.
java.util.Set	findRolesForPrincipal(java.lang.String principalOid) Finds the roles for a given principal.
java.util.Map	findRolesForPrincipals(java.util.List principalOid) Retrieves a Map containing sets of roles assigned to the specified principals.
java.util.List	getAllRolePermissions(java.lang.String roleId) Retrieves a List of permissions related to the specified role.
java.util.List	getPermissions(PermissionSearchFilter psf) Retrieves a List of permissions related to the specified search filter.
java.util.List	getPermissions(java.lang.String ResourceTypeOid) Retrieves a List of permissions related to the resource type.
java.util.Set	getPermsForPrincipalOverRes(java.lang.String principalOid, java.lang.String resourceId) Retrieves a Set of permissions for the specified principal and resource instance.
java.util.Map	getPermsForPrincipalsOverRes(java.util.List principalOidList, java.lang.String resourceId) Retrieves a Map of permissions for the List of specified principals and resource instance.
ReliantApplication	getReliantApplication(java.lang.String reliantApplicationName) Retrieves a reliant application.
java.util.Set	getResourcesForPrincipal(java.lang.String principalOid, java.lang.String permissionOid) Retrieves a Set of resource identifiers for which the principal has the specified permission.
java.util.Map	getResourcesForPrincipals(java.util.List principalOid, java.lang.String permissionOid) Retrieves a Map of resource identifiers for which the principals have the specified permission.
java.util.List	getResourceType(ResourceTypeSearchFilter rtsf) Searches for resource types.
java.util.List	getSystemPermissions(PermissionSearchFilter psf) Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter.
java.util.Map	hasPermission(java.util.List principalOid, java.lang.String resourceId, Permission perm) Determines whether the List of principals have the specified permission for the given resource instance.
java.util.Map	hasPermission(java.util.List principalOid, java.lang.String resourceId, java.lang.String permissionOid) Determines whether the List of principals have the specified permission for the given resource instance.
PermissionInfo	hasPermission(java.lang.String principalOid, java.lang.String resourceId, Permission perm) Determines whether the principal has the permission assigned to it for the specified resource instance.
PermissionInfo	hasPermission(java.lang.String principalOid, java.lang.String resourceId, java.lang.String permissionOid) Determines whether the principal has the permission assigned to it for the specified resource instance.
boolean	isMutable(java.lang.String roleId) Determines whether the specified role is mutable.
boolean	isUserInRole(java.lang.String roleId) Determines whether the currently authenticated user is in the specified role.
boolean	isUserInRole(java.lang.String roleId, java.lang.String principalOid) Determines whether the principal has an assigned role.
void	modifyDefaultACL(ResourceTypeACL addRtDefACL, ResourceTypeACL delRtDefACL) Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.
void	modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List desiredPerms) Assigns the specified permissions to the principal for the given resource instance.
void	modifyPermsToPrincipalForRes(java.lang.String principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) Assigns and removes the specified permissions from the principal for the given resource instance.
void	modifyPermsToPrincipalsForRes(java.util.List principalOid, java.lang.String resourceId, java.util.List delPerm, java.util.List addPerm) Assigns and removes the specified permissions from the List of principals for the given resource instance.
void	modifyRole(java.lang.String roleName, java.util.List addPermissionOids, java.util.List removePermissionOids) Modifies the definition of a role by adding and removing a set of permissions from the definition of the role.
void	registerResInstance(java.lang.String resType, java.util.List resIdList) Assigns the default access control list (ACL) of the specified resource type to the given resource instances.
void	setDefaultACL(ResourceTypeACL rtDefACL) Specifies the default access control list (ACL) for the given resource type.
void	unassignRole(java.lang.String roleId, java.lang.String[] principalOids) Unassigns the role from the specified principals.
void	unassignRoles(java.lang.String[] roleId, java.lang.String[] principalOids) Removes the specified roles from the given principals.

Method Detail

isUserInRole

boolean isUserInRole(java.lang.String roleId,
                     java.lang.String principalOid)
                     throws UMException

Determines whether the principal has an assigned role.

Parameters:

roleId - The assigned role's identifier.

principalOid - The principal's identifier.

Returns:

The value true if the principal has the assigned role, false otherwise.

Throws:

UMException

isUserInRole

boolean isUserInRole(java.lang.String roleId)
                     throws UMException

Determines whether the currently authenticated user is in the specified role. It gathers the information from the context passed into this AuthorizationManger when it was instantiated. If you need to change roles, you must re-authenticate, create a new context, and instantiate a new AuthorizationManager object.

Parameters:

roleId - A string value that specifies the role's identifier.

Returns:

The value true if the currently authenticated user has the specified role, false otherwise.

Throws:

UMException

createRole

void createRole(Role role)
                throws UMException

Creates a role. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Parameters:

role - A Role object that represents the role to create.

Throws:

UMException

createRole

void createRole(Role role,
                java.util.List addPermissionOids)
                throws UMException

Creates a role with specific permissions. Use the factory object to create a role with a unique role identifier. It is recommended that you create a localized name string to be shown in the user interface. Pass that role into this method. This method creates an immutable role if role.setMutableStatus(true) is not specifically invoked by the caller.

Parameters:

role - The role to be created.

addPermissionOids - A List of permissions the principal will have.

Throws:

UMException

deleteRole

void deleteRole(java.lang.String roleId)
                throws UMException

Deletes the role.

Parameters:

roleId - A string value that specifies the role identifier.

Throws:

UMException - could be thrown, for example, in cases where an attempt to delete an immutable role has been made.

assignRole

void assignRole(java.lang.String roleId,
                java.lang.String[] principalOids)
                throws UMException

Assigns the role to the specified principals. No exception is raised if the same role is reassigned to a given principal. Either all or none of the principals will be assigned the role.

To see this method used in a code example, see the Managing roles and permissions using the Java API quick start in Programming with LiveCycle ES4.

Parameters:

roleId - A string value that specifies the role to assign.

principalOids - A string array that specifies the principals to which the role is assigned.

Throws:

UMException

unassignRole

void unassignRole(java.lang.String roleId,
                  java.lang.String[] principalOids)
                  throws UMException

Unassigns the role from the specified principals. No exception is raised if the same role is unassigned from a given principal. Either all or none of the principals will be unassigned from the role.

To see this method used in a code example, see the Managing roles and permissions using the Java API quick start in Programming with LiveCycle ES4.

Parameters:

roleId - The role to be assigned.

principalOids - The principals from which the role is to be unassigned.

Throws:

UMException

findRole

Role findRole(java.lang.String roleId)
              throws UMException

Retrieves a role.

Parameters:

roleId - The role to be retrieved.

Returns:

The role.

Throws:

UMException

findRoles

java.util.List findRoles(RoleSearchFilter rsf)
                         throws UMException

Retrieves a List of roles based on specified search criteria.

To see this method used in a code example, see the Managing roles and permissions using the Java API quick start in Programming with LiveCycle ES4.

Parameters:

rsf - A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns:

The List of roles that were found based on the search filter.

Throws:

UMException

findRolesForPrincipal

java.util.Set findRolesForPrincipal(java.lang.String principalOid)
                                    throws UMException

Finds the roles for a given principal.

To see this method used in a code example, see the Managing roles and permissions using the Java API quick start in Programming with LiveCycle ES4.

Parameters:

principalOid - The principal's identifier.

Returns:

The Set of roles associated with the specified principal.

Throws:

UMException

findRoleMembership

java.util.List findRoleMembership(RoleMembershipSearchFilter rmb)
                                  throws UMException

Retrieves a List of roles based on specified membership search criteria.

Parameters:

rmb - A search filter that allows you to set multiple clauses for the roles to be retrieved.

Returns:

A List of principals (User/Group objects).

Throws:

UMException

getReliantApplication

ReliantApplication getReliantApplication(java.lang.String reliantApplicationName)
                                         throws UMException

Retrieves a reliant application.

Parameters:

reliantApplicationName - The name of the reliant application.

Returns:

The reliant application.

Throws:

UMException

createReliantApplication

java.lang.String createReliantApplication(ReliantApplication relApp)
                                          throws UMException

Creates a reliant application.

Parameters:

relApp - The reliant application to be created.

Returns:

A String identifier of the reliant application that was created.

Throws:

UMException - to indicate if the same reliant application is being created again with the same or different system attributes.

getResourceType

java.util.List getResourceType(ResourceTypeSearchFilter rtsf)
                               throws UMException

Searches for resource types.

Parameters:

rtsf - A filter that encapsulates search parameters, as well as global parameters such as the offset and range of returned values.

Returns:

A List containing the resource types.

Throws:

UMException

createResourceType

java.lang.String createResourceType(ResourceType resType)
                                    throws UMException

Creates a resource type.

Parameters:

resType - The resource type to be created.

Returns:

A String identifier of the resource type that was created.

Throws:

UMException - to indicate if the same resource type is being created again with the same or different system attributes.

createPermission

java.lang.String createPermission(Permission perm)
                                  throws UMException

Creates a permission for a resource type.

Parameters:

perm - The permission to be assigned.

Returns:

A String identifier of the permission that was created.

Throws:

UMException

getPermissions

java.util.List getPermissions(java.lang.String ResourceTypeOid)
                              throws UMException

Retrieves a List of permissions related to the resource type. The reliant application can use this method to populate its user interface with the relevant permissions on the permission assignment page. A list of size zero is returned if no relevant permissions are found.

Parameters:

ResourceTypeOid - The resource type identifier.

Returns:

A List of permissions for the specified resource type.

Throws:

UMException

getPermissions

java.util.List getPermissions(PermissionSearchFilter psf)
                              throws UMException

Retrieves a List of permissions related to the specified search filter. A list of size zero is returned if no relevant permissions are found.

Parameters:

psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns:

A List of permissions that were found.

Throws:

UMException

getSystemPermissions

java.util.List getSystemPermissions(PermissionSearchFilter psf)
                                    throws UMException

Retrieves a List of all the permissions belonging to all the resource types in the system, according to the specified search filter. This method is used in the creation of roles. A role may consist of any number of permissions that have been potentially defined on various resource types. A list of size zero is returned if no relevant permissions are found.

Parameters:

psf - A search filter that allows you to set multiple clauses for the permissions to be retrieved.

Returns:

A List of permissions that were found for all the system resource types.

Throws:

UMException

setDefaultACL

void setDefaultACL(ResourceTypeACL rtDefACL)
                   throws UMException

Specifies the default access control list (ACL) for the given resource type.

Parameters:

rtDefACL - An object containing the permission and principal identifiers.

Throws:

UMException

modifyDefaultACL

void modifyDefaultACL(ResourceTypeACL addRtDefACL,
                      ResourceTypeACL delRtDefACL)
                      throws UMException

Defines a set of default permissions to be assigned to a set of principals (cross product) over a resource, when a resource of given resource type is registered.

Parameters:

addRtDefACL - The ACL to be added.

delRtDefACL - The ACL to be removed.

Throws:

UMException

See Also:

AuthorizationManager.registerResInstance(java.lang.String, java.util.List)

modifyRole

void modifyRole(java.lang.String roleName,
                java.util.List addPermissionOids,
                java.util.List removePermissionOids)
                throws UMException

Modifies the definition of a role by adding and removing a set of permissions from the definition of the role. Only mutable roles may be modified.

Parameters:

roleName - The name of the role.

addPermissionOids - The identifiers of the permissions to be added.

removePermissionOids - The identifiers of the permissions to be removed.

Throws:

UMException

getAllRolePermissions

java.util.List getAllRolePermissions(java.lang.String roleId)
                                     throws UMException

Retrieves a List of permissions related to the specified role. The reliant application can use this method to dynamically ascertain the permissions for a role. A list of size zero is returned if no relevant permissions are found. It is possible that all the permissions in the role definition may be deleted. This role can still be assigned to principals. However, it would not have any underlying permissions. In such cases it is assumed that the client will be able to make necessary access-related decisions gracefully, based on assignment of the role only, and not on its underlying permissions.

Parameters:

roleId - The role identifier.

Returns:

The List of permissions related to the specified role.

Throws:

UMException

isMutable

boolean isMutable(java.lang.String roleId)
                  throws UMException

Determines whether the specified role is mutable.

Parameters:

roleId - The role identifier.

Returns:

true if the role is mutable, false otherwise.

Throws:

UMException

registerResInstance

void registerResInstance(java.lang.String resType,
                         java.util.List resIdList)
                         throws UMException

Assigns the default access control list (ACL) of the specified resource type to the given resource instances.

Parameters:

resType - The resource type.

resIdList - The resource identifiers to which default permissions must be applied.

Throws:

UMException

assignPermToPrincipalForRes

void assignPermToPrincipalForRes(java.lang.String principalOid,
                                 java.lang.String resourceId,
                                 java.util.List permissionOid)
                                 throws UMException

Assigns the specified permissions to the principal for the given resource instance.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permissionOid - A List of permissions identifiers that will be assigned to the principal for the given resource.

Throws:

UMException

assignPermToPrincipalsForRes

void assignPermToPrincipalsForRes(java.lang.String resourceId,
                                  java.util.Map principalPermissionMap)
                                  throws UMException

Assigns the specified permissions to the principals for the given resource instance.

Parameters:

resourceId - The resource identifier.

principalPermissionMap - A Map whose keys are principal identifiers and whose values are ArrayList objects containing permission identifiers to be assigned to the principal for the given resource instance.

Throws:

UMException

getPermsForPrincipalOverRes

java.util.Set getPermsForPrincipalOverRes(java.lang.String principalOid,
                                          java.lang.String resourceId)
                                          throws UMException

Retrieves a Set of permissions for the specified principal and resource instance. A Set of size zero is returned if no relevant permissions are found.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

Returns:

A Set of permissions for the specified principal and resource instance.

Throws:

UMException

getPermsForPrincipalsOverRes

java.util.Map getPermsForPrincipalsOverRes(java.util.List principalOidList,
                                           java.lang.String resourceId)
                                           throws UMException

Retrieves a Map of permissions for the List of specified principals and resource instance.

Parameters:

principalOidList - The List of principal identifiers.

resourceId - The resource identifier.

Returns:

A Map whose keys are principal identifiers and whose values are Set objects containing permission identifiers to be assigned to the principal for the given resource instance.

Throws:

UMException

modifyPermsToPrincipalForRes

void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                  java.lang.String resourceId,
                                  java.util.List delPerm,
                                  java.util.List addPerm)
                                  throws UMException

Assigns and removes the specified permissions from the principal for the given resource instance.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

delPerm - The permissions to be removed from the principal.

addPerm - The permissions to be assigned to the principal.

Throws:

UMException

modifyPermsToPrincipalsForRes

void modifyPermsToPrincipalsForRes(java.util.List principalOid,
                                   java.lang.String resourceId,
                                   java.util.List delPerm,
                                   java.util.List addPerm)
                                   throws UMException

Assigns and removes the specified permissions from the List of principals for the given resource instance.

Parameters:

principalOid - The List of principal identifiers.

resourceId - The resource identifier.

delPerm - The permissions to be removed from the principal.

addPerm - The permissions to be assigned to the principal.

Throws:

UMException

deletePermsForPrincipalForRes

void deletePermsForPrincipalForRes(java.lang.String principalOid,
                                   java.lang.String resourceId,
                                   java.util.List permList)
                                   throws UMException

Removes the specified permissions from the principal for the given resource instance.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permList - The permissions to be removed.

Throws:

UMException

deletePermsForPrincipalsForRes

void deletePermsForPrincipalsForRes(java.util.List principalOid,
                                    java.lang.String resourceId,
                                    java.util.List permList)
                                    throws UMException

Removes the specified permissions from the List of principals for the given resource instance.

Parameters:

principalOid - The List of principal identifiers.

resourceId - The resource identifier.

permList - The permissions to be removed.

Throws:

UMException

findRolesForPrincipals

java.util.Map findRolesForPrincipals(java.util.List principalOid)
                                     throws UMException

Retrieves a Map containing sets of roles assigned to the specified principals. A Map of size zero is returned if no relevant roles are found.

Parameters:

principalOid - The principal identifiers.

Returns:

A Map of principals whose keys are principal identifiers and whose values are Set objects of roles assigned to the principal either through direct assignment or indirectly via the principal's lineage.

Throws:

UMException

assignRoles

void assignRoles(java.lang.String[] roleId,
                 java.lang.String[] principalOids)
                 throws UMException

Assigns the specified roles to the given principals. Either all the principals or no principals are assigned the roles.

Parameters:

roleId - An array of role names.

principalOids - The principal identifiers.

Throws:

UMException

unassignRoles

void unassignRoles(java.lang.String[] roleId,
                   java.lang.String[] principalOids)
                   throws UMException

Removes the specified roles from the given principals. Either all the principals or no principals are unassigned the roles.

Parameters:

roleId - An array of role names.

principalOids - The principal identifiers.

Throws:

UMException

areUsersInRole

java.util.Map areUsersInRole(java.lang.String roleId,
                             java.util.List principalOid)
                             throws UMException

Determines whether the specified principals have been assigned the given role.

Parameters:

principalOid - The principal identifiers.

roleId - The role identifier.

Returns:

A Map of principals whose keys are principal identifiers and whose values are boolean values.

Throws:

UMException

hasPermission

PermissionInfo hasPermission(java.lang.String principalOid,
                             java.lang.String resourceId,
                             java.lang.String permissionOid)
                             throws UMException

Determines whether the principal has the permission assigned to it for the specified resource instance.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

permissionOid - The permission identifier.

Returns:

A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws:

UMException

hasPermission

PermissionInfo hasPermission(java.lang.String principalOid,
                             java.lang.String resourceId,
                             Permission perm)
                             throws UMException

Determines whether the principal has the permission assigned to it for the specified resource instance.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

perm - The permission object.

Returns:

A PermissionInfo object containing a flag that indicates whether the permission has been assigned to the principal.

Throws:

UMException

hasPermission

java.util.Map hasPermission(java.util.List principalOid,
                            java.lang.String resourceId,
                            java.lang.String permissionOid)
                            throws UMException

Determines whether the List of principals have the specified permission for the given resource instance.

Parameters:

principalOid - The principal identifiers.

resourceId - The resource identifier.

permissionOid - The permission identifier.

Returns:

A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws:

UMException

hasPermission

java.util.Map hasPermission(java.util.List principalOid,
                            java.lang.String resourceId,
                            Permission perm)
                            throws UMException

Determines whether the List of principals have the specified permission for the given resource instance.

Parameters:

principalOid - The principal identifiers.

resourceId - The resource identifier.

perm - The permission object.

Returns:

A Map whose keys are the principal identifiers and values are boolean values indicating whether the principal has the permission assigned to it for the specified resource instance.

Throws:

UMException

getResourcesForPrincipal

java.util.Set getResourcesForPrincipal(java.lang.String principalOid,
                                       java.lang.String permissionOid)
                                       throws UMException

Retrieves a Set of resource identifiers for which the principal has the specified permission. An empty Set is returned if no relevant resources exist.

Parameters:

principalOid - The principal identifier.

permissionOid - The permission identifier.

Returns:

A Set of resource identifiers for which the principal has the specified permission.

Throws:

UMException

getResourcesForPrincipals

java.util.Map getResourcesForPrincipals(java.util.List principalOid,
                                        java.lang.String permissionOid)
                                        throws UMException

Retrieves a Map of resource identifiers for which the principals have the specified permission.

Parameters:

principalOid - The principal identifiers.

permissionOid - The permission identifier.

Returns:

A Map whose keys are the principal identifiers and values are Set objects containing resource instances for which the principals have the specified permission.

Throws:

UMException

modifyPermsToPrincipalForRes

void modifyPermsToPrincipalForRes(java.lang.String principalOid,
                                  java.lang.String resourceId,
                                  java.util.List desiredPerms)
                                  throws UMException

Assigns the specified permissions to the principal for the given resource instance. It will delete any extra permissions already assigned directly to the principal. Permissions that are unassigned will be assigned.

Parameters:

principalOid - The principal identifier.

resourceId - The resource identifier.

desiredPerms - The permissions that the principal will have.

Throws:

UMException

findPriPermInfoForRes

java.util.Map findPriPermInfoForRes(java.lang.String resourceId)
                                    throws UMException

Retrieves a Map of permissions and principals for a given resource instance. Return the map where each key value pair is (principal, permission List for the resource instance). The principal-permssions-Set returned are direct assignments. The api will not do an explicit explosion of groups. The end client can find all the children for a principal (by calling directoryManager.getAllChildren(principalOid)) *if required*. All the children will inherit the mentioned permission List for the principal by virtue of lineage key = PrincipalOid Value = List of Permission objects

Parameters:

resourceId - The resource identifier.

Returns:

A Map whose keys are the principal identifiers and whose values are List obejcts containing of permissions.

Throws:

IDPException

IDPSystemException

UMException