Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
com.sap.netweaver.bc.rf.mi.security

Interface ISecurityManager

All Known Subinterfaces:
IAclSecurityManager, IMutableSecurityManager
public interface ISecurityManager

Read-Only interface describing a repository sub manager for security. This interface allows for security checks on resources based on generic permissions and UME principals. The predefined set of permissions can be extened by the implementation.

Method Summary
 List getSupportedPermissions(IResourceHandle resourceHandle)
          Get list of permissions which are supported by the security manager for the given resource handle, e.g. outcome depends on whether the resource is a collection or not.
 boolean isAllowed(IResourceHandle resourceHandle, IPrincipal principal, IPermission permission)
          Checks whether the given principal has the given permission on the given resource handle.
 boolean isAllowed(IResourceHandle resourceHandle, IPrincipal principal, List permissions)
          Checks whether the given principal has all of the given permissions on the given resource handle.
 Set isAllowed(List ridList, IPrincipal principal, IPermission permission)
          Checks whether the given principal has the given permission on the given resource identifiers.
 Set isAllowed(List ridList, IPrincipal principal, List permissions)
          Checks whether the given principal has all of the given permissions on the given resource identifiers.
 

Method Detail

getSupportedPermissions

public List getSupportedPermissions(IResourceHandle resourceHandle)
                             throws ResourceException
Get list of permissions which are supported by the security manager for the given resource handle, e.g. outcome depends on whether the resource is a collection or not. If no handle is give the manager must return a list of all supported permissions.

Parameters:
resourceHandle - resource handle
Returns:
list of supported permissions of type IPermission - can be empty but not null.
Throws:
ResourceException - when the resource handle is invalid

isAllowed

public boolean isAllowed(IResourceHandle resourceHandle,
                         IPrincipal principal,
                         IPermission permission)
                  throws ResourceException
Checks whether the given principal has the given permission on the given resource handle.

Parameters:
resourceHandle - resource handle
principal - principal for whom the permissions are checked
permission - single permission to check
Returns:
true when the given principal has the given permission on the given resource handle
Throws:
ResourceException - when wrong parameterized

isAllowed

public boolean isAllowed(IResourceHandle resourceHandle,
                         IPrincipal principal,
                         List permissions)
                  throws ResourceException
Checks whether the given principal has all of the given permissions on the given resource handle.

Parameters:
resourceHandle - resource handle
principal - principal for whom the permissions are checked
permissions - list of permissions to check
Returns:
true when the given principal has all of the given permissions on the given resource handle
Throws:
ResourceException - when wrong parameterized

isAllowed

public Set isAllowed(List ridList,
                     IPrincipal principal,
                     IPermission permission)
              throws ResourceException,
                     OperationNotCompletedException
Checks whether the given principal has the given permission on the given resource identifiers.

Note: This method needs not to be handled atomically! Although this operation may fail in parts, the operation on one of the many operands provided through the parameter list is always expected to be atomic!

Parameters:
ridList - list of resource identifiers
principal - principal for whom the permissions are checked
permission - single permission to check
Returns:
list of resource identifiers the given principal has the given permission for
Throws:
ResourceException - when wrong parameterized
OperationNotCompletedException - when the operation failed in parts

isAllowed

public Set isAllowed(List ridList,
                     IPrincipal principal,
                     List permissions)
              throws ResourceException,
                     OperationNotCompletedException
Checks whether the given principal has all of the given permissions on the given resource identifiers.

Note: This method needs not to be handled atomically! Although this operation may fail in parts, the operation on one of the many operands provided through the parameter list is always expected to be atomic!

Parameters:
ridList - list of resource identifiers
principal - principal for whom the permissions are checked
permissions - list of permissions to check
Returns:
set of resource identifiers the given principal has all of the given permissions for
Throws:
ResourceException - when wrong parameterized
OperationNotCompletedException - when the operation failed in parts
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2006 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Microsoft, Windows, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. Oracle is a registered trademark of Oracle Corporation. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc. HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C, World Wide Web Consortium, Massachusetts Institute of Technology. Java is a registered trademark of Sun Microsystems, Inc. JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape. MaxDB is a trademark of MySQL AB, Sweden. SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.