IAclHandle

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

SAP NetWeaver 7.30 Enterprise Portal (SP03)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sapportals.portal.pcd.gl

Interface IAclHandle

public interface IAclHandle

The ACL Handle provides access to the ACL that is assigned to a context in the Pcd GL.

This interface is not intended to be implemented by clients.

Method Summary
`boolean`	`addPermission(String permission, List members)` Adds a permission to the list of available permissions.
`IAcl`	`createAcl(Object caller)` Creates a new ACL for a PCD object.
`IAcl`	`createAcl(Object caller, IPermissionCheckAcl aclToCopy)` Creates a new ACL for a portal object using another ACL to copy the ACEs.
`IPermissionCheckAcl`	`getAclForPermissionCheck()` Reads the ACL object relevant for the portal object.
`Enumeration`	`getChildAclHandlesWithOwnAcl()` Returns all acl handles of the child objects that have non-inherited ACLs.
`String`	`getFullNameOfCheckedAcl()` Returns the full object name of the PCD object from which the ACL is inherited.
`IAcl`	`getOwnAcl()` Reads the existing ACL object for a PCD object.
`IAclHandle`	`getParentAclHandle()` Returns acl handle of the parent object in the PCD.
`List`	`getPermissions(String objectType)` Gets a list of permissions which are available for the specific object type
`boolean`	`isAllowed(Object principal, String permission)` Checks if an user has permission on a portal object and user (principal).
`boolean`	`isInheritedAcl()` Indicates if the acl handle has inherited the ACL from another PCD object.
`boolean`	`isReadOnly()` Indicates if acls can be created or changed.
`void`	`publishChanges()` Publishes ACL changes to the corresponding pcd objects.
`boolean`	`removeAcl(Object caller)` Removes the existing ACL object from given portal object.
`boolean`	`removeChildAcls(Object caller)` Removes ACLs of all children recursively.
`boolean`	`removePermission(String permission)` Removes a permission from the list of available permissions.

Method Detail

createAcl

IAcl createAcl(Object caller)
               throws PermissionControlException

Creates a new ACL for a PCD object. ACLs can only be created on unit roots or plain contexts outside of units.

Parameters:: caller - an ACL owner (com.sap.security.api.IPrincipal)
Returns:: new ACL
Throws:: PermissionControlException

createAcl

IAcl createAcl(Object caller,
               IPermissionCheckAcl aclToCopy)
               throws PermissionControlException

Creates a new ACL for a portal object using another ACL to copy the ACEs. ACLs can only be created on unit roots or plain contexts outside of units.

Parameters:: caller - an ACL owner (com.sap.security.api.IPrincipal); aclToCopy - another ACL that is to be copied
Returns:: new ACL
Throws:: PermissionControlException

getOwnAcl

IAcl getOwnAcl()

Reads the existing ACL object for a PCD object. Returns null if there is is no ACL assigned to the object.

Returns:: ACL or null

getAclForPermissionCheck

IPermissionCheckAcl getAclForPermissionCheck()

Reads the ACL object relevant for the portal object. The returned acl object is either the same as getAcl() or one of the parent objects acls (if getAcl() returns null).

Returns:: ACL that is used for the permission check (might be inherited)

isInheritedAcl

boolean isInheritedAcl()

Indicates if the acl handle has inherited the ACL from another PCD object. Inside units, the result will always be true. Returns false if the acl handle has an own acl.

Returns:: true if the acl is inherited

getParentAclHandle

IAclHandle getParentAclHandle()

Returns acl handle of the parent object in the PCD.

Returns:: acl handle of the parent object

getFullNameOfCheckedAcl

String getFullNameOfCheckedAcl()

Returns the full object name of the PCD object from which the ACL is inherited.

Returns:: Name of a PCD object

removeAcl

boolean removeAcl(Object caller)
                  throws PermissionControlException

Removes the existing ACL object from given portal object.

Parameters:: caller - user who removes the ACL (com.sap.security.api.IPrincipal)
Returns:: true when the ACL object was removed successfully, otherwise false
Throws:: PermissionControlException

removeChildAcls

boolean removeChildAcls(Object caller)
                        throws PermissionControlException

Removes ACLs of all children recursively. The children will inherit the acl of the current object.

Parameters:: caller - user which removes the ACL (com.sap.security.api.IPrincipal)
Returns:: true when the ACL object was removed successfully, otherwise false
Throws:: PermissionControlException

getChildAclHandlesWithOwnAcl

Enumeration getChildAclHandlesWithOwnAcl()
                                         throws PermissionControlException

Returns all acl handles of the child objects that have non-inherited ACLs.

Returns:: Enumeration of IAclHandle
Throws:: PermissionControlException

addPermission

boolean addPermission(String permission,
                      List members)
                      throws PermissionControlException

Adds a permission to the list of available permissions. The permission name consists of an object type and the permission, separated by a "."

Parameters:: permission - the permission to add; members - a list of permissions the added permission contains
Returns:: true when the permission could be added successfully false otherwise
Throws:: PermissionControlException

removePermission

boolean removePermission(String permission)
                         throws PermissionControlException

Removes a permission from the list of available permissions. The permission name consists of the object type and the permission, separated by a "."

Parameters:: permission - the permission to remove
Returns:: true when the permission could be removed successfully false otherwise
Throws:: PermissionControlException

getPermissions

List getPermissions(String objectType)

Gets a list of permissions which are available for the specific object type

Parameters:: objectType - the object type
Returns:: the permissions

isAllowed

boolean isAllowed(Object principal,
                  String permission)

Checks if an user has permission on a portal object and user (principal).

Parameters:: principal - user, group or role name (com.sap.security.api.IPrincipal).; permission - checked permission.
Returns:: true when the user has the permission, otherwise false.

isReadOnly

boolean isReadOnly()

Indicates if acls can be created or changed. Returns true if the object where the acl handle was got from is a subobject of a unit.

Returns:: read only flag

publishChanges

void publishChanges()

Publishes ACL changes to the corresponding pcd objects.

Access Rights

This class can be accessed from:

SC	DC	Public Part	ACH
`[sap.com] KMC-WPC`	`[sap.com] tc/kmc/wpc/wpcfacade`	`api`	`EP-PIN-WPC-WCM`
`[sap.com] EP-BASIS-API`	`[sap.com] tc/epbc/pcd/gl/api`	`api`	`EP-PIN`
`[sap.com] EP-BASIS-API`	`[sap.com] tc/epbc/pcd/gl/api`	`-`	`EP-PIN`
`[sap.com] EP-BASIS`	`[sap.com] tc/epbc/pcd/pars/srvgldeprecated`	`api`	`BC-PIN-PCD`