Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver 7.31 (SP01) KMC
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
com.sap.netweaver.bc.rf.common.security.acl

Interface IAcl

public interface IAcl

Interface describing an access control list, short ACL. Each resource may have an ACL with many ACL entries. An entry describes for one principal (may be a user, group or whatever is considered an entity) a permission this principal has on the given resource. The ACL itself is just an envelope for many ACL entries.

An ACL entry may define a permission this principal has on the given resource, but it may also define a permission a principal is denied to have (so called negative ACL entry).

ACLs are propagated down from above the resource hierarchy on the fly, i.e. they are not really set on the descendants but derived when accessed. All descendants not having an own ACL inherit one from their next legator having one. Legators are ancestors responsible for the security permissions of their descendants.

Method Summary
 boolean addEntry(IAclEntry aclEntry)
          Add ACL entry to this ACL.
 void addOwner(com.sap.security.api.IPrincipal principal)
          Add new owner to this ACL.
 boolean checkPermission(com.sap.security.api.IPrincipal principal, IAclPermission permission)
          Check whether or not the ACL grants a specific permission to a principal.
 List getEntries()
          Get list of ACL entries.
 List getEntries(com.sap.security.api.IPrincipal principal)
          Get list of ACL entries for a given principal.
 com.sap.security.api.IPrincipal getLockingUser()
          Get principal which has locked the ACL.
 List getOwners()
          Get list of the owners of this ACL.
 IResourceHandle getResource()
          Get resource handle this ACL is assigned to.
 boolean isAuthorized(com.sap.security.api.IPrincipal principal)
          Check whether or not the given principal is authorized to modify this ACL.
 boolean isLocked()
          Check whether or not the ACL is locked.
 boolean isOwner(com.sap.security.api.IPrincipal principal)
          Check whether or not the given principal is an owner of this ACL.
 boolean isReadOnly()
          Check wether or not the ACL is read only.
 void lock()
          Lock the ACL.
 boolean removeEntry(IAclEntry aclEntry)
          Remove ACL entry from this ACL.
 void removeOwner(com.sap.security.api.IPrincipal principal)
          Remove owner from the this ACL.
 void unlock()
          Unlock the ACL.
 

Method Detail

getResource

IResourceHandle getResource()
                            throws AclPersistenceException
Get resource handle this ACL is assigned to.

Returns:
resource handle this ACL is assigned to
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getOwners

List getOwners()
               throws AclPersistenceException
Get list of the owners of this ACL.

Returns:
list of the owners of this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

addOwner

void addOwner(com.sap.security.api.IPrincipal principal)
              throws AclPersistenceException,
                     AclNotAuthorizedException,
                     ResourceException
Add new owner to this ACL.

Parameters:
principal - principal to be added as owner
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle was invalid
AclNotAuthorizedException - Exception raised in failure situation

removeOwner

void removeOwner(com.sap.security.api.IPrincipal principal)
                 throws AclPersistenceException,
                        AclNotAuthorizedException,
                        AclLastOwnerException,
                        ResourceException
Remove owner from the this ACL.

Parameters:
principal - principal to be removed as owner
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle was invalid
AclNotAuthorizedException - Exception raised in failure situation
AclLastOwnerException - Exception raised in failure situation

isOwner

boolean isOwner(com.sap.security.api.IPrincipal principal)
                throws AclPersistenceException
Check whether or not the given principal is an owner of this ACL.

Parameters:
principal - principal to be checked for being owner
Returns:
true when the given principal is an owner of this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

isAuthorized

boolean isAuthorized(com.sap.security.api.IPrincipal principal)
                     throws AclPersistenceException
Check whether or not the given principal is authorized to modify this ACL. Beside owners also super principals not being an owner are authorized to modify an ACL.

Parameters:
principal - principal to be checked for being authorized
Returns:
true if the given principal is authorized to modify this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getEntries

List getEntries()
                throws AclPersistenceException
Get list of ACL entries.

Returns:
list of ACL entries
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getEntries

List getEntries(com.sap.security.api.IPrincipal principal)
                throws AclPersistenceException
Get list of ACL entries for a given principal.

Parameters:
principal - principal
Returns:
list of ACL entries for a given principal
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

addEntry

boolean addEntry(IAclEntry aclEntry)
                 throws AclPersistenceException,
                        AclNotAuthorizedException,
                        AclAlreadyAssignedToAclException,
                        AclPermissionNotSupportedException,
                        ResourceException
Add ACL entry to this ACL.

Parameters:
aclEntry - ACL entry
Returns:
true if the ACL entry was added successfully
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle associated with the ACL was invalid
AclNotAuthorizedException - Exception raised in failure situation
AclAlreadyAssignedToAclException - Exception raised in failure situation
AclPermissionNotSupportedException - Exception raised in failure situation

removeEntry

boolean removeEntry(IAclEntry aclEntry)
                    throws AclPersistenceException,
                           AclNotAuthorizedException,
                           ResourceException
Remove ACL entry from this ACL.

Parameters:
aclEntry - ACL entry
Returns:
true if the ACL entry was removed successfully
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle associated with the ACL was invalid
AclNotAuthorizedException - Exception raised in failure situation

checkPermission

boolean checkPermission(com.sap.security.api.IPrincipal principal,
                        IAclPermission permission)
                        throws AclPersistenceException
Check whether or not the ACL grants a specific permission to a principal.

Parameters:
principal - principal to be checked
permission - permission to be checked
Returns:
true if the permission is granted
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getLockingUser

com.sap.security.api.IPrincipal getLockingUser()
                                               throws AclPersistenceException
Get principal which has locked the ACL.

Returns:
principal which has locked the ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

lock

void lock()
          throws AclPersistenceException,
                 AclNotAuthorizedException
Lock the ACL.

Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
AclNotAuthorizedException - Exception raised in failure situation

unlock

void unlock()
            throws AclPersistenceException,
                   AclNotAuthorizedException
Unlock the ACL.

Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
AclNotAuthorizedException - Exception raised in failure situation

isLocked

boolean isLocked()
                 throws AclPersistenceException
Check whether or not the ACL is locked.

Returns:
true if the ACL is locked
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

isReadOnly

boolean isReadOnly()
                   throws AclPersistenceException
Check wether or not the ACL is read only.

Returns:
true if the ACL is read only
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
Access Rights

This class can be accessed from:







SC


DC

Public Part

ACH






[sap.com] KMC-WPC


[sap.com] tc/kmc/wpc/wpcfacade


api


EP-PIN-WPC-WCM






[sap.com] KMC-CM


[sap.com] tc/km/frwk


api


EP-KM-CM





















  

      Overview 
      Package 
    Class 
      Use 
      Tree 
      Deprecated 
      Index 
      Help 
  





SAP NetWeaver 7.31 (SP01) KMC







 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 









  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD









Copyright 2011 SAP AG Complete Copyright Notice