public interface IRole extends IPrincipalSet
If you want to keep and persist an identifier as a reference to an instance
of IRole
you must use method IPrincipal.getUniqueID()
.
As this identifier contains internal information and is usually not readable,
it should not be used in end user interfaces.
Use methods IPrincipal.getDisplayName()
or
getUniqueName()
in order to display attributes with a nice name
for user interfaces.
NOTE: As this interface can be extended, this interface can be freely used, but must not be implemented.
Modifier and Type | Field and Description |
---|---|
static String |
SCOPES
Constant used for role scopes
|
BYTE_TYPE, CREATED_BY, DATASOURCE, DEFAULT_NAMESPACE, DEFAULT_RELATION_NAMESPACE, DESCRIPTION, DISPLAYNAME, LAST_MODIFIED_BY, PRINCIPAL_CREATION_DATE, PRINCIPAL_MODIFY_DATE, PRINCIPAL_RELATION_MEMBER_ATTRIBUTE, PRINCIPAL_RELATION_PARENT_ATTRIBUTE, STRING_TYPE, TRANSIENT_NAMESPACE, UNIQUE_NAME
Modifier and Type | Method and Description |
---|---|
boolean |
addGroupMember(String newMember)
Adds the specified group member to this role.
|
boolean |
addUserMember(String newMember)
Adds the specified user member to this role.
|
String |
getDescription()
Returns the description of this principal.
|
Iterator |
getGroupMembers(boolean getChildMembers)
Returns IDs of group principals belonging to this role.
|
String |
getUniqueName()
Get uniqueName of this
IRole object. |
Iterator |
getUserMembers(boolean getChildMembers)
Returns IDs of user principals belonging to this role.
|
boolean |
isGroupMember(String member,
boolean checkChildren)
Returns
true if the passed principal is a member of this
role. |
boolean |
isUserMember(String member,
boolean checkChildren)
Returns
true if the passed principal of type user is
assigned to this role. |
boolean |
removeGroupMember(String oldMember)
Remove the specified group member from this role.
|
boolean |
removeUserMember(String oldMember)
Remove the specified user member from this role.
|
boolean |
setDescription(String description)
Sets the description of this principal.
|
addMember, getMembers, isMember, removeMember
addAttributeValue, commit, isModified, removeAttributeValue, rollback, save, setAttribute, setBinaryAttribute, setDisplayName
created, equals, getAttribute, getAttributeNames, getAttributeNamespaces, getAttributeType, getBinaryAttribute, getDisplayName, getMessages, getParents, getUniqueID, hashCode, isExistenceChecked, isMutable, lastModified, refresh
static final String SCOPES
Iterator getUserMembers(boolean getChildMembers)
getChildMembers
is set to true
the
search will be performed recursively on all groups, children groups,
grand children groups, and etc. The result will include all direct and
indirect user assignments. If recursive
is
false
the result will include only direct user assignments.
Note: Recursive searching for users can lead to performance
degradation if you have a large user/group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
getChildMembers
- This method does a recursive search if the
parameter getChildMembers
is set to
true
.String
s of uniqueIds of users assigned
to this roleNoSuchPCDRoleException
- if the role does not existIterator getGroupMembers(boolean getChildMembers)
getChildMembers
is set to true
the
search will be performed recursively on all groups, children groups,
grand children groups, and etc. The result will include all direct and
indirect group assignments. If recursive
is
false
the result will include only direct group assignments.
Note: Recursive searching for groups can lead to performance
degradation if you have a large group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
getChildMembers
- This method does a recursive search if parameter
getChildMembers is set to true
.String
s of uniqueIds of groups assigned
to this roleNoSuchPCDRoleException
- if the role does not existboolean isUserMember(String member, boolean checkChildren)
true
if the passed principal of type user is
assigned to this role.
Note: Recursive check for user assignment can lead to performance
degradation if you have a large user/group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
member
- - uniqueId of the principal whose membership is to be
checked.checkChildren
- this method does a recursive search if this
parameter is set to true
boolean isGroupMember(String member, boolean checkChildren)
true
if the passed principal is a member of this
role.
Note: Recursive checks for group assignment can lead to
performance degradation if you have a large group/role hierarchy. For
more information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
member
- - uniqueId of the principal whose membership is to be
checked.checkChildren
- this method does a recursive search if this
parameter is set to true
If a group is member of
a group which is assigned to this role, true
is
returned.true
if the group is assigned to this role,
false
otherwise.boolean addUserMember(String newMember) throws UMException
IPrincipalMaint.commit()
or to roll them back (i.e. discard them)
if appropriate.newMember
- - the uniqueIdOfUser to add to this role.true
if the member was successfully added,
false
otherwiseUMException
- if operation failsboolean addGroupMember(String newMember) throws UMException
IPrincipalMaint.commit()
or to roll them back (i.e. discard them)
if appropriate.newMember
- - the uniqueIdOfGroup to add to this role.true
if the group was successfully added,
false
otherwiseUMException
- if operation failsboolean removeUserMember(String oldMember) throws UMException
IPrincipalMaint.commit()
or to roll them back (i.e. discard them)
if appropriate.oldMember
- - the uniqueIdOfUser to remove from this role.true
if the user member was successfully removed,
false
otherwiseUMException
- if operation failsboolean removeGroupMember(String oldMember) throws UMException
IPrincipalMaint.commit()
or to roll them back (i.e. discard them)
if appropriate.oldMember
- - the uniqueIdOfGroup to remove from this collection.true
if the group member was successfully removed,
false
otherwiseUMException
- if operation failsString getDescription()
null
: if
no description existsboolean setDescription(String description) throws UMException
description
- String representing the description of a roletrue
if the description was successfully set,
false
otherwiseUMException
- if the description could not be setString getUniqueName()
IRole
object. A (usually) unique
readable name of an instance of IRole.
Note: Depending on the persistence layer it is not guaranteed that
this name is unique. The uniqueName may change over time. Thus, do not
persist the uniqueName. Always use the unique identifier (UniqueID) of
IPrincipal.getUniqueID()
for this purpose.
Use the uniqueName for searching and displaying in user interfaces.
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/je/usermanagement/api
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC-UME
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC-UME
|
Copyright 2018 SAP AG Complete Copyright Notice