public interface IRoleFactory extends IConfigurable
UMRuntimeException
in case there is an issue
with the execution of the operation or if it is not allowed to perform the operation.
Note: As this interface can be extended, this interface can be freely used, but must not be implemented.
Modifier and Type | Method and Description |
---|---|
void |
addGroupToRole(String uniqueIdOfGroup,
String uniqueIdOfRole)
Adds the specified group to the specified role and implicitly does a
commit.
|
void |
addUserToRole(String uniqueIdOfUser,
String uniqueIdOfRole)
Adds the specified user to the specified role and implicitly does a
commit.
|
void |
deleteRole(String uniqueID)
Delete a role from the user store.
|
String[] |
getGroupsOfRole(String uniqueIdOfRole,
boolean recursive)
Returns groups which are assigned to role identified by
uniqueIdOfRole . |
int |
getMaxRoleDescriptionLength()
Deprecated.
the maximum length is defined in
(String, String, String[]) |
IRole |
getMutableRole(String uniqueID)
Gets a modifiable IRole objects for a unique ID.
|
IRole |
getRole(String uniqueID)
Gets the role object with the given unique ID.
|
IRole |
getRole(String uniqueID,
AttributeList populateAttributes)
Gets the role object with the given unique ID and populates the
attributes in populateAttributes.
|
IRole |
getRoleByUniqueName(String uniqueName)
Gets the role object with the given
uniqueName . |
IRole[] |
getRoles(String[] uniqueIDs)
Gets the role objects for multiple unique IDs.
|
IRole[] |
getRoles(String[] uniqueIDs,
AttributeList populateAttributes)
Gets the role objects for multiple unique IDs and populates the
attributes defined in populateAttributes
Note: This operation will search for the roles only on the
responsible datasources for the given principal.
|
IRoleSearchFilter |
getRoleSearchFilter()
Returns an
IRoleSearchFilter object to be used to specify
query attributes
IRoleSearchFilter contains attributes which can be queried |
String[] |
getRolesOfGroup(String uniqueIdOfGroup,
boolean recursive)
Returns roles which are assigned to a group identified by
uniqueIdOfGroup . |
String[] |
getRolesOfUser(String uniqueIdOfUser,
boolean recursive)
Returns roles which are assigned to user identified by
uniqueIdOfUser . |
String[] |
getUsersOfRole(String uniqueIdOfRole,
boolean recursive)
Returns users who are assigned to role identified by
uniqueIdOfRole . |
IRole |
newRole(String uniqueName)
Creates a new, initially blank role object.
|
void |
registerListener(RoleListener roleListener,
int modifier)
This method allows to subscribe to a predefined eventName.
|
void |
registerListener(RoleListener roleListener,
int modifier,
boolean notifyAfterPhysicalCommitCompleted)
This method allows to subscribe to a predefined eventName.
|
void |
removeGroupFromRole(String uniqueIdOfGroup,
String uniqueIdOfRole)
Remove the specified group from the specified role and implicitly does a
commit.
|
void |
removeUserFromRole(String uniqueIdOfUser,
String uniqueIdOfRole)
Remove the specified user from the specified role and implicitly does a
commit.
|
ISearchResult |
searchRoles(IRoleSearchFilter filter)
Search for roles in the role store and role account store which match the
criteria specified in the
given
filter . |
void |
unregisterListener(RoleListener roleListener)
This method unsubscribes a receiver from a previously subscribed event.
|
initialize
IRole getRole(String uniqueID) throws UMException
Note: This operation will search for the role only on the responsible datasource for this principal.
uniqueID
- String representing the uniqueID of a role object.NoSuchRoleException
- if no role with the given unique IDUMException
IRole getRole(String uniqueID, AttributeList populateAttributes) throws UMException
Note: This operation will search for the role only on the responsible datasource for this principal.
uniqueID
- String representing the uniqueID of a role object.populateAttributes
- AttributeList
NoSuchRoleException
- if no role with the given unique ID existsUMException
void deleteRole(String uniqueID) throws UMException
uniqueID
- String representing the uniqueID of a role object.UMException
- if the role can't be deletedNoSuchRoleException
- if the role does not existISearchResult searchRoles(IRoleSearchFilter filter) throws UMException
given filter
. In order to get a role search filter use
getRoleSearchFilter()
. You can define a search filter using
methods of class IRoleSearchFilter
. If you are using roles stored
in the PCD, the behaviour not as expected. When searching with the
uniquename and the equals operator for a role stored in PCD, only the
first role which is found is returned. If you want to get all roles with
a similar unique name you have to use the like operator in the role
search filter. This PCD-Role specific behaviour is caused by the fact
that the UME unique name is mapped to the pcd name of the role which is
for example: pcd:portal_content/myFolder/myPrefix.MyRole However
searching is only possible with the last part of the pcd name like
"myPrefix.MyRole". In order to get all roles named for example
"myPrefix.MyRole" you have to use the like operator with search string:
"myPrefix.MyRole*"
Note: This operation can be time consuming, depending on the
filter
that is passed to the method.
filter
- defined to search for rolesISearchResult
UMException
- if an error occurred.IRoleSearchFilter getRoleSearchFilter() throws UMException
IRoleSearchFilter
object to be used to specify
query attributes
IRoleSearchFilter
contains attributes which can be queried
UMException
- if an error occurred.FeatureNotAvailableException
- if the feature is not availableIRole newRole(String uniqueName) throws UMException
IPrincipalMaint.commit()
.uniqueName
- of new IRole object. Note: This uniqueName has to be
unique for ALL data storesRoleAlreadyExistsException
- if role with uniqueName already
existsUMException
IRole getRoleByUniqueName(String uniqueName) throws UMException
uniqueName
.
Note: If you use this method be prepared to get an exception if multiple objects with the same name are found.
Note: This operation will search for a role with the given unique
name on all datasources that are available. The execution time is slower
then method getRole(String)
.
uniqueName
- of IRole objectNoSuchRoleException
- if no role with the given uniqueName
existsUMException
- if given unique name is not uniqueIRole[] getRoles(String[] uniqueIDs) throws UMException
Note: This operation will search for the roles only on the responsible datasources for the given principal.
uniqueIDs
- array of uniqueIDs which are used to get an array of
IRole objects.NoSuchRoleException
- if one or more of the given unique IDs are
not assigned to any roleNoSuchPCDRoleException
- if the role does not existUMException
IRole[] getRoles(String[] uniqueIDs, AttributeList populateAttributes) throws UMException
Note: This operation will search for the roles only on the responsible datasources for the given principal.
uniqueIDs
- array of uniqueIDs which are used to get an array of
IRole objects.populateAttributes
- AttributeList
NoSuchRoleException
- if one or more of the given unique IDs are
not assigned to any roleNoSuchPCDRoleException
- if the role does not existUMException
IRole getMutableRole(String uniqueID) throws UMException
Note: This operation will search for the role only on the responsible datasources for this principal.
uniqueID
- of an IRole objectNoSuchRoleException
- if the unique ID does not existNoSuchPCDRoleException
- if the role does not existUMException
int getMaxRoleDescriptionLength()
(String, String, String[])
void registerListener(RoleListener roleListener, int modifier)
RoleListener
The caller has to provide a receiver object which
implements RoleListenerroleListener
- object which implements interface RoleListenermodifier
- constant defined in RoleListener
void registerListener(RoleListener roleListener, int modifier, boolean notifyAfterPhysicalCommitCompleted)
RoleListener
The caller has to provide a receiver object which
implements RoleListener
.roleListener
- object which implements interface RoleListenermodifier
- constant defined in RoleListener
notifyAfterPhysicalCommitCompleted
- Allows callers when set to
false, to get a notification before the physical transaction
is completed in order to include their actions into the same
physical transaction.void unregisterListener(RoleListener roleListener)
roleListener
- object which implements interface RoleListenerString[] getUsersOfRole(String uniqueIdOfRole, boolean recursive)
uniqueIdOfRole
.
Depending on the parameter recursive
this method will
perform a recursive search, that is children, grand children ... groups
of this role are checked and all users of this role and its children
groups are returned.
Note: Recursive searching for users can lead to performance
degradation if you have a large user/group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
uniqueIdOfRole
- representing the ID of an IRolerecursive
- If this parameter is set to false
all
direct users are returned if recursive is true
all users which are assigned via groups to this role are
returnedNoSuchPCDRoleException
- if the role does not existString[] getGroupsOfRole(String uniqueIdOfRole, boolean recursive)
uniqueIdOfRole
.
Depending on the parameter recursive
this method will
perform a recursive search, that is children, grand children ... groups
of this role are checked and all groups of this role and its children
groups are returned.
Note: Recursive searching for groups can lead to performance
degradation if you have a large group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
uniqueIdOfRole
- representing the ID of an IRolerecursive
- If this parameter is set to false
all
direct groups are returned if recursive is true
all groups which are assigned via other groups to this role
are returned.String[] getRolesOfUser(String uniqueIdOfUser, boolean recursive)
uniqueIdOfUser
.
Depending on the parameter recursive
this method will
perform a recursive search, that is parent, grandparent ... of this user
are checked and all roles of this user and its groups are returned.
Note: Recursive searching for roles can lead to performance
degradation if you have a large user/group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
uniqueIdOfUser
- representing the ID of an IUserrecursive
- If this parameter is set to false
all
directly assigned roles are returned if recursive is
true
all roles which are assigned via other
groups to this role are returned.String[] getRolesOfGroup(String uniqueIdOfGroup, boolean recursive)
uniqueIdOfGroup
.
Depending on the parameter recursive
this method will
perform a recursive search, that is parent, grandparent ... of this group
are checked and all roles of this group and its subgroups are returned.
Note: Recursive searching for roles can lead to performance
degradation if you have a large group/role hierarchy. For more
information about recursive searching see
IPrincipal.getParents(String[], boolean)
.
uniqueIdOfGroup
- representing the ID of an IGrouprecursive
- If this parameter is set to false
all
directly assigned roles are returned if recursive is
true
all roles which are assigned via other
groups to this role are returned.void addUserToRole(String uniqueIdOfUser, String uniqueIdOfRole) throws UMException
uniqueIdOfUser
- - the id of the user who will be added to the roleuniqueIdOfRole
- - the id of the role to which the user will be
addedUMException
- if an error occurred.void addGroupToRole(String uniqueIdOfGroup, String uniqueIdOfRole) throws UMException
uniqueIdOfGroup
- - the id of the group which will be added to the
roleuniqueIdOfRole
- - the id of the role to which the group will be
addedUMException
- if an error occurred.void removeUserFromRole(String uniqueIdOfUser, String uniqueIdOfRole) throws UMException
uniqueIdOfUser
- - the id of the user which will be removed from the
roleuniqueIdOfRole
- - the id of the role from which the user will be
removedUMException
- if an error occurred.void removeGroupFromRole(String uniqueIdOfGroup, String uniqueIdOfRole) throws UMException
uniqueIdOfGroup
- - the id of the group which will be removed from
the roleuniqueIdOfRole
- - the id of the role from which the group will be
removedUMException
- if an error occurred.Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/je/usermanagement/api
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC-UME
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC-UME
|
Copyright 2018 SAP AG Complete Copyright Notice