public interface IAclSecurityManager extends ISecurityManager
Modifier and Type | Method and Description |
---|---|
void |
addSupportedPermission(IObjectType objectType,
IAclPermission permission)
Register permission as supported permission for an object type.
|
void |
assignAcl(IResourceHandle resourceHandle,
IAcl acl)
Assign an existent ACL, i.e. copy and assign it to a resource handle when
the resource handle has no ACL and the current user in the resource context
is an owner of the source ACL.
|
IAcl |
createAcl(IResourceHandle resourceHandle)
Create a new ACL for a resource handle when the resource handle has no ACL
and the current user in the resource context is an owner of the inherited
ACL.
|
IAclEntry |
createAclEntry(IPrincipal principal,
IAclPermission permission,
boolean negative,
boolean readonly,
int sortIndex)
Create a new ACL entry to grant or deny a permission to a principal.
|
IAclPermission |
createPermission(String name)
Register permission with the given name generally for this ACL security sub
manager.
|
IAcl |
getAcl(IResourceHandle resourceHandle)
Get ACL of a given resource handle.
|
IAcl |
getInheritedAcl(IResourceHandle resourceHandle)
Get ACL of a given resource handle or an inherited ACL if none is defined
directly for the given resource handle.
|
IObjectType |
getObjectType(IResourceHandle resourceHandle)
Get object type this ACL security sub manager interprets the given resource
handle.
|
IAclPermission |
getPermission(String name)
Identify and get permission with the given name generally known to this ACL
security sub manager.
|
List |
getSupportedAclPermissions(IResourceHandle resourceHandle)
Get list of permissions which are supported by this ACL security sub
manager for the given resource handle, i.e. outcome depends on the object
type of the given resource handle, e.g. depends whether the resource is a
collection or not.
|
List |
getSupportedObjectTypes()
Get list of object types supported by this ACL security sub manager.
|
boolean |
isPermissionUsedInAcl(IAclPermission permission)
Check whether or not a permission is used in an ACL.
|
boolean |
isReadOnly()
Check whether or not this ACL security sub manager is read only and no
creation or modification operations of ACLs are allowed.
|
List |
propagateAclRemove(IResourceHandle resource)
Remove the ACLs of the descendants of the resource.
|
void |
removeAcl(IAcl acl)
Remove the given ACL from its resource.
|
void |
removeAcl(IResourceHandle resourceHandle)
Remove the ACL from the given resource.
|
void |
removePermission(IAclPermission permission)
Unregister permission with the given name generally from this ACL security
sub manager.
|
void |
removeSupportedPermission(IObjectType objectType,
IAclPermission permission)
Unregister permission as no longer supported permission from an object
type.
|
boolean |
supportsNegativeAclEntries()
Check whether or not negative ACL entries are supported by this ACL
security sub manager.
|
getSupportedPermissions, isAllowed, isAllowed, isAllowed, isAllowed
IAcl getAcl(IResourceHandle resourceHandle) throws AclPersistenceException, ResourceException
resourceHandle
- resource handleAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredResourceException
- when the resource handle was invalidIAcl getInheritedAcl(IResourceHandle resourceHandle) throws AclPersistenceException, ResourceException
resourceHandle
- resource handleAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredResourceException
- when the resource handle was invalidIAclEntry createAclEntry(IPrincipal principal, IAclPermission permission, boolean negative, boolean readonly, int sortIndex) throws AclPersistenceException, UnsupportedOperationException
principal
- principalpermission
- permissionnegative
- true if the entry denies a permission, false if it grants
onereadonly
- true if the entry is read only, false otherwisesortIndex
- position of the ACL entry in the ACL (important only with
denials)AclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredUnsupportedOperationException
- when a negative ACL entry is
requested but not supportedIAcl createAcl(IResourceHandle resourceHandle) throws AclPersistenceException, AclNotAuthorizedException, AclExistsException, ResourceException
resourceHandle
- resource handleAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclExistsException
- when an ACL already exists for the resource
handleResourceException
- when the resource handle was invalidAclNotAuthorizedException
- Exception raised in failure situationvoid assignAcl(IResourceHandle resourceHandle, IAcl acl) throws AclPersistenceException, AclNotAuthorizedException, AclExistsException, ResourceException
resourceHandle
- resource handleacl
- ACLAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclExistsException
- when an ACL already exists for the resource
handleResourceException
- when the resource handle was invalidAclNotAuthorizedException
- Exception raised in failure situationvoid removeAcl(IResourceHandle resourceHandle) throws AclPersistenceException, AclNotAuthorizedException, ResourceException
resourceHandle
- resource handleAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredResourceException
- when the resource handle was invalidAclNotAuthorizedException
- Exception raised in failure situationvoid removeAcl(IAcl acl) throws AclPersistenceException, AclNotAuthorizedException, ResourceException
acl
- ACLAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredResourceException
- when the resource handle assigned to the ACL
was invalidAclNotAuthorizedException
- Exception raised in failure situationIAclPermission getPermission(String name) throws AclPersistenceException
name
- permission nameAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredIAclPermission createPermission(String name) throws AclPersistenceException, AclPermissionExistsException
name
- permission nameAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclPermissionExistsException
- Exception raised in failure
situationvoid removePermission(IAclPermission permission) throws AclPersistenceException, AclPredefinedPermissionException, AclPermissionUsedException
permission
- the permissionAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclPredefinedPermissionException
- Exception raised in failure
situationAclPermissionUsedException
- Exception raised in failure situationList getSupportedObjectTypes() throws AclPersistenceException
IObjectType
sAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredIObjectType getObjectType(IResourceHandle resourceHandle) throws AclPersistenceException, ResourceException
resourceHandle
- resource handleIObjectType
AclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredResourceException
- when the resource handle was invalidList getSupportedAclPermissions(IResourceHandle resourceHandle) throws ResourceException
resourceHandle
- resource handleIAclPermission
ResourceException
- when the resource handle was invalidvoid addSupportedPermission(IObjectType objectType, IAclPermission permission) throws AclPersistenceException, AclPredefinedPermissionException
objectType
- object typepermission
- permissionAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclPredefinedPermissionException
- Exception raised in failure
situationvoid removeSupportedPermission(IObjectType objectType, IAclPermission permission) throws AclPersistenceException, AclPredefinedPermissionException, AclPermissionUsedException
objectType
- object typepermission
- permissionAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredAclPredefinedPermissionException
- Exception raised in failure
situationAclPermissionUsedException
- Exception raised in failure situationboolean isPermissionUsedInAcl(IAclPermission permission) throws AclPersistenceException
permission
- permissionAclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredboolean supportsNegativeAclEntries()
boolean isReadOnly() throws AclPersistenceException
AclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurredList propagateAclRemove(IResourceHandle resource) throws AclPersistenceException, ResourceException
resource
- resource parameternull
if all ACLs could be removed successfully otherwise a list of
all resource handles for which the operation failed.AclPersistenceException
- when a problem with the storage where
the ACLs are persisted occurred
since NetWeaver 7.1exception
- with aclsResourceException
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] KMC-CM
|
[sap.com] tc/km/frwk
|
api
|
EP-KM-CM
|
[sap.com] KMC-WPC
|
[sap.com] tc/kmc/wpc/wpcfacade
|
api
|
EP-PIN-WPC-WCM
|
Copyright 2018 SAP AG Complete Copyright Notice