public interface IAclManager
IAclManager
administers and persists Access Control Lists
(ACLs). Modifier and Type | Method and Description |
---|---|
boolean |
addSupportedPermission(IObjectType objectType,
IAclPermission permission)
assign a permission to an object type
|
boolean[] |
areAclsUpToDate(IAcl[] acls)
check whether the ACLs are up to date (compared to the database)
|
boolean |
changeAclID(IPrincipal caller,
IAcl acl,
String newID)
change the ID of an ACL ("rename")
|
boolean |
changeAclID(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
IAcl acl,
String newID)
Deprecated.
As of NetWeaver 7.1, replaced by
changeAclID(com.sap.security.api.IPrincipal,IAcl,String) |
void |
changeMultipleAclIDs(String oldAclIdPrefix,
String newAclIdPrefix)
change the ID of multiple ACLs ("recursive rename") - does not change the
root ACL (call changeAclID() for the root node previously to change the
root ACL and to check for authorization)
|
boolean[] |
checkPermissions(IAcl[] acls,
IPrincipal principal,
IAclPermission[] permissions)
check multiple ACL permissions
|
boolean[] |
checkPermissions(IAcl[] acls,
com.sapportals.portal.security.usermanagement.IUMPrincipal principal,
IAclPermission[] permissions)
Deprecated.
As of NetWeaver 7.1, replaced by
checkPermissions(IAcl[],com.sap.security.api.IPrincipal,IAclPermission[]) |
IAcl |
createAcl(IPrincipal owner,
String aclID,
IObjectType objectType)
create a new ACL
|
IAcl |
createAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal owner,
String aclID,
IObjectType objectType)
Deprecated.
As of NetWeaver 7.1, replaced by
createAcl(com.sap.security.api.IPrincipal,String,IObjectType) |
IAclEntry |
createAclEntry(IPrincipal principal,
boolean negative,
IAclPermission permission,
int sortIndex,
boolean propagate)
create a new ACE to grant or deny a permission to a principal
|
IAclEntry |
createAclEntry(com.sapportals.portal.security.usermanagement.IUMPrincipal principal,
boolean negative,
IAclPermission permission,
int sortIndex,
boolean propagate)
Deprecated.
As of NetWeaver 7.1, replaced by
createAclEntry(com.sap.security.api.IPrincipal,boolean,IAclPermission,int,boolean) |
IAclPermission |
createPermission(String name)
create a new permission (the permission can not be used until it is
assigned to an object type by calling the addSupportedPermission() method)
|
void |
deletePrincipal(String principalID,
int principalType)
delete a principal - delete all ACEs which are subject to this principal -
remove the principal from all ACL owner lists - if the principal is the
last owner of an ACL, remove the ACL
|
IAcl |
getAcl(String aclID,
long contextDBVersion)
get a specific ACL
|
IAcl[] |
getAcls(String[] aclIDs)
get multiple ACLs; set the ACLs as values of the HashMap; if no ACL is
assigned to an ID the value will be null
|
List |
getAffectedAclIDs(IAclPermission permission)
get a list of all IDs of ACLs which use a permission
|
IClusterCacheArea |
getCacheArea() |
long |
getDBVersion()
Returns a value representing the state (timestamp or modifycounter) of all
persisted acl entries.
|
IAclPermission |
getPermission(String name)
get the IAclPermission object of the (supported) permission with a given
name
|
IObjectTypeList |
getSupportedObjectTypes()
get a list of supported object types
|
IAclPermissionList |
getSupportedPermissions(IObjectType objectType)
get a list of permissions which are supported for a specific object type
|
boolean |
isPermissionUsedInAcl(IAclPermission permission)
check whether a permission is used in an ACL
|
boolean |
isReadOnly()
check whether IAclManager is read only (no creation or modification of ACLs
is allowed)
|
boolean |
removeAcl(IPrincipal caller,
IAcl acl)
remove a specific ACL
|
boolean |
removeAcl(IPrincipal caller,
String aclID)
remove a specific ACL
|
boolean |
removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
IAcl acl)
Deprecated.
As of NetWeaver 7.1, replaced by
removeAcl(com.sap.security.api.IPrincipal,IAcl) |
boolean |
removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
String aclID)
Deprecated.
As of NetWeaver 7.1, replaced by
removeAcl(com.sap.security.api.IPrincipal,String) |
void |
removeMultipleAcls(String aclIdPrefix)
remove multiple ACLs ("recursive deletion") - does not remove the root ACL
(call removeAcl() for the root node previously to remove the root ACL and
to check for authorization)
|
boolean |
removePermission(IAclPermission permission)
remove a permission - a permission can only be removed if it is not
predefined and not used in an ACL
|
boolean |
removeSupportedPermission(IObjectType objectType,
IAclPermission permission)
remove the assignment of a permission to an object type
|
void |
updatePrincipal(String principalID,
int principalType)
update a principal - remove related entries from caches
|
IAclEntry createAclEntry(com.sapportals.portal.security.usermanagement.IUMPrincipal principal, boolean negative, IAclPermission permission, int sortIndex, boolean propagate) throws AclPersistenceException, InvalidClassException
createAclEntry(com.sap.security.api.IPrincipal,boolean,IAclPermission,int,boolean)
principal
- the principalnegative
- true if the ACE denies a permission, false if it grantspermission
- the permissionsortIndex
- the position of the ACE in the ACLpropagate
- TBD: Description of the incoming method parameterAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredInvalidClassException
- the permission was created by a foreign
resource acl managerIAclEntry createAclEntry(IPrincipal principal, boolean negative, IAclPermission permission, int sortIndex, boolean propagate) throws AclPersistenceException, InvalidClassException
principal
- the principalnegative
- true if the ACE denies a permission, false if it grantspermission
- the permissionsortIndex
- the position of the ACE in the ACLpropagate
- TBD: Description of the incoming method parameterAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredInvalidClassException
- the permission was created by a foreign
resource acl managerIAcl createAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal owner, String aclID, IObjectType objectType) throws AclPersistenceException, AclExistsException
createAcl(com.sap.security.api.IPrincipal,String,IObjectType)
owner
- the initial owner of the ACLaclID
- the ID of the new ACLobjectType
- the type of object the ACL is forAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredAclExistsException
- an ACL with the same ID already existsIAcl createAcl(IPrincipal owner, String aclID, IObjectType objectType) throws AclPersistenceException, AclExistsException
owner
- the initial owner of the ACLaclID
- the ID of the new ACLobjectType
- the type of object the ACL is forAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredAclExistsException
- an ACL with the same ID already existsIAcl getAcl(String aclID, long contextDBVersion) throws AclPersistenceException
aclID
- ID of the ACLcontextDBVersion
- TBD: Description of the incoming method parameterAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredIAcl[] getAcls(String[] aclIDs) throws AclPersistenceException
aclIDs
- IDs of the ACLsAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean[] checkPermissions(IAcl[] acls, com.sapportals.portal.security.usermanagement.IUMPrincipal principal, IAclPermission[] permissions) throws AclPersistenceException
checkPermissions(IAcl[],com.sap.security.api.IPrincipal,IAclPermission[])
acls
- ACLs to checkprincipal
- the user or grouppermissions
- requested permissionsAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean[] checkPermissions(IAcl[] acls, IPrincipal principal, IAclPermission[] permissions) throws AclPersistenceException
acls
- ACLs to checkprincipal
- the user or grouppermissions
- requested permissionsAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, String aclID) throws AclPersistenceException, NotAuthorizedException
removeAcl(com.sap.security.api.IPrincipal,String)
caller
- a principal which must be an owner of the ACLaclID
- ID of the ACLAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- the caller is not an owner of the ACLboolean removeAcl(IPrincipal caller, String aclID) throws AclPersistenceException, NotAuthorizedException
caller
- a principal which must be an owner of the ACLaclID
- ID of the ACLAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- the caller is not an owner of the ACLboolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, IAcl acl) throws AclPersistenceException, InvalidClassException, NotAuthorizedException
removeAcl(com.sap.security.api.IPrincipal,IAcl)
caller
- a principal which must be an owner of the ACLacl
- the subject of removalAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- the caller is not an owner of the ACLInvalidClassException
- Exception raised in failure situationboolean removeAcl(IPrincipal caller, IAcl acl) throws AclPersistenceException, InvalidClassException, NotAuthorizedException
caller
- a principal which must be an owner of the ACLacl
- the subject of removalAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- the caller is not an owner of the ACLInvalidClassException
- Exception raised in failure situationvoid deletePrincipal(String principalID, int principalType) throws AclPersistenceException
principalID
- the principal's IDprincipalType
- type of the principal (from IUMPrincipal)AclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredvoid updatePrincipal(String principalID, int principalType) throws AclPersistenceException
principalID
- the principal's IDprincipalType
- type of the principal (from IUMPrincipal)AclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredIObjectTypeList getSupportedObjectTypes() throws AclPersistenceException
AclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredIAclPermissionList getSupportedPermissions(IObjectType objectType) throws AclPersistenceException
objectType
- the object typeAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredIAclPermission getPermission(String name) throws AclPersistenceException
name
- the name of the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean addSupportedPermission(IObjectType objectType, IAclPermission permission) throws AclPersistenceException, PredefinedPermissionException
objectType
- the object typepermission
- the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredPredefinedPermissionException
- the permission is predefined and
thus not allowed to be changedboolean removeSupportedPermission(IObjectType objectType, IAclPermission permission) throws AclPersistenceException, PredefinedPermissionException, PermissionUsedException
objectType
- the object typepermission
- the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredPredefinedPermissionException
- the permission is predefined and
thus not allowed to be changedPermissionUsedException
- Exception raised in failure situationIAclPermission createPermission(String name) throws AclPersistenceException, PermissionExistsException
name
- the permission nameAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredPermissionExistsException
- a permission with that name exists
alreadyboolean removePermission(IAclPermission permission) throws AclPersistenceException, PredefinedPermissionException, PermissionUsedException
permission
- the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredPredefinedPermissionException
- the permission is predefined and
thus not allowed to be changedPermissionUsedException
- the permission is used in some ACL and
thus not allowed to be changedboolean isPermissionUsedInAcl(IAclPermission permission) throws AclPersistenceException
permission
- the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredList getAffectedAclIDs(IAclPermission permission) throws AclPersistenceException
permission
- the permissionAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean changeAclID(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, IAcl acl, String newID) throws AclPersistenceException, NotAuthorizedException, AclExistsException
changeAclID(com.sap.security.api.IPrincipal,IAcl,String)
caller
- a principal which must be an owner of the ACLacl
- the ACLnewID
- the new ID of the ACLAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- Exception raised in failure situationAclExistsException
- Exception raised in failure situationboolean changeAclID(IPrincipal caller, IAcl acl, String newID) throws AclPersistenceException, NotAuthorizedException, AclExistsException
caller
- a principal which must be an owner of the ACLacl
- the ACLnewID
- the new ID of the ACLAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredNotAuthorizedException
- Exception raised in failure situationAclExistsException
- Exception raised in failure situationvoid changeMultipleAclIDs(String oldAclIdPrefix, String newAclIdPrefix) throws AclPersistenceException, AclExistsException
oldAclIdPrefix
- prefix of the old ACL IDsnewAclIdPrefix
- prefix of the new ACL IDsAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredAclExistsException
- Exception raised in failure situationvoid removeMultipleAcls(String aclIdPrefix) throws AclPersistenceException
aclIdPrefix
- prefix of the ACL IDs to be deletedAclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean isReadOnly() throws AclPersistenceException
AclPersistenceException
- a problem with the storage where the
ACLs are persisted occurredboolean[] areAclsUpToDate(IAcl[] acls) throws AclPersistenceException
acls
- the ACLs to checkAclPersistenceException
- Exception raised in failure situationlong getDBVersion()
IClusterCacheArea getCacheArea()
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] KMC-CM
|
[sap.com] tc/km/frwk
|
api
|
EP-KM-CM
|
[sap.com] KMC-WPC
|
[sap.com] tc/kmc/wpc/wpcfacade
|
api
|
EP-PIN-WPC-WCM
|
Copyright 2018 SAP AG Complete Copyright Notice