Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver 7.40 SP 07 KMC
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
com.sapportals.wcm.util.acl

Interface IAclManager

All Known Subinterfaces:
IAclManager4Tx, IAclManagerRaw
public interface IAclManager

An IAclManager administers and persists Access Control Lists (ACLs).
Abbreviations:

Method Summary
 boolean addSupportedPermission(IObjectType objectType, IAclPermission permission)
          assign a permission to an object type
 boolean[] areAclsUpToDate(IAcl[] acls)
          check whether the ACLs are up to date (compared to the database)
 boolean changeAclID(IPrincipal caller, IAcl acl, String newID)
          change the ID of an ACL ("rename")
 boolean changeAclID(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, IAcl acl, String newID)
          Deprecated. As of NetWeaver 7.1, replaced by changeAclID(com.sap.security.api.IPrincipal,IAcl,String)
 void changeMultipleAclIDs(String oldAclIdPrefix, String newAclIdPrefix)
          change the ID of multiple ACLs ("recursive rename") - does not change the root ACL (call changeAclID() for the root node previously to change the root ACL and to check for authorization)
 boolean[] checkPermissions(IAcl[] acls, IPrincipal principal, IAclPermission[] permissions)
          check multiple ACL permissions
 boolean[] checkPermissions(IAcl[] acls, com.sapportals.portal.security.usermanagement.IUMPrincipal principal, IAclPermission[] permissions)
          Deprecated. As of NetWeaver 7.1, replaced by checkPermissions(IAcl[],com.sap.security.api.IPrincipal,IAclPermission[])
 IAcl createAcl(IPrincipal owner, String aclID, IObjectType objectType)
          create a new ACL
 IAcl createAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal owner, String aclID, IObjectType objectType)
          Deprecated. As of NetWeaver 7.1, replaced by createAcl(com.sap.security.api.IPrincipal,String,IObjectType)
 IAclEntry createAclEntry(IPrincipal principal, boolean negative, IAclPermission permission, int sortIndex, boolean propagate)
          create a new ACE to grant or deny a permission to a principal
 IAclEntry createAclEntry(com.sapportals.portal.security.usermanagement.IUMPrincipal principal, boolean negative, IAclPermission permission, int sortIndex, boolean propagate)
          Deprecated. As of NetWeaver 7.1, replaced by createAclEntry(com.sap.security.api.IPrincipal,boolean,IAclPermission,int,boolean)
 IAclPermission createPermission(String name)
          create a new permission (the permission can not be used until it is assigned to an object type by calling the addSupportedPermission() method)
 void deletePrincipal(String principalID, int principalType)
          delete a principal - delete all ACEs which are subject to this principal - remove the principal from all ACL owner lists - if the principal is the last owner of an ACL, remove the ACL
 IAcl getAcl(String aclID, long contextDBVersion)
          get a specific ACL
 IAcl[] getAcls(String[] aclIDs)
          get multiple ACLs; set the ACLs as values of the HashMap; if no ACL is assigned to an ID the value will be null
 List getAffectedAclIDs(IAclPermission permission)
          get a list of all IDs of ACLs which use a permission
 IClusterCacheArea getCacheArea()
           
 long getDBVersion()
          Returns a value representing the state (timestamp or modifycounter) of all persisted acl entries.
 IAclPermission getPermission(String name)
          get the IAclPermission object of the (supported) permission with a given name
 IObjectTypeList getSupportedObjectTypes()
          get a list of supported object types
 IAclPermissionList getSupportedPermissions(IObjectType objectType)
          get a list of permissions which are supported for a specific object type
 boolean isPermissionUsedInAcl(IAclPermission permission)
          check whether a permission is used in an ACL
 boolean isReadOnly()
          check whether IAclManager is read only (no creation or modification of ACLs is allowed)
 boolean removeAcl(IPrincipal caller, IAcl acl)
          remove a specific ACL
 boolean removeAcl(IPrincipal caller, String aclID)
          remove a specific ACL
 boolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, IAcl acl)
          Deprecated. As of NetWeaver 7.1, replaced by removeAcl(com.sap.security.api.IPrincipal,IAcl)
 boolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller, String aclID)
          Deprecated. As of NetWeaver 7.1, replaced by removeAcl(com.sap.security.api.IPrincipal,String)
 void removeMultipleAcls(String aclIdPrefix)
          remove multiple ACLs ("recursive deletion") - does not remove the root ACL (call removeAcl() for the root node previously to remove the root ACL and to check for authorization)
 boolean removePermission(IAclPermission permission)
          remove a permission - a permission can only be removed if it is not predefined and not used in an ACL
 boolean removeSupportedPermission(IObjectType objectType, IAclPermission permission)
          remove the assignment of a permission to an object type
 void updatePrincipal(String principalID, int principalType)
          update a principal - remove related entries from caches
 

Method Detail

createAclEntry

IAclEntry createAclEntry(com.sapportals.portal.security.usermanagement.IUMPrincipal principal,
                         boolean negative,
                         IAclPermission permission,
                         int sortIndex,
                         boolean propagate)
                         throws AclPersistenceException,
                                InvalidClassException
Deprecated. As of NetWeaver 7.1, replaced by createAclEntry(com.sap.security.api.IPrincipal,boolean,IAclPermission,int,boolean)

create a new ACE to grant or deny a permission to a principal

Parameters:
principal - the principal
negative - true if the ACE denies a permission, false if it grants
permission - the permission
sortIndex - the position of the ACE in the ACL
propagate - TBD: Description of the incoming method parameter
Returns:
the newly created ACE
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
InvalidClassException - the permission was created by a foreign resource acl manager

createAclEntry

IAclEntry createAclEntry(IPrincipal principal,
                         boolean negative,
                         IAclPermission permission,
                         int sortIndex,
                         boolean propagate)
                         throws AclPersistenceException,
                                InvalidClassException
create a new ACE to grant or deny a permission to a principal

Parameters:
principal - the principal
negative - true if the ACE denies a permission, false if it grants
permission - the permission
sortIndex - the position of the ACE in the ACL
propagate - TBD: Description of the incoming method parameter
Returns:
the newly created ACE
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
InvalidClassException - the permission was created by a foreign resource acl manager
Since:
NetWeaver 7.1

createAcl

IAcl createAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal owner,
               String aclID,
               IObjectType objectType)
               throws AclPersistenceException,
                      AclExistsException
Deprecated. As of NetWeaver 7.1, replaced by createAcl(com.sap.security.api.IPrincipal,String,IObjectType)

create a new ACL

Parameters:
owner - the initial owner of the ACL
aclID - the ID of the new ACL
objectType - the type of object the ACL is for
Returns:
the newly created ACL
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
AclExistsException - an ACL with the same ID already exists

createAcl

IAcl createAcl(IPrincipal owner,
               String aclID,
               IObjectType objectType)
               throws AclPersistenceException,
                      AclExistsException
create a new ACL

Parameters:
owner - the initial owner of the ACL
aclID - the ID of the new ACL
objectType - the type of object the ACL is for
Returns:
the newly created ACL
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
AclExistsException - an ACL with the same ID already exists
Since:
NetWeaver 7.1

getAcl

IAcl getAcl(String aclID,
            long contextDBVersion)
            throws AclPersistenceException
get a specific ACL

Parameters:
aclID - ID of the ACL
contextDBVersion - TBD: Description of the incoming method parameter
Returns:
the ACL with the given ID or null
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

getAcls

IAcl[] getAcls(String[] aclIDs)
               throws AclPersistenceException
get multiple ACLs; set the ACLs as values of the HashMap; if no ACL is assigned to an ID the value will be null

Parameters:
aclIDs - IDs of the ACLs
Returns:
acls
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

checkPermissions

boolean[] checkPermissions(IAcl[] acls,
                           com.sapportals.portal.security.usermanagement.IUMPrincipal principal,
                           IAclPermission[] permissions)
                           throws AclPersistenceException
Deprecated. As of NetWeaver 7.1, replaced by checkPermissions(IAcl[],com.sap.security.api.IPrincipal,IAclPermission[])

check multiple ACL permissions

Parameters:
acls - ACLs to check
principal - the user or group
permissions - requested permissions
Returns:
array elements are true for grant on corresponding acl, otherwise false
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

checkPermissions

boolean[] checkPermissions(IAcl[] acls,
                           IPrincipal principal,
                           IAclPermission[] permissions)
                           throws AclPersistenceException
check multiple ACL permissions

Parameters:
acls - ACLs to check
principal - the user or group
permissions - requested permissions
Returns:
array elements are true for grant on corresponding acl, otherwise false
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
Since:
NetWeaver 7.1

removeAcl

boolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
                  String aclID)
                  throws AclPersistenceException,
                         NotAuthorizedException
Deprecated. As of NetWeaver 7.1, replaced by removeAcl(com.sap.security.api.IPrincipal,String)

remove a specific ACL

Parameters:
caller - a principal which must be an owner of the ACL
aclID - ID of the ACL
Returns:
true iff the ACL did exist and was removed
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - the caller is not an owner of the ACL

removeAcl

boolean removeAcl(IPrincipal caller,
                  String aclID)
                  throws AclPersistenceException,
                         NotAuthorizedException
remove a specific ACL

Parameters:
caller - a principal which must be an owner of the ACL
aclID - ID of the ACL
Returns:
true iff the ACL did exist and was removed
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - the caller is not an owner of the ACL
Since:
NetWeaver 7.1

removeAcl

boolean removeAcl(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
                  IAcl acl)
                  throws AclPersistenceException,
                         InvalidClassException,
                         NotAuthorizedException
Deprecated. As of NetWeaver 7.1, replaced by removeAcl(com.sap.security.api.IPrincipal,IAcl)

remove a specific ACL

Parameters:
caller - a principal which must be an owner of the ACL
acl - the subject of removal
Returns:
true iff the ACL did exist and was removed
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - the caller is not an owner of the ACL
InvalidClassException - Exception raised in failure situation

removeAcl

boolean removeAcl(IPrincipal caller,
                  IAcl acl)
                  throws AclPersistenceException,
                         InvalidClassException,
                         NotAuthorizedException
remove a specific ACL

Parameters:
caller - a principal which must be an owner of the ACL
acl - the subject of removal
Returns:
true iff the ACL did exist and was removed
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - the caller is not an owner of the ACL
InvalidClassException - Exception raised in failure situation
Since:
NetWeaver 7.1

deletePrincipal

void deletePrincipal(String principalID,
                     int principalType)
                     throws AclPersistenceException
delete a principal - delete all ACEs which are subject to this principal - remove the principal from all ACL owner lists - if the principal is the last owner of an ACL, remove the ACL

Parameters:
principalID - the principal's ID
principalType - type of the principal (from IUMPrincipal)
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

updatePrincipal

void updatePrincipal(String principalID,
                     int principalType)
                     throws AclPersistenceException
update a principal - remove related entries from caches

Parameters:
principalID - the principal's ID
principalType - type of the principal (from IUMPrincipal)
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

getSupportedObjectTypes

IObjectTypeList getSupportedObjectTypes()
                                        throws AclPersistenceException
get a list of supported object types

Returns:
the supported object types
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

getSupportedPermissions

IAclPermissionList getSupportedPermissions(IObjectType objectType)
                                           throws AclPersistenceException
get a list of permissions which are supported for a specific object type

Parameters:
objectType - the object type
Returns:
the permissions
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

getPermission

IAclPermission getPermission(String name)
                             throws AclPersistenceException
get the IAclPermission object of the (supported) permission with a given name

Parameters:
name - the name of the permission
Returns:
the IAclPermission object
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

addSupportedPermission

boolean addSupportedPermission(IObjectType objectType,
                               IAclPermission permission)
                               throws AclPersistenceException,
                                      PredefinedPermissionException
assign a permission to an object type

Parameters:
objectType - the object type
permission - the permission
Returns:
true iff the permission was assigned successfully
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
PredefinedPermissionException - the permission is predefined and thus not allowed to be changed

removeSupportedPermission

boolean removeSupportedPermission(IObjectType objectType,
                                  IAclPermission permission)
                                  throws AclPersistenceException,
                                         PredefinedPermissionException,
                                         PermissionUsedException
remove the assignment of a permission to an object type

Parameters:
objectType - the object type
permission - the permission
Returns:
true iff the assignment was removed successfully
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
PredefinedPermissionException - the permission is predefined and thus not allowed to be changed
PermissionUsedException - Exception raised in failure situation

createPermission

IAclPermission createPermission(String name)
                                throws AclPersistenceException,
                                       PermissionExistsException
create a new permission (the permission can not be used until it is assigned to an object type by calling the addSupportedPermission() method)

Parameters:
name - the permission name
Returns:
the newly created permission
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
PermissionExistsException - a permission with that name exists already

removePermission

boolean removePermission(IAclPermission permission)
                         throws AclPersistenceException,
                                PredefinedPermissionException,
                                PermissionUsedException
remove a permission - a permission can only be removed if it is not predefined and not used in an ACL

Parameters:
permission - the permission
Returns:
true iff the permission was removed successfully
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
PredefinedPermissionException - the permission is predefined and thus not allowed to be changed
PermissionUsedException - the permission is used in some ACL and thus not allowed to be changed

isPermissionUsedInAcl

boolean isPermissionUsedInAcl(IAclPermission permission)
                              throws AclPersistenceException
check whether a permission is used in an ACL

Parameters:
permission - the permission
Returns:
true iff the permission is used in an ACL
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

getAffectedAclIDs

List getAffectedAclIDs(IAclPermission permission)
                       throws AclPersistenceException
get a list of all IDs of ACLs which use a permission

Parameters:
permission - the permission
Returns:
the list of accected ACL IDs (Strings)
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

changeAclID

boolean changeAclID(com.sapportals.portal.security.usermanagement.IUMPrincipal caller,
                    IAcl acl,
                    String newID)
                    throws AclPersistenceException,
                           NotAuthorizedException,
                           AclExistsException
Deprecated. As of NetWeaver 7.1, replaced by changeAclID(com.sap.security.api.IPrincipal,IAcl,String)

change the ID of an ACL ("rename")

Parameters:
caller - a principal which must be an owner of the ACL
acl - the ACL
newID - the new ID of the ACL
Returns:
true iff the ID has been changed successfully
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - Exception raised in failure situation
AclExistsException - Exception raised in failure situation

changeAclID

boolean changeAclID(IPrincipal caller,
                    IAcl acl,
                    String newID)
                    throws AclPersistenceException,
                           NotAuthorizedException,
                           AclExistsException
change the ID of an ACL ("rename")

Parameters:
caller - a principal which must be an owner of the ACL
acl - the ACL
newID - the new ID of the ACL
Returns:
true iff the ID has been changed successfully
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
NotAuthorizedException - Exception raised in failure situation
AclExistsException - Exception raised in failure situation
Since:
NetWeaver 7.1

changeMultipleAclIDs

void changeMultipleAclIDs(String oldAclIdPrefix,
                          String newAclIdPrefix)
                          throws AclPersistenceException,
                                 AclExistsException
change the ID of multiple ACLs ("recursive rename") - does not change the root ACL (call changeAclID() for the root node previously to change the root ACL and to check for authorization)

Parameters:
oldAclIdPrefix - prefix of the old ACL IDs
newAclIdPrefix - prefix of the new ACL IDs
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred
AclExistsException - Exception raised in failure situation

removeMultipleAcls

void removeMultipleAcls(String aclIdPrefix)
                        throws AclPersistenceException
remove multiple ACLs ("recursive deletion") - does not remove the root ACL (call removeAcl() for the root node previously to remove the root ACL and to check for authorization)

Parameters:
aclIdPrefix - prefix of the ACL IDs to be deleted
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

isReadOnly

boolean isReadOnly()
                   throws AclPersistenceException
check whether IAclManager is read only (no creation or modification of ACLs is allowed)

Returns:
true iff the IAclManager is read only
Throws:
AclPersistenceException - a problem with the storage where the ACLs are persisted occurred

areAclsUpToDate

boolean[] areAclsUpToDate(IAcl[] acls)
                          throws AclPersistenceException
check whether the ACLs are up to date (compared to the database)

Parameters:
acls - the ACLs to check
Returns:
a boolean array containing true for the ACLs which are up to date
Throws:
AclPersistenceException - Exception raised in failure situation

getDBVersion

long getDBVersion()
Returns a value representing the state (timestamp or modifycounter) of all persisted acl entries. If a negative number is returned this method is not supported or an error occured.

Returns:
dBVersion

getCacheArea

IClusterCacheArea getCacheArea()
Access Rights

This class can be accessed from:







SC


DC

Public Part

ACH






[sap.com] KMC-CM


[sap.com] tc/km/frwk


api


EP-KM-CM






[sap.com] KMC-WPC


[sap.com] tc/kmc/wpc/wpcfacade


api


EP-PIN-WPC-WCM





















  

      Overview 
      Package 
    Class 
      Use 
      Tree 
      Deprecated 
      Index 
      Help 
  





SAP NetWeaver 7.40 SP 07 KMC







 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 









  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD









Copyright 2014 SAP AG Complete Copyright Notice