public interface AdminMgr extends Manageable
This interface's implementer will NOT be thread safe if parent instance variables
(Manageable.setContextId(String)
or
Manageable.setAdmin(org.apache.directory.fortress.core.model.Session)
) are set.
Modifier and Type | Method and Description |
---|---|
void |
addAscendant(Role childRole,
Role parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
addDescendant(Role parentRole,
Role childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
SDSet |
addDsdRoleMember(SDSet dsdSet,
Role role)
This command adds a role to a named DSD set of roles.
|
void |
addInheritance(Role parentRole,
Role childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
Permission |
addPermission(Permission perm)
This method will add permission operation to an existing permission object which resides under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
addPermObj(PermObj pObj)
This method will add permission object to perms container in directory.
|
Role |
addRole(Role role)
This command creates a new role.
|
SDSet |
addSsdRoleMember(SDSet ssdSet,
Role role)
This command adds a role to a named SSD set of roles.
|
User |
addUser(User user)
This command creates a new RBAC user.
|
void |
assignUser(UserRole uRole)
This command assigns a user to a role.
|
void |
changePassword(User user,
char[] newPassword)
Method will change user's password.
|
SDSet |
createDsdSet(SDSet dsdSet)
This command creates a named DSD set of roles and sets an associated cardinality n.
|
SDSet |
createSsdSet(SDSet ssdSet)
This command creates a named SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
void |
deassignUser(UserRole uRole)
This command deletes the assignment of the User from the Role entities.
|
SDSet |
deleteDsdRoleMember(SDSet dsdSet,
Role role)
This command removes a role from a named DSD set of roles.
|
SDSet |
deleteDsdSet(SDSet dsdSet)
This command deletes a DSD role set completely.
|
void |
deleteInheritance(Role parentRole,
Role childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
deletePasswordPolicy(User user)
Method will delete user's password policy designation.
|
void |
deletePermission(Permission perm)
This method will remove permission operation entity from permission object.
|
void |
deletePermObj(PermObj pObj)
This method will remove permission object to perms container in directory.
|
void |
deleteRole(Role role)
This command deletes an existing role from the RBAC database.
|
SDSet |
deleteSsdRoleMember(SDSet ssdSet,
Role role)
This command removes a role from a named SSD set of roles.
|
SDSet |
deleteSsdSet(SDSet ssdSet)
This command deletes a SSD role set completely.
|
void |
deleteUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
disableUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
grantPermission(Permission perm,
Role role)
This command grants a role the permission to perform an operation on an object to a role.
|
void |
grantPermission(Permission perm,
User user)
This command grants a user the permission to perform an operation on an object to a role.
|
void |
lockUserAccount(User user)
Method will lock user's password which will prevent the user from authenticating with directory.
|
void |
resetPassword(User user,
char[] newPassword)
Method will reset user's password which will require user to change password before successful authentication with
directory.
|
void |
revokePermission(Permission perm,
Role role)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a role.
|
void |
revokePermission(Permission perm,
User user)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a user.
|
SDSet |
setDsdSetCardinality(SDSet dsdSet,
int cardinality)
This command sets the cardinality associated with a given DSD role set.
|
SDSet |
setSsdSetCardinality(SDSet ssdSet,
int cardinality)
This command sets the cardinality associated with a given SSD role set.
|
void |
unlockUserAccount(User user)
Method will unlock user's password which will enable user to authenticate with directory.
|
SDSet |
updateDsdSet(SDSet dsdSet)
This command updates existing DSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Permission |
updatePermission(Permission perm)
This method will update permission operation pre-existing in target directory under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
updatePermObj(PermObj pObj)
This method will update permission object in perms container in directory.
|
Role |
updateRole(Role role)
Method will update a Role entity in the directory.
|
SDSet |
updateSsdSet(SDSet ssdSet)
This command updates existing SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
User |
updateUser(User user)
This method performs an update on User entity in directory.
|
setAdmin, setContextId
User addUser(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uidUser.password
- used to authenticate the UserUser.ou
- contains the name of an already existing User OU nodeUser.pwPolicy
- contains the name of an already existing OpenLDAP password policy nodeUser.cn
- maps to INetOrgPerson common name attributeUser.sn
- maps to INetOrgPerson surname attributeUser.description
- maps to INetOrgPerson description attributeUser.title
- maps to INetOrgPerson title attributeUser.employeeType
- maps to INetOrgPerson employeeType attributeUser.phones
* - multi-occurring attribute maps to organizationalPerson telephoneNumber attributeUser.mobiles
* - multi-occurring attribute maps to INetOrgPerson mobile attributeUser.emails
* - multi-occurring attribute maps to INetOrgPerson mail attributeUser.address
* - multi-occurring attribute maps to organizationalPerson postalAddress, st,
l, postalCode, postOfficeBox attributes
User.beginTime
- HHMM - determines begin hour user may activate sessionUser.endTime
- HHMM - determines end hour user may activate session.User.beginDate
- YYYYMMDD - determines date when user may sign onUser.endDate
- YYYYMMDD - indicates latest date user may sign onUser.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive statusUser.endLockDate
- YYYYMMDD - determines end of enforced inactive statusUser.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of user may sign onUser.timeout
- number in seconds of session inactivity time allowedUser.props
* - multi-occurring attribute contains property key and values are separated with a ':'.
e.g. mykey1:myvalue1
User.roles
* - multi-occurring attribute contains the name of already existing role to assign to user
User.adminRoles
* - multi-occurring attribute contains the name of already existing adminRole to assign
to user
user
- User entity must contain User.userId
and User.ou
(required) and optional
User.description
,User.roles
and many others.SecurityException
- thrown in the event of data validation or system error.void disableUser(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- Contains the User.userId
of the User targeted for deletion.SecurityException
- thrown in the event of data validation or system error.void deleteUser(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- Contains the User.userId
of the User targeted for deletion.SecurityException
- thrown in the event of data validation or system error.User updateUser(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uidUser.password
- used to authenticate the UserUser.ou
- contains the name of an already existing User OU nodeUser.pwPolicy
- contains the name of an already existing OpenLDAP password policy nodeUser.cn
- maps to INetOrgPerson common name attributeUser.sn
- maps to INetOrgPerson surname attributeUser.description
- maps to INetOrgPerson description attributeUser.title
- maps to INetOrgPerson title attributeUser.employeeType
- maps to INetOrgPerson employeeType attributeUser.phones
* - multi-occurring attribute maps to organizationalPerson telephoneNumber attributeUser.mobiles
* - multi-occurring attribute maps to INetOrgPerson mobile attributeUser.emails
* - multi-occurring attribute maps to INetOrgPerson mail attributeUser.address
* - multi-occurring attribute maps to organizationalPerson postalAddress, st, l,
postalCode, postOfficeBox attributes
User.beginTime
- HHMM - determines begin hour user may activate sessionUser.endTime
- HHMM - determines end hour user may activate session.User.beginDate
- YYYYMMDD - determines date when user may sign onUser.endDate
- YYYYMMDD - indicates latest date user may sign onUser.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive statusUser.endLockDate
- YYYYMMDD - determines end of enforced inactive statusUser.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of user may sign onUser.timeout
- number in seconds of session inactivity time allowedUser.props
* - multi-occurring attribute contains property key and values are separated with a ':'.
e.g. mykey1:myvalue1
User.roles
* - multi-occurring attribute contains the name of already existing role to assign to user
User.adminRoles
* - multi-occurring attribute contains the name of already existing adminRole to assign
to user
user
- must contain User.userId
and optional entity data to update i.e. desc, ou, properties, all
attributes that are not set will be ignored.SecurityException
- thrown in the event of validation or system error.void changePassword(User user, char[] newPassword) throws SecurityException
User.userId
- maps to INetOrgPerson uidUser.password
- contains the User's old passworduser
- contains User.userId
and old user password User.password
.newPassword
- contains new user password.SecurityException
- will be thrown in the event of password policy violation or system error.void lockUserAccount(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- entity contains User.userId
of User to be locked.SecurityException
- will be thrown in the event of pw policy violation or system error.void unlockUserAccount(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- entity contains User.userId
of User to be unlocked.SecurityException
- will be thrown in the event of pw policy violation or system error.void resetPassword(User user, char[] newPassword) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- entity contains User.userId
of User to be reset.newPassword
- The new password to setSecurityException
- will be thrown in the event of pw policy violation or system error.void deletePasswordPolicy(User user) throws SecurityException
User.userId
- maps to INetOrgPerson uiduser
- contains User.userId
.SecurityException
- will be thrown in the event of password policy violation or system error.Role addRole(Role role) throws SecurityException
Role.name
- contains the name to use for the Role to be created.Role.description
- maps to description attribute on organizationalRole object classRole.beginTime
- HHMM - determines begin hour role may be activated into user's RBAC sessionRole.endTime
- HHMM - determines end hour role may be activated into user's RBAC session.Role.beginDate
- YYYYMMDD - determines date when role may be activated into user's RBAC sessionRole.endDate
- YYYYMMDD - indicates latest date role may be activated into user's RBAC sessionRole.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive statusRole.endLockDate
- YYYYMMDD - determines end of enforced inactive statusRole.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into
user's RBAC session
role
- must contains Role.name
(required) and optional Role.description
.SecurityException
- thrown in the event of data validation or system error.void deleteRole(Role role) throws SecurityException
Role.name
- contains the name to use for the Role to be deleted.role
- Must contain Role.name
for Role to delete.SecurityException
- thrown in the event of data validation or system error.Role updateRole(Role role) throws SecurityException
Role.name
- contains the name to use for the Role to be updated.Role.description
- maps to description attribute on organizationalRole object classRole.beginTime
- HHMM - determines begin hour role may be activated into user's RBAC sessionRole.endTime
- HHMM - determines end hour role may be activated into user's RBAC session.Role.beginDate
- YYYYMMDD - determines date when role may be activated into user's RBAC sessionRole.endDate
- YYYYMMDD - indicates latest date role may be activated into user's RBAC sessionRole.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive statusRole.endLockDate
- YYYYMMDD - determines end of enforced inactive statusRole.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into
user's RBAC session
role
- Must contains Role.name
and may contain new description or
Constraint
SecurityException
- in the event of validation or system error.void assignUser(UserRole uRole) throws SecurityException
Successful completion of this op, the following occurs:
ftUserAttrs
aux object class based on:UserRole.name
- contains the name for already existing Role to be assignedUserRole.userId
- contains the userId for existing UserUserRole.beginTime
- HHMM - determines begin hour role may be activated into user's RBAC sessionUserRole.endTime
- HHMM - determines end hour role may be activated into user's RBAC session.UserRole.beginDate
- YYYYMMDD - determines date when role may be activated into user's RBAC sessionUserRole.endDate
- YYYYMMDD - indicates latest date role may be activated into user's RBAC sessionUserRole.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive statusUserRole.endLockDate
- YYYYMMDD - determines end of enforced inactive statusUserRole.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into
user's RBAC session
uRole
- must contain UserRole.userId
and UserRole.name
and optional Constraints
.SecurityException
- in the event of validation or system error.void deassignUser(UserRole uRole) throws SecurityException
UserRole.name
- contains the name for already existing Role to be deassignedUserRole.userId
- contains the userId for existing UseruRole
- must contain UserRole.userId
and UserRole.name
.SecurityException
- - in the event data error in user or role objects or system error.Permission addPermission(Permission perm) throws SecurityException
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com
container in directory information tree.
The perm operation entity may have Role
or
User
associations. The target Permission
must not exist
prior to calling.
A Fortress Permission instance exists in a hierarchical, one-many relationship between its parent and itself as
stored in ldap tree: (PermObj
*->Permission
).
Permission.objName
- contains the name of existing object being targeted for the permission addPermission.opName
- contains the name of new permission operation being addedPermission.roles
* - multi occurring attribute contains RBAC Roles that permission operation is being
granted to
Permission.users
* - multi occurring attribute contains Users that permission operation is being granted
to
Permission.props
* - multi-occurring property key and values are separated with a ':'. e.g.
mykey1:myvalue1
Permission.type
- any safe textperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that identifies target along with optional other attributes..SecurityException
- - thrown in the event of perm object data or system error.Permission updatePermission(Permission perm) throws SecurityException
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com
container in directory information tree.
The perm operation entity may also contain Role
or
User
associations to add or remove using this function.
The perm operation must exist before making this call. Only non-null attributes will be updated.
Permission.objName
- contains the name of existing object being targeted for the permission updatePermission.opName
- contains the name of existing permission operation being updatedPermission.roles
* - multi occurring attribute contains RBAC Roles that permission operation is being
granted to
Permission.users
* - multi occurring attribute contains Users that permission operation is being granted
to
Permission.props
* - multi-occurring property key and values are separated with a ':'. e.g.
mykey1:myvalue1
Permission.type
- any safe textperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that
identifies target and any optional data to update. Null or empty attributes will be ignored.SecurityException
- - thrown in the event of perm object data or system error.void deletePermission(Permission perm) throws SecurityException
Permission.objName
- contains the name of existing object being targeted for the permission deletePermission.opName
- contains the name of existing permission operation being removedperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that
identifies target.SecurityException
- - thrown in the event of perm object data or system error.PermObj addPermObj(PermObj pObj) throws SecurityException
PermObj
instance exists in a hierarchical, one-many relationship between itself and children as stored in
ldap tree: (PermObj
*->Permission
).
PermObj.objName
- contains the name of new object being addedPermObj.ou
- contains the name of an existing PERMS OrgUnit this object is associated withPermObj.description
- any safe textPermObj.type
- contains any safe textPermObj.props
* - multi-occurring property key and values are separated with a ':'. e.g. mykey1:myvalue1
pObj
- must contain the PermObj.objName
and PermObj.ou
. The other attributes are optional.SecurityException
- - thrown in the event of perm object data or system error.PermObj updatePermObj(PermObj pObj) throws SecurityException
PermObj
instance exists in a hierarchical, one-many relationship between itself and children as stored in
ldap tree: (PermObj
*->Permission
).
PermObj.objName
- contains the name of existing object being updatedPermObj.ou
- contains the name of an existing PERMS OrgUnit this object is associated withPermObj.description
- any safe textPermObj.type
- contains any safe textPermObj.props
* - multi-occurring property key and values are separated with a ':'. e.g. mykey1:myvalue1
pObj
- must contain the PermObj.objName
. Only non-null attributes will be updated.SecurityException
- - thrown in the event of perm object data or system error.void deletePermObj(PermObj pObj) throws SecurityException
PermObj.objName
- contains the name of existing object targeted for removalpObj
- must contain the PermObj.objName
of object targeted for removal.SecurityException
- - thrown in the event of perm object data or system error.void grantPermission(Permission perm, Role role) throws SecurityException
Permission.objName
- contains the object namePermission.opName
- contains the operation nameRole.name
- contains the role nameperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that
identifies target.role
- must contains Role.name
.SecurityException
- Thrown in the event of data validation or system error.void revokePermission(Permission perm, Role role) throws SecurityException
Permission.objName
- contains the object namePermission.opName
- contains the operation nameRole.name
- contains the role nameperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that
identifies target.role
- must contains Role.name
.SecurityException
- Thrown in the event of data validation or system error.void grantPermission(Permission perm, User user) throws SecurityException
Permission.objName
- contains the object namePermission.opName
- contains the operation nameUser.userId
- contains the userIdperm
- must contain the object, Permission.objName
, and operation, Permission.opName
,
that identifies target.user
- must contain User.userId
of target User entity.SecurityException
- Thrown in the event of data validation or system error.void revokePermission(Permission perm, User user) throws SecurityException
Permission.objName
- contains the object namePermission.opName
- contains the operation nameUser.userId
- contains the userIdperm
- must contain the object, Permission.objName
, and operation, Permission.opName
, that
identifies target.user
- must contain User.userId
of target User entity.SecurityException
- Thrown in the event of data validation or system error.void addDescendant(Role parentRole, Role childRole) throws SecurityException
The command is valid if and only if:
This method:
Role.name
- contains the name of existing Role to be parentRole.name
- contains the name of new Role to be childRole.description
- maps to description attribute on organizationalRole object class for new
child
Role.beginTime
- HHMM - determines begin hour role may be activated into user's RBAC session
for new child
Role.endTime
- HHMM - determines end hour role may be activated into user's RBAC session for
new child
Role.beginDate
- YYYYMMDD - determines date when role may be activated into user's RBAC
session for new child
Role.endDate
- YYYYMMDD - indicates latest date role may be activated into user's RBAC
session for new child
Role.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive status for new
child
Role.endLockDate
- YYYYMMDD - determines end of enforced inactive status for new child
Role.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be
activated into user's RBAC session for new child
parentRole
- This entity must be present in ROLE data set. Success will add role rel with childRole.childRole
- This entity must not be present in ROLE data set. Success will add the new role entity to ROLE
data set.SecurityException
- thrown in the event of data validation or system error.void addAscendant(Role childRole, Role parentRole) throws SecurityException
The command is valid if and only if:
This method:
Role.name
- contains the name of existing child RoleRole.name
- contains the name of new Role to be parentRole.description
- maps to description attribute on organizationalRole object class for
new parent
Role.beginTime
- HHMM - determines begin hour role may be activated into user's RBAC
session for new parent
Role.endTime
- HHMM - determines end hour role may be activated into user's RBAC session
for new parent
Role.beginDate
- YYYYMMDD - determines date when role may be activated into user's RBAC
session for new parent
Role.endDate
- YYYYMMDD - indicates latest date role may be activated into user's RBAC
session for new parent
Role.beginLockDate
- YYYYMMDD - determines beginning of enforced inactive status for new
parent
Role.endLockDate
- YYYYMMDD - determines end of enforced inactive status for new parent
Role.dayMask
- 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be
activated into user's RBAC session for new parent
parentRole
- completion of op assigns new child relationship with childRole.childRole
- completion of op assigns new parent relationship with parentRole.SecurityException
- thrown in the event of data validation or system error.void addInheritance(Role parentRole, Role childRole) throws SecurityException
The command is valid if and only if:
parentRole
- completion of op deassigns child relationship with childRole.childRole
- completion of op deassigns parent relationship with parentRole.SecurityException
- thrown in the event of data validation or system error.void deleteInheritance(Role parentRole, Role childRole) throws SecurityException
The command is valid if and only if:
parentRole
- completion of op removes child relationship with childRole.childRole
- completion of op removes parent relationship with parentRole.SecurityException
- thrown in the event of data validation or system error.SDSet createSsdSet(SDSet ssdSet) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of new SSD role set to be addedSDSet.members
* - multi-occurring attribute contains the RBAC Role names to be added to this setSDSet.cardinality
- default is 2 which is one more than maximum number of Roles that may be assigned to
User from a particular set
SDSet.description
- contains any safe textssdSet
- contains an instantiated reference to new SSD set containing, name, members, and cardinality (default 2)SecurityException
- in the event of data validation or system error.SDSet updateSsdSet(SDSet ssdSet) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of existing SSD role set to be updatedSDSet.members
* - multi-occurring attribute contains the RBAC Role names to be added to this setSDSet.cardinality
- default is 2 which is one more than maximum number of Roles that may be assigned to
User from a particular set
SDSet.description
- contains any safe textssdSet
- contains an instantiated reference to existing SSD set containing, name, members, and cardinality
(default 2)SecurityException
- in the event of data validation or system error.SDSet addSsdRoleMember(SDSet ssdSet, Role role) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of SSD role set to be modifiedRole.name
- contains the name of new SDSet.members
to be addedssdSet
- contains an instantiated reference to new SSD set containing, namerole
- contains instantiated Role object with role name field set.SecurityException
- in the event of data validation or system error.SDSet deleteSsdRoleMember(SDSet ssdSet, Role role) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of SSD role set to be modifiedRole.name
- contains the name of existing SDSet.members
to be removedssdSet
- contains an instantiated reference to new SSD set containing name.role
- contains instantiated Role object with role name field set.SecurityException
- in the event of data validation or system error.SDSet deleteSsdSet(SDSet ssdSet) throws SecurityException
SDSet.name
- contains the name of SSD role set to be removedssdSet
- contains an instantiated reference to SSD set targeted for removal.SecurityException
- in the event of data validation or system error.SDSet setSsdSetCardinality(SDSet ssdSet, int cardinality) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of SSD role set to be modifiedssdSet
- contains an instantiated reference to new SSD set containing, namecardinality
- integer value contains new cardinality value for data set.SecurityException
- in the event of data validation or system error.SDSet createDsdSet(SDSet dsdSet) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of new DSD role set to be addedSDSet.members
* - multi-occurring attribute contains the RBAC Role names to be added to this setSDSet.cardinality
- default is 2 which is one more than maximum number of Roles that may be assigned to
User from a particular set
SDSet.description
- contains any safe textdsdSet
- contains an instantiated reference to new DSD set containing, name, members, and cardinality
(default 2)SecurityException
- in the event of data validation or system error.SDSet updateDsdSet(SDSet dsdSet) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of existing DSD role set to be updatedSDSet.members
* - multi-occurring attribute contains the RBAC Role names to be added to this setSDSet.cardinality
- default is 2 which is one more than maximum number of Roles that may be assigned
to User from a particular set
SDSet.description
- contains any safe textdsdSet
- contains an instantiated reference to existing DSD set containing, name, members, and cardinality
(default 2)SecurityException
- in the event of data validation or system error.SDSet addDsdRoleMember(SDSet dsdSet, Role role) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of DSD role set to be modifiedRole.name
- contains the name of new SDSet.members
to be addeddsdSet
- contains an instantiated reference to new DSD set containing, namerole
- contains instantiated Role object with role name field set.SecurityException
- in the event of data validation or system error.SDSet deleteDsdRoleMember(SDSet dsdSet, Role role) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of DSD role set to be modifiedRole.name
- contains the name of existing SDSet.members
to be removeddsdSet
- contains an instantiated reference to new DSD set containing name.role
- contains instantiated Role object with role name field set.SecurityException
- in the event of data validation or system error.SDSet deleteDsdSet(SDSet dsdSet) throws SecurityException
SDSet.name
- contains the name of DSD role set to be removeddsdSet
- contains an instantiated reference to DSD set targeted for removal.SecurityException
- in the event of data validation or system error.SDSet setDsdSetCardinality(SDSet dsdSet, int cardinality) throws SecurityException
The command is valid if and only if:
SDSet.name
- contains the name of DSD role set to be modifieddsdSet
- contains an instantiated reference to new DSD set containing, namecardinality
- integer value contains new cardinality value for data set.SecurityException
- in the event of data validation or system error.Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621