public interface DelReviewMgr extends Manageable
Fortress fully supports the Oh/Sandhu/Zhang ARBAC02 model for delegated administration. ARBAC provides large enterprises the capability to delegate administrative authority to users that reside outside of the security admin group. Decentralizing administration helps because it provides security provisioning capability to work groups without sacrificing regulations for accountability or traceability.
This interface's implementer will NOT be thread safe if parent instance variables (Manageable.setContextId(String)
or Manageable.setAdmin(org.apache.directory.fortress.core.model.Session)
) are set.
Modifier and Type | Method and Description |
---|---|
List<UserAdminRole> |
assignedRoles(User user)
This function returns the set of admin roles assigned to a given user.
|
List<User> |
assignedUsers(AdminRole role)
This method returns the data set of all users who are assigned the given admin role.
|
List<AdminRole> |
findRoles(String searchVal)
Method will return a list of type Admin Role.
|
OrgUnit |
read(OrgUnit entity)
Commands reads existing OrgUnit entity from OrgUnit dataset.
|
AdminRole |
readRole(AdminRole role)
Method reads Admin Role entity from the admin role container in directory.
|
List<Permission> |
rolePermissions(AdminRole role)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<Permission> |
rolePermissions(AdminRole role,
boolean noInheritance)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<OrgUnit> |
search(OrgUnit.Type type,
String searchVal)
Commands searches existing OrgUnit entities from OrgUnit dataset.
|
setAdmin, setContextId
AdminRole readRole(AdminRole role) throws SecurityException
Role.name
- contains the name of the AdminRole being targeted for readrole
- contains role name to be read.SecurityException
- will be thrown if role not found or system error occurs.List<AdminRole> findRoles(String searchVal) throws SecurityException
Role.name
- contains all or some chars in the name of AdminRole(s) targeted for searchsearchVal
- contains the all or some of the chars corresponding to admin role entities stored in directory.SecurityException
- in the event of system error.List<UserAdminRole> assignedRoles(User user) throws SecurityException
User.userId
- contains the userId associated with the User object targeted for search.user
- contains userId matching user entity stored in the directory.SecurityException
- If user not found or system error occurs.List<User> assignedUsers(AdminRole role) throws SecurityException
Role.name
- contains the name of AdminRole targeted for searchrole
- contains the role name used to search the User data set.SecurityException
- If system error occurs.OrgUnit read(OrgUnit entity) throws SecurityException
OrgUnit.name
- contains the name associated with the OrgUnit
object targeted for search.
OrgUnit.type
- contains the type of OU:
OrgUnit.Type.USER
or
OrgUnit.Type.PERM
entity
- contains OrgUnit name and type.SecurityException
- in the event of data validation or system error.List<OrgUnit> search(OrgUnit.Type type, String searchVal) throws SecurityException
OrgUnit.type
- contains the type of OU:
OrgUnit.Type.USER
or
OrgUnit.Type.PERM
type
- either PERM or USERsearchVal
- contains the leading chars that map to OrgUnit.name
on existing OrgUnit(s) targeted for search.SecurityException
- in the event of data validation or system error.List<Permission> rolePermissions(AdminRole role) throws SecurityException
Role.name
- contains the name to use for the AdminRole targeted for search.role
- contains role name, Role.name
of AdminRole entity Permission is granted to.SecurityException
- In the event system error occurs.List<Permission> rolePermissions(AdminRole role, boolean noInheritance) throws SecurityException
Role.name
- contains the name to use for the AdminRole targeted for search.role
- contains role name, Role.name
of AdminRole entity Permission is granted to.noInheritance
- if true will NOT include inherited roles in the search.SecurityException
- In the event system error occurs.Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621