All Libraries   This Library  Package   Class  Use  Tree  Deprecated  Index  Grand Index  Help 
 Foundation 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sas.services.information.publicobject
Interface SecurityProcessorInterface

All Superinterfaces:
com.sas.services.information.publicobject.ProcessorInterface, java.rmi.Remote
public interface SecurityProcessorInterface
extends com.sas.services.information.publicobject.ProcessorInterface

This class provides an interface for client applications to query and manipulate the permissions on a metadata object. Most permission checks are going to be done against the currently logged in user. The IdentityInterface in those cases can be easily obtained by calling UserContextInterface.getPerson(). Other users can be retrieved by searching via the Information Service.

Field Summary
static java.lang.String NAME
          The name of this interface.
 
Method Summary
 void addPermissions(java.util.List identities, java.util.List permissions)
          Add a set of permissions for a set of identities for this metadata object.
 com.sas.services.security.Authorizer getAuthorizerType(IdentityInterface identity, PermissionInterface permission)
          Determine why a permission is granted or denied.
 java.util.List getIdentities()
          Get all the identities that are associated to this metadata object through permissions.
 PermissionInterface getPermission(IdentityInterface identity, PermissionInterface permission)
          Get a permission that matches the requested permission for the requested identity on this metadata object.
 java.util.List getPermissions(IdentityInterface identity)
          Get all the permissions that apply to this object.
 boolean isAuthorized(IdentityInterface identity, java.lang.String permission)
          Check for a specific permission on this object by the user that owns the connection to the repository.
 boolean isAuthorized(java.lang.String permission)
          Check for a specific permission on this object by the user that owns the connection to the repository.
 void removePermission(IdentityInterface identity, PermissionInterface permission)
          Remove permission matching the identity and permission.
 void removePermissions(java.util.List identities, java.util.List permissions)
          Remove permissions matching the identities and permission list.
 void setPermission(IdentityInterface identity, PermissionInterface permission)
          Set a new permission on this metadata object.
 

Field Detail

NAME

static final java.lang.String NAME
The name of this interface. This should be used when refering to this interface externally.

See Also:
Constant Field Values
Method Detail

getPermission

PermissionInterface getPermission(IdentityInterface identity,
                                  PermissionInterface permission)
                                  throws ServiceException,
                                         java.rmi.RemoteException
Get a permission that matches the requested permission for the requested identity on this metadata object. If none exists, return null.

Parameters:
identity - An IdentityInterface for the identity to find the permission for.
permission - The permission to look for.
Returns:
A matching Permission, or null if none was found.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

setPermission

void setPermission(IdentityInterface identity,
                   PermissionInterface permission)
                   throws ServiceException,
                          java.rmi.RemoteException
Set a new permission on this metadata object.

Parameters:
identity - An IdentityInterface for the identity for the new permission.
permission - The new permission to add.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

getPermissions

java.util.List getPermissions(IdentityInterface identity)
                              throws ServiceException,
                                     java.rmi.RemoteException
Get all the permissions that apply to this object.

Parameters:
identity - The identity to get permissions for.
Returns:
a List of com.sas.services.security.Permission objects that apply to this object.
Throws:
ServiceException - in the event of repository error.
java.rmi.RemoteException - in the event of remote object failure.

getIdentities

java.util.List getIdentities()
                             throws ServiceException,
                                    java.rmi.RemoteException
Get all the identities that are associated to this metadata object through permissions.

Returns:
a List of IdentityInterface objects that have some permission defined for this object.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

addPermissions

void addPermissions(java.util.List identities,
                    java.util.List permissions)
                    throws ServiceException,
                           java.rmi.RemoteException
Add a set of permissions for a set of identities for this metadata object. All the identities in the List will get all the permissions provided.

Parameters:
identities - A List of IdentityInterface objects for whom to set the provided permissions.
permissions - a List of com.sas.services.security.Permission objects that specify the permissions to set for these identities.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

removePermission

void removePermission(IdentityInterface identity,
                      PermissionInterface permission)
                      throws ServiceException,
                             java.rmi.RemoteException
Remove permission matching the identity and permission.

Parameters:
identity - The identity for whom to remove the permissions.
permission - The permissions to remove for the identity.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

removePermissions

void removePermissions(java.util.List identities,
                       java.util.List permissions)
                       throws ServiceException,
                              java.rmi.RemoteException
Remove permissions matching the identities and permission list.

Parameters:
identities - The identities for whom to remove the permissions.
permissions - The permissions to remove for the identities.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

isAuthorized

boolean isAuthorized(java.lang.String permission)
                     throws ServiceException,
                            java.rmi.RemoteException
Check for a specific permission on this object by the user that owns the connection to the repository.

Parameters:
permission - The permission string to check for.
Returns:
true if the permission is granted by the server, false otherwise.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

isAuthorized

boolean isAuthorized(IdentityInterface identity,
                     java.lang.String permission)
                     throws ServiceException,
                            java.rmi.RemoteException
Check for a specific permission on this object by the user that owns the connection to the repository.

Parameters:
identity - The Identity to test for permission to this object.
permission - The permission string to check for.
Returns:
true if the permission is granted by the server, false otherwise.
Throws:
ServiceException - if a repository error occurs.
java.rmi.RemoteException - in the event of remote object failure.

getAuthorizerType

com.sas.services.security.Authorizer getAuthorizerType(IdentityInterface identity,
                                                       PermissionInterface permission)
                                                       throws ServiceException,
                                                              java.rmi.RemoteException
Determine why a permission is granted or denied. The authorizer will report the permision is by direct ACE, by ACT, or inherited.

Parameters:
identity - The identity to check.
permission - The permission to check.
Returns:
An Authorizer object that is set to the appropriate value for the permission source.
Throws:
ServiceException - If a repository error occurs.
java.rmi.RemoteException - In the event of remote object failure.
 All Libraries   This Library  Package   Class  Use  Tree  Deprecated  Index  Grand Index  Help 
 Foundation 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2009 SAS Institute Inc. All Rights Reserved.