Package com.sas.services.information.publicobject

Interface SecurityProcessorInterface

All Superinterfaces:
com.sas.services.information.publicobject.ProcessorInterface, Remote
public interface SecurityProcessorInterface extends ProcessorInterface
This class provides an interface for client applications to query and manipulate the permissions on a metadata object. Most permission checks are going to be done against the currently logged in user. The IdentityInterface in those cases can be easily obtained by calling UserContextInterface.getPerson(). Other users can be retrieved by searching via the Information Service.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    NAME
    The name of this interface.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addPermissions(List identities, List permissions)
    Add a set of permissions for a set of identities for this metadata object.
    Authorizer
    getAuthorizerType(IdentityInterface identity, PermissionInterface permission)
    Determine why a permission is granted or denied.
    List
    getIdentities()
    Get all the identities that are associated to this metadata object through permissions.
    PermissionInterface
    getPermission(IdentityInterface identity, PermissionInterface permission)
    Get a permission that matches the requested permission for the requested identity on this metadata object.
    List
    getPermissions(IdentityInterface identity)
    Get all the permissions that apply to this object.
    boolean
    isAuthorized(IdentityInterface identity, String permission)
    Check for a specific permission on this object by the user that owns the connection to the repository.
    boolean
    isAuthorized(String permission)
    Check for a specific permission on this object by the user that owns the connection to the repository.
    void
    removePermission(IdentityInterface identity, PermissionInterface permission)
    Remove permission matching the identity and permission.
    void
    removePermissions(List identities, List permissions)
    Remove permissions matching the identities and permission list.
    void
    setPermission(IdentityInterface identity, PermissionInterface permission)
    Set a new permission on this metadata object.

    Methods inherited from interface com.sas.services.information.publicobject.ProcessorInterface

    destroy, getPublicObject

  • Field Details

    • NAME

      static final String NAME
      The name of this interface. This should be used when refering to this interface externally.
      See Also:

  • Method Details

    • getPermission

      PermissionInterface getPermission(IdentityInterface identity, PermissionInterface permission) throws ServiceException, RemoteException
      Get a permission that matches the requested permission for the requested identity on this metadata object. If none exists, return null.
      Parameters:
      identity - An IdentityInterface for the identity to find the permission for.
      permission - The permission to look for.
      Returns:
      A matching Permission, or null if none was found.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • setPermission

      void setPermission(IdentityInterface identity, PermissionInterface permission) throws ServiceException, RemoteException
      Set a new permission on this metadata object.
      Parameters:
      identity - An IdentityInterface for the identity for the new permission.
      permission - The new permission to add.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • getPermissions

      List getPermissions(IdentityInterface identity) throws ServiceException, RemoteException
      Get all the permissions that apply to this object.
      Parameters:
      identity - The identity to get permissions for.
      Returns:
      a List of com.sas.services.security.Permission objects that apply to this object.
      Throws:
      ServiceException - in the event of repository error.
      RemoteException - in the event of remote object failure.

    • getIdentities

      List getIdentities() throws ServiceException, RemoteException
      Get all the identities that are associated to this metadata object through permissions.
      Returns:
      a List of IdentityInterface objects that have some permission defined for this object.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • addPermissions

      void addPermissions(List identities, List permissions) throws ServiceException, RemoteException
      Add a set of permissions for a set of identities for this metadata object. All the identities in the List will get all the permissions provided.
      Parameters:
      identities - A List of IdentityInterface objects for whom to set the provided permissions.
      permissions - a List of com.sas.services.security.Permission objects that specify the permissions to set for these identities.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • removePermission

      void removePermission(IdentityInterface identity, PermissionInterface permission) throws ServiceException, RemoteException
      Remove permission matching the identity and permission.
      Parameters:
      identity - The identity for whom to remove the permissions.
      permission - The permissions to remove for the identity.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • removePermissions

      void removePermissions(List identities, List permissions) throws ServiceException, RemoteException
      Remove permissions matching the identities and permission list.
      Parameters:
      identities - The identities for whom to remove the permissions.
      permissions - The permissions to remove for the identities.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • isAuthorized

      boolean isAuthorized(String permission) throws ServiceException, RemoteException
      Check for a specific permission on this object by the user that owns the connection to the repository.
      Parameters:
      permission - The permission string to check for.
      Returns:
      true if the permission is granted by the server, false otherwise.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • isAuthorized

      boolean isAuthorized(IdentityInterface identity, String permission) throws ServiceException, RemoteException
      Check for a specific permission on this object by the user that owns the connection to the repository.
      Parameters:
      identity - The Identity to test for permission to this object.
      permission - The permission string to check for.
      Returns:
      true if the permission is granted by the server, false otherwise.
      Throws:
      ServiceException - if a repository error occurs.
      RemoteException - in the event of remote object failure.

    • getAuthorizerType

      Authorizer getAuthorizerType(IdentityInterface identity, PermissionInterface permission) throws ServiceException, RemoteException
      Determine why a permission is granted or denied. The authorizer will report the permision is by direct ACE, by ACT, or inherited.
      Parameters:
      identity - The identity to check.
      permission - The permission to check.
      Returns:
      An Authorizer object that is set to the appropriate value for the permission source.
      Throws:
      ServiceException - If a repository error occurs.
      RemoteException - In the event of remote object failure.