com.sun.identity.entitlement

Class Entitlement

java.lang.Object

com.sun.identity.entitlement.Entitlement

public class Entitlement
extends Object

This class encapsulates entitlement of a subject.

Example of how to use this class

     Set set = new HashSet();
     set.add("GET");
     Evaluator evaluator = new Evaluator(adminToken);
     boolean isAllowed = evaluator.hasEntitlement(subject,
         new Entitlement("http://www.sun.com/example", set),
         Collections.EMPTY_MAP);
 

Or do a sub tree search like this.

     Evaluator evaluator = new Evaluator(adminToken);
     List<Entitlement> entitlements = evaluator.getEntitlements(
         subject, "http://www.sun.com", Collections.EMPTY_MAP, true);
     for (Entitlement e : entitlements) {
         String resource = e.getResourceNames();
         boolean isAllowed =((Boolean)e.getActionValue("GET")).booleanValue();
         ...
     }
 

Constructor Summary

Constructors

Constructor and Description
Entitlement() Creates an entitlement object with default service name.
Entitlement(org.json.JSONObject jo)
Entitlement(Set<String> resourceNames, Set<String> actionNames) Creates an entitlement object.
Entitlement(String resourceName, Map<String,Boolean> actionValues) Creates an entitlement object.
Entitlement(String resourceName, Set<String> actionNames) Creates an entitlement object.
Entitlement(String applicationName, Set<String> resourceNames, Map<String,Boolean> actionValues) Creates an entitlement object.
Entitlement(String applicationName, String resourceName, Map<String,Boolean> actionValues) Creates an entitlement object.
Entitlement(String applicationName, String resourceName, Set<String> actionNames) Creates an entitlement object.

Method Summary

Modifier and Type	Method and Description
void	canonicalizeResources(Subject adminSubject, String realm) Canonicalizes resource name before persistence.
void	clearCache() Sets this entitlement's current application to null.
boolean	equals(Object obj) Returns true if the passed in object is equal to this object
Set<String>	evaluate(Subject adminSubject, String realm, Subject subject, String applicationName, String resourceName, Set<String> actionNames, Map<String,Set<String>> environment, boolean recursive) Returns a set of resource names that match the given resource.
Boolean	getActionValue(String name) Returns action value.
Map<String,Boolean>	getActionValues() Returns action values.
Set<Object>	getActionValues(String name) Returns action values.
Map<String,Set<String>>	getAdvices() Returns advices.
Application	getApplication(Subject adminSubject, String realm) Returns application for this entitlement.
String	getApplicationName() Returns application name.
Map<String,Set<String>>	getAttributes() Returns attributes.
protected Set<String>	getMatchingResources(Subject adminSubject, String realm, Subject subject, String applicationName, String resourceName, boolean recursive)
String	getName() Returns the name of the entitlement
String	getRequestedResourceName() Returns non normalised resource name.
Set<String>	getRequestedResourceNames() Returns non normalised resource names.
String	getResourceName() Returns resource name.
Set<String>	getResourceNames() Returns resource names.
ResourceSaveIndexes	getResourceSaveIndexes(Subject adminSubject, String realm) Returns resource save indexes.
ResourceSearchIndexes	getResourceSearchIndexes(Subject adminSubject, String realm) Returns resource search indexes.
long	getTTL() Returns the TTL
boolean	hasAdvice()
int	hashCode() Returns hash code of the object
void	setActionName(String actionName) Sets action name
void	setActionNames(Set<String> actionNames) Sets action names
void	setActionValues(Map<String,Boolean> actionValues) Sets action values map.
void	setAdvices(Map<String,Set<String>> advices) Sets advices.
void	setApplicationName(String applicationName) Sets application name.
void	setAttributes(Map<String,Set<String>> attributes) Sets attributes.
void	setName(String name) Sets the name of the entitlement
void	setRequestedResourceName(String requestedResourceName) Sets non normalised resource name.
void	setRequestedResourceNames(Set<String> requestedResourceNames) Sets the non normalised resource names.
void	setResourceName(String resourceName) Sets resource name.
void	setResourceNames(Set<String> resourceNames) Sets resource names.
void	setTTL(long ttl) Sets this entitlements TTL
org.json.JSONObject	toJSONObject() Returns JSONObject mapping of the object
String	toString() Returns string representation of the object

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

Entitlement

public Entitlement()

Creates an entitlement object with default service name.

Entitlement

public Entitlement(org.json.JSONObject jo)
            throws org.json.JSONException

Throws:

org.json.JSONException

Entitlement

public Entitlement(Set<String> resourceNames,
                   Set<String> actionNames)

Creates an entitlement object.

Parameters:

resourceNames - Resource names.

actionNames - Set of action names.

Entitlement

public Entitlement(String resourceName,
                   Set<String> actionNames)

Creates an entitlement object.

Parameters:

resourceName - Resource name.

actionNames - Set of action names.

Entitlement

public Entitlement(String applicationName,
                   String resourceName,
                   Set<String> actionNames)

Creates an entitlement object.

Parameters:

applicationName - Application name.

resourceName - Resource name.

actionNames - Set of action names.

Entitlement

public Entitlement(String resourceName,
                   Map<String,Boolean> actionValues)

Creates an entitlement object.

Parameters:

resourceName - Resource namess.

actionValues - Map of action name to set of values.

Entitlement

public Entitlement(String applicationName,
                   String resourceName,
                   Map<String,Boolean> actionValues)

Creates an entitlement object.

Parameters:

applicationName - applicationName

resourceName - Resource namess.

actionValues - Map of action name to set of values.

Entitlement

public Entitlement(String applicationName,
                   Set<String> resourceNames,
                   Map<String,Boolean> actionValues)

Creates an entitlement object.

Parameters:

applicationName - Application name.

resourceNames - Resource names.

actionValues - Map of action name to set of values.

Method Detail

setName

public void setName(String name)

Sets the name of the entitlement

Parameters:

name - the name of the entitlement

getName

public String getName()

Returns the name of the entitlement

Returns:

the name of the entitlement

setResourceNames

public void setResourceNames(Set<String> resourceNames)

Sets resource names.

Parameters:

resourceNames - Resource Names.

getResourceNames

public Set<String> getResourceNames()

Returns resource names.

Returns:

resource names.

setResourceName

public void setResourceName(String resourceName)

Sets resource name.

Parameters:

resourceName - Resource Name.

getResourceName

public String getResourceName()

Returns resource name.

Returns:

resource names.

setRequestedResourceNames

public void setRequestedResourceNames(Set<String> requestedResourceNames)

Sets the non normalised resource names.

Parameters:

requestedResourceNames - Non normalised resource names.

getRequestedResourceNames

public Set<String> getRequestedResourceNames()

Returns non normalised resource names. If this has not been set the resource names (which is most probably normalised) will be returned.

Returns:

Non normalised resource names or if that has not been set, the normalised resource names.

setRequestedResourceName

public void setRequestedResourceName(String requestedResourceName)

Sets non normalised resource name.

Parameters:

requestedResourceName - Non normalised resource name.

getRequestedResourceName

public String getRequestedResourceName()

Returns non normalised resource name. If this has not been set the resource name (which is most probably normalised) will be returned.

Returns:

Non normalised resource name or if that has not been set, the normalised resource name.

getApplicationName

public String getApplicationName()

Returns application name.

Returns:

application name.

setApplicationName

public void setApplicationName(String applicationName)

Sets application name.

Parameters:

applicationName - application name.

setActionName

public void setActionName(String actionName)

Sets action name

Parameters:

actionName - Action name.

setActionNames

public void setActionNames(Set<String> actionNames)

Sets action names

Parameters:

actionNames - Set of action names.

setActionValues

public void setActionValues(Map<String,Boolean> actionValues)

Sets action values map.

Parameters:

actionValues - Action values.

getActionValue

public Boolean getActionValue(String name)

Returns action value.

Parameters:

name - Name of the action.

Returns:

action values.

getActionValues

public Map<String,Boolean> getActionValues()

Returns action values.

Returns:

action values.

getActionValues

public Set<Object> getActionValues(String name)

Returns action values.

Parameters:

name - Name of the action.

Returns:

action values.

setAdvices

public void setAdvices(Map<String,Set<String>> advices)

Sets advices.

Parameters:

advices - Advices.

getAdvices

public Map<String,Set<String>> getAdvices()

Returns advices.

Returns:

Advices.

hasAdvice

public boolean hasAdvice()

Returns:

Whether this entitlement has any advice.

setAttributes

public void setAttributes(Map<String,Set<String>> attributes)

Sets attributes.

Parameters:

attributes - Attributes.

getAttributes

public Map<String,Set<String>> getAttributes()

Returns attributes.

Returns:

Attributes.

setTTL

public void setTTL(long ttl)

Sets this entitlements TTL

Parameters:

ttl - The TTL to set

getTTL

public long getTTL()

Returns the TTL

Returns:

The TTL in ms

evaluate

public Set<String> evaluate(Subject adminSubject,
                            String realm,
                            Subject subject,
                            String applicationName,
                            String resourceName,
                            Set<String> actionNames,
                            Map<String,Set<String>> environment,
                            boolean recursive)
                     throws EntitlementException

Returns a set of resource names that match the given resource.

Parameters:

adminSubject - Admin Subject.

realm - Realm Name

subject - Subject who is under evaluation.

applicationName - application name.

resourceName - Resource name.

environment - Environment parameters.

Returns:

a set of resource names that match the given resource.

Throws:

EntitlementException - if resource names cannot be returned.

getMatchingResources

protected Set<String> getMatchingResources(Subject adminSubject,
                                           String realm,
                                           Subject subject,
                                           String applicationName,
                                           String resourceName,
                                           boolean recursive)
                                    throws EntitlementException

Throws:

EntitlementException

toString

public String toString()

Returns string representation of the object

Overrides:

toString in class Object

Returns:

string representation of the object

toJSONObject

public org.json.JSONObject toJSONObject()
                                 throws org.json.JSONException

Returns JSONObject mapping of the object

Returns:

JSONObject mapping of the object

Throws:

org.json.JSONException - if can not map to JSONObject

equals

public boolean equals(Object obj)

Returns true if the passed in object is equal to this object

Overrides:

equals in class Object

Parameters:

obj - object to check for equality

Returns:

true if the passed in object is equal to this object

hashCode

public int hashCode()

Returns hash code of the object

Overrides:

hashCode in class Object

Returns:

hash code of the object

getResourceSearchIndexes

public ResourceSearchIndexes getResourceSearchIndexes(Subject adminSubject,
                                                      String realm)
                                               throws EntitlementException

Returns resource search indexes.

Parameters:

adminSubject - Admin Subject.

realm - Realm Name

Returns:

resource search indexes.

Throws:

EntitlementException

getResourceSaveIndexes

public ResourceSaveIndexes getResourceSaveIndexes(Subject adminSubject,
                                                  String realm)
                                           throws EntitlementException

Returns resource save indexes.

Parameters:

adminSubject - Admin Subject.

realm - Realm Name

Returns:

resource save indexes.

Throws:

EntitlementException

clearCache

public void clearCache()

Sets this entitlement's current application to null. For ensuring that we read the Application fresh from its store next time we access it.

getApplication

public Application getApplication(Subject adminSubject,
                                  String realm)
                           throws EntitlementException

Returns application for this entitlement.

Parameters:

adminSubject - Admin Subject.

realm - Realm Name

Returns:

application for this entitlement.

Throws:

EntitlementException

canonicalizeResources

public void canonicalizeResources(Subject adminSubject,
                                  String realm)
                           throws EntitlementException

Canonicalizes resource name before persistence.

Parameters:

adminSubject - Admin Subject.

realm - Realm Name

Throws:

EntitlementException