Package com.sun.identity.entitlement

Class Entitlement

  • public class Entitlement
extends Object
    This class encapsulates entitlement of a subject.

    Example of how to use this class 

         Set set = new HashSet();
     set.add("GET");
     Evaluator evaluator = new Evaluator(adminToken);
     boolean isAllowed = evaluator.hasEntitlement(subject,
         new Entitlement("http://www.sun.com/example", set),
         Collections.EMPTY_MAP);
    Or do a sub tree search like this. 
         Evaluator evaluator = new Evaluator(adminToken);
     List<Entitlement> entitlements = evaluator.getEntitlements(
         subject, "http://www.sun.com", Collections.EMPTY_MAP, true);
     for (Entitlement e : entitlements) {
         String resource = e.getResourceNames();
         boolean isAllowed =((Boolean)e.getActionValue("GET")).booleanValue();
         ...
     }

    • Constructor Detail

      • Entitlement

        public Entitlement()
        Creates an entitlement object with default service name.

      • Entitlement

        public Entitlement​(org.json.JSONObject jo)
            throws org.json.JSONException
        Throws:
        org.json.JSONException

      • Entitlement

        public Entitlement​(Set<String> resourceNames,
                   Set<String> actionNames)
        Creates an entitlement object.
        Parameters:
        resourceNames - Resource names.
        actionNames - Set of action names.

      • Entitlement

        public Entitlement​(String resourceName,
                   Set<String> actionNames)
        Creates an entitlement object.
        Parameters:
        resourceName - Resource name.
        actionNames - Set of action names.

      • Entitlement

        public Entitlement​(String applicationName,
                   String resourceName,
                   Set<String> actionNames)
        Creates an entitlement object.
        Parameters:
        applicationName - Application name.
        resourceName - Resource name.
        actionNames - Set of action names.

      • Entitlement

        public Entitlement​(String resourceName,
                   Map<String,​Boolean> actionValues)
        Creates an entitlement object.
        Parameters:
        resourceName - Resource namess.
        actionValues - Map of action name to set of values.

      • Entitlement

        public Entitlement​(String applicationName,
                   String resourceName,
                   Map<String,​Boolean> actionValues)
        Creates an entitlement object.
        Parameters:
        applicationName - applicationName
        resourceName - Resource namess.
        actionValues - Map of action name to set of values.

      • Entitlement

        public Entitlement​(String applicationName,
                   Set<String> resourceNames,
                   Map<String,​Boolean> actionValues)
        Creates an entitlement object.
        Parameters:
        applicationName - Application name.
        resourceNames - Resource names.
        actionValues - Map of action name to set of values.

    • Method Detail

      • setName

        public void setName​(String name)
        Sets the name of the entitlement
        Parameters:
        name - the name of the entitlement

      • getName

        public String getName()
        Returns the name of the entitlement
        Returns:
        the name of the entitlement

      • setResourceNames

        public void setResourceNames​(Set<String> resourceNames)
        Sets resource names.
        Parameters:
        resourceNames - Resource Names.

      • getResourceNames

        public Set<String> getResourceNames()
        Returns resource names.
        Returns:
        resource names.

      • setResourceName

        public void setResourceName​(String resourceName)
        Sets resource name.
        Parameters:
        resourceName - Resource Name.

      • getResourceName

        public String getResourceName()
        Returns resource name.
        Returns:
        resource names.

      • setRequestedResourceNames

        public void setRequestedResourceNames​(Set<String> requestedResourceNames)
        Sets the non normalised resource names.
        Parameters:
        requestedResourceNames - Non normalised resource names.

      • getRequestedResourceNames

        public Set<String> getRequestedResourceNames()
        Returns non normalised resource names. If this has not been set the resource names (which is most probably normalised) will be returned.
        Returns:
        Non normalised resource names or if that has not been set, the normalised resource names.

      • setRequestedResourceName

        public void setRequestedResourceName​(String requestedResourceName)
        Sets non normalised resource name.
        Parameters:
        requestedResourceName - Non normalised resource name.

      • getRequestedResourceName

        public String getRequestedResourceName()
        Returns non normalised resource name. If this has not been set the resource name (which is most probably normalised) will be returned.
        Returns:
        Non normalised resource name or if that has not been set, the normalised resource name.

      • getApplicationName

        public String getApplicationName()
        Returns application name.
        Returns:
        application name.

      • setApplicationName

        public void setApplicationName​(String applicationName)
        Sets application name.
        Parameters:
        applicationName - application name.

      • setActionName

        public void setActionName​(String actionName)
        Sets action name
        Parameters:
        actionName - Action name.

      • setActionNames

        public void setActionNames​(Set<String> actionNames)
        Sets action names
        Parameters:
        actionNames - Set of action names.

      • setActionValues

        public void setActionValues​(Map<String,​Boolean> actionValues)
        Sets action values map.
        Parameters:
        actionValues - Action values.

      • getActionValue

        public Boolean getActionValue​(String name)
        Returns action value.
        Parameters:
        name - Name of the action.
        Returns:
        action values.

      • getActionValues

        public Map<String,​Boolean> getActionValues()
        Returns action values.
        Returns:
        action values.

      • getActionValues

        public Set<Object> getActionValues​(String name)
        Returns action values.
        Parameters:
        name - Name of the action.
        Returns:
        action values.

      • setAdvices

        public void setAdvices​(Map<String,​Set<String>> advices)
        Sets advices.
        Parameters:
        advices - Advices.

      • getAdvices

        public Map<String,​Set<String>> getAdvices()
        Returns advices.
        Returns:
        Advices.

      • hasAdvice

        public boolean hasAdvice()
        Returns:
        Whether this entitlement has any advice.

      • setAttributes

        public void setAttributes​(Map<String,​Set<String>> attributes)
        Sets attributes.
        Parameters:
        attributes - Attributes.

      • getAttributes

        public Map<String,​Set<String>> getAttributes()
        Returns attributes.
        Returns:
        Attributes.

      • setTTL

        public void setTTL​(long ttl)
        Sets this entitlements TTL
        Parameters:
        ttl - The TTL to set

      • getTTL

        public long getTTL()
        Returns the TTL
        Returns:
        The TTL in ms

      • evaluate

        public Set<String> evaluate​(Subject adminSubject,
                            String realm,
                            Subject subject,
                            String applicationName,
                            String resourceName,
                            Set<String> actionNames,
                            Map<String,​Set<String>> environment,
                            boolean recursive)
                     throws EntitlementException
        Returns a set of resource names that match the given resource.
        Parameters:
        adminSubject - Admin Subject.
        realm - Realm Name
        subject - Subject who is under evaluation.
        applicationName - application name.
        resourceName - Resource name.
        environment - Environment parameters.
        Returns:
        a set of resource names that match the given resource.
        Throws:
        EntitlementException - if resource names cannot be returned.

      • toString

        public String toString()
        Returns string representation of the object
        Overrides:
        toString in class Object
        Returns:
        string representation of the object

      • toJSONObject

        public org.json.JSONObject toJSONObject()
                                 throws org.json.JSONException
        Returns JSONObject mapping of the object
        Returns:
        JSONObject mapping of the object
        Throws:
        org.json.JSONException - if can not map to JSONObject

      • equals

        public boolean equals​(Object obj)
        Returns true if the passed in object is equal to this object
        Overrides:
        equals in class Object
        Parameters:
        obj - object to check for equality
        Returns:
        true if the passed in object is equal to this object

      • hashCode

        public int hashCode()
        Returns hash code of the object
        Overrides:
        hashCode in class Object
        Returns:
        hash code of the object

      • clearCache

        public void clearCache()
        Sets this entitlement's current application to null. For ensuring that we read the Application fresh from its store next time we access it.

      • canonicalizeResources

        public void canonicalizeResources​(Subject adminSubject,
                                  String realm)
                           throws EntitlementException
        Canonicalizes resource name before persistence.
        Parameters:
        adminSubject - Admin Subject.
        realm - Realm Name
        Throws:
        EntitlementException