Package com.sun.identity.entitlement

Class Privilege

    • Field Detail

      • PRIVILEGE_CLASS_PROPERTY

        public static final String PRIVILEGE_CLASS_PROPERTY
        The system property defining the default Privilege sub-class to use when constructing new privilege instances.
        See Also:
        Constant Field Values

      • APPLICATION_SEARCH_ATTRIBUTE

        public static final SearchAttribute APPLICATION_SEARCH_ATTRIBUTE
        application search attribute

      • CREATED_BY_SEARCH_ATTRIBUTE

        public static final SearchAttribute CREATED_BY_SEARCH_ATTRIBUTE
        Created by search attribute

      • LAST_MODIFIED_BY_ATTRIBUTE

        public static final String LAST_MODIFIED_BY_ATTRIBUTE
        Last modified by index key
        See Also:
        Constant Field Values

      • LAST_MODIFIED_BY_SEARCH_ATTRIBUTE

        public static final SearchAttribute LAST_MODIFIED_BY_SEARCH_ATTRIBUTE
        Last modified by search attribute

      • CREATION_DATE_SEARCH_ATTRIBUTE

        public static final SearchAttribute CREATION_DATE_SEARCH_ATTRIBUTE
        Creation date index key

      • LAST_MODIFIED_DATE_ATTRIBUTE

        public static final String LAST_MODIFIED_DATE_ATTRIBUTE
        Last modified date index key
        See Also:
        Constant Field Values

      • LAST_MODIFIED_DATE_SEARCH_ATTRIBUTE

        public static final SearchAttribute LAST_MODIFIED_DATE_SEARCH_ATTRIBUTE
        Last modified date index key

      • NAME_SEARCH_ATTRIBUTE

        public static final SearchAttribute NAME_SEARCH_ATTRIBUTE
        Name search attribute

      • RESOURCE_TYPE_UUID_ATTRIBUTE

        public static final String RESOURCE_TYPE_UUID_ATTRIBUTE
        Resource type uuid reference.
        See Also:
        Constant Field Values

      • RESOURCE_TYPE_UUID_SEARCH_ATTRIBUTE

        public static final SearchAttribute RESOURCE_TYPE_UUID_SEARCH_ATTRIBUTE
        Resource type uuid reference.

      • RESOURCE_MACRO_ATTRIBUTE

        public static final String RESOURCE_MACRO_ATTRIBUTE
        Macro used in condition
        See Also:
        Constant Field Values

      • DESCRIPTION_ATTRIBUTE

        public static final String DESCRIPTION_ATTRIBUTE
        Privilege description attribute name,
        See Also:
        Constant Field Values

      • DESCRIPTION_SEARCH_ATTRIBUTE

        public static final SearchAttribute DESCRIPTION_SEARCH_ATTRIBUTE
        Privilege description search attribute name,

      • NOT_SUBJECT

        public static final NoSubject NOT_SUBJECT

    • Constructor Detail

      • Privilege

        public Privilege()

    • Method Detail

      • getName

        public String getName()
        Returns the name of the privilege.
        Specified by:
        getName in interface IPrivilege
        Returns:
        name of the privilege.

      • getDescription

        public String getDescription()
        Returns the description of the privilege.
        Returns:
        description of the privilege.

      • setDescription

        public void setDescription​(String description)
        Sets the description of the privilege.
        Parameters:
        description - Description of the privilege.

      • getSubject

        public EntitlementSubject getSubject()
        Returns the eSubject the privilege
        Returns:
        eSubject of the privilege.

      • getCondition

        public EntitlementCondition getCondition()
        Returns the eCondition the privilege
        Returns:
        eCondition of the privilege.

      • getResourceAttributes

        public Set<ResourceAttribute> getResourceAttributes()
        Returns the eResurceAttributes of the privilege
        Returns:
        eResourceAttributes of the privilege.

      • getEntitlement

        public Entitlement getEntitlement()
        Returns entitlement defined in the privilege
        Returns:
        entitlement defined in the privilege

      • setResourceTypeUuid

        public void setResourceTypeUuid​(String resourceTypeUuid)
        Sets the resource type uuid that this policy makes reference to.
        Parameters:
        resourceTypeUuid - the resource type uuid.

      • getResourceTypeUuid

        public String getResourceTypeUuid()
        Retrieves the resource type uuid that is associated with this policy.
        Returns:
        the resource type uuid

      • evaluate

        public abstract List<Entitlement> evaluate​(Subject adminSubject,
                                           String realm,
                                           Subject subject,
                                           String applicationName,
                                           String normalisedResourceName,
                                           String requestedResourceName,
                                           Set<String> actionNames,
                                           Map<String,​Set<String>> environment,
                                           boolean recursive,
                                           Object context)
                                    throws EntitlementException
        Returns a list of entitlement for a given subject, resource name and environment.
        Specified by:
        evaluate in interface IPrivilege
        Parameters:
        adminSubject - Admin Subject
        realm - Realm Name
        subject - Subject who is under evaluation.
        applicationName - Application name.
        normalisedResourceName - The normalised resource name.
        requestedResourceName - The requested resource name.
        actionNames - Set of action names.
        environment - Environment parameters.
        recursive - true to perform evaluation on sub resources from the given resource name.
        context - A security context
        Returns:
        a list of entitlement for a given subject, resource name and environment.
        Throws:
        EntitlementException - if the result cannot be determined.

      • toString

        public String toString()
        Returns string representation of the object
        Overrides:
        toString in class Object
        Returns:
        string representation of the object

      • toMinimalJSONObject

        public org.json.JSONObject toMinimalJSONObject()
                                        throws org.json.JSONException
        Throws:
        org.json.JSONException

      • toJSONObject

        public org.json.JSONObject toJSONObject()
                                 throws org.json.JSONException
        Returns JSONObject mapping of the object
        Returns:
        JSONObject mapping of the object
        Throws:
        org.json.JSONException - if can not map to JSONObject

      • init

        protected abstract void init​(org.json.JSONObject jo)

      • equals

        public boolean equals​(Object obj)
        Returns true if the passed in object is equal to this object
        Overrides:
        equals in class Object
        Parameters:
        obj - object to check for equality
        Returns:
        true if the passed in object is equal to this object

      • hashCode

        public int hashCode()
        Returns hash code of the object
        Overrides:
        hashCode in class Object
        Returns:
        hash code of the object

      • getCreationDate

        public long getCreationDate()
        Returns creation date.
        Returns:
        creation date.

      • setCreationDate

        public void setCreationDate​(long creationDate)
        Sets the creation date.
        Parameters:
        creationDate - creation date.

      • getLastModifiedDate

        public long getLastModifiedDate()
        Returns last modified date.
        Specified by:
        getLastModifiedDate in interface IPrivilege
        Returns:
        last modified date.

      • setLastModifiedDate

        public void setLastModifiedDate​(long lastModifiedDate)
        Sets the last modified date.
        Parameters:
        lastModifiedDate - last modified date.

      • getLastModifiedBy

        public String getLastModifiedBy()
        Returns the user ID who last modified the policy.
        Returns:
        user ID who last modified the policy.

      • setLastModifiedBy

        public void setLastModifiedBy​(String lastModifiedBy)
        Sets the user ID who last modified the policy.
        Parameters:
        lastModifiedBy - user ID who last modified the policy.

      • getCreatedBy

        public String getCreatedBy()
        Returns the user ID who created the policy.
        Returns:
        user ID who created the policy.

      • setCreatedBy

        public void setCreatedBy​(String createdBy)
        Sets the user ID who created the policy.
        Parameters:
        createdBy - user ID who created the policy.

      • canonicalizeResources

        public void canonicalizeResources​(Subject adminSubject,
                                  String realm)
                           throws EntitlementException
        Canonicalizes resource name before persistence.
        Parameters:
        adminSubject - Admin Subject.
        realm - Realm Name
        Throws:
        EntitlementException

      • setCondition

        public void setCondition​(EntitlementCondition condition)
        Sets condition.
        Parameters:
        condition - Condition.

      • setResourceAttributes

        public void setResourceAttributes​(Set<ResourceAttribute> set)
        Sets resource attributes.
        Parameters:
        set - Set of resource attribute.

      • isActive

        public boolean isActive()
        Returns true if this privilege is active.
        Returns:
        true if this privilege is active.

      • setActive

        public void setActive​(boolean active)
        Sets this privilege active/inactive.
        Parameters:
        active - true if this privilege is to be active.

      • setApplicationIndexes

        public void setApplicationIndexes​(Set<String> indexes)

      • getApplicationIndexes

        public Set<String> getApplicationIndexes()