com.sun.identity.entitlement

Class PrivilegeIndexStore

java.lang.Object

com.sun.identity.entitlement.PrivilegeIndexStore

Direct Known Subclasses:

OpenSSOIndexStore

public abstract class PrivilegeIndexStore
extends Object

Privilege Index Store is responsible to storing privilege in a persistent data store.

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	PrivilegeIndexStore(Subject adminSubject, String realm)

Method Summary

Modifier and Type	Method and Description
abstract void	add(Set<IPrivilege> privileges) Adds a set of privileges to the data store.
abstract void	delete(Set<IPrivilege> privilege) Deletes a set of privileges from data store.
abstract void	delete(String privilegeName) Deletes a privilege from data store.
abstract String	delete(String privilegeName, boolean notify) Deletes a privilege from data store.
abstract void	deleteReferral(String privilegeName) Deletes a referralprivilege from data store.
abstract String	deleteReferral(String privilegeName, boolean notify) Deletes a referralprivilege from data store.
abstract List<Privilege>	findAllPolicies() Finds all policies within the passed realm.
abstract List<Privilege>	findAllPoliciesByApplication(String application) Finds all policies within the passed realm and application.
abstract List<Privilege>	findAllPoliciesByIdentityUid(String uid) Finds all policies based on the identity uid, whether user or group uid.
protected Subject	getAdminSubject()
static PrivilegeIndexStore	getInstance(Subject adminSubject, String realm) Returns an instance of the privilege index store.
abstract IPrivilege	getPrivilege(String privilegeName) The single requested privilege, found within the context of this realm.
protected String	getRealm()
abstract Set<String>	getReferredResources(String applicationTypeName) Returns a set of resources that are referred to this realm.
abstract boolean	hasPrivilgesWithApplication(String realm, String applName)
abstract Iterator<IPrivilege>	search(String realm, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree) Returns an iterator of matching privilege objects.
abstract Set<String>	searchPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder) Returns a set of privilege names that matched a set of search criteria.
abstract Set<String>	searchReferralPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder) Returns a set of referral privilege names that matched a set of search criteria.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PrivilegeIndexStore

protected PrivilegeIndexStore(Subject adminSubject,
                              String realm)

Method Detail

getAdminSubject

protected Subject getAdminSubject()

getRealm

protected String getRealm()

getInstance

public static PrivilegeIndexStore getInstance(Subject adminSubject,
                                              String realm)

Returns an instance of the privilege index store.

Parameters:

adminSubject - Admin Subject who has the privilege to write to index datastore.

realm - Realm Name.

Returns:

an instance of the privilege index store.

add

public abstract void add(Set<IPrivilege> privileges)
                  throws EntitlementException

Adds a set of privileges to the data store. Proper indexes will be created to speed up policy evaluation.

Parameters:

privileges - Privileges to be added.

Throws:

EntitlementException - if addition failed.

delete

public abstract void delete(Set<IPrivilege> privilege)
                     throws EntitlementException

Deletes a set of privileges from data store.

Parameters:

privilege - Privileges to be deleted.

Throws:

EntitlementException - if deletion failed.

delete

public abstract void delete(String privilegeName)
                     throws EntitlementException

Deletes a privilege from data store.

Parameters:

privilegeName - name of privilege to be deleted.

Throws:

EntitlementException - if deletion failed.

deleteReferral

public abstract void deleteReferral(String privilegeName)
                             throws EntitlementException

Deletes a referralprivilege from data store.

Parameters:

privilegeName - name of privilege to be deleted.

Throws:

EntitlementException - if deletion failed.

deleteReferral

public abstract String deleteReferral(String privilegeName,
                                      boolean notify)
                               throws EntitlementException

Deletes a referralprivilege from data store.

Parameters:

privilegeName - name of privilege to be deleted.

notify - true to notify changes.

Throws:

EntitlementException - if deletion failed.

delete

public abstract String delete(String privilegeName,
                              boolean notify)
                       throws EntitlementException

Deletes a privilege from data store.

Parameters:

privilegeName - name of privilege to be deleted.

notify - true to notify changes.

Throws:

EntitlementException - if deletion failed.

search

public abstract Iterator<IPrivilege> search(String realm,
                                            ResourceSearchIndexes indexes,
                                            Set<String> subjectIndexes,
                                            boolean bSubTree)
                                     throws EntitlementException

Returns an iterator of matching privilege objects.

Parameters:

realm - Realm name.

indexes - Resource search indexes.

subjectIndexes - Subject search indexes.

bSubTree - true for sub tree evaluation.

Returns:

an iterator of matching privilege objects.

Throws:

EntitlementException - if results cannot be obtained.

getPrivilege

public abstract IPrivilege getPrivilege(String privilegeName)

The single requested privilege, found within the context of this realm.

Parameters:

privilegeName - Name of the privilege to return.

Returns:

the matching privilege.

searchPrivilegeNames

public abstract Set<String> searchPrivilegeNames(Set<SearchFilter> filters,
                                                 boolean boolAnd,
                                                 int numOfEntries,
                                                 boolean sortResults,
                                                 boolean ascendingOrder)
                                          throws EntitlementException

Returns a set of privilege names that matched a set of search criteria.

Parameters:

filters - Set of search filter (criteria).

boolAnd - true to be inclusive.

numOfEntries - Number of maximum search entries.

sortResults - true to have the result sorted.

ascendingOrder - true to have the result sorted in ascending order.

Returns:

a set of privilege names that matched a set of search criteria.

Throws:

EntitlementException - if search failed.

searchReferralPrivilegeNames

public abstract Set<String> searchReferralPrivilegeNames(Set<SearchFilter> filters,
                                                         boolean boolAnd,
                                                         int numOfEntries,
                                                         boolean sortResults,
                                                         boolean ascendingOrder)
                                                  throws EntitlementException

Returns a set of referral privilege names that matched a set of search criteria.

Parameters:

filters - Set of search filter (criteria).

boolAnd - true to be inclusive.

numOfEntries - Number of maximum search entries.

sortResults - true to have the result sorted.

ascendingOrder - true to have the result sorted in ascending order.

Returns:

a set of referral privilege names that matched a set of search criteria.

Throws:

EntitlementException - if search failed.

getReferredResources

public abstract Set<String> getReferredResources(String applicationTypeName)
                                          throws EntitlementException

Returns a set of resources that are referred to this realm.

Parameters:

applicationTypeName - Application type name,

Returns:

a set of resources that are referred to this realm.

Throws:

EntitlementException - if resources cannot be returned.

hasPrivilgesWithApplication

public abstract boolean hasPrivilgesWithApplication(String realm,
                                                    String applName)
                                             throws EntitlementException

Throws:

EntitlementException

findAllPolicies

public abstract List<Privilege> findAllPolicies()
                                         throws EntitlementException

Finds all policies within the passed realm.

Returns:

list of matching policies

Throws:

EntitlementException - should some error occur

findAllPoliciesByApplication

public abstract List<Privilege> findAllPoliciesByApplication(String application)
                                                      throws EntitlementException

Finds all policies within the passed realm and application.

Parameters:

application - the application

Returns:

list of matching policies

Throws:

EntitlementException - should some error occur

findAllPoliciesByIdentityUid

public abstract List<Privilege> findAllPoliciesByIdentityUid(String uid)
                                                      throws EntitlementException

Finds all policies based on the identity uid, whether user or group uid.

Parameters:

uid - identity uid

Returns:

list of matching policies else an empty list

Throws:

EntitlementException - should some query error occur