Package com.sun.identity.entitlement
Class PrivilegeIndexStore
- java.lang.Object
-
- com.sun.identity.entitlement.PrivilegeIndexStore
-
- Direct Known Subclasses:
OpenSSOIndexStore
public abstract class PrivilegeIndexStore extends Object
Privilege Index Store is responsible to storing privilege in a persistent data store.
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedPrivilegeIndexStore(Subject adminSubject, String realm)
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract voidadd(Set<IPrivilege> privileges)Adds a set of privileges to the data store.abstract voiddelete(String privilegeName)Deletes a privilege from data store.abstract Stringdelete(String privilegeName, boolean notify)Deletes a privilege from data store.abstract voiddelete(Set<IPrivilege> privilege)Deletes a set of privileges from data store.abstract voiddeleteReferral(String privilegeName)Deletes a referralprivilege from data store.abstract StringdeleteReferral(String privilegeName, boolean notify)Deletes a referralprivilege from data store.abstract List<Privilege>findAllPolicies()Finds all policies within the passed realm.abstract List<Privilege>findAllPoliciesByApplication(String application)Finds all policies within the passed realm and application.abstract List<Privilege>findAllPoliciesByIdentityUid(String uid)Finds all policies based on the identity uid, whether user or group uid.protected SubjectgetAdminSubject()static PrivilegeIndexStoregetInstance(Subject adminSubject, String realm)Returns an instance of the privilege index store.abstract IPrivilegegetPrivilege(String privilegeName)The single requested privilege, found within the context of this realm.protected StringgetRealm()abstract Set<String>getReferredResources(String applicationTypeName)Returns a set of resources that are referred to this realm.abstract booleanhasPrivilgesWithApplication(String realm, String applName)abstract Iterator<IPrivilege>search(String realm, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree)Returns an iterator of matching privilege objects.abstract Set<String>searchPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder)Returns a set of privilege names that matched a set of search criteria.abstract Set<String>searchReferralPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder)Returns a set of referral privilege names that matched a set of search criteria.
-
-
-
Method Detail
-
getAdminSubject
protected Subject getAdminSubject()
-
getRealm
protected String getRealm()
-
getInstance
public static PrivilegeIndexStore getInstance(Subject adminSubject, String realm)
Returns an instance of the privilege index store.- Parameters:
adminSubject- Admin Subject who has the privilege to write to index datastore.realm- Realm Name.- Returns:
- an instance of the privilege index store.
-
add
public abstract void add(Set<IPrivilege> privileges) throws EntitlementException
Adds a set of privileges to the data store. Proper indexes will be created to speed up policy evaluation.- Parameters:
privileges- Privileges to be added.- Throws:
EntitlementException- if addition failed.
-
delete
public abstract void delete(Set<IPrivilege> privilege) throws EntitlementException
Deletes a set of privileges from data store.- Parameters:
privilege- Privileges to be deleted.- Throws:
EntitlementException- if deletion failed.
-
delete
public abstract void delete(String privilegeName) throws EntitlementException
Deletes a privilege from data store.- Parameters:
privilegeName- name of privilege to be deleted.- Throws:
EntitlementException- if deletion failed.
-
deleteReferral
public abstract void deleteReferral(String privilegeName) throws EntitlementException
Deletes a referralprivilege from data store.- Parameters:
privilegeName- name of privilege to be deleted.- Throws:
EntitlementException- if deletion failed.
-
deleteReferral
public abstract String deleteReferral(String privilegeName, boolean notify) throws EntitlementException
Deletes a referralprivilege from data store.- Parameters:
privilegeName- name of privilege to be deleted.notify-trueto notify changes.- Throws:
EntitlementException- if deletion failed.
-
delete
public abstract String delete(String privilegeName, boolean notify) throws EntitlementException
Deletes a privilege from data store.- Parameters:
privilegeName- name of privilege to be deleted.notify-trueto notify changes.- Throws:
EntitlementException- if deletion failed.
-
search
public abstract Iterator<IPrivilege> search(String realm, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree) throws EntitlementException
Returns an iterator of matching privilege objects.- Parameters:
realm- Realm name.indexes- Resource search indexes.subjectIndexes- Subject search indexes.bSubTree-truefor sub tree evaluation.- Returns:
- an iterator of matching privilege objects.
- Throws:
EntitlementException- if results cannot be obtained.
-
getPrivilege
public abstract IPrivilege getPrivilege(String privilegeName)
The single requested privilege, found within the context of this realm.- Parameters:
privilegeName- Name of the privilege to return.- Returns:
- the matching privilege.
-
searchPrivilegeNames
public abstract Set<String> searchPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder) throws EntitlementException
Returns a set of privilege names that matched a set of search criteria.- Parameters:
filters- Set of search filter (criteria).boolAnd-trueto be inclusive.numOfEntries- Number of maximum search entries.sortResults-trueto have the result sorted.ascendingOrder-trueto have the result sorted in ascending order.- Returns:
- a set of privilege names that matched a set of search criteria.
- Throws:
EntitlementException- if search failed.
-
searchReferralPrivilegeNames
public abstract Set<String> searchReferralPrivilegeNames(Set<SearchFilter> filters, boolean boolAnd, int numOfEntries, boolean sortResults, boolean ascendingOrder) throws EntitlementException
Returns a set of referral privilege names that matched a set of search criteria.- Parameters:
filters- Set of search filter (criteria).boolAnd-trueto be inclusive.numOfEntries- Number of maximum search entries.sortResults-trueto have the result sorted.ascendingOrder-trueto have the result sorted in ascending order.- Returns:
- a set of referral privilege names that matched a set of search criteria.
- Throws:
EntitlementException- if search failed.
-
getReferredResources
public abstract Set<String> getReferredResources(String applicationTypeName) throws EntitlementException
Returns a set of resources that are referred to this realm.- Parameters:
applicationTypeName- Application type name,- Returns:
- a set of resources that are referred to this realm.
- Throws:
EntitlementException- if resources cannot be returned.
-
hasPrivilgesWithApplication
public abstract boolean hasPrivilgesWithApplication(String realm, String applName) throws EntitlementException
- Throws:
EntitlementException
-
findAllPolicies
public abstract List<Privilege> findAllPolicies() throws EntitlementException
Finds all policies within the passed realm.- Returns:
- list of matching policies
- Throws:
EntitlementException- should some error occur
-
findAllPoliciesByApplication
public abstract List<Privilege> findAllPoliciesByApplication(String application) throws EntitlementException
Finds all policies within the passed realm and application.- Parameters:
application- the application- Returns:
- list of matching policies
- Throws:
EntitlementException- should some error occur
-
findAllPoliciesByIdentityUid
public abstract List<Privilege> findAllPoliciesByIdentityUid(String uid) throws EntitlementException
Finds all policies based on the identity uid, whether user or group uid.- Parameters:
uid- identity uid- Returns:
- list of matching policies else an empty list
- Throws:
EntitlementException- should some query error occur
-
-