Package com.sun.identity.entitlement

Class PrivilegeManager

java.lang.Object

com.sun.identity.entitlement.PrivilegeManager

All Implemented Interfaces:

IPrivilegeManager<Privilege>

Direct Known Subclasses:

PolicyPrivilegeManager

public abstract class PrivilegeManager
extends Object
implements IPrivilegeManager<Privilege>

Class to manage entitlement privileges: to add, remove, modify privilege

Field Summary

Fields

Modifier and Type	Field	Description
static Debug	debug	Debug for Policy Administration Point classes
static Subject	superAdminSubject

Constructor Summary

Constructors

Constructor	Description
PrivilegeManager(ApplicationServiceFactory applicationServiceFactory, ResourceTypeService resourceTypeService, ConstraintValidator validator)	Constructor.

Method Summary

Modifier and Type	Method	Description
void	add(Privilege privilege)	Add a privilege.
boolean	canFindByName(String name)	Checks if a privilege with the specified name can be found.
abstract List<Privilege>	findAllPolicies()	Finds all policies within the realm.
abstract List<Privilege>	findAllPoliciesByApplication(String application)	Finds all policies within the realm and passed application.
abstract List<Privilege>	findAllPoliciesByIdentityUid(String uid)	Finds all policies based on the identity uid, whether user or group uid.
abstract Privilege	findByName(String name, Subject subject)	Returns a privilege.
protected Subject	getAdminSubject()
static PrivilegeManager	getInstance(String realm, Subject subject)	Returns instance of configured PrivilegeManager
String	getRealm()	Returns realm name.
void	initialize(String realm, Subject subject)	Initializes the object.
static boolean	isNameValid(String target)
abstract void	modify(String existingName, Privilege privilege)	Modifies the specified policy.
protected abstract void	notifyPrivilegeChanged(String realm, Privilege previous, Privilege current, PolicyEventType eventType)
List<Privilege>	search(Set<SearchFilter> filter)	Returns a set of privileges that match the given search criteria with no size or time limits.
List<Privilege>	search(Set<SearchFilter> filter, int searchSizeLimit, int searchTimeLimit)	Returns a set of privileges that match the given search criteria.
Set<String>	searchNames(Set<SearchFilter> filter)	Returns a set of privilege names for a given search criteria.
Set<String>	searchNames(Set<SearchFilter> filter, int searchSizeLimit, int searchTimeLimit)	Returns a set of privilege names for a given search criteria.
protected void	validate(Privilege privilege)	Validates the passed policy.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.sun.identity.entitlement.IPrivilegeManager

findByName, modify, remove

Field Detail

debug

public static final Debug debug

Debug for Policy Administration Point classes

superAdminSubject

public static final Subject superAdminSubject

Constructor Detail

PrivilegeManager

public PrivilegeManager(ApplicationServiceFactory applicationServiceFactory,
                        ResourceTypeService resourceTypeService,
                        ConstraintValidator validator)

Constructor.

Method Detail

getInstance

public static PrivilegeManager getInstance(String realm,
                                           Subject subject)

Returns instance of configured PrivilegeManager

Parameters:

subject - subject that would be used for the privilege management operations

Returns:

instance of configured PrivilegeManager

initialize

public void initialize(String realm,
                       Subject subject)

Initializes the object.

Parameters:

realm - Realm name

subject - subject to initilialize the privilege manager with

findByName

public abstract Privilege findByName(String name,
                                     Subject subject)
                              throws EntitlementException

Returns a privilege.

Parameters:

name - name for the privilege to be returned

subject - Subject to be used to obtain the privilege.

Throws:

EntitlementException - if privilege is not found or if the provided subject is not permitted to access it.

canFindByName

public boolean canFindByName(String name)
                      throws EntitlementException

Checks if a privilege with the specified name can be found.

Specified by:

canFindByName in interface IPrivilegeManager<Privilege>

Parameters:

name - name of the privilege.

Returns:

true if a privilege with the specified name exists, false otherwise.

Throws:

EntitlementException - if search failed.

validate

protected void validate(Privilege privilege)
                 throws EntitlementException

Validates the passed policy.

Parameters:

privilege - the policy instance

Throws:

EntitlementException - should validator fail

add

public void add(Privilege privilege)
         throws EntitlementException

Add a privilege.

Specified by:

add in interface IPrivilegeManager<Privilege>

Parameters:

privilege - privilege to add.

Throws:

EntitlementException - if privilege cannot be added.

modify

public abstract void modify(String existingName,
                            Privilege privilege)
                     throws EntitlementException

Modifies the specified policy.

Parameters:

existingName - The existing policy name

privilege - The new policy content

Throws:

EntitlementException - When an error occurs during modification

searchNames

public Set<String> searchNames(Set<SearchFilter> filter,
                               int searchSizeLimit,
                               int searchTimeLimit)
                        throws EntitlementException

Returns a set of privilege names for a given search criteria.

Specified by:

searchNames in interface IPrivilegeManager<Privilege>

Parameters:

filter - Set of search filter.

searchSizeLimit - Search size limit.

searchTimeLimit - Search time limit in seconds.

Returns:

a set of privilege names for a given search criteria.

Throws:

EntitlementException - if search failed.

search

public List<Privilege> search(Set<SearchFilter> filter,
                              int searchSizeLimit,
                              int searchTimeLimit)
                       throws EntitlementException

Returns a set of privileges that match the given search criteria.

Parameters:

filter - the search filters to apply. An empty set means no filtering (returns all privileges).

searchSizeLimit - the maximum number of privileges to return.

searchTimeLimit - the maximum time limit in seconds. NOT IMPLEMENTED.

Returns:

the matching privileges.

Throws:

EntitlementException - if the search fails for any reason.

search

public List<Privilege> search(Set<SearchFilter> filter)
                       throws EntitlementException

Returns a set of privileges that match the given search criteria with no size or time limits.

Parameters:

filter - the search filters to apply. An empty set means no filtering (returns all privileges).

Returns:

the matching privileges.

Throws:

EntitlementException - if the search fails for any reason.

searchNames

public Set<String> searchNames(Set<SearchFilter> filter)
                        throws EntitlementException

Returns a set of privilege names for a given search criteria.

Specified by:

searchNames in interface IPrivilegeManager<Privilege>

Parameters:

filter - Set of search filter.

Returns:

a set of privilege names for a given search criteria.

Throws:

EntitlementException - if search failed.

findAllPolicies

public abstract List<Privilege> findAllPolicies()
                                         throws EntitlementException

Finds all policies within the realm.

Returns:

list of matching policies

Throws:

EntitlementException - should some error occur

findAllPoliciesByApplication

public abstract List<Privilege> findAllPoliciesByApplication(String application)
                                                      throws EntitlementException

Finds all policies within the realm and passed application.

Parameters:

application - the application

Returns:

list of matching policies

Throws:

EntitlementException - should some error occur

findAllPoliciesByIdentityUid

public abstract List<Privilege> findAllPoliciesByIdentityUid(String uid)
                                                      throws EntitlementException

Finds all policies based on the identity uid, whether user or group uid.

Parameters:

uid - identity uid

Returns:

list of matching policies else an empty list

Throws:

EntitlementException - should some query error occur

getRealm

public String getRealm()

Returns realm name.

Returns:

realm name.

getAdminSubject

protected Subject getAdminSubject()

notifyPrivilegeChanged

protected abstract void notifyPrivilegeChanged(String realm,
                                               Privilege previous,
                                               Privilege current,
                                               PolicyEventType eventType)
                                        throws EntitlementException

Throws:

EntitlementException

isNameValid

public static boolean isNameValid(String target)