com.metamatrix.platform.admin.apiimpl
Class AuthorizationAdminAPIImpl

java.lang.Object
  extended by com.metamatrix.platform.admin.apiimpl.AuthorizationAdminAPIImpl
All Implemented Interfaces:
AuthorizationAdminAPI, SubSystemAdminAPI

@RolesAllowed(value="Admin.ReadOnlyAdmin")
public class AuthorizationAdminAPIImpl
extends java.lang.Object
implements AuthorizationAdminAPI


Method Summary
 void addPrincipalsToRole(java.util.Set principals, java.lang.String roleName)
          Add the given set of principals to the given role.
 java.lang.Boolean containsPolicy(AuthorizationPolicyID policyID)
          Return whether there is an existing policy with the specified ID.
 AuthorizationEditor createEditor()
          Returns a AuthorizationObjectEditor to perform editing operations on a entitlement type object.
 java.util.Set executeTransaction(java.util.List actions)
          Execute as a single transaction with the specified actions, and return the set of IDs for the objects that were affected/modified by the action.
 java.util.Collection findAllPolicyIDs()
          Get all policyIDs in the system except those that we want to filter from the console.
static AuthorizationAdminAPI getInstance()
           
 AuthorizationPolicy getPolicy(AuthorizationPolicyID policyID)
          Locate the policy that has the specified ID.
 java.util.Collection getPolicyIDsInRealm(AuthorizationRealm realm)
          Returns a Collection of AuthorizationPolicyIDs in the given AuthorizationRealm.
 java.util.Collection getPrincipalsForRole(java.lang.String roleName)
          Returns a collection MetaMatrixPrincipalName objects containing the name of the principal along with its type which belong to the given role.
 java.util.Map getRoleDescriptions()
          Obtain the names of all of the roles and their descriptions known to the system.
 java.util.Collection getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)
          Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.
 boolean isSuperUser(java.lang.String username)
          Return true is given username is a super user
 void removePrincipalsFromRole(java.util.Set principals, java.lang.String roleName)
          Remove the given set of principals from the given role.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getInstance

public static AuthorizationAdminAPI getInstance()

createEditor

@RolesAllowed(value="Admin.SystemAdmin")
public AuthorizationEditor createEditor()
                                 throws InvalidSessionException,
                                        AuthorizationException,
                                        MetaMatrixComponentException
Returns a AuthorizationObjectEditor to perform editing operations on a entitlement type object. The editing process will create actions for each specific type of editing operation. Those actions are what need to be submitted to the AuthorizationService for actual updates to occur.

Specified by:
createEditor in interface AuthorizationAdminAPI
Returns:
AuthorizationObjectEditor
Throws:
InvalidSessionException
AuthorizationException
MetaMatrixComponentException

getRoleDescriptions

public java.util.Map getRoleDescriptions()
                                  throws AuthorizationException,
                                         InvalidSessionException,
                                         MetaMatrixComponentException
Description copied from interface: AuthorizationAdminAPI
Obtain the names of all of the roles and their descriptions known to the system.

Specified by:
getRoleDescriptions in interface AuthorizationAdminAPI
Returns:
a Map of role descriptions key by the role's name.
Throws:
AuthorizationException - if the caller is unable to perform this operation
InvalidSessionException - if the SessionToken is not valid or is expired
MetaMatrixComponentException - if this service has trouble communicating.

getPrincipalsForRole

public java.util.Collection getPrincipalsForRole(java.lang.String roleName)
                                          throws AuthorizationException,
                                                 InvalidSessionException,
                                                 MetaMatrixComponentException
Description copied from interface: AuthorizationAdminAPI
Returns a collection MetaMatrixPrincipalName objects containing the name of the principal along with its type which belong to the given role. com.metamatrix.security.api.MetaMatrixPrincipalName

Specified by:
getPrincipalsForRole in interface AuthorizationAdminAPI
Parameters:
roleName - String name of MetaMatrix role for which principals are sought
Throws:
AuthorizationException - if admninistrator does not have the authority to perform the requested operation.
InvalidSessionException - if the administrative session is invalid
MetaMatrixComponentException - if this service has trouble communicating.

getRoleNamesForPrincipal

public java.util.Collection getRoleNamesForPrincipal(MetaMatrixPrincipalName principal)
                                              throws AuthorizationException,
                                                     InvalidSessionException,
                                                     MetaMatrixComponentException
Returns a Collection of String names of MetaMatrix roles to which the given principal is assigned.

Specified by:
getRoleNamesForPrincipal in interface AuthorizationAdminAPI
Parameters:
principal - MetaMatrixPrincipalName for which roles are sought
Returns:
The Collection of role names the principal is assigned.
Throws:
InvalidSessionException - if the administrative session is invalid
AuthorizationException - if administrator does not have the authority to perform the requested operation.
MetaMatrixComponentException - if this service has trouble communicating.

addPrincipalsToRole

@RolesAllowed(value="Admin.SystemAdmin")
public void addPrincipalsToRole(java.util.Set principals,
                                                  java.lang.String roleName)
                         throws AuthorizationException,
                                InvalidSessionException,
                                MetaMatrixComponentException
Add the given set of principals to the given role.

Specified by:
addPrincipalsToRole in interface AuthorizationAdminAPI
Parameters:
principals - Set of MetaMatrixPrincipalNames to which to add.
roleName - The name of the role to which to add the principals.
Throws:
InvalidSessionException - if the administrative session is invalid
AuthorizationException - if admninistrator does not have the authority to perform the requested operation.
MetaMatrixComponentException - if this service has trouble communicating.

removePrincipalsFromRole

@RolesAllowed(value="Admin.SystemAdmin")
public void removePrincipalsFromRole(java.util.Set principals,
                                                       java.lang.String roleName)
                              throws AuthorizationException,
                                     InvalidSessionException,
                                     MetaMatrixComponentException
Remove the given set of principals from the given role.

Specified by:
removePrincipalsFromRole in interface AuthorizationAdminAPI
Parameters:
principals - Set of MetaMatrixPrincipalNames to remove.
roleName - The name of the role from which to remove the principals.
Throws:
InvalidSessionException - if the administrative session is invalid
AuthorizationException - if admninistrator does not have the authority to perform the requested operation.
MetaMatrixComponentException - if this service has trouble communicating.

findAllPolicyIDs

public java.util.Collection findAllPolicyIDs()
                                      throws AuthorizationException,
                                             InvalidSessionException,
                                             MetaMatrixComponentException
Get all policyIDs in the system except those that we want to filter from the console.

Specified by:
findAllPolicyIDs in interface AuthorizationAdminAPI
Returns:
the set of all policy IDs
Throws:
AuthorizationException - if the caller is unable to perform this operation
AuthorizationMgmtException - if this service has trouble connecting to services it uses.
InvalidSessionException - if the SessionToken is not valid or is expired
MetaMatrixComponentException - if this service has trouble communicating.

containsPolicy

public java.lang.Boolean containsPolicy(AuthorizationPolicyID policyID)
                                 throws AuthorizationException,
                                        InvalidSessionException,
                                        MetaMatrixComponentException
Description copied from interface: AuthorizationAdminAPI
Return whether there is an existing policy with the specified ID.

Specified by:
containsPolicy in interface AuthorizationAdminAPI
Returns:
true if a policy with the specified ID exists
Throws:
AuthorizationException - if the caller is unable to perform this operation
InvalidSessionException - if the SessionToken is not valid or is expired
MetaMatrixComponentException - if this service has trouble communicating.

getPolicy

public AuthorizationPolicy getPolicy(AuthorizationPolicyID policyID)
                              throws AuthorizationException,
                                     AuthorizationMgmtException,
                                     InvalidSessionException,
                                     MetaMatrixComponentException
Description copied from interface: AuthorizationAdminAPI
Locate the policy that has the specified ID. Any ID that is invalid is simply ignored.

Specified by:
getPolicy in interface AuthorizationAdminAPI
Parameters:
policyID - the ID of the policy to be obtained
Returns:
the policy that correspond to the specified ID
Throws:
AuthorizationException - if the caller is unable to perform this operation
InvalidSessionException - if the SessionToken is not valid or is expired
MetaMatrixComponentException - if this service has trouble communicating.
AuthorizationMgmtException

executeTransaction

@RolesAllowed(value="Admin.SystemAdmin")
public java.util.Set executeTransaction(java.util.List actions)
                                 throws AuthorizationException,
                                        AuthorizationMgmtException,
                                        InvalidSessionException,
                                        MetaMatrixComponentException
Description copied from interface: AuthorizationAdminAPI
Execute as a single transaction with the specified actions, and return the set of IDs for the objects that were affected/modified by the action.

Specified by:
executeTransaction in interface AuthorizationAdminAPI
Parameters:
actions - the ordered list of actions that are to be performed on metamodel within the repository.
Returns:
The set of objects that were affected by this transaction.
Throws:
AuthorizationException - if the caller is unable to perform this operation.
InvalidSessionException - if the SessionToken is not valid or has expired.
MetaMatrixComponentException - if this service has trouble communicating.
AuthorizationMgmtException

getPolicyIDsInRealm

public java.util.Collection getPolicyIDsInRealm(AuthorizationRealm realm)
                                         throws AuthorizationException,
                                                AuthorizationMgmtException,
                                                InvalidSessionException,
                                                MetaMatrixComponentException
Returns a Collection of AuthorizationPolicyIDs in the given AuthorizationRealm.
This method will only work for Data Access Authorizations because the realm is encoded in a Data Access policy name. NOTE: It is the responsibility of the caller to determine which of the AuthorizationPolicy's AuthorizationPermissions are actually in the given AuthorizationRealm. The AuthorizationPolicy may span AuthorizationRealms.

Specified by:
getPolicyIDsInRealm in interface AuthorizationAdminAPI
Parameters:
realm - The realm in which to search for AuthorizationPermissions.
Returns:
The collection of AuthorizationPolicyIDs that have permissions in the given realm - possibly empty but never null.
Throws:
AuthorizationException - if admninistrator does not have the authority to preform the action.
AuthorizationMgmtException - if an error occurs in the Authorization store.
MetaMatrixComponentException - if this service has trouble communicating.
InvalidSessionException

isSuperUser

public boolean isSuperUser(java.lang.String username)
                    throws ServiceException,
                           MembershipServiceException,
                           MetaMatrixComponentException
Return true is given username is a super user

Specified by:
isSuperUser in interface AuthorizationAdminAPI
Parameters:
username - - The user to verify as super user
Returns:
true if given user is a super user
Throws:
ServiceException - for generic service errors
MembershipServiceException - If there are issues within the membership service
MetaMatrixComponentException - if this service has trouble communicating.
See Also:
AuthorizationAdminAPI.isSuperUser(java.lang.String)


Copyright © 2009. All Rights Reserved.