org.apache.jetspeed.security
Interface RoleManager

All Known Implementing Classes:
RoleManagerImpl

public interface RoleManager

Describes the service interface for managing roles.

Role hierarchy elements are being returned as a Role collection. The backing implementation must appropriately map the role hierarchy to a preferences sub-tree.

The convention {principal}.{subprincipal} has been chosen to name roles hierachies in order to support declarative security. Implementation follow the conventions enforced by the preferences API.

Author:
David Le Strat

Method Summary
 void addRole(java.lang.String roleFullPathName)
          Add a new role.
 void addRoleToGroup(java.lang.String roleFullPathName, java.lang.String groupFullPathName)
          Add a role to a group.
 void addRoleToUser(java.lang.String username, java.lang.String roleFullPathName)
          Add a role to a user.
 Role getRole(java.lang.String roleFullPathName)
          Get a role Role for a given role full path name.
 java.util.Iterator getRoles(java.lang.String filter)
          Get all roles available from all role handlers
 java.util.Collection getRolesForUser(java.lang.String username)
          A collection of Role for all the roles associated to a specific user.
 java.util.Collection getRolesInGroup(java.lang.String groupFullPathName)
          A collection of Role for all the roles associated to a specific group.
 boolean isGroupInRole(java.lang.String groupFullPathName, java.lang.String roleFullPathName)
          Whether or not a role is in a group.
 boolean isUserInRole(java.lang.String username, java.lang.String roleFullPathName)
          Whether or not a user is in a role.
 void removeRole(java.lang.String roleFullPathName)
          Remove a given role and all the children of that role.
 void removeRoleFromGroup(java.lang.String roleFullPathName, java.lang.String groupFullPathName)
          Remove a role from a group.
 void removeRoleFromUser(java.lang.String username, java.lang.String roleFullPathName)
          Remove a user from a role.
 boolean roleExists(java.lang.String roleFullPathName)
          Whether or not a role exists.
 void setRoleEnabled(java.lang.String roleFullPathName, boolean enabled)
          Enable or disable a role.
 

Method Detail

addRole

void addRole(java.lang.String roleFullPathName)
             throws SecurityException

Add a new role.

Role principal names are expressed as {principal}.{subprincipal} where "." is the separator expressing the hierarchical nature of a role.

Role principal path names are stored leveraging the Preferences api. Roles will be stored under /role/theGroupName/theGroupNameChild when given the full path name theRoleName.theRoleNameChild.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Throws:
Throws - a security exception if the role already exists.
SecurityException

removeRole

void removeRole(java.lang.String roleFullPathName)
                throws SecurityException

Remove a given role and all the children of that role.

Role principal names are expressed as {principal}.{subprincipal} where "." is the separator expressing the hierarchical nature of a role.

Role principal path names are stored leveraging the Preferences api. Roles will be stored under /role/theGroupName/theGroupNameChild when given the full path name theRoleName.theRoleNameChild.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Throws:
Throws - a security exception.
SecurityException

roleExists

boolean roleExists(java.lang.String roleFullPathName)

Whether or not a role exists.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Returns:
Whether or not a role exists.

getRole

Role getRole(java.lang.String roleFullPathName)
             throws SecurityException

Get a role Role for a given role full path name.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Returns:
The Preferences node.
Throws:
Throws - a security exception if the role does not exist.
SecurityException

getRolesForUser

java.util.Collection getRolesForUser(java.lang.String username)
                                     throws SecurityException

A collection of Role for all the roles associated to a specific user.

Parameters:
username - The user name.
Returns:
A Collection of Role.
Throws:
Throws - a security exception if the user does not exist.
SecurityException

getRolesInGroup

java.util.Collection getRolesInGroup(java.lang.String groupFullPathName)
                                     throws SecurityException

A collection of Role for all the roles associated to a specific group.

Parameters:
groupFullPathName - The group full path (e.g. theGroupName.theGroupChildName).
Returns:
A Collection of Role.
Throws:
Throws - a security exception if the group does not exist.
SecurityException

addRoleToUser

void addRoleToUser(java.lang.String username,
                   java.lang.String roleFullPathName)
                   throws SecurityException

Add a role to a user.

Parameters:
username - The user name.
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Throws:
Throws - a security exception if the role or the user do not exist.
SecurityException

removeRoleFromUser

void removeRoleFromUser(java.lang.String username,
                        java.lang.String roleFullPathName)
                        throws SecurityException

Remove a user from a role.

Parameters:
username - The user name.
roleFullPathName - The role name full path relative to the /role node (e.g. /theRoleName/theRoleChildName).
Throws:
Throws - a security exception.
SecurityException

isUserInRole

boolean isUserInRole(java.lang.String username,
                     java.lang.String roleFullPathName)
                     throws SecurityException

Whether or not a user is in a role.

Parameters:
username - The user name.
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Returns:
Whether or not a user is in a role.
Throws:
Throws - a security exception if the role or the user does not exist.
SecurityException

addRoleToGroup

void addRoleToGroup(java.lang.String roleFullPathName,
                    java.lang.String groupFullPathName)
                    throws SecurityException

Add a role to a group.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
Throws:
Throws - a security exception.
SecurityException

removeRoleFromGroup

void removeRoleFromGroup(java.lang.String roleFullPathName,
                         java.lang.String groupFullPathName)
                         throws SecurityException

Remove a role from a group.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
Throws:
Throws - a security exception.
SecurityException

isGroupInRole

boolean isGroupInRole(java.lang.String groupFullPathName,
                      java.lang.String roleFullPathName)
                      throws SecurityException

Whether or not a role is in a group.

Parameters:
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Returns:
Whether or not a role is in a group.
Throws:
Throws - a security exception if the role or the group does not exist.
SecurityException

getRoles

java.util.Iterator getRoles(java.lang.String filter)
                            throws SecurityException
Get all roles available from all role handlers

Parameters:
filter - The filter used to retrieve matching roles.
Returns:
all roles available as Principal
Throws:
SecurityException

setRoleEnabled

void setRoleEnabled(java.lang.String roleFullPathName,
                    boolean enabled)
                    throws SecurityException
Enable or disable a role.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
enabled - enabled flag for the role
Throws:
SecurityException


Copyright © 1999-2009 Apache Software Foundation. All Rights Reserved.