org.apache.jetspeed.security
Interface RoleManager


public interface RoleManager

Describes the service interface for managing roles.

Role hierarchy elements are being returned as a Role collection. The backing implementation must appropriately map the role hierarchy to a preferences sub-tree.

The convention {principal}.{subprincipal} has been chosen to name roles hierachies in order to support declarative security. Implementation follow the conventions enforced by the preferences API.

Author:
David Le Strat

Method Summary
 void addRole(String roleFullPathName)
          Add a new role.
 void addRoleToGroup(String roleFullPathName, String groupFullPathName)
          Add a role to a group.
 void addRoleToUser(String username, String roleFullPathName)
          Add a role to a user.
 Role getRole(String roleFullPathName)
          Get a role Role for a given role full path name.
 Iterator getRoles(String filter)
          Get all roles available from all role handlers
 Collection getRolesForUser(String username)
          A collection of Role for all the roles associated to a specific user.
 Collection getRolesInGroup(String groupFullPathName)
          A collection of Role for all the roles associated to a specific group.
 boolean isGroupInRole(String groupFullPathName, String roleFullPathName)
          Whether or not a role is in a group.
 boolean isUserInRole(String username, String roleFullPathName)
          Whether or not a user is in a role.
 void removeRole(String roleFullPathName)
          Remove a given role and all the children of that role.
 void removeRoleFromGroup(String roleFullPathName, String groupFullPathName)
          Remove a role from a group.
 void removeRoleFromUser(String username, String roleFullPathName)
          Remove a user from a role.
 boolean roleExists(String roleFullPathName)
          Whether or not a role exists.
 void setRoleEnabled(String roleFullPathName, boolean enabled)
          Enable or disable a role.
 

Method Detail

addRole

void addRole(String roleFullPathName)
             throws SecurityException

Add a new role.

Role principal names are expressed as {principal}.{subprincipal} where "." is the separator expressing the hierarchical nature of a role.

Role principal path names are stored leveraging the Preferences api. Roles will be stored under /role/theGroupName/theGroupNameChild when given the full path name theRoleName.theRoleNameChild.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Throws:
Throws - a security exception if the role already exists.
SecurityException

removeRole

void removeRole(String roleFullPathName)
                throws SecurityException

Remove a given role and all the children of that role.

Role principal names are expressed as {principal}.{subprincipal} where "." is the separator expressing the hierarchical nature of a role.

Role principal path names are stored leveraging the Preferences api. Roles will be stored under /role/theGroupName/theGroupNameChild when given the full path name theRoleName.theRoleNameChild.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Throws:
Throws - a security exception.
SecurityException

roleExists

boolean roleExists(String roleFullPathName)

Whether or not a role exists.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Returns:
Whether or not a role exists.

getRole

Role getRole(String roleFullPathName)
             throws SecurityException

Get a role Role for a given role full path name.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleNameChild).
Returns:
The Preferences node.
Throws:
Throws - a security exception if the role does not exist.
SecurityException

getRolesForUser

Collection getRolesForUser(String username)
                           throws SecurityException

A collection of Role for all the roles associated to a specific user.

Parameters:
username - The user name.
Returns:
A Collection of Role.
Throws:
Throws - a security exception if the user does not exist.
SecurityException

getRolesInGroup

Collection getRolesInGroup(String groupFullPathName)
                           throws SecurityException

A collection of Role for all the roles associated to a specific group.

Parameters:
groupFullPathName - The group full path (e.g. theGroupName.theGroupChildName).
Returns:
A Collection of Role.
Throws:
Throws - a security exception if the group does not exist.
SecurityException

addRoleToUser

void addRoleToUser(String username,
                   String roleFullPathName)
                   throws SecurityException

Add a role to a user.

Parameters:
username - The user name.
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Throws:
Throws - a security exception if the role or the user do not exist.
SecurityException

removeRoleFromUser

void removeRoleFromUser(String username,
                        String roleFullPathName)
                        throws SecurityException

Remove a user from a role.

Parameters:
username - The user name.
roleFullPathName - The role name full path relative to the /role node (e.g. /theRoleName/theRoleChildName).
Throws:
Throws - a security exception.
SecurityException

isUserInRole

boolean isUserInRole(String username,
                     String roleFullPathName)
                     throws SecurityException

Whether or not a user is in a role.

Parameters:
username - The user name.
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Returns:
Whether or not a user is in a role.
Throws:
Throws - a security exception if the role or the user does not exist.
SecurityException

addRoleToGroup

void addRoleToGroup(String roleFullPathName,
                    String groupFullPathName)
                    throws SecurityException

Add a role to a group.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
Throws:
Throws - a security exception.
SecurityException

removeRoleFromGroup

void removeRoleFromGroup(String roleFullPathName,
                         String groupFullPathName)
                         throws SecurityException

Remove a role from a group.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
Throws:
Throws - a security exception.
SecurityException

isGroupInRole

boolean isGroupInRole(String groupFullPathName,
                      String roleFullPathName)
                      throws SecurityException

Whether or not a role is in a group.

Parameters:
groupFullPathName - The group name full path (e.g. theGroupName.theGroupChildName).
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
Returns:
Whether or not a role is in a group.
Throws:
Throws - a security exception if the role or the group does not exist.
SecurityException

getRoles

Iterator getRoles(String filter)
                  throws SecurityException
Get all roles available from all role handlers

Parameters:
filter - The filter used to retrieve matching roles.
Returns:
all roles available as Principal
Throws:
SecurityException

setRoleEnabled

void setRoleEnabled(String roleFullPathName,
                    boolean enabled)
                    throws SecurityException
Enable or disable a role.

Parameters:
roleFullPathName - The role name full path (e.g. theRoleName.theRoleChildName).
enabled - enabled flag for the role
Throws:
SecurityException


Copyright © 1999-2007 Apache Software Foundation. All Rights Reserved.