Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.sap.netweaver.bc.rf.common.security.acl
Interface IAcl

[contained in: com.sap.netweaver.bc.rf.par - bc.rf.common_api.jar]
public interface IAcl

Interface describing an access control list, short ACL. Each resource may have an ACL with many ACL entries. An entry describes for one principal (may be a user, group or whatever is considered an entity) a permission this principal has on the given resource. The ACL itself is just an envelope for many ACL entries.

An ACL entry may define a permission this principal has on the given resource, but it may also define a permission a principal is denied to have (so called negative ACL entry).

ACLs are propagated down from above the resource hierarchy on the fly, i.e. they are not really set on the descendants but derived when accessed. All descendants not having an own ACL inherit one from their next legator having one. Legators are ancestors responsible for the security permissions of their descendants.

Method Summary
 boolean addEntry(IAclEntry aclEntry)
          Add ACL entry to this ACL.
 void addOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
          Add new owner to this ACL.
 boolean checkPermission(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal, IAclPermission permission)
          Check whether or not the ACL grants a specific permission to a principal.
 java.util.List getEntries()
          Get list of ACL entries.
 java.util.List getEntries(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
          Get list of ACL entries for a given principal.
 com.sap.netweaver.bc.rf.common.security.acl.IPrincipal getLockingUser()
          Get principal which has locked the ACL.
 java.util.List getOwners()
          Get list of the owners of this ACL.
 IResourceHandle getResource()
          Get resource handle this ACL is assigned to.
 boolean isAuthorized(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
          Check whether or not the given principal is authorized to modify this ACL.
 boolean isLocked()
          Check whether or not the ACL is locked.
 boolean isOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
          Check whether or not the given principal is an owner of this ACL.
 boolean isReadOnly()
          Check wether or not the ACL is read only.
 void lock()
          Lock the ACL.
 boolean removeEntry(IAclEntry aclEntry)
          Remove ACL entry from this ACL.
 void removeOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
          Remove owner from the this ACL.
 void unlock()
          Unlock the ACL.
 

Method Detail

getResource

public IResourceHandle getResource()
                            throws AclPersistenceException
Get resource handle this ACL is assigned to.
Returns:
resource handle this ACL is assigned to
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getOwners

public java.util.List getOwners()
                         throws AclPersistenceException
Get list of the owners of this ACL.
Returns:
list of the owners of this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

addOwner

public void addOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
              throws AclPersistenceException,
                     AclNotAuthorizedException,
                     ResourceException
Add new owner to this ACL.
Parameters:
principal - principal to be added as owner
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle was invalid
AclNotAuthorizedException - Exception raised in failure situation

removeOwner

public void removeOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
                 throws AclPersistenceException,
                        AclNotAuthorizedException,
                        AclLastOwnerException,
                        ResourceException
Remove owner from the this ACL.
Parameters:
principal - principal to be removed as owner
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle was invalid
AclNotAuthorizedException - Exception raised in failure situation
AclLastOwnerException - Exception raised in failure situation

isOwner

public boolean isOwner(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
                throws AclPersistenceException
Check whether or not the given principal is an owner of this ACL.
Parameters:
principal - principal to be checked for being owner
Returns:
true when the given principal is an owner of this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

isAuthorized

public boolean isAuthorized(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
                     throws AclPersistenceException
Check whether or not the given principal is authorized to modify this ACL. Beside owners also super principals not being an owner are authorized to modify an ACL.
Parameters:
principal - principal to be checked for being authorized
Returns:
true if the given principal is authorized to modify this ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getEntries

public java.util.List getEntries()
                          throws AclPersistenceException
Get list of ACL entries.
Returns:
list of ACL entries
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getEntries

public java.util.List getEntries(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal)
                          throws AclPersistenceException
Get list of ACL entries for a given principal.
Parameters:
principal - principal
Returns:
list of ACL entries for a given principal
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

addEntry

public boolean addEntry(IAclEntry aclEntry)
                 throws AclPersistenceException,
                        AclNotAuthorizedException,
                        AclAlreadyAssignedToAclException,
                        AclPermissionNotSupportedException,
                        ResourceException
Add ACL entry to this ACL.
Parameters:
aclEntry - ACL entry
Returns:
true if the ACL entry was added successfully
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle associated with the ACL was invalid
AclNotAuthorizedException - Exception raised in failure situation
AclAlreadyAssignedToAclException - Exception raised in failure situation
AclPermissionNotSupportedException - Exception raised in failure situation

removeEntry

public boolean removeEntry(IAclEntry aclEntry)
                    throws AclPersistenceException,
                           AclNotAuthorizedException,
                           ResourceException
Remove ACL entry from this ACL.
Parameters:
aclEntry - ACL entry
Returns:
true if the ACL entry was removed successfully
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
ResourceException - when the resource handle associated with the ACL was invalid
AclNotAuthorizedException - Exception raised in failure situation

checkPermission

public boolean checkPermission(com.sap.netweaver.bc.rf.common.security.acl.IPrincipal principal,
                               IAclPermission permission)
                        throws AclPersistenceException
Check whether or not the ACL grants a specific permission to a principal.
Parameters:
principal - principal to be checked
permission - permission to be checked
Returns:
true if the permission is granted
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

getLockingUser

public com.sap.netweaver.bc.rf.common.security.acl.IPrincipal getLockingUser()
                                                                      throws AclPersistenceException
Get principal which has locked the ACL.
Returns:
principal which has locked the ACL
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

lock

public void lock()
          throws AclPersistenceException,
                 AclNotAuthorizedException
Lock the ACL.
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
AclNotAuthorizedException - Exception raised in failure situation

unlock

public void unlock()
            throws AclPersistenceException,
                   AclNotAuthorizedException
Unlock the ACL.
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
AclNotAuthorizedException - Exception raised in failure situation

isLocked

public boolean isLocked()
                 throws AclPersistenceException
Check whether or not the ACL is locked.
Returns:
true if the ACL is locked
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred

isReadOnly

public boolean isReadOnly()
                   throws AclPersistenceException
Check wether or not the ACL is read only.
Returns:
true if the ACL is read only
Throws:
AclPersistenceException - when a problem with the storage where the ACLs are persisted occurred
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © 2004 by SAP AG. All Rights Reserved.
SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.

These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.