Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.sap.netweaver.bc.rf.mi.security
Interface ISecurityManager

[contained in: com.sap.netweaver.bc.rf.par - bc.rf.mi_api.jar]
All Known Subinterfaces:
IAclSecurityManager, IMutableSecurityManager
public interface ISecurityManager

Read-Only interface describing a repository sub manager for security. This interface allows for simple checking of permission on resources, but doesn't offer any sophisticated operations, because security APIs are usually very much specialized and can't be defined in an general interface for a repository sub manager. Specifically read access more sophisticated than the isAllowed() methods is problematic on respoitories supporting also denies (a grant on a group and a deny on a user must be translated into only grants). A more complex abstraction of security settings including denies and other features would impose too much of a requirement for repositories. Not all repositories might be able to support such a complex API even in parts.

Method Summary
 java.util.List getSupportedPermissions(IResourceHandle resourceHandle)
          Get list of permissions which are supported by the security manager for the given resource handle, e.g. outcome depends on whether the resource is a collection or not.
 boolean isAllowed(IResourceHandle resourceHandle, com.sap.netweaver.bc.rf.mi.security.IPrincipal principal, IPermission permission)
          Checks whether the given principal has the given permission on the given resource handle.
 boolean isAllowed(IResourceHandle resourceHandle, com.sap.netweaver.bc.rf.mi.security.IPrincipal principal, java.util.List permissions)
          Checks whether the given principal has all of the given permissions on the given resource handle.
 java.util.Set isAllowed(java.util.List ridList, com.sap.netweaver.bc.rf.mi.security.IPrincipal principal, IPermission permission)
          Checks whether the given principal has the given permission on the given resource identifiers.
 java.util.Set isAllowed(java.util.List ridList, com.sap.netweaver.bc.rf.mi.security.IPrincipal principal, java.util.List permissions)
          Checks whether the given principal has all of the given permissions on the given resource identifiers.
 

Method Detail

getSupportedPermissions

public java.util.List getSupportedPermissions(IResourceHandle resourceHandle)
                                       throws ResourceException
Get list of permissions which are supported by the security manager for the given resource handle, e.g. outcome depends on whether the resource is a collection or not.
Parameters:
resourceHandle - resource handle
Returns:
list of supported permissions of type IPermission
Throws:
ResourceException - when the resource handle is invalid or no permissions could be looked up

isAllowed

public boolean isAllowed(IResourceHandle resourceHandle,
                         com.sap.netweaver.bc.rf.mi.security.IPrincipal principal,
                         IPermission permission)
                  throws ResourceException
Checks whether the given principal has the given permission on the given resource handle.
Parameters:
resourceHandle - resource handle
principal - principal for whom the permissions are checked
permission - single permission to check
Returns:
true when the given principal has the given permission on the given resource handle
Throws:
ResourceException - when wrong parameterized

isAllowed

public boolean isAllowed(IResourceHandle resourceHandle,
                         com.sap.netweaver.bc.rf.mi.security.IPrincipal principal,
                         java.util.List permissions)
                  throws ResourceException
Checks whether the given principal has all of the given permissions on the given resource handle.
Parameters:
resourceHandle - resource handle
principal - principal for whom the permissions are checked
permissions - list of permissions to check
Returns:
true when the given principal has all of the given permissions on the given resource handle
Throws:
ResourceException - when wrong parameterized

isAllowed

public java.util.Set isAllowed(java.util.List ridList,
                               com.sap.netweaver.bc.rf.mi.security.IPrincipal principal,
                               IPermission permission)
                        throws ResourceException,
                               OperationNotCompletedException
Checks whether the given principal has the given permission on the given resource identifiers.

Note: This method needs not to be handled atomically! Although this operation may fail in parts, the operation on one of the many operands provided through the parameter list is always expected to be atomic!
Parameters:
ridList - list of resource identifiers
principal - principal for whom the permissions are checked
permission - single permission to check
Returns:
list of resource identifiers the given principal has the given permission for
Throws:
ResourceException - when wrong parameterized
OperationNotCompletedException - when the operation failed in parts

isAllowed

public java.util.Set isAllowed(java.util.List ridList,
                               com.sap.netweaver.bc.rf.mi.security.IPrincipal principal,
                               java.util.List permissions)
                        throws ResourceException,
                               OperationNotCompletedException
Checks whether the given principal has all of the given permissions on the given resource identifiers.

Note: This method needs not to be handled atomically! Although this operation may fail in parts, the operation on one of the many operands provided through the parameter list is always expected to be atomic!
Parameters:
ridList - list of resource identifiers
principal - principal for whom the permissions are checked
permissions - list of permissions to check
Returns:
set of resource identifiers the given principal has all of the given permissions for
Throws:
ResourceException - when wrong parameterized
OperationNotCompletedException - when the operation failed in parts
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver '04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © 2004 by SAP AG. All Rights Reserved.
SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.

These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.