SAP AG UserManagementEngine 4.0 API: Interface IAclHierarchy

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sap.security.api.acl
Interface IAclHierarchy

public interface IAclHierarchy

ACL Hierarchy Interface

Definition of an Access Control List Hierarchy

This interface defines an Access Control List Hierarchy. With this, it is possible to check if a principal has a specific permission for an object or his parents.

Version:: 1.0

Method Summary

void checkPermission(java.lang.String[] objectIds, IPrincipal principal, java.lang.String permission)
          This method checks if a principal can perform a permission on the specified object ID array.

boolean isAllowed(java.lang.String[] objectIds, IPrincipal principal, java.lang.String permission)
          This method checks, if a principal can perform a permission on the specified object ID array.

void propagade(IPrincipal caller, java.lang.String rootObjectID, java.lang.String[] childrenObjectIds)
          This method propagades the ACEs from the root of the subtree to his nodes and leaves.

Method Detail

isAllowed

public boolean isAllowed(java.lang.String[] objectIds,
                         IPrincipal principal,
                         java.lang.String permission)
                  throws UMException

This method checks, if a principal can perform a permission on the specified object ID array.

Parameters:: objectIds - This object ID array represent the parent object IDs (the way from the specified object ID to the parent nodes up to the roof).; principal - the principal which has to be checked.; permission - the permission which has to be checked.
Returns:: true if the principal is authorised for the specified permission false otherwise
Throws:: UMException - if the data cannot be read.

propagade

public void propagade(IPrincipal caller,
                      java.lang.String rootObjectID,
                      java.lang.String[] childrenObjectIds)
               throws UMException

This method propagades the ACEs from the root of the subtree to his nodes and leaves. These ACEs are inherited.

Parameters:: caller - a principal who has to be the owner of the root ACL; rootObjectID - a String which represents the root of the subtree. His ACEs will be propagated.; childrenObjectIds - a String array which represents all child object IDs under the root of the subtree.
Throws:: UMException - if the data cannot be set.

checkPermission

public void checkPermission(java.lang.String[] objectIds,
                            IPrincipal principal,
                            java.lang.String permission)
                     throws UMException

This method checks if a principal can perform a permission on the specified object ID array.

Parameters:: objectIds - This object ID array represent the parent object IDs (the way from the specified object ID to the parent nodes up to the roof); principal - the principal which has to be checked; permission - the permission which has to be checked
Throws:: UMException - if the principal has not the specified permission