RoleManagerLocal (RHQ Enterprise Server JAR 4.13.0 API)

All Superinterfaces:

RoleManagerRemote

All Known Implementing Classes:

RoleManagerBean
```
public interface RoleManagerLocal
extends RoleManagerRemote
```
The local interface to the role manager that provides the API to manipulate the security rules within the JON Server. This API provides the ability to modify roles and their associated subjects and permissions.

Author:

John Mazzitelli

Method Summary

Methods
Modifier and Type	Method and Description
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findAvailableRolesForSubject(org.rhq.core.domain.auth.Subject subject, Integer subjectId, Integer[] pendingRoleIds, org.rhq.core.domain.util.PageControl pc)` This returns a list of roles that are available to be assigned to a given subject but not yet assigned to that subject.
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findRoles(org.rhq.core.domain.util.PageControl pc)` Returns a list of all roles in the system.
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findRolesByIds(Integer[] roleIds, org.rhq.core.domain.util.PageControl pc)` Given a set of role Ids, this returns a list of all the roles.
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findRolesBySubject(int subjectId, org.rhq.core.domain.util.PageControl pc)` This returns a page list of all the roles that a subject is authorized to access.
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.auth.Subject>`	`findSubjectsByRole(Integer roleId, org.rhq.core.domain.util.PageControl pc)` Get all subjects that have been assigned the given role.
`Set<org.rhq.core.domain.authz.Permission>`	`getPermissions(Integer roleId)` Given a role ID, this will return the complete set of authorized permissions for that role.
`org.rhq.core.domain.authz.Role`	`getRoleById(Integer roleId)` Deprecated.
`void`	`setAssignedSubjects(org.rhq.core.domain.auth.Subject sessionSubject, int roleId, int[] subjectIds)`
`void`	`setPermissions(org.rhq.core.domain.auth.Subject subject, Integer roleId, Set<org.rhq.core.domain.authz.Permission> permissions)` Sets the permissions for the specified role.

Method Detail

findRolesBySubject

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findRolesBySubject(int subjectId,
                                                                                   org.rhq.core.domain.util.PageControl pc)

This returns a page list of all the roles that a subject is authorized to access.

Parameters:: subjectId - the id of the subject whose roles are to be returned; pc -
Returns:: page list of all subject's roles

findRoles

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findRoles(org.rhq.core.domain.util.PageControl pc)

Returns a list of all roles in the system.

Parameters:: pc -
Returns:: list of all roles

setPermissions
```
void setPermissions(org.rhq.core.domain.auth.Subject subject,
                  Integer roleId,
                  Set<org.rhq.core.domain.authz.Permission> permissions)
```
Sets the permissions for the specified role. Any currently existing role permissions are overwritten - that is, permissions will be the complete set of permissions the role will now be authorized with.

Parameters:
subject - the user attempting to peform the set
roleId - the ID of the role to modify
permissions - a set of permissions to give to the role

getPermissions
```
Set<org.rhq.core.domain.authz.Permission> getPermissions(Integer roleId)
```
Given a role ID, this will return the complete set of authorized permissions for that role.

Parameters:
roleId -

Returns:
set of permissions that the given role explicitly authorize

findRolesByIds

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findRolesByIds(Integer[] roleIds,
                                                                               org.rhq.core.domain.util.PageControl pc)

Given a set of role Ids, this returns a list of all the roles.

Parameters:: roleIds -; pc -
Returns:: all the roles with the given ID

findSubjectsByRole

org.rhq.core.domain.util.PageList<org.rhq.core.domain.auth.Subject> findSubjectsByRole(Integer roleId,
                                                                                     org.rhq.core.domain.util.PageControl pc)

Get all subjects that have been assigned the given role.

Parameters:: roleId -; pc -
Returns:: list of all subjects assigned the role

findAvailableRolesForSubject

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findAvailableRolesForSubject(org.rhq.core.domain.auth.Subject subject,
                                                                                             Integer subjectId,
                                                                                             Integer[] pendingRoleIds,
                                                                                             org.rhq.core.domain.util.PageControl pc)

This returns a list of roles that are available to be assigned to a given subject but not yet assigned to that subject. This excludes roles already assigned to the subject. The returned list will not include the roles identified by pendingRoleIds since it is assumed the pending roles will be assigned to the user.

Parameters:: subject - user attempting to make this call; subjectId - the subject whose list of available roles are to be returned; pendingRoleIds - the list of roles that are planned to be given to the subject; pc -
Returns:: the list of roles that can be assigned to the given user, not including the pending roles

getRoleById
```
@Deprecated
org.rhq.core.domain.authz.Role getRoleById(Integer roleId)
```
Deprecated.

Returns the role with the given ID

Parameters:
roleId -

Returns:
the role or null if it wasn't found

setAssignedSubjects

void setAssignedSubjects(org.rhq.core.domain.auth.Subject sessionSubject,
                       int roleId,
                       int[] subjectIds)

Interface RoleManagerLocal

Method Summary

Methods inherited from interface org.rhq.enterprise.server.authz.RoleManagerRemote