RoleManagerRemote (RHQ Enterprise Server JAR 4.3.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.rhq.enterprise.server.authz
Interface RoleManagerRemote

All Known Subinterfaces:: WebservicesRemote

All Known Implementing Classes:: RoleManagerBean, WebservicesManagerBean

public interface RoleManagerRemote

The remote interface to the role manager, providing a restricted set of Role Management services. that provides the API to manipulate the security rules within the JON Server.

Author:: Jay Shaughnessy

Method Summary
`void`	`addResourceGroupsToRole(org.rhq.core.domain.auth.Subject subject, int roleId, int[] pendingGroupIds)` Adds the given resource groups to the given role.
`void`	`addRolesToResourceGroup(org.rhq.core.domain.auth.Subject subject, int groupId, int[] roleIds)`
`void`	`addRolesToSubject(org.rhq.core.domain.auth.Subject subject, int subjectId, int[] roleIds)` Assigns a set of roles to a subject which authorizes the subject to do anything the roles permit.
`void`	`addSubjectsToRole(org.rhq.core.domain.auth.Subject subject, int roleId, int[] subjectIds)` Assigns a set of subjects to a role which authorizes the subjects to do anything the role permits.
`org.rhq.core.domain.authz.Role`	`createRole(org.rhq.core.domain.auth.Subject subject, org.rhq.core.domain.authz.Role newRole)` Persists the new role to the database.
`void`	`deleteRoles(org.rhq.core.domain.auth.Subject subject, int[] roleIds)` Removes a set of roles from the database.
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findRolesByCriteria(org.rhq.core.domain.auth.Subject subject, org.rhq.core.domain.criteria.RoleCriteria criteria)`
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findSubjectAssignedRoles(org.rhq.core.domain.auth.Subject subject, int subjectId, org.rhq.core.domain.util.PageControl pc)` Get all roles assigned for a certain subject
`org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role>`	`findSubjectUnassignedRoles(org.rhq.core.domain.auth.Subject subject, int subjectId, org.rhq.core.domain.util.PageControl pc)`
`org.rhq.core.domain.authz.Role`	`getRole(org.rhq.core.domain.auth.Subject subject, int roleId)` Returns the role with the given ID
`void`	`removeResourceGroupsFromRole(org.rhq.core.domain.auth.Subject subject, int roleId, int[] groupIds)` Removes the given resource groups from the given role.
`void`	`removeRolesFromResourceGroup(org.rhq.core.domain.auth.Subject subject, int groupId, int[] roleIds)`
`void`	`removeRolesFromSubject(org.rhq.core.domain.auth.Subject subject, int subjectId, int[] roleIds)` Disassociates particular roles from a subject.
`void`	`removeSubjectsFromRole(org.rhq.core.domain.auth.Subject subject, int roleId, int[] subjectIds)` Dissociate particular subjects from a role.
`void`	`setAssignedResourceGroups(org.rhq.core.domain.auth.Subject subject, int roleId, int[] groupIds)`
`void`	`setAssignedSubjectRoles(org.rhq.core.domain.auth.Subject subject, int subjectId, int[] roleIds)` Sets the set of roles assigned to a subject.
`org.rhq.core.domain.authz.Role`	`updateRole(org.rhq.core.domain.auth.Subject subject, org.rhq.core.domain.authz.Role role)` Updates the given role, excluding the subjects and groups.

Method Detail

getRole

org.rhq.core.domain.authz.Role getRole(org.rhq.core.domain.auth.Subject subject,
                                       int roleId)

Returns the role with the given ID

Parameters:: subject -; roleId -
Returns:: the role or null if it wasn't found

createRole

org.rhq.core.domain.authz.Role createRole(org.rhq.core.domain.auth.Subject subject,
                                          org.rhq.core.domain.authz.Role newRole)

Persists the new role to the database. The subjects assigned to the role are ignored - this only creates the role entity with 0 subjects initially assigned to it.

Parameters:: subject - The user attempting to create the role; newRole - The new role being created
Returns:: The persisted role with the primary key populated

deleteRoles

void deleteRoles(org.rhq.core.domain.auth.Subject subject,
                 int[] roleIds)

Removes a set of roles from the database. The subjects assigned to the roles are no longer authorized with the deleted roles. Groups attached to the deleted roles are left alone.

Parameters:: subject - The user attempting to delete the role; roleIds - The IDs of the roles to delete

updateRole

org.rhq.core.domain.authz.Role updateRole(org.rhq.core.domain.auth.Subject subject,
                                          org.rhq.core.domain.authz.Role role)

Updates the given role, excluding the subjects and groups. This updates permissions, name, description, etc.

Parameters:: subject - The user updating the role; role - The role being updated
Returns:: The updated role

findSubjectAssignedRoles

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findSubjectAssignedRoles(org.rhq.core.domain.auth.Subject subject,
                                                                                           int subjectId,
                                                                                           org.rhq.core.domain.util.PageControl pc)

Get all roles assigned for a certain subject

Parameters:: subject - The logged in user's subject; subjectId - The subject ID to find the associated roles for; pc - PageControl
Returns:: A page list of assigned

findSubjectUnassignedRoles

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findSubjectUnassignedRoles(org.rhq.core.domain.auth.Subject subject,
                                                                                             int subjectId,
                                                                                             org.rhq.core.domain.util.PageControl pc)

addRolesToSubject

void addRolesToSubject(org.rhq.core.domain.auth.Subject subject,
                       int subjectId,
                       int[] roleIds)

Assigns a set of roles to a subject which authorizes the subject to do anything the roles permit.

Parameters:: subject - The logged in user's subject.; subjectId - the subject who is to be authorized with the given roles; roleIds - the roles to assign

removeRolesFromSubject

void removeRolesFromSubject(org.rhq.core.domain.auth.Subject subject,
                            int subjectId,
                            int[] roleIds)

Disassociates particular roles from a subject. Once complete, the subject will no longer be authorized with the given roles.

Parameters:: subject - The logged in user's subject.; subjectId - the user that is to have the roles unassigned from it; roleIds - list of role IDs that are to be removed from user

addSubjectsToRole

void addSubjectsToRole(org.rhq.core.domain.auth.Subject subject,
                       int roleId,
                       int[] subjectIds)

Assigns a set of subjects to a role which authorizes the subjects to do anything the role permits.

Parameters:: subject - the user attempting to assign the roles to the subject; roleId - the role who will authorized with the given subjects; subjectIds - the subjects to assign the role

removeSubjectsFromRole

void removeSubjectsFromRole(org.rhq.core.domain.auth.Subject subject,
                            int roleId,
                            int[] subjectIds)

Dissociate particular subjects from a role.

Parameters:: subject - The logged in user's subject.; roleId - The role ID to dissociate the roles from; subjectIds - The IDs of the subjects to remove from the specified Role

setAssignedSubjectRoles

void setAssignedSubjectRoles(org.rhq.core.domain.auth.Subject subject,
                             int subjectId,
                             int[] roleIds)

Sets the set of roles assigned to a subject. Requires SECURITY_ADMIN

Parameters:: subject -; subjectId -; roleIds -

addResourceGroupsToRole

void addResourceGroupsToRole(org.rhq.core.domain.auth.Subject subject,
                             int roleId,
                             int[] pendingGroupIds)

Adds the given resource groups to the given role.

Parameters:: subject - The logged in user's subject.; roleId -; pendingGroupIds -

addRolesToResourceGroup

void addRolesToResourceGroup(org.rhq.core.domain.auth.Subject subject,
                             int groupId,
                             int[] roleIds)

setAssignedResourceGroups

void setAssignedResourceGroups(org.rhq.core.domain.auth.Subject subject,
                               int roleId,
                               int[] groupIds)

removeResourceGroupsFromRole

void removeResourceGroupsFromRole(org.rhq.core.domain.auth.Subject subject,
                                  int roleId,
                                  int[] groupIds)

Removes the given resource groups from the given role.

Parameters:: subject - user attempting to remove the groups from the role; roleId -; groupIds -

removeRolesFromResourceGroup

void removeRolesFromResourceGroup(org.rhq.core.domain.auth.Subject subject,
                                  int groupId,
                                  int[] roleIds)

findRolesByCriteria

org.rhq.core.domain.util.PageList<org.rhq.core.domain.authz.Role> findRolesByCriteria(org.rhq.core.domain.auth.Subject subject,
                                                                                      org.rhq.core.domain.criteria.RoleCriteria criteria)