Package com.sas.hls.security.role

Service and class definitions for manipulating and creating roles, their availability in contexts, and their membership lists.

See:
          Description

Interface Summary
RoleAssignmentService Service for defining and managing the membership of an AssignedRole.
RoleContext An interface indicating a context that supports the definition of roles.
RoleDefinitionService Service for defining and managing the life cycle of roles and assigned roles.
 

Class Summary
AssignedRole Client representation of a role which has been made available in a context.
Role Role is a logical grouping of privileges.
RoleAssignment This object represents the association between an existing role, a context and the members assigned to the role at that context
RoleDescriptor A light-weight representation of a Role defined in the system.See Role
 

Package com.sas.hls.security.role Description

Service and class definitions for manipulating and creating roles, their availability in contexts, and their membership lists.

A Role in SAS Drug Development is a logical grouping of privileges. A privilege is an identified right that grants users the ability to certain functions in the system. Roles are generally defined by administrators and context leads and assigned to members of various contexts. Context roles grant privileges to perform privileged actions at that context and role contexts below.

In order to define a new role at a context such as the organization, available privileges for the context must be obtained using the PrivilegeService by passing in the organization as the role context. A new role can then be created using one or more privileges at the context. Roles are uniquely named within a context.

When a role is created, it is automatically assigned to the context it is defined at. The same role definition may be extended to other contexts below by assigning the role to those contexts using RoleDefinitionService methods. The association between role and its role context is called an AssignedRole.

Once a role has been assigned to a context, members of a context may be assigned to the role to grant them the privileges of the role using RoleAssignmentService. To manage members assigned to role at a context,

  1. get the AssignedRole at the context organization using RoleDefinitionService.getAssignedRole(RoleContext, RoleDescriptor)
  2. get the RoleAssignment for the AssignedRole using RoleAssignmentService.getRoleAssignment(AssignedRole)
  3. modify the roleAssignment's membership list to the set of principals to grant this role, and
  4. finally update the roleAssignment using RoleAssignmentService.updateRoleAssignment(RoleAssignment)



Copyright (c) 2013, SAS Institute Inc., Cary, NC, USA