public interface RoleDefinitionService
RoleAssignmentService
).
Role is a logical grouping of privileges. A Role comprises of a set of privileges that are required to perform
actions by a user assigned to that role. A Role is associated with and scoped to a context where it is defined. Role
context is an object that implements the RoleContext interface (See RoleContext
). Examples of RoleContext are
Organization, Project and Analysis objects.
Role created at a context is automatically assigned to the context. An existing Role can be inherited by additional
role contexts that are descendants of the context they are defined at. The association between a Role and a Role
context is represented in the API using AssignedRole (See AssignedRole
.
Members (users and groups) of that context may be assigned to the roles associated with the context. This will grant them all the privileges of the role.
Modifier and Type | Method and Description |
---|---|
boolean |
assignedRoleExists(RoleContext context,
RoleDescriptor roleDescriptor)
Check if the given role is assigned to the context
|
AssignedRole |
assignRoleToContext(RoleContext context,
RoleDescriptor role)
Assign an existing role to a context that is a child of the context that the role was defined at so that the
inherited role definition may be used at another context.
|
Role |
createRole(RoleContext roleContext,
String name,
String description,
Set<Privilege> privileges)
Create a role and assign role to the specified context.
|
void |
deleteRole(RoleDescriptor roleDescriptor)
Delete a role and remove its assignment from the context it was defined at.
|
Set<AssignedRole> |
getAllAssignedRoles(RoleDescriptor role)
Get all assignments of this role to contexts in the system
|
Set<RoleDescriptor> |
getAllRolesByPrivilege(Privilege privilege)
Get all roles defined which include the specified privilege.
|
AssignedRole |
getAssignedRole(RoleContext context,
RoleDescriptor role)
Get the specified role assigned to the context
|
Set<AssignedRole> |
getAssignedRoles(RoleContext roleContext)
Get all inherited and defined roles assigned to the context.
|
Role |
getRole(RoleContext roleContext,
String name)
Get a role by specifying its context and name
|
Role |
getRoleByIdentifier(String identifier)
Get a role given its identifier.
|
Set<RoleDescriptor> |
getRoleDescriptors(RoleContext roleContext)
Get light-weight representations of all roles defined in a given context.
|
Set<Role> |
getRoles(RoleContext roleContext)
Get all the roles defined in a given context
|
Set<Role> |
getRolesByDescriptors(Set<RoleDescriptor> roleDescriptors)
Get a set of roles given their role descriptors
|
Set<Role> |
getRolesByIdentifiers(Set<String> identifiers)
Get a set of roles given their identifiers
|
Set<RoleDescriptor> |
getRolesByPrivilege(RoleContext roleContext,
Privilege privilege)
Get all roles defined in a given context which include the specified privilege.
|
boolean |
roleExists(RoleContext roleContext,
String name)
Check if a role exists in a context
|
void |
unassignAssignedRole(RoleDescriptor roleDescriptor)
Remove all assignments of this role to inherited contexts.
|
void |
unassignAssignedRoleFromContext(AssignedRole assignedRole)
Remove an inherited role from context.
|
Role |
updateRole(Role role)
Update the definition of the specified role.
|
Role createRole(RoleContext roleContext, String name, String description, Set<Privilege> privileges) throws RoleContextNotFoundException, RoleExistsException, InvalidRolePrivilegeException
roleContext
- The context of the rolename
- The name of the roledescription
- Description of the roleprivileges
- The privileges to be included in the roleRoleContextNotFoundException
- The context specified was not foundRoleExistsException
- A role already exists with this name and contextInvalidRolePrivilegeException
- A privilege provided is not valid at this contextRole updateRole(Role role) throws RoleNotFoundException, RoleExistsException, InvalidRolePrivilegeException
role
- the role to updateRoleNotFoundException
- The role specified was not foundRoleExistsException
- When a new name specified in the update request already exists for the contextInvalidRolePrivilegeException
- A privilege provided is not valid at this contextvoid deleteRole(RoleDescriptor roleDescriptor) throws RoleNotFoundException
roleDescriptor
- the role to deleteRoleNotFoundException
- The specified role was not found.boolean roleExists(RoleContext roleContext, String name)
roleContext
- the context to searchname
- the name of the role in questionRole getRole(RoleContext roleContext, String name) throws RoleNotFoundException
roleContext
- the context of the desired rolename
- the name of the desired roleRoleNotFoundException
- The specified role could not be found.Role getRoleByIdentifier(String identifier) throws RoleNotFoundException
identifier
- the identifier of the desired roleRoleNotFoundException
- The specified role could not be found.Set<Role> getRoles(RoleContext roleContext)
roleContext
- the context of the desired rolesSet<RoleDescriptor> getRoleDescriptors(RoleContext roleContext)
roleContext
- the context of the desired rolesSet<Role> getRolesByDescriptors(Set<RoleDescriptor> roleDescriptors)
roleDescriptors
- the roleDescriptors of the desired rolesSet<Role> getRolesByIdentifiers(Set<String> identifiers)
identifiers
- the identifiers of the desired rolesSet<RoleDescriptor> getAllRolesByPrivilege(Privilege privilege)
privilege
- The privilege in questionSet<RoleDescriptor> getRolesByPrivilege(RoleContext roleContext, Privilege privilege)
roleContext
- The context to searchprivilege
- The privilege in questionAssignedRole assignRoleToContext(RoleContext context, RoleDescriptor role) throws RoleAssignmentExistsException, RoleContextNotFoundException, RoleNotFoundException, InvalidRoleAssignmentContextException
context
- role
- RoleAssignmentExistsException
- The specified role is already assigned to this context.RoleContextNotFoundException
- The context where you want to make this role available can not be found.RoleNotFoundException
- The specified role could not be found.InvalidRoleAssignmentContextException
- This role can not be made available to this context (is the context
where the role is defined a child of this context?)void unassignAssignedRoleFromContext(AssignedRole assignedRole) throws RoleAssignmentNotFoundException, RoleContextNotFoundException, RoleNotFoundException, RoleAssignmentExistsException
assignedRole
- the assigned role to deleteRoleAssignmentNotFoundException
- The specified role assignment was not found.RoleNotFoundException
- The specified role was not found.RoleContextNotFoundException
- The specified context was not found.RoleAssignmentExistsException
void unassignAssignedRole(RoleDescriptor roleDescriptor) throws RoleNotFoundException, RoleAssignmentNotFoundException, RoleContextNotFoundException
roleDescriptor
- RoleContextNotFoundException
- The specified context was not found.RoleNotFoundException
- The specified role was not found.RoleAssignmentNotFoundException
- The specified roleAssignment was not found.Set<AssignedRole> getAllAssignedRoles(RoleDescriptor role)
role
- The role to search for.boolean assignedRoleExists(RoleContext context, RoleDescriptor roleDescriptor)
context
- The specified contextroleDescriptor
- The role to search for.AssignedRole getAssignedRole(RoleContext context, RoleDescriptor role) throws RoleAssignmentNotFoundException
context
- The specified context.role
- The role to search for in the context.RoleAssignmentNotFoundException
- The specified role is not defined in that context.Set<AssignedRole> getAssignedRoles(RoleContext roleContext)
roleContext
- the context to search for.Copyright (c) 2017, SAS Institute Inc., Cary, NC, USA