com.ibm.itim.apps.system
Class SystemRoleManager

java.lang.Object
  com.ibm.itim.apps.system.SystemRoleManager

public class SystemRoleManager
extends java.lang.Object

Provides system role management capabilities, namely APIs to create a system role and to search for existing system roles.

See Also:

SystemRoleMO

Nested Class Summary

static class

SystemRoleManager.ViewCategory The Category class is a container for information about different Categories, or Views, defined inside of ITIM.

Constructor Summary

SystemRoleManager(PlatformContext platform, javax.security.auth.Subject subject)
Constructs the manager with a platform context and a subject.

Method Summary

SystemRoleMO	createRole(OrganizationalContainerMO container, SystemRole systemRole) Creates a system role in the provisioning platform with the specified attributes within the given container.
java.util.Collection	getRoles(OrganizationalContainerMO container, java.lang.String name) Returns the system role(s) by name within the given parent container.
java.util.Collection<SystemRoleManager.ViewCategory>	getSystemRoleCategories() Get a Collection of SystemRoleManager.Category objects that describe all of the available categories (or views) available to the system.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SystemRoleManager

public SystemRoleManager(PlatformContext platform,
                         javax.security.auth.Subject subject)

Constructs the manager with a platform context and a subject.

Parameters:

platform - PlatformContext holding platform connection information.

subject - Subject representing the authenticated caller.

Method Detail

createRole

public SystemRoleMO createRole(OrganizationalContainerMO container,
                               SystemRole systemRole)
                        throws java.rmi.RemoteException,
                               AuthorizationException,
                               ApplicationException

Creates a system role in the provisioning platform with the specified attributes within the given container. If the value object contains attributes that are not part of schema or attributes that have inappropriate values, an application exception that informs about model creation problem is thrown.

Parameters:

container - OrganizationalContainerMO within which the system role will be placed.

systemRole - SystemRole value object defining the attributes of the role, namely a description and a category.

Returns:

SystemRoleMO representing the successfully created system role.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

AuthorizationException - Thrown if client is unauthorized to create a system role in the given container.

ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the container being removed by another client previous to this call. This exception is thrown also when container contains a null DistinguishedName, container represents the tenant or the systemRole value object is null. A more specific ApplicationException, SchemaViolationException is thrown if SystemRole object does not have required attributes or attributes that are not part of the schema or attributes that have inappropriate values.

getRoles

public java.util.Collection getRoles(OrganizationalContainerMO container,
                                     java.lang.String name)
                              throws java.rmi.RemoteException,
                                     ApplicationException

Returns the system role(s) by name within the given parent container. Note, if the client is unauthorized to view (search for) a system role that matches the criteria, it will be filtered out of the return list and no AuthorizationException will be thrown.

Parameters:

container - OrganizationalContainerMO representing the parent container to scope the search. In a multi-tenant deployment, an OrganizationalContainerMO object must be provided that represents the root of the tenant.

name - Name of the system role(s) to return. This may be a String that uses a "*" and represents a regular expression. For example "tim*" can be used to find out all system roles whose names start with "tim".

Returns:

Collection of SystemRoleMO objects representing the matching roles.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the system roles. This may possibly be caused by the container being removed by another client previous to this call. This exception is thrown also when container object is null or the container object represents the tenant.

getSystemRoleCategories

public java.util.Collection<SystemRoleManager.ViewCategory> getSystemRoleCategories()
                                                                             throws ApplicationException,
                                                                                    java.rmi.RemoteException

Get a Collection of SystemRoleManager.Category objects that describe all of the available categories (or views) available to the system.

Returns:

A Collection of SystemRoleManager.Category object that describe all of the available categories (or view) available to the system.

Throws:

ApplicationException - Thrown if unable to obtain the categories from the system.

java.rmi.RemoteException - Thrown if unable to communicate with platform.

Since:

ITIM 5.0

See Also:

SystemRoleManager.ViewCategory