com.ibm.itim.apps.system

Class SystemRoleManager

  • java.lang.Object
    • com.ibm.itim.apps.system.SystemRoleManager

  • public class SystemRoleManager
extends java.lang.Object
    Provides system role management capabilities, namely APIs to create a system role and to search for existing system roles.
    See Also:
    SystemRoleMO

    • Constructor Detail

      • SystemRoleManager

        public SystemRoleManager(PlatformContext platform,
                         javax.security.auth.Subject subject)
        Constructs the manager with a platform context and a subject.
        Parameters:
        platform - PlatformContext holding platform connection information.
        subject - Subject representing the authenticated caller.

    • Method Detail

      • createRole

        public SystemRoleMO createRole(OrganizationalContainerMO container,
                               SystemRole systemRole)
                        throws java.rmi.RemoteException,
                               AuthorizationException,
                               ApplicationException
        Creates a system role in the provisioning platform with the specified attributes within the given container. If the value object contains attributes that are not part of schema or attributes that have inappropriate values, an application exception that informs about model creation problem is thrown.
        Parameters:
        container - OrganizationalContainerMO within which the system role will be placed.
        systemRole - SystemRole value object defining the attributes of the role, namely a description and a category.
        Returns:
        SystemRoleMO representing the successfully created system role.
        Throws:
        java.rmi.RemoteException - Thrown if unable to communicate with platform.
        AuthorizationException - Thrown if client is unauthorized to create a system role in the given container.
        ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the container being removed by another client previous to this call. This exception is thrown also when container contains a null DistinguishedName, container represents the tenant or the systemRole value object is null. A more specific ApplicationException, SchemaViolationException is thrown if SystemRole object does not have required attributes or attributes that are not part of the schema or attributes that have inappropriate values.

      • getRoles

        public java.util.Collection getRoles(OrganizationalContainerMO container,
                                     java.lang.String name)
                              throws java.rmi.RemoteException,
                                     ApplicationException
        Returns the system roles by name within the given parent container. However, if the client does not have the required permissions to view (search for) a system role that matches the criteria, the API filters the return list and no AuthorizationException is thrown.
        Parameters:
        container - OrganizationalContainerMO representing the parent container to scope the search. In a multi-tenant deployment, an OrganizationalContainerMO object must be provided that represents the root of the tenant.
        name - Name of the system roles to return. This might be a String that uses '*' and represents a regular expression. For example "tim*" can be used to find out all system roles whose names start with "tim".
        Returns:
        Collection of SystemRoleMO objects representing the matching roles. If the name parameter is null, an empty collection will be returned.
        Throws:
        java.rmi.RemoteException - Thrown if the API is unable to communicate with platform.
        ApplicationException - 1. Thrown if the API is unable to obtain the system roles. This might occur if the container is removed by another client previous to this call. 2. Thrown if the container object is null or it represents the tenant.

      • getRoleByURI

        public SystemRoleMO getRoleByURI(OrganizationalContainerMO container,
                                 java.lang.String uri)
                          throws java.rmi.RemoteException,
                                 ApplicationException
        Returns the system role for the given Uniform Resource Identifier (URI) within the specified parent container.
        Parameters:
        container - OrganizationalContainerMO representing the parent container to scope the search.
        uri - String representing the system role's URI.
        Returns:
        SystemRoleMO representing the matching system role
        Throws:
        java.rmi.RemoteException - Thrown if unable to communicate with platform.
        ApplicationException - Thrown if unable to obtain the system role. This might be caused by the container being removed by another client previous to this call. This exception might also be thrown if the container object is null or represents the tenant, no system role is found for the given URI within the container, or more than one system role is found for the given URI within the container.

      • getSystemRoleCategories

        public java.util.Collection<SystemRoleManager.ViewCategory> getSystemRoleCategories()
                                                                             throws ApplicationException,
                                                                                    java.rmi.RemoteException
        Get a Collection of SystemRoleManager.Category objects that describe all of the available categories (or views) available to the system.
        Returns:
        A Collection of SystemRoleManager.Category object that describe all of the available categories (or view) available to the system.
        Throws:
        ApplicationException - Thrown if unable to obtain the categories from the system.
        java.rmi.RemoteException - Thrown if unable to communicate with platform.
        Since:
        ITIM 5.0
        See Also:
        SystemRoleManager.ViewCategory
Skip navigation links