com.ibm.itim.dataservices.model

Class AccessRight

java.lang.Object

com.ibm.itim.dataservices.model.AccessRight

All Implemented Interfaces:

java.io.Serializable

public class AccessRight
extends java.lang.Object
implements java.io.Serializable

Class that represents an access right, or Access Control Information (ACI).

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	SINGLE_SCOPE Constant indicating the scope of the ACI is to be only one level of the logical tree.
static java.lang.String	SUBTREE_SCOPE Constant indicating the scope of the ACI is to be the current level and all sub-levels of the logical tree.

Constructor Summary

Constructors

Constructor and Description
AccessRight() Default constructor.

Method Summary

Modifier and Type	Method and Description
AccessRight	clone()
java.lang.String	getFilter() Returns the ACI's LDAP search filter, if any.
java.lang.String	getName() Returns a descriptive name or label for the ACI.
java.util.Collection<Permission>	getPermissions() Returns the collection of permissions that define the level of access to the target.
java.util.Collection<java.lang.String>	getPrincipals() Returns the set of principals that the permissions apply to.
java.util.Collection<java.lang.String>	getRoles() Returns a Collection String DN that point to the groups whose members are authorized by the ACI this AccessRight represents.
java.lang.String	getScope() Returns the scope of the ACI.
java.lang.String	getTarget() Returns the target entity, or set of entities, this ACI is protecting.
boolean	isForAllPrincipals() Returns true if the permissions apply to everyone in the system.
void	setFilter(java.lang.String filter) Sets the ACI's LDAP search filter.
void	setIsForAllPrincipals(boolean isForAllPrincipals) Toggles whether the permissions apply to everyone in the system.
void	setName(java.lang.String name) Changes the descriptive name or label of the ACI.
void	setScope(java.lang.String scope) Changes the scope of the ACI.
void	setTarget(java.lang.String target) Changes the target entity, or set of entities, this ACI is protecting.
java.lang.String	toString()

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

SINGLE_SCOPE

public static final java.lang.String SINGLE_SCOPE

Constant indicating the scope of the ACI is to be only one level of the logical tree.

See Also:

Constant Field Values

SUBTREE_SCOPE

public static final java.lang.String SUBTREE_SCOPE

Constant indicating the scope of the ACI is to be the current level and all sub-levels of the logical tree.

See Also:

Constant Field Values

Constructor Detail

AccessRight

public AccessRight()

Default constructor.

Method Detail

getName

public java.lang.String getName()

Returns a descriptive name or label for the ACI.

Returns:

String name of the ACI.

setName

public void setName(java.lang.String name)

Changes the descriptive name or label of the ACI.

Parameters:

name - String name for the ACI.

getTarget

public java.lang.String getTarget()

Returns the target entity, or set of entities, this ACI is protecting.

Returns:

String description of the target entity, or entities.

setTarget

public void setTarget(java.lang.String target)

Changes the target entity, or set of entities, this ACI is protecting.

Parameters:

target - description of the target entity, or entities.

getPermissions

public java.util.Collection<Permission> getPermissions()

Returns the collection of permissions that define the level of access to the target.

Returns:

Collection of Permission objects. This collection is not a copy and all updates to it will be reflected in the AccessRight object.

See Also:

Permission

getRoles

public java.util.Collection<java.lang.String> getRoles()

Returns a Collection String DN that point to the groups whose members are authorized by the ACI this AccessRight represents.

Returns:

Collection of Strings representing group Distinguished Names. This collection is not a copy and all updates to it will be reflected in the AccessRight object.

getPrincipals

public java.util.Collection<java.lang.String> getPrincipals()

Returns the set of principals that the permissions apply to. A principal may represent one or more users by identifying a named group that the authorization engine can query.

Returns:

Collection of Strings representing group names. This collection is not a copy and all updates to it will be reflected in the AccessRight object. // returns "self", "supervisor", etc.

isForAllPrincipals

public boolean isForAllPrincipals()

Returns true if the permissions apply to everyone in the system.

Returns:

true if the access right applies to everyone (anyone).

setIsForAllPrincipals

public void setIsForAllPrincipals(boolean isForAllPrincipals)

Toggles whether the permissions apply to everyone in the system.

Parameters:

isForAllPrincipals - true if the access right applies to everyone (anyone).

getScope

public java.lang.String getScope()

Returns the scope of the ACI. The scope identifies how much of the data hierarchy the ACI covers.

Returns:

Enumeration of scope levels, SINGLE_SCOPE, SUBTREE_SCOPE.

setScope

public void setScope(java.lang.String scope)

Changes the scope of the ACI.

Parameters:

scope - Enumeration of scope levels, SINGLE_SCOPE, SUBTREE_SCOPE.

getFilter

public java.lang.String getFilter()

Returns the ACI's LDAP search filter, if any.

Returns:

the ACI's LDAP search filter. If there is no filter defined, then the null will be returned.

setFilter

public void setFilter(java.lang.String filter)

Sets the ACI's LDAP search filter.

Parameters:

filter - an RFC 2254 LDAP search filter.

clone

public AccessRight clone()

Overrides:

clone in class java.lang.Object

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object