Package wt.access

Interface AccessControlManagerSvr

All Known Implementing Classes:
StandardAccessControlManager
public interface AccessControlManagerSvr
AccessControlManagerSvr provides methods for access control services that can only be invoked from classes running on the server. These methods are executed on the server side.

Supported API: true

Extendable: false

  • Method Details

    • setSecurityLabel

      @Deprecated void setSecurityLabel(SecurityLabeled object, String label_name, String label_value, boolean update_object) throws WTException, WTPropertyVetoException
      Deprecated.
      Use setSecurityLabel(SecurityLabeled, String, Set, boolean) instead.
      Sets the value of the specified security label for an object and optionally persists the update to the object. If the specified security label is a custom label, the specified value must be the external representation of the value. label_value could be one value or a comma separated list of multiple values.

      If the object is persistent, the current user's access rights are checked. The user must have modify security labels permission for the object and must be authorized by the current label value for the specified label. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the object is not persistent, access rights are not checked by this method and events are not dispatched.

      If update_object is false and the object is persistent, this method must be called from within a transaction that includes an update to the object in the datastore. If the object is not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the object, unless other changes to the object warrant the update.

      Supported API: true

      Parameters:
      object - object for which the security label is to be set
      label_name - security label name
      label_value - security label value. comma separated multiple values are also supported.
      update_object - persist security label updates to the object
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if an object is not specified or if the specified label name or standard label value is not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabel

      @Deprecated void setSecurityLabel(WTCollection objects, String label_name, String label_value, boolean update_objects) throws WTException, WTPropertyVetoException
      Deprecated.
      Use setSecurityLabel(WTCollection, String, Set, boolean) instead.
      Sets the value of the specified security label for a collection of objects and optionally persists the updates to the objects. If the specified security label is a custom label, the specified value must be the external representation of the value. label_value could be one value or a comma separated list of multiple values.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by their current label value for the specified label. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects - objects for which the security label is to be set
      label_name - security label name
      label_value - one or more comma separated SL Values.
      update_objects - persist security label updates to the objects
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      ClassCastException - if one or more objects in the collection are not SecurityLabeled
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if a collection of objects is not specified or empty, or if the specified label name or standard label value is not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabels

      @Deprecated void setSecurityLabels(SecurityLabeled object, Map<String,String> security_labels, boolean update_object) throws WTException, WTPropertyVetoException
      Deprecated.
      Use setSecurityLabelWithMultipleValues(SecurityLabeled, Map, boolean) instead.
      Sets the values of the specified security labels for an object and optionally persists the updates to the object. For custom labels, the specifed value must be the external representation of the value.

      If the object is persistent, the current user's access rights are checked. The user must have modify security labels permission for the object and must be authorized by each of the current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the object is not persistent, access rights are not checked by this method and events are not dispatched.

      If update_object is false and the object is persistent, this method must be called from within a transaction that includes an update to the object in the datastore. If the object is not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the object, unless other changes to the object warrant the update.

      Supported API: true

      Parameters:
      object - object for which the security labels are to be set
      security_labels - map of security label names and values(value will be comma separated list of multiple SLValues are set)
      update_object - persist security label updates to the object
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if an object is not specified, if a map is not specified or empty, or if the specified label names or standard label values are not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabels

      void setSecurityLabels(SecurityLabeled object, String security_labels, boolean update_object) throws WTException, WTPropertyVetoException
      Sets the values of the specified security labels for an object and optionally persists the updates to the object. For custom labels, the specified value must be the external representation of the value.

      If the object is persistent, the current user's access rights are checked. The user must have modify security labels permission for the object and must be authorized by each of the current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the object is not persistent, access rights are not checked by this method and events are not dispatched.

      If update_object is false and the object is persistent, this method must be called from within a transaction that includes an update to the object in the datastore. If the object is not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the object, unless other changes to the object warrant the update.

      This method is for use by loaders using CSV file input, that need to set the security labels attribute on an object.

      Supported API: true

      Parameters:
      object - object for which the security labels are to be set
      security_labels - slash (/) separated list of security label name and value pairs, where the names and values are separated by an equals sign without extraneous white space multiple SLValues will be sparated by comma
      update_object - persist security label updates to the object
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if an object is not specified, if a string is not specified or empty, or if the specified label names or standard label values are not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabels

      @Deprecated void setSecurityLabels(WTCollection objects, Map<String,String> security_labels, boolean update_objects) throws WTException, WTPropertyVetoException
      Deprecated.
      Use setSecurityLabelWithMultipleValues(WTCollection, Map, boolean) instead.
      Sets the values of the specified security labels for a collection of objects and optionally persists the updates to the objects.For custom labels, the specified value must be the external representation of the value. The same set of labels is applied to each of the objects in the collection.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by each of their current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects - objects for which the security labels are to be set
      security_labels - map of security label names and one or more comma separated values
      update_objects - persist security label updates to objects
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      ClassCastException - if one or more objects in the collection are not SecurityLabeled
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if a collection of objects is not specified or empty, if a map is not specified or empty, or if the specified label names or standard label values are not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabels

      @Deprecated void setSecurityLabels(WTKeyedMap objects_to_security_labels_map, boolean update_objects) throws WTException, WTPropertyVetoException
      Deprecated.
      Use setSecurityLabelWithMultipleValues(WTKeyedMap, boolean) instead.
      Sets the values of the specified security labels for a collection of objects and optionally persists the updates to the objects. The objects are specified as the map's key set, and for each map entry key, a Map<String, String> with the names and one more more comma separated values of the security labels to be set for the corresponding object are the map entry's value. For custom labels, the specified value must be the external representation of the value.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by each of their current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects_to_security_labels_map - map of objects to the security labels to be set for each
      update_objects - persist security label updates to objects
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      ClassCastException - if one or more objects in the collection are not SecurityLabeled
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if a map is not specified or empty, or if the specified label names or standard label values are not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabel

      void setSecurityLabel(SecurityLabeled object, String label_name, Set<String> label_values, boolean update_object) throws WTException, WTPropertyVetoException
      Sets the value of the specified security label for an object and optionally persists the update to the object. If the specified security label is a custom label, the specified value must be the external representation of the value.

      If the object is persistent, the current user's access rights are checked. The user must have modify security labels permission for the object and must be authorized by the current label value for the specified label. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the object is not persistent, access rights are not checked by this method and events are not dispatched.

      If update_object is false and the object is persistent, this method must be called from within a transaction that includes an update to the object in the datastore. If the object is not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the object, unless other changes to the object warrant the update.

      Supported API: true

      Parameters:
      object - object for which the security label is to be set
      label_name - security label name
      Set - Set of security label values.
      update_object - persist security label updates to the object
      Throws:
      WTException - if a transaction is required but not active
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabel

      void setSecurityLabel(WTCollection objects, String label_name, Set<String> label_values, boolean update_objects) throws WTException, WTPropertyVetoException
      Sets the value of the specified security label for a collection of objects and optionally persists the updates to the objects. If the specified security label is a custom label, the specified value must be the external representation of the value. label_value could be one value or a comma separated list of multiple values.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by their current label value for the specified label. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects - objects for which the security label is to be set
      label_name - security label name
      Set - Set of security label values
      update_objects - persist security label updates to the objects
      Throws:
      WTException - if a transaction is required but not active
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabelWithMultipleValues

      void setSecurityLabelWithMultipleValues(SecurityLabeled object, Map<String,Set<String>> security_labels, boolean update_object) throws WTException, WTPropertyVetoException
      Sets the values of the specified security labels for an object and optionally persists the updates to the object. For custom labels, the specifed value must be the external representation of the value.

      If the object is persistent, the current user's access rights are checked. The user must have modify security labels permission for the object and must be authorized by each of the current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the object is not persistent, access rights are not checked by this method and events are not dispatched.

      If update_object is false and the object is persistent, this method must be called from within a transaction that includes an update to the object in the datastore. If the object is not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the object, unless other changes to the object warrant the update.

      Supported API: true

      Parameters:
      object - object for which the security labels are to be set
      security_labels - map of security label names and set of values
      update_object - persist security label updates to the object
      Throws:
      WTException - if a transaction is required but not active
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabelWithMultipleValues

      void setSecurityLabelWithMultipleValues(WTKeyedMap objects_to_security_labels_map, boolean update_objects) throws WTException, WTPropertyVetoException
      Sets the values of the specified security labels for a collection of objects and optionally persists the updates to the objects. The objects are specified as the map's key set, and for each map entry key, a Map<String, Set<String>> with the names and one more more comma separated values of the security labels to be set for the corresponding object are the map entry's value. For custom labels, the specified value must be the external representation of the value.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by each of their current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects_to_security_labels_map - map of objects to the security labels to be set for each
      update_objects - persist security label updates to objects
      Throws:
      NotAuthorizedException - if the current user is not authorized to change the security labels
      ClassCastException - if one or more objects in the collection are not SecurityLabeled
      WTException - if a transaction is required but not active
      WTInvalidParameterException - if a map is not specified or empty, or if the specified label names or standard label values are not defined in the security labels configuration file
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also:

    • setSecurityLabelWithMultipleValues

      void setSecurityLabelWithMultipleValues(WTCollection objects, Map<String,Set<String>> security_labels, boolean update_objects) throws WTException, WTPropertyVetoException
      Sets the values of the specified security labels for a collection of objects and optionally persists the updates to the objects.For custom labels, the specified value must be the external representation of the value. The same set of labels is applied to each of the objects in the collection.

      If the objects are persistent, the current user's access rights are checked. The user must have modify security labels permission for all of the objects and must be authorized by each of their current label values for the specified labels. In addition, this method dispatches a vetoable service event and contributes to a summary event. If the objects are not persistent, access rights are not checked by this method and events are not dispatched.

      If update_objects is false and the objects are persistent, this method must be called from within a transaction that includes an update to the objects in the datastore. If the objects are not persistent, update_object is ignored. A change to the security labels should not result in an update to the modify timestamp of the objects, unless other changes to the objects warrant the update.

      Supported API: true

      Parameters:
      objects - objects for which the security labels are to be set
      security_labels - map of security label names and set of values
      update_objects - persist security label updates to objects
      Throws:
      WTException - if a transaction is required but not active
      WTPropertyVetoException - if the maximum length for the security labels attribute is exceeded
      See Also: