Package org.openiam.srvc.am
Class AuthorizationManagerWebServiceImpl
- java.lang.Object
-
- org.openiam.srvc.AbstractApiService
-
- org.openiam.srvc.am.AuthorizationManagerWebServiceImpl
-
- All Implemented Interfaces:
AuthorizationManagerWebService
@Service("authorizationManagerWebService") public class AuthorizationManagerWebServiceImpl extends AbstractApiService implements AuthorizationManagerWebService
-
-
Field Summary
-
Fields inherited from class org.openiam.srvc.AbstractApiService
applicationContext, log, rabbitMQSender
-
-
Constructor Summary
Constructors Constructor Description AuthorizationManagerWebServiceImpl(AMManagerQueue queue)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ResponsefixDataInconsistencies()This method should be called only from tests.protected booleangetBooleanResponse(AMManagerAPI apiName, GetEntitlementRequest request)Map<String,Boolean>getEntitlementMap(String userId, Set<String> resourceIds)based on the userId and resourceId, returns a map with the key being the resourceId, and the value being true/false.Set<GroupAuthorizationRight>getGroupsForUser(String userId)Set<OrganizationAuthorizationRight>getOrganizationsForUser(String userId)Set<ResourceAuthorizationRight>getResourcesForUser(String userId)Set<RoleAuthorizationRight>getRolesForUser(String userId)voidinvalidateUserEntitlementsFromCache(String userId)Invalidate user from local entitlements cachebooleanisMemberOfGroup(String userId, String groupId)booleanisMemberOfGroupWithRight(String userId, String groupId, String rightId)booleanisMemberOfOrganization(String userId, String organizationId)booleanisMemberOfOrganizationWithRight(String userId, String organizationId, String rightId)booleanisMemberOfRole(String userId, String roleId)booleanisMemberOfRoleWithRight(String userId, String roleId, String rightId)booleanisUserEntitledToResource(String userId, String resourceId)booleanisUserEntitledToResourceWithRight(String userId, String resourceId, String rightId)ResponserefreshCache()This method should be called only from tests.ResponserefreshEdgeIdCache()Refreshes the Edge ID Cache on all nodes Should only be called from tests.ResponseremoveExpiredEdges()This method should be called only from tests.-
Methods inherited from class org.openiam.srvc.AbstractApiService
broadcast, crudRequest, getBooleanValue, getIntValue, getIntValue, getRabbitMqQueue, getResponse, getResponse, getValue, getValue, getValueList, getValueList, idRequest, manageApiRequest, manageApiRequest, manageCrudApiRequest, manageCrudApiRequest, manageCrudApiRequest, manageCrudApiRequest, membershipRequestProcessing, membershipRequestProcessing, publish, publish, sendAsync, sendAsync
-
-
-
-
Constructor Detail
-
AuthorizationManagerWebServiceImpl
@Autowired public AuthorizationManagerWebServiceImpl(AMManagerQueue queue)
-
-
Method Detail
-
getBooleanResponse
protected boolean getBooleanResponse(AMManagerAPI apiName, GetEntitlementRequest request)
-
isUserEntitledToResource
public boolean isUserEntitledToResource(String userId, String resourceId)
- Specified by:
isUserEntitledToResourcein interfaceAuthorizationManagerWebService- Returns:
- is the user entitled to this resource?
-
isMemberOfGroup
public boolean isMemberOfGroup(String userId, String groupId)
- Specified by:
isMemberOfGroupin interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this group?
-
isMemberOfRole
public boolean isMemberOfRole(String userId, String roleId)
- Specified by:
isMemberOfRolein interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this role?
-
getResourcesForUser
public Set<ResourceAuthorizationRight> getResourcesForUser(String userId)
- Specified by:
getResourcesForUserin interfaceAuthorizationManagerWebService- Returns:
- all resources for the requested user. No distinction is made between direct or hierarchial membership
-
getGroupsForUser
public Set<GroupAuthorizationRight> getGroupsForUser(String userId)
- Specified by:
getGroupsForUserin interfaceAuthorizationManagerWebService- Returns:
- all groups for the requested user. No distinction is made between direct or hierarchial membership
-
getRolesForUser
public Set<RoleAuthorizationRight> getRolesForUser(String userId)
- Specified by:
getRolesForUserin interfaceAuthorizationManagerWebService- Returns:
- all roles for the requested user. No distinction is made between direct or hierarchial membership
-
fixDataInconsistencies
public Response fixDataInconsistencies()
Description copied from interface:AuthorizationManagerWebServiceThis method should be called only from tests. It will fix any data inconsistencies.- Specified by:
fixDataInconsistenciesin interfaceAuthorizationManagerWebService
-
removeExpiredEdges
public Response removeExpiredEdges()
Description copied from interface:AuthorizationManagerWebServiceThis method should be called only from tests. It will remove any expired edges- Specified by:
removeExpiredEdgesin interfaceAuthorizationManagerWebService
-
refreshCache
public Response refreshCache()
Description copied from interface:AuthorizationManagerWebServiceThis method should be called only from tests. It will rebuild the entire Entitlement Graph from scratch It refreshes the cache synchronously only on the current node- Specified by:
refreshCachein interfaceAuthorizationManagerWebService
-
refreshEdgeIdCache
public Response refreshEdgeIdCache()
Description copied from interface:AuthorizationManagerWebServiceRefreshes the Edge ID Cache on all nodes Should only be called from tests.- Specified by:
refreshEdgeIdCachein interfaceAuthorizationManagerWebService- Returns:
-
isMemberOfOrganization
public boolean isMemberOfOrganization(String userId, String organizationId)
- Specified by:
isMemberOfOrganizationin interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this organization?
-
isUserEntitledToResourceWithRight
public boolean isUserEntitledToResourceWithRight(String userId, String resourceId, String rightId)
- Specified by:
isUserEntitledToResourceWithRightin interfaceAuthorizationManagerWebService- Returns:
- is the user entitled to this resource with the given right?
-
isMemberOfGroupWithRight
public boolean isMemberOfGroupWithRight(String userId, String groupId, String rightId)
- Specified by:
isMemberOfGroupWithRightin interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this group with the given right?
-
isMemberOfRoleWithRight
public boolean isMemberOfRoleWithRight(String userId, String roleId, String rightId)
- Specified by:
isMemberOfRoleWithRightin interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this role with the given right?
-
isMemberOfOrganizationWithRight
public boolean isMemberOfOrganizationWithRight(String userId, String organizationId, String rightId)
- Specified by:
isMemberOfOrganizationWithRightin interfaceAuthorizationManagerWebService- Returns:
- is the user a member of this organization with the given right?
-
getOrganizationsForUser
public Set<OrganizationAuthorizationRight> getOrganizationsForUser(String userId)
- Specified by:
getOrganizationsForUserin interfaceAuthorizationManagerWebService- Returns:
- all organizations for the requested user. No distinction is made between direct or hierarchial membership
-
getEntitlementMap
public Map<String,Boolean> getEntitlementMap(String userId, Set<String> resourceIds)
Description copied from interface:AuthorizationManagerWebServicebased on the userId and resourceId, returns a map with the key being the resourceId, and the value being true/false. True designates that the user is entitled to that resource, false designates that the user is not entitled to that resource- Specified by:
getEntitlementMapin interfaceAuthorizationManagerWebService- Returns:
-
invalidateUserEntitlementsFromCache
public void invalidateUserEntitlementsFromCache(String userId)
Description copied from interface:AuthorizationManagerWebServiceInvalidate user from local entitlements cache- Specified by:
invalidateUserEntitlementsFromCachein interfaceAuthorizationManagerWebService
-
-