public interface AuthorizationAdminSession extends OsidSession
This session creates, updates, and deletes Authorizations.
The data for create and update is provided by the consumer via the
form object. OsidForms
are requested for each create or
update and may not be reused.
Create and update operations differ in their usage. To create an
Authorization,
an AuthorizationForm
is
requested using getAuthorizationFormForCreate()
specifying
the desired relationship peers and record Types
or none if
no record Types
are needed. The returned
AuthorizationForm
will indicate that it is to be used with a
create operation and can be used to examine metdata or validate data prior
to creation. Once the AuthorizationForm
is submiited to a
create operation, it cannot be reused with another create operation unless
the first operation was unsuccessful. Each AuthorizationForm
corresponds to an attempted transaction.
For updates, AuthorizationForms
are requested to the
Authorization
Id
that is to be updated using
getAuthorizationFormForUpdate().
Similarly, the
AuthorizationForm
has metadata about the data that can be updated
and it can perform validation before submitting the update. The
AuthorizationForm
can only be used once for a successful update
and cannot be reused.
The delete operations delete Authorizations.
To unmap
an Authorization
from the current Vault,
the
AuthorizationVaultAssignmentSession
should be used. These
delete operations attempt to remove the Authorization
itself thus removing it from all known Vault
catalogs.
This session includes an Id
aliasing mechanism to
assign an external Id
to an internally assigned Id.
Modifier and Type | Method and Description |
---|---|
void |
aliasAuthorization(Id authorizationId,
Id aliasId)
Adds an
Id to an Authorization for the
purpose of creating compatibility. |
boolean |
canCreateAuthorizations()
Tests if this user can create
Authorizations. |
boolean |
canCreateAuthorizationWithRecordTypes(Type[] authorizationRecordTypes)
Tests if this user can create a single
Authorization
using the desired record types. |
boolean |
canDeleteAuthorizations()
Tests if this user can delete
Authorizations. |
boolean |
canManageAuthorizationAliases()
Tests if this user can manage
Id aliases for
Authorizations. |
boolean |
canUpdateAuthorizations()
Tests if this user can update
Authorizations. |
Authorization |
createAuthorization(AuthorizationForm authorizationForm)
Creates a new explicit
Authorization. |
void |
deleteAuthorization(Id authorizationId)
Deletes the
Authorization identified by the given
Id. |
AuthorizationForm |
getAuthorizationFormForCreateForAgent(Id agentId,
Id functionId,
Id qualifierId,
Type[] authorizationRecordTypes)
Gets the authorization form for creating new authorizations.
|
AuthorizationForm |
getAuthorizationFormForCreateForResource(Id resourceId,
Id functionId,
Id qualifierId,
Type[] authorizationRecordTypes)
Gets the authorization form for creating new authorizations.
|
AuthorizationForm |
getAuthorizationFormForCreateForResourceAndTrust(Id resourceId,
Id trustId,
Id functionId,
Id qualifierId,
Type[] authorizationRecordTypes)
Gets the authorization form for creating new authorizations.
|
AuthorizationForm |
getAuthorizationFormForUpdate(Id authorizationId)
Gets the authorization form for updating an existing authorization.
|
Vault |
getVault()
Gets the
Vault associated with this session. |
Id |
getVaultId()
Gets the
Vault Id associated with this
session. |
void |
updateAuthorization(AuthorizationForm authorizationForm)
Updates an existing authorization
|
getAuthenticatedAgent, getAuthenticatedAgentId, getClockRate, getDate, getEffectiveAgent, getEffectiveAgentId, getFormatType, getLocale, isAuthenticated, startTransaction, supportsTransactions
close
Id getVaultId()
Vault
Id
associated with this
session. Vault Id
associated with this sessionmandatory
- This method must be implemented. Vault getVault() throws OperationFailedException, PermissionDeniedException
Vault
associated with this session. Vault
associated with this sessionOperationFailedException
- unable to complete requestPermissionDeniedException
- authorization failuremandatory
- This method must be implemented. boolean canCreateAuthorizations()
Authorizations.
A return
of true does not guarantee successful authorization. A return of false
indicates that it is known all methods in this session will result in
a PERMISSION_DENIED.
This is intended as a hint to an
application that may opt not to offer create operations to
unauthorized users. false
if Authorization
creation
is not authorized, true
otherwisemandatory
- This method must be implemented. boolean canCreateAuthorizationWithRecordTypes(Type[] authorizationRecordTypes)
Authorization
using the desired record types. While
AuthorizationManager.getAuthorizationRecordTypes()
can be used
to examine which records are supported, this method tests which
record(s) are required for creating a specific Authorization.
Providing an empty array tests if an Authorization
can be created with no records.authorizationRecordTypes
- array of authorization record types true
if Authorization
creation
using the specified Types
is supported,
false
otherwiseNullArgumentException
- authorizationRecordTypes
is null
mandatory
- This method must be implemented. AuthorizationForm getAuthorizationFormForCreateForAgent(Id agentId, Id functionId, Id qualifierId, Type[] authorizationRecordTypes) throws NotFoundException, OperationFailedException, PermissionDeniedException
agentId
- the agent Id
functionId
- the function Id
qualifierId
- the qualifier Id
authorizationRecordTypes
- array of authorization record typesNotFoundException
- agentId, functionId
or qualifierId
is not foundNullArgumentException
- agentId, functionId,
qualifierId
or authorizationRecordTypes
is null
OperationFailedException
- unable to complete
request
PermissionDeniedException
- authorization failureUnsupportedException
- unable to get form with
requested record typesmandatory
- This method must be implemented. AuthorizationForm getAuthorizationFormForCreateForResource(Id resourceId, Id functionId, Id qualifierId, Type[] authorizationRecordTypes) throws NotFoundException, OperationFailedException, PermissionDeniedException
resourceId
- the resource Id
functionId
- the function Id
qualifierId
- the qualifier Id
authorizationRecordTypes
- array of authorization record typesNotFoundException
- resourceId, functionId
or qualifierId
is not foundNullArgumentException
- resourceId, functionId,
qualifierId,
or authorizationRecordTypes
is null
OperationFailedException
- unable to complete
request
PermissionDeniedException
- authorization failureUnsupportedException
- unable to get form with
requested record typesmandatory
- This method must be implemented. AuthorizationForm getAuthorizationFormForCreateForResourceAndTrust(Id resourceId, Id trustId, Id functionId, Id qualifierId, Type[] authorizationRecordTypes) throws NotFoundException, OperationFailedException, PermissionDeniedException
resourceId
- a resource Id
trustId
- an Id
for a circle of trustfunctionId
- a function Id
qualifierId
- the qualifier Id
authorizationRecordTypes
- array of authorization record typesNotFoundException
- resourceId, trustId,
functionId
, or qualifierid
is not
foundNullArgumentException
- resourceId, trustId
, resourceId, qualifierId
or
authorizationRecordTypes
is null
OperationFailedException
- unable to complete
request
PermissionDeniedException
- authorization failureUnsupportedException
- unable to get form with
requested record typesmandatory
- This method must be implemented. Authorization createAuthorization(AuthorizationForm authorizationForm) throws OperationFailedException, PermissionDeniedException
Authorization.
authorizationForm
- the authorization form t
he new Authorization
IllegalStateException
- authorizationForm
already used in a create transactionInvalidArgumentException
- one or more of the form
elements is invalidNullArgumentException
- authorizationForm
is null
OperationFailedException
- unable to complete
request
PermissionDeniedException
- authorization failureUnsupportedException
- authorizationForm
did not originate from this servicemandatory
- This method must be implemented. boolean canUpdateAuthorizations()
Authorizations.
A return
of true does not guarantee successful authorization. A return of false
indicates that it is known updating an Authorization
will result in a PERMISSION_DENIED.
This is intended as
a hint to an application that may opt not to offer update operations
to an unauthorized user. false
if authorization modification is not
authorized, true
otherwisemandatory
- This method must be implemented. AuthorizationForm getAuthorizationFormForUpdate(Id authorizationId) throws NotFoundException, OperationFailedException, PermissionDeniedException
authorizationId
- the Id
of the
Authorization
NotFoundException
- authorizationId
is
not foundNullArgumentException
- authorizationId
is null
OperationFailedException
- unable to complete requestPermissionDeniedException
- authorization failuremandatory
- This method must be implemented. void updateAuthorization(AuthorizationForm authorizationForm) throws OperationFailedException, PermissionDeniedException
authorizationForm
- the authorization Id
IllegalStateException
- authorizationForm
already used in an update transactionInvalidArgumentException
- one or more of the form
elements is invalidNullArgumentException
- authorizationForm
is null
OperationFailedException
- unable to complete
request
PermissionDeniedException
- authorization failureUnsupportedException
- authorizationForm
did not originate from getAuthorizationFormForUpdate()
mandatory
- This method must be implemented. boolean canDeleteAuthorizations()
Authorizations.
A return
of true does not guarantee successful authorization. A return of false
indicates that it is known deleting an Authorization
will result in a PERMISSION_DENIED.
This is intended as
a hint to an application that may opt not to offer delete operations
to an unauthorized user. false
if Authorization
deletion
is not authorized, true
otherwisemandatory
- This method must be implemented. void deleteAuthorization(Id authorizationId) throws NotFoundException, OperationFailedException, PermissionDeniedException
Authorization
identified by the given
Id.
authorizationId
- the Id
of the
Authorization
to deleteNotFoundException
- an Authorization
was
not found identified by the given Id
NullArgumentException
- authorizationId
is null
OperationFailedException
- unable to complete requestPermissionDeniedException
- authorization failuremandatory
- This method must be implemented. boolean canManageAuthorizationAliases()
Id
aliases for
Authorizations.
A return of true does not guarantee successful
authorization. A return of false indicates that it is known changing
an alias will result in a PERMISSION_DENIED.
This is
intended as a hint to an application that may opt not to offer alias
operations to an unauthorized user. false
if Authorization
aliasing
is not authorized, true
otherwisemandatory
- This method must be implemented. void aliasAuthorization(Id authorizationId, Id aliasId) throws AlreadyExistsException, NotFoundException, OperationFailedException, PermissionDeniedException
Id
to an Authorization
for the
purpose of creating compatibility. The primary Id
of
the Authorization
is determined by the provider. The
new Id
performs as an alias to the primary Id.
If the alias is a pointer to another authorization. it is
reassigned to the given authorization Id.
authorizationId
- the Id
of an
Authorization
aliasId
- the alias Id
AlreadyExistsException
- aliasId
is
already assignedNotFoundException
- authorizationId
not
foundNullArgumentException
- authorizationId
or aliasId
is null
OperationFailedException
- unable to complete requestPermissionDeniedException
- authorization failuremandatory
- This method must be implemented.