Package com.ibm.di.api.security

Class Identity

  • Direct Known Subclasses:
    LocalIdentity
    public class Identity
extends java.lang.Object
    This class represents an authenticated user's identity. This class has several convenient methods for querying the user's permeations over a specific operation.

    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      protected Identity()
      default constructor, used by descendants
        Identity​(java.lang.String aUserId, java.util.Vector<Role> aRoles)
      Public constructor used by the Registry
        Identity​(java.util.Vector<java.lang.String> userAndGroups, java.util.Vector<Role> roles)
      public constructor used by LDAP authentication with enabled LDAP group support.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean canExecuteAL​(java.lang.String aConfigId, java.lang.String aAssemblyLine)
      Check that the specific AssemblyLine could be started by the user.
      boolean canExecuteAll()
      Returns whether specified user is allowed to execute everything.
      boolean canExecuteConfig​(java.lang.String aConfigId)
      Returns whether specified user is allowed to execute given configuration.
      boolean canExecuteConfigALs​(java.lang.String aConfigId)
      Returns whether specified user is allowed to execute assembly lines from a given configuration.
      boolean canReadAll()
      Returns whether specified user is allowed to read everything.
      boolean canReadConfig​(java.lang.String aConfigId)
      Check that the specific configuration could be read by the user.
      java.lang.String[] getGroupIds()
      Retrieves LDAP groups.
      java.util.Vector<Role> getRoles()
      Retrieves assigned roles.
      java.lang.String getUserId()
      Retrieves user ID.
      boolean isAdmin()
      Verifies admin privileges.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Identity

        protected Identity()
        default constructor, used by descendants

      • Identity

        public Identity​(java.lang.String aUserId,
                java.util.Vector<Role> aRoles)
        Public constructor used by the Registry
        Parameters:
        aUserId - the distinguished name of the user
        aRoles - the list of roles the user have.

      • Identity

        public Identity​(java.util.Vector<java.lang.String> userAndGroups,
                java.util.Vector<Role> roles)
        public constructor used by LDAP authentication with enabled LDAP group support.
        Parameters:
        userAndGroups - Vector object containing the authenticating LDAP user as first element and the groups of the user.
        roles - Vector object containing the roles of the user and users' groups in the User Registry.
        Since:
        7.0

    • Method Detail

      • getUserId

        public java.lang.String getUserId()
        Retrieves user ID.
        Returns:
        the user's distinguished name.

      • getGroupIds

        public java.lang.String[] getGroupIds()
        Retrieves LDAP groups.
        Returns:
        Array of String objects representing the names of the LDAP groups, which the user is member of. Returns null, in case no LDAP Authentication is used or groupSupport is not enabled.
        Since:
        7.0

      • getRoles

        public java.util.Vector<Role> getRoles()
        Retrieves assigned roles.
        Returns:
        Vector object containing the roles assigned to the Identity.
        Since:
        7.0

      • isAdmin

        public boolean isAdmin()
        Verifies admin privileges.
        Returns:
        true if the user have admin privileges.

      • canReadConfig

        public boolean canReadConfig​(java.lang.String aConfigId)
        Check that the specific configuration could be read by the user.
        Parameters:
        aConfigId - the configInstance identifier
        Returns:
        true if the user have been given this privilege.

      • canExecuteAL

        public boolean canExecuteAL​(java.lang.String aConfigId,
                            java.lang.String aAssemblyLine)
        Check that the specific AssemblyLine could be started by the user.
        Parameters:
        aConfigId - the configInstance that has this AL
        aAssemblyLine - the name of the AL to check for
        Returns:
        true if the user have been given this privilege.

      • canExecuteConfigALs

        public boolean canExecuteConfigALs​(java.lang.String aConfigId)
        Returns whether specified user is allowed to execute assembly lines from a given configuration.
        Parameters:
        aConfigId - the configInstance identifier
        Returns:
        true if the user have been given this privilege.

      • canExecuteConfig

        public boolean canExecuteConfig​(java.lang.String aConfigId)
        Returns whether specified user is allowed to execute given configuration.
        Parameters:
        aConfigId - the configInstance identifier
        Returns:
        true if the user have been given this privilege.

      • canExecuteAll

        public boolean canExecuteAll()
        Returns whether specified user is allowed to execute everything.
        Returns:
        true if the user have been given this privilege.

      • canReadAll

        public boolean canReadAll()
        Returns whether specified user is allowed to read everything.
        Returns:
        true if the user have been given this privilege.