flux.security
Interface SecurityAdministrator


public interface SecurityAdministrator

Administers user and role security for the Flux engine. Through this interface, permissions are defined and assigned to roles and users. Certain permissions are required to execute certain tasks in a Flux engine.

This interface also manages user information such as username, password, email addresses, and other contact information.

A default administrator account called "admin" is always guaranteed to exist. This default administrator account has a default password of "admin" and has administrator privileges. This default account cannot be deleted or renamed.

Two default roles called "Administrator" and "Flow Chart Master" are always guaranteed to exist. The default administrator account is always in the default Administrator role, which is allowed to perform any action. The default Flow Chart Master role allows a user to perform any operation on any flow chart but is prevented from performing typical administrative functions, such as managing users.

This interface is active only if the Flux engine is a secure engine. Furthermore, some methods on this interface require administrator privileges. They are marked accordingly.

Author:
Copyright 2014 Flux Corporation. All rights reserved.

Method Summary
 Role getRole(java.lang.String rolename)
          Returns the specified role.
 java.util.SortedSet<Role> getRoles()
          Returns all roles sorted by role name.
 User getUser(java.lang.String username)
          Returns the specified user.
 UserIterator getUsers()
          Returns all users sorted by username.
 UserIterator getUsers(java.lang.String userPattern)
          Returns all users that match the specified pattern, sorted by username.
 void putRole(Role role)
          Adds or updates a role.
 void putUser(User user)
          Adds or updates a user in the cluster.
 boolean removeRole(java.lang.String rolename)
          Deletes the specified role.
 boolean removeUser(java.lang.String username)
          Deletes the specified user from the Flux engine.
 boolean renameRole(java.lang.String oldRolename, java.lang.String newRolename)
          Renames an existing role.
 long sizeUsers()
          Returns the number of users in the Flux engine.
 

Method Detail

getRole

Role getRole(java.lang.String rolename)
             throws EngineException
Returns the specified role. The caller must have administrator privileges, unless the caller is retrieving the role to which it is assigned.

Parameters:
rolename - The name of the role to retrieve.
Returns:
The specified role. Returns null if the role does not exist.
Throws:
EngineException - If rolename is null or empty, the caller does not have administrator privileges, or a system error occurs.
EngineCommunicationException - If a networking error occurs.

getRoles

java.util.SortedSet<Role> getRoles()
                                   throws EngineException
Returns all roles sorted by role name. A role name is case-insensitive. The caller must have administrator privileges.

Returns:
SortedSet of Role. All roles sorted by role name.
Throws:
EngineException - If the caller does not have administrator privileges or if a system error occurs.
EngineCommunicationException - If a networking error occurs.

getUser

User getUser(java.lang.String username)
             throws EngineException
Returns the specified user. The caller must have administrator privileges.

Parameters:
username - The user to retrieve.
Returns:
The specified user. Returns null if the user does not exist.
Throws:
EngineException - If username is null or empty, the caller does not have administrator privileges, or a system error occurs.
EngineCommunicationException - If a networking error occurs.

getUsers

UserIterator getUsers()
                      throws EngineException
Returns all users sorted by username. A username is case-insensitive. The caller must have administrator privileges.

Returns:
All users sorted by username.
Throws:
EngineException - If the caller does not have administrator privileges or if a system error occurs.
EngineCommunicationException - If a networking error occurs.

getUsers

UserIterator getUsers(java.lang.String userPattern)
                      throws EngineException
Returns all users that match the specified pattern, sorted by username. A username is case-insensitive. The caller must have administrator privileges.

The wildcard characters "*" and "?" may be used. The "*" symbol matches zero or more characters of any kind, and the "?" symbol matches exactly one character of any kind. To use "*" or "?" literally, escape using the "\" escape character. To use the escape character literally, use the escape character twice ("\\").

Parameters:
userPattern - A description of users to find using wildcard characters.
Returns:
All users sorted by username. If no users are found, an empty (but not null) UserIterator is returned.
Throws:
EngineException - If userPattern is null or empty, the caller does not have administrator privileges, or if a system error occurs.
EngineCommunicationException - If a networking error occurs.

putRole

void putRole(Role role)
             throws EngineException
Adds or updates a role. The caller must have administrator privileges.

Parameters:
role - The role to be added or updated.
Throws:
EngineException - If role is null, the caller does not have administrator privileges, or a system error occurs.
EngineCommunicationException - If a networking error occurs.

putUser

void putUser(User user)
             throws EngineException
Adds or updates a user in the cluster. The caller must have administrator privileges, unless the caller is modifying its own user object, in which case any user property may be updated except the username.

Parameters:
user - The user to be added or updated.
Throws:
EngineException - If user is null, the caller does not have administrator privileges, or a system error occurs.
EngineCommunicationException - If a networking error occurs.

removeRole

boolean removeRole(java.lang.String rolename)
                   throws EngineException
Deletes the specified role. Any user that belongs to the role being deleted is moved to the Flow Chart Master role, which always exists and cannot be deleted. The caller must have administrator privileges.

Parameters:
rolename - The name of the role to delete.
Returns:
Whether the specified role was deleted.
Throws:
EngineException - If rolename is null or empty, the caller does not have administrator privileges, or a system error occurs.
EngineCommunicationException - If a networking error occurs.

removeUser

boolean removeUser(java.lang.String username)
                   throws EngineException
Deletes the specified user from the Flux engine. If the user is referenced in a run-as-user flow chart property, or a run-as-user runtime configuration property, the user cannot be deleted. The caller must have administrator privileges.

Parameters:
username - The name of the user to delete.
Returns:
Whether the specified user was deleted.
Throws:
EngineException - If the user is referenced in a run-as-user flow chart property, or a run-as-user runtime configuration property; username is null or empty; username is "admin"; the caller does not have administrator privileges; or a system error occurs.
EngineCommunicationException - If a networking error occurs.

renameRole

boolean renameRole(java.lang.String oldRolename,
                   java.lang.String newRolename)
                   throws EngineException
Renames an existing role. The caller must have administrator privileges.

Parameters:
oldRolename - The existing role name.
newRolename - The new role name.
Returns:
True if the role existed under the old role name, the role did not exist under the new role name, and the role was successfully renamed. Otherwise, returns false.
Throws:
EngineException - If either role name is null or empty or a system error occurs.
EngineCommunicationException - If a networking error occurs.

sizeUsers

long sizeUsers()
               throws EngineException
Returns the number of users in the Flux engine. The caller must have administrator privileges.

Returns:
The number of users in the Flux engine.
Throws:
EngineException - If the caller does not have administrator privileges or if a system error occurs.
EngineCommunicationException - If a networking error occurs.


© 2014 Flux Corporation. All rights reserved.