net.cfoster.sedna
Interface Privileges
public interface Privileges
When creating a new user account in the Sedna XML Database, the new user by default is
given no privileges, this means they can neither read, write or query anything.
This class will allow a DBA (Database Administrator) or a user with appropriate
privileges to alter the privileges of a specific User or Role at an API level.
A Role is a named group of privileges, different users can be assigned the same role,
modifying role privleges allows you to manage a set of users privileges at once.
- Since:
- Sedna XML:DB 1.2
Method Summary |
void |
grantPrivilege(int privilegeType)
Grants a user or role a general database privilege. |
void |
grantPrivilege(int privilegeType,
java.lang.String argumentId)
Grants a user or role a specific database privilege, against a database object. |
void |
grantRole(java.lang.String roleId)
Grant a role to this user or role. |
boolean |
hasPrivilege(int privilegeType)
Whether or not this user or role can perform the activity defined by the privilegeType argument. |
boolean |
hasPrivilege(int privilegeType,
java.lang.String argumentId)
Whether or not this user or role can perform a specific database privilege, against a database object. |
java.lang.String[] |
listRoles()
Lists all role names which this user or role is a member of. |
void |
revokePrivilege(int privilegeType)
Revokes a general privilege for a user or a role. |
void |
revokePrivilege(int privilegeType,
java.lang.String argumentId)
Revokes a specific database privilege for a user or role. |
void |
revokeRole(java.lang.String roleId)
Revoke a role from this user or role. |
CREATE_COLLECTION
static final int CREATE_COLLECTION
- See Also:
- Constant Field Values
CREATE_DOCUMENT_IN_COLLECTION
static final int CREATE_DOCUMENT_IN_COLLECTION
- See Also:
- Constant Field Values
CREATE_INDEX_ON_COLLECTION
static final int CREATE_INDEX_ON_COLLECTION
- See Also:
- Constant Field Values
CREATE_INDEX_ON_DOCUMENT
static final int CREATE_INDEX_ON_DOCUMENT
- See Also:
- Constant Field Values
CREATE_STANDALONE_DOCUMENT
static final int CREATE_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
CREATE_TRIGGER
static final int CREATE_TRIGGER
- See Also:
- Constant Field Values
CREATE_USER
static final int CREATE_USER
- See Also:
- Constant Field Values
DELETE_IN_COLLECTION
static final int DELETE_IN_COLLECTION
- See Also:
- Constant Field Values
DELETE_IN_STANDALONE_DOCUMENT
static final int DELETE_IN_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
DROP_COLLECTION
static final int DROP_COLLECTION
- See Also:
- Constant Field Values
DROP_INDEX
static final int DROP_INDEX
- See Also:
- Constant Field Values
DROP_MODULE
static final int DROP_MODULE
- See Also:
- Constant Field Values
DROP_TRIGGER
static final int DROP_TRIGGER
- See Also:
- Constant Field Values
INSERT_IN_COLLECTION
static final int INSERT_IN_COLLECTION
- See Also:
- Constant Field Values
INSERT_IN_STANDALONE_DOCUMENT
static final int INSERT_IN_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
LOAD_DOCUMENT_INTO_COLLECTION
static final int LOAD_DOCUMENT_INTO_COLLECTION
- See Also:
- Constant Field Values
LOAD_MODULE
static final int LOAD_MODULE
- See Also:
- Constant Field Values
LOAD_STANDALONE_DOCUMENT
static final int LOAD_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
QUERY_COLLECTION
static final int QUERY_COLLECTION
- See Also:
- Constant Field Values
QUERY_STANDALONE_DOCUMENT
static final int QUERY_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
RENAME_IN_COLLECTION
static final int RENAME_IN_COLLECTION
- See Also:
- Constant Field Values
RENAME_IN_STANDALONE_DOCUMENT
static final int RENAME_IN_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
REPLACE_IN_COLLECTION
static final int REPLACE_IN_COLLECTION
- See Also:
- Constant Field Values
REPLACE_IN_STANDALONE_DOCUMENT
static final int REPLACE_IN_STANDALONE_DOCUMENT
- See Also:
- Constant Field Values
RETRIEVE_METADATA
static final int RETRIEVE_METADATA
- See Also:
- Constant Field Values
grantPrivilege
void grantPrivilege(int privilegeType)
throws XMLDBException
- Grants a user or role a general database privilege.
For example, the ability to create users, collections, documents, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_USER
- Grant this user or role the ability to create a user account.
- CREATE_STANDALONE_DOCUMENT
- Grant this user or role the ability to create a standalone document in the root database/collection.
- CREATE_COLLECTION
- Grant this user or role the ability to create a new collection.
- CREATE_TRIGGER
- Grant this user or role the ability to create a XQuery Trigger.
- LOAD_MODULE
- Grant this user or role the ability to load a XQuery Module.
- RETRIEVE_METADATA
- Grant this user or role the ability to retrieve database metadata, important for Sedna XML:DB API users.
- LOAD_STANDALONE_DOCUMENT
- Grant this user or role the ability to load a standalone document into the root database/collection.
- Parameters:
privilegeType
- must be value taken from one of the constants of the Privileges class.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
grantPrivilege
void grantPrivilege(int privilegeType,
java.lang.String argumentId)
throws XMLDBException
- Grants a user or role a specific database privilege, against a database object.
For example the ability to query/read/update/delete a particular document, collection, module, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_DOCUMENT_IN_COLLECTION
- Grant this user or role the ability to create a document within collection with the full name of argumentId.
- CREATE_INDEX_ON_DOCUMENT
- Grant this user or role the ability to create an index on the standalone document on the root database/collection with the name of argumentId.
- CREATE_INDEX_ON_COLLECTION
- Grant this user or role the ability to create an index on the collection with the full name of argumentId.
- LOAD_DOCUMENT_INTO_COLLECTION
- Grant this user or role the ability to load a document into a collection with the fullname of argumentId.
- DROP_COLLECTION
- Grant this user or role the ability to drop/delete a collection with the full name of argumentId.
- DROP_INDEX
- Grant this user or role the ability to drop/delete a index with the name of argumentId.
- DROP_MODULE
- Grant this user or role the ability to drop/delete a XQuery module with the namespace URI or argumentId.
- DROP_TRIGGER
- Grant this user or role the ability to drop/delete a XQuery trigger with the name of argumentId.
- QUERY_STANDALONE_DOCUMENT
- Grant this user or role the ability to query a standalone document with the name of argumentId.
- QUERY_COLLECTION
- Grant this user or role the ability to query either a collection with the full name of argumentId.
- INSERT_IN_STANDALONE_DOCUMENT
- Grant this user or role the ability to use the INSERT command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- DELETE_IN_STANDALONE_DOCUMENT
- Grant this user or role the ability to use the DELETE command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- RENAME_IN_STANDALONE_DOCUMENT
- Grant this user or role the ability to use the RENAME command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- REPLACE_IN_STANDALONE_DOCUMENT
- Grant this user or role the ability to use the REPLACE command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- INSERT_IN_COLLECTION
- Grant this user or role the ability to use the INSERT command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- DELETE_IN_COLLECTION
- Grant this user or role the ability to use the DELETE command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- RENAME_IN_COLLECTION
- Grant this user or role the ability to use the RENAME command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- REPLACE_IN_COLLECTION
- Grant this user or role the ability to use the REPLACE command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- Parameters:
privilegeType
- must be a value taken from one of the constants of the Privileges class.argumentId
- is the object to which you are setting the privilege against.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
revokePrivilege
void revokePrivilege(int privilegeType)
throws XMLDBException
- Revokes a general privilege for a user or a role.
For example, the ability to create users, collections, documents, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_USER
- Revoke the ability to create a user account for this user or role.
- CREATE_STANDALONE_DOCUMENT
- Revoke the ability to create a standalone document in the root database/collection for this user or role.
- CREATE_COLLECTION
- Revoke the ability to create a new collection for this user or role.
- CREATE_TRIGGER
- GRevoke the ability to create a new XQuery Trigger for this user or role.
- LOAD_MODULE
- Revoke the ability to load a XQuery Module for this user or role.
- RETRIEVE_METADATA
- Revoke the ability to retrieve database metadata for this user or role, important for Sedna XML:DB API users.
- LOAD_STANDALONE_DOCUMENT
- Revoke the ability to load a standalone document into the root database/collection for this user or role.
- Parameters:
privilegeType
- must be value taken from one of the constants of the Privileges class.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
revokePrivilege
void revokePrivilege(int privilegeType,
java.lang.String argumentId)
throws XMLDBException
- Revokes a specific database privilege for a user or role.
For example the ability to query/read/update/delete a particular document, collection, module, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_DOCUMENT_IN_COLLECTION
- Revoke the ability to create a document within collection with the full name of argumentId for this user or role.
- CREATE_INDEX_ON_DOCUMENT
- Revoke the ability to create an index on the standalone document on the root database/collection with the name of argumentId for this user or role.
- CREATE_INDEX_ON_COLLECTION
- Revoke the ability to create an index on the collection with the full name of argumentId for this user or role.
- LOAD_DOCUMENT_INTO_COLLECTION
- Revoke the ability to load a document into a collection with the fullname of argumentId for this user or role.
- DROP_COLLECTION
- Revoke the ability to drop/delete a collection with the full name of argumentId for this user or role.
- DROP_INDEX
- Revoke the ability to drop/delete a index with the name of argumentId for this user or role.
- DROP_MODULE
- Revoke the ability to drop/delete a XQuery module with the namespace URI or argumentId for this user or role.
- DROP_TRIGGER
- Revoke the ability to drop/delete a XQuery trigger with the name of argumentId for this user or role.
- QUERY_STANDALONE_DOCUMENT
- Revoke the ability to query a standalone document with the name of argumentId for this user or role.
- QUERY_COLLECTION
- Revoke the ability to query either a collection with the full name of argumentId for this user or role.
- INSERT_IN_STANDALONE_DOCUMENT
- Revoke the ability to use the INSERT command in a Sedna UPDATE statement against a standalone document with the name of argumentId for this user or role.
- DELETE_IN_STANDALONE_DOCUMENT
- Revoke the ability to use the DELETE command in a Sedna UPDATE statement against a standalone document with the name of argumentId for this user or role.
- RENAME_IN_STANDALONE_DOCUMENT
- Revoke the ability to use the RENAME command in a Sedna UPDATE statement against a standalone document with the name of argumentId for this user or role.
- REPLACE_IN_STANDALONE_DOCUMENT
- Revoke the ability to use the REPLACE command in a Sedna UPDATE statement against a standalone document with the name of argumentId for this user or role.
- INSERT_IN_COLLECTION
- Revoke the ability to use the INSERT command in a Sedna UPDATE statement against a collection with the full name of argumentId for this user or role.
- DELETE_IN_COLLECTION
- Revoke the ability to use the DELETE command in a Sedna UPDATE statement against a collection with the full name of argumentId for this user or role.
- RENAME_IN_COLLECTION
- Revoke the ability to use the RENAME command in a Sedna UPDATE statement against a collection with the full name of argumentId for this user or role.
- REPLACE_IN_COLLECTION
- Revoke the ability to use the REPLACE command in a Sedna UPDATE statement against a collection with the full name of argumentId for this user or role.
- Parameters:
privilegeType
- must be a value taken from one of the constants of the Privileges class.argumentId
- is the object to which you are revoking the privilege against.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
hasPrivilege
boolean hasPrivilege(int privilegeType)
throws XMLDBException
- Whether or not this user or role can perform the activity defined by the privilegeType argument.
For instance, does this user or role have the ability to create new users, load stand alone documents, load modules, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_USER
- Whether or not this user or role has the ability to create a user account.
- CREATE_STANDALONE_DOCUMENT
- Whether or not this user or role has the ability to create a standalone document in the root database/collection.
- CREATE_COLLECTION
- Whether or not this user or role has the ability to create a new collection.
- CREATE_TRIGGER
- Whether or not this user or role has the ability to create a XQuery Trigger.
- LOAD_MODULE
- Whether or not this user or role has the ability to load a XQuery Module.
- RETRIEVE_METADATA
- Whether or not this user or role has the ability to retrieve database metadata, important for Sedna XML:DB API users.
- LOAD_STANDALONE_DOCUMENT
- Whether or not this user or role has the ability to load a standalone document into the root database/collection.
- Parameters:
privilegeType
- must be value taken from one of the constants of the Privileges class.
- Returns:
- a boolean stating whether or not this user or role can perform a task defined by privilegeType
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
hasPrivilege
boolean hasPrivilege(int privilegeType,
java.lang.String argumentId)
throws XMLDBException
- Whether or not this user or role can perform a specific database privilege, against a database object.
For instance, does this user or role have the ability to query/read/update/delete a particular document, collection, module, etc.
Allowed values for the privilegeType argument are as follows:
- CREATE_DOCUMENT_IN_COLLECTION
- Whether this user or role the has ability to create a document within collection with the full name of argumentId.
- CREATE_INDEX_ON_DOCUMENT
- Whether this user or role has the ability to create an index on the standalone document on the root database/collection with the name of argumentId.
- CREATE_INDEX_ON_COLLECTION
- Whether tthis user or role has the ability to create an index on the collection with the full name of argumentId.
- LOAD_DOCUMENT_INTO_COLLECTION
- Whether this user or role has the ability to load a document into a collection with the fullname of argumentId.
- DROP_COLLECTION
- Whether this user or role has the ability to drop/delete a collection with the full name of argumentId.
- DROP_INDEX
- Whether this user or role has the ability to drop/delete a index with the name of argumentId.
- DROP_MODULE
- Whether this user or role has the ability to drop/delete a XQuery module with the namespace URI or argumentId.
- DROP_TRIGGER
- Whether this user or role has the ability to drop/delete a XQuery trigger with the name of argumentId.
- QUERY_STANDALONE_DOCUMENT
- Whether this user or role has the ability to query a standalone document with the name of argumentId.
- QUERY_COLLECTION
- Whether this user or role has the ability to query either a collection with the full name of argumentId.
- INSERT_IN_STANDALONE_DOCUMENT
- Whether this user or role has the ability to use the INSERT command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- DELETE_IN_STANDALONE_DOCUMENT
- Whether this user or role has the ability to use the DELETE command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- RENAME_IN_STANDALONE_DOCUMENT
- Whether this user or role has the ability to use the RENAME command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- REPLACE_IN_STANDALONE_DOCUMENT
- Whether this user or role has the ability to use the REPLACE command in a Sedna UPDATE statement against a standalone document with the name of argumentId.
- INSERT_IN_COLLECTION
- Whether this user or role the ability to use has the INSERT command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- DELETE_IN_COLLECTION
- Whether this user or role the ability to use has the DELETE command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- RENAME_IN_COLLECTION
- Whether this user or role the ability to use has the RENAME command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- REPLACE_IN_COLLECTION
- Whether this user or role the ability to use has the REPLACE command in a Sedna UPDATE statement against a collection with the full name of argumentId.
- Parameters:
privilegeType
- must be a value taken from one of the constants of the Privileges class.argumentId
- is the databae object for which you are enquiring about for this user or role.
- Returns:
- a boolean stating whether or not this user or role can perform a task defined by privilegeType and argumentId
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
grantRole
void grantRole(java.lang.String roleId)
throws XMLDBException
- Grant a role to this user or role.
Roles can be granted to other roles, also users can be members of more than one role.
- Parameters:
roleId
- is the the Role name which will be granted to the user or role in context.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
revokeRole
void revokeRole(java.lang.String roleId)
throws XMLDBException
- Revoke a role from this user or role.
Use this method to revoke a role group from the user or role in context.
- Parameters:
roleId
- is the the Role name which will be revoked from this user or role.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2
listRoles
java.lang.String[] listRoles()
throws XMLDBException
- Lists all role names which this user or role is a member of.
- Returns:
- a String array containing all role names which this user or role is currently a member of.
- Throws:
XMLDBException
- Since:
- Sedna XML:DB 1.2