...
See also the Overview of Access Management Features page for guidelines of when to use rules, roles, permission limits, and enabled / disabled dates.
GSH commands
Sample
Code Block |
---|
import edu.internet2.middleware.grouper.permissions.*;
import edu.internet2.middleware.grouper.permissions.PermissionEntry.PermissionType;
GrouperSession grouperSession = GrouperSession.startRootSession();
Group test = new GroupFinder().addGroupName("test:test").findGroup();
AttributeDefName perm = AttributeDefNameFinder.findByName("test:permName", true);
test.getPermissionRoleDelegate().assignRolePermission(perm);
Subject subject = SubjectFinder.findByIdAndSource("test.subject.0", "jdbc", true);
test.getPermissionRoleDelegate().assignSubjectRolePermission(perm, subject);
for (PermissionEntry permissionEntry : new PermissionFinder().assignPermissionType(PermissionType.role).assignImmediateOnly(true).addRole("test:test").findPermissions()) { System.out.println(permissionEntry.getAttributeDefNameName()); }
|
Create a role
Code Block |
---|
gsh 30% userSharerRole = rolesStem.addChildRole("userSharer", "userSharer"); |
...
Code Block |
---|
gsh 123% for (PermissionEntry permissionEntry : new PermissionFinder().assignPermissionType(edu.internet2.middleware.grouper.permissions.PermissionEntry.PermissionType.role).assignImmediateOnly(true).addRole("a:b").findPermissions()) { System.out.println(permissionEntry.getAttributeDefNameName()); } for (PermissionEntry permissionEntry : new PermissionFinder().assignPermissionType(edu.internet2.middleware.grouper.permissions.PermissionEntry.PermissionType.role).assignImmediateOnly(true).addRole("a:b").findPermissions()) { System.out.println(permissionEntry.getAttributeDefNameName()); } |
...
Code Block |
---|
for (PermissionEntry permissionEntry : new PermissionFinder().assignPermissionType(edu.internet2.middleware.grouper.permissions.PermissionEntry.PermissionType.role).assignImmediateOnly(true).addPermissionName("a:b").findPermissions()) { System.out.println(permissionEntry.getRoleName()); }
|
...