OIM API To Check Has Access for Admin Role 

package com.NeedEvaluate;

import java.util.HashSet;
import java.util.Set;

import com.massiveGaze.connection.Platform;

import oracle.iam.identity.exception.AccessDeniedException;
import oracle.iam.identity.rolemgmt.api.RoleManager;
import oracle.iam.identity.rolemgmt.api.RoleManagerConstants;
import oracle.iam.identity.rolemgmt.api.RoleManagerConstants.RoleAttributeName;
import oracle.iam.identity.rolemgmt.vo.Role;
import oracle.iam.platform.context.ContextManager;

public class HasAccessByAdminRole {

 public static void main(String[] args) {
  hasAccessByAdminRole();
 }

 public static void hasAccessByAdminRole() throws AccessDeniedException { 
        boolean isAdminRoleGranted = false; 
        String loggedinUsrName = (String)ContextManager.getOIMUser(); 
        String loggedinUsrKey = (String) ContextManager.getUserPreference(ContextManager.USERDETAILS.KEY.getKey()); 

    try { 
      System.out.println(" loggedinUsrKey  "+loggedinUsrKey);
      System.out.println(" loggedinUsrName  "+loggedinUsrName);
                RoleManager roleManager = Platform.getService(RoleManager.class); 

                Set<String> returnAttrs = new HashSet<String>(); 
            returnAttrs.add(RoleAttributeName.KEY.getId()); 
            // find the System Admin Role Key 
                Role role = roleManager.getDetails(RoleAttributeName.NAME.getId(), RoleManagerConstants.SYS_ADMIN_ROLE_NAME, returnAttrs); 
                if(role!=null){ 
                        String roleKey = role.getEntityId(); 
                        System.out.println(" roleKey  "+roleKey);
                        // check if System Admin role is granted to logged in user in directAndIndirect Roles 
                        isAdminRoleGranted = roleManager.isRoleGranted(roleKey, loggedinUsrKey, true);
                        System.out.println(" isAdminRoleGranted  "+isAdminRoleGranted);
                } 

        } catch (Exception e) { 
                System.out.println("Error while checking user's membership roles"); 
        } 
        //If logged in user is NOT a member of System Administrators group, throw Exception 
        if(!isAdminRoleGranted) { 
                throw new AccessDeniedException(); 
        } 
}

}

No comments:

Post a Comment

Subscribe to: Posts (Atom)

About OIM

Oracle Identity Management enables organizations to effectively manage the end - to - end life - cycle of user ide...

Popular Posts

  • OIM API's
    OIM API's Sample Code : Videos:  Massive Gaze Videos Connection Related API's :   OIM DB Connection/ Data Source connection ...
  • OIM 11G R2 /R2PS2 / R2PS3/ 12C Functionalities
    Videos:  Massive Gaze Videos   1.  Basic OIM Information 2.  MDS Export/Import 3.  Steps For R2PS2 / R2PS3 Custom Pre-processor Ev...
  • OIM Data Base
    Videos:  Massive Gaze Videos 1.   Query to get OIM Provsioned/provisioning Account details 2.   Query to get usr keys For Rejected / ...