AuthorizationManager (WSO2 Carbon - User Manager API 4.4.34 API)

```
public interface AuthorizationManager
```

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`authorizeRole(String roleName, String resourceId, String action)` Grants authorizes to a role to perform an action on a resource.
`void`	`authorizeUser(String userName, String resourceId, String action)` Deprecated.
`void`	`clearResourceAuthorizations(String resourceId)` Deletes all granted authorization on a resource.
`void`	`clearRoleActionOnAllResources(String roleName, String action)` Deletes the role's right to perform the action on all resources.
`void`	`clearRoleAuthorization(String roleName)` Used when deleting roles.
`void`	`clearRoleAuthorization(String roleName, String resourceId, String action)` Deletes an already granted authorization of a role.
`void`	`clearUserAuthorization(String userName)` Deprecated.
`void`	`clearUserAuthorization(String userName, String resourceId, String action)` Deprecated.
`void`	`denyRole(String roleName, String resourceId, String action)` Deny authorizations to a role to perform an action on a resource.
`void`	`denyUser(String userName, String resourceId, String action)` Deprecated.
`String[]`	`getAllowedRolesForResource(String resourceId, String action)` Retrieves a list of roles allowed to perform the given action on the resource
`String[]`	`getAllowedUIResourcesForUser(String userName, String permissionRootPath)` Returns the complete set of UI resources allowed for User.
`String[]`	`getDeniedRolesForResource(String resourceId, String action)` Retrieves a list of roles that are not allowed to perform the given action on the resource
`String[]`	`getExplicitlyAllowedUsersForResource(String resourceId, String action)` Deprecated.
`String[]`	`getExplicitlyDeniedUsersForResource(String resourceId, String action)` Deprecated.
`int`	`getTenantId()` This will get the tenant id associated with the user authorization manager
`boolean`	`isRoleAuthorized(String roleName, String resourceId, String action)` Checks for role authorization.
`boolean`	`isUserAuthorized(String userName, String resourceId, String action)` Checks for user authorization.
`void`	`refreshAllowedRolesForResource(String resourceId)` This method used to refresh the existing resource permissions which cached in the memory
`void`	`resetPermissionOnUpdateRole(String roleName, String newRoleName)` This will reset the permission of the renamed role

- Method Detail
  - isUserAuthorized
```
boolean isUserAuthorized(String userName,
                       String resourceId,
                       String action)
                         throws UserStoreException
```
    Checks for user authorization. Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    userName - The user name
    resourceId - Resource Id String
    action - The action user is trying to perform
    
    Returns:
    Returns true when user is authorized to perform the action on the resource and false otherwise.
    
    Throws:
    
    UserStoreException
  - isRoleAuthorized
```
boolean isRoleAuthorized(String roleName,
                       String resourceId,
                       String action)
                         throws UserStoreException
```
    Checks for role authorization.
    
    Parameters:
    roleName - The role name
    resourceId - Resource Id String
    action - The action the role is trying to perform
    
    Returns:
    Returns true when the role is authorized to perform the action on the resource and false otherwise
    
    Throws:
    
    UserStoreException
  - getExplicitlyAllowedUsersForResource
```
String[] getExplicitlyAllowedUsersForResource(String resourceId,
                                            String action)
                                              throws UserStoreException
```
    Deprecated.
    
    Retrieves a list of users allowed to perform the given action on the resource
    
    Parameters:
    resourceId - Resource Id String
    action - The action that is allowed to perform
    
    Returns:
    Returns a list of users allowed to perform the given action on the resource
    
    Throws:
    
    UserStoreException
  - getAllowedRolesForResource
```
String[] getAllowedRolesForResource(String resourceId,
                                  String action)
                                    throws UserStoreException
```
    Retrieves a list of roles allowed to perform the given action on the resource
    
    Parameters:
    resourceId - Resource Id String
    action - The action that is allowed to perform
    
    Returns:
    Returns a list of roles allowed to perform the given action on the resource
    
    Throws:
    
    UserStoreException
  - getDeniedRolesForResource
```
String[] getDeniedRolesForResource(String resourceId,
                                 String action)
                                   throws UserStoreException
```
    Retrieves a list of roles that are not allowed to perform the given action on the resource
    
    Parameters:
    resourceId - Resource Id String
    action - The action that is allowed to perform
    
    Returns:
    Returns a list of roles allowed to perform the given action on the resource
    
    Throws:
    
    UserStoreException
  - getExplicitlyDeniedUsersForResource
```
String[] getExplicitlyDeniedUsersForResource(String resourceId,
                                           String action)
                                             throws UserStoreException
```
    Deprecated.
    
    Retrieves a list of users explicitly denied access to a resource. Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    resourceId - Resource Id String
    action - The action that is disallowed to perform
    
    Returns:
    
    Throws:
    
    UserStoreException
  - authorizeUser
```
void authorizeUser(String userName,
                 String resourceId,
                 String action)
                   throws UserStoreException
```
    Deprecated.
    
    Grants authorizations to a user to perform an action on a resource. Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    userName - The user name
    resourceId - Resource identification string
    action - The action granted to the user
    
    Throws:
    
    UserStoreException
  - authorizeRole
```
void authorizeRole(String roleName,
                 String resourceId,
                 String action)
                   throws UserStoreException
```
    Grants authorizes to a role to perform an action on a resource.
    
    Parameters:
    roleName - The role name
    resourceId - Resource identification string
    action - The action granted to the role
    
    Throws:
    
    UserStoreException
  - denyUser
```
void denyUser(String userName,
            String resourceId,
            String action)
              throws UserStoreException
```
    Deprecated.
    
    Deny authorizations to a user to perform an action on a resource. Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    userName - The user name
    resourceId - Resource identification string
    action - The action granted to the user
    
    Throws:
    
    UserStoreException
  - denyRole
```
void denyRole(String roleName,
            String resourceId,
            String action)
              throws UserStoreException
```
    Deny authorizations to a role to perform an action on a resource.
    
    Parameters:
    roleName - The role name
    resourceId - Resource identification string
    action - The action granted to the role
    
    Throws:
    
    UserStoreException
  - clearUserAuthorization
```
void clearUserAuthorization(String userName,
                          String resourceId,
                          String action)
                            throws UserStoreException
```
    Deprecated.
    
    Deletes an already granted authorization of a user. Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    userName - The user name
    resourceId - Resource identification string
    action - The action granted
    
    Throws:
    
    UserStoreException
  - clearUserAuthorization
```
void clearUserAuthorization(String userName)
                            throws UserStoreException
```
    Deprecated.
    
    Users do not have permissions in future. Only roles can have permissions
    
    Parameters:
    userName - The user name
    
    Throws:
    
    UserStoreException
  - clearRoleAuthorization
```
void clearRoleAuthorization(String roleName,
                          String resourceId,
                          String action)
                            throws UserStoreException
```
    Deletes an already granted authorization of a role.
    
    Parameters:
    roleName - The role name
    resourceId - Resource identification string
    action - The action granted
    
    Throws:
    
    UserStoreException
  - clearRoleActionOnAllResources
```
void clearRoleActionOnAllResources(String roleName,
                                 String action)
                                   throws UserStoreException
```
    Deletes the role's right to perform the action on all resources.
    
    Parameters:
    roleName - The role name
    action - The action granted
    
    Throws:
    
    UserStoreException
  - clearRoleAuthorization
```
void clearRoleAuthorization(String roleName)
                            throws UserStoreException
```
    Used when deleting roles.
    
    Parameters:
    roleName -
    
    Throws:
    
    UserStoreException
  - clearResourceAuthorizations
```
void clearResourceAuthorizations(String resourceId)
                                 throws UserStoreException
```
    Deletes all granted authorization on a resource.
    
    Parameters:
    resourceId - Resource identification string
    
    Throws:
    
    UserStoreException
  - getAllowedUIResourcesForUser
```
String[] getAllowedUIResourcesForUser(String userName,
                                    String permissionRootPath)
                                      throws UserStoreException
```
    Returns the complete set of UI resources allowed for User.
    
    Parameters:
    userName -
    
    Returns:
    
    Throws:
    
    UserStoreException
  - getTenantId
```
int getTenantId()
                throws UserStoreException
```
    This will get the tenant id associated with the user authorization manager
    
    Returns:
    the tenant id of the authorization manager
    
    Throws:
    
    UserStoreException - if the operation failed
  - resetPermissionOnUpdateRole
```
void resetPermissionOnUpdateRole(String roleName,
                               String newRoleName)
                                 throws UserStoreException
```
    This will reset the permission of the renamed role
    
    Parameters:
    roleName - The role name
    newRoleName - The new role name
    
    Throws:
    
    UserStoreException
  - refreshAllowedRolesForResource
```
void refreshAllowedRolesForResource(String resourceId)
                                    throws UserStoreException
```
    This method used to refresh the existing resource permissions which cached in the memory
    
    Parameters:
    resourceId - resource id path
    
    Throws:
    
    UserStoreException - if something went wrong

Interface AuthorizationManager

Method Summary

Method Detail

isUserAuthorized

isRoleAuthorized

getExplicitlyAllowedUsersForResource

getAllowedRolesForResource

getDeniedRolesForResource

getExplicitlyDeniedUsersForResource

authorizeUser

authorizeRole

denyUser

denyRole

clearUserAuthorization

clearUserAuthorization

clearRoleAuthorization

clearRoleActionOnAllResources

clearRoleAuthorization

clearResourceAuthorizations

getAllowedUIResourcesForUser

getTenantId

resetPermissionOnUpdateRole

refreshAllowedRolesForResource