Entitlements are a very important part of the security of Rapture, and the Entitlement API is the way in which information about these entitlements is updated. The API is of course protected by the same entitlements system, so care must be taken to not remove your own entitlement to this API through the use of this API. Concepts/Terminology User - A user represents a person who is making calls to Rapture or an application that is making calls to Rapture. A user is a single entity with a username/password who needs access to Rapture. Group - A group represents a collection of users. Entitlement - An entitlement is a named permission that has associated with it 0 or more groups. If an entitlement has no groups associated with it, it is essentially open, and any defined user in Rapture can access it. If an entitlement has at least 1 group associated with it, any user wishing to access the resource protected by this entitlement, must be a member of one of the associated groups.

Each API call within Rapture is associated with an entitlement path, and when users wish to execute that API call they are checked to see if they are a member of that entitlement (by seeing which groups they are members of). Some API calls have dynamic entitlements, where the full name of the entitlement is derived from the URI of the object that the method uses. For example, a method that writes a document to a specific URI can use that URI as part of the entitlement.

If an entitlement with the specified name exists, then it is used; otherwise the full entitlement path is truncated one part at a time until an entitlement is found.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
List<RaptureEntitlement> retVal = entitlementApi.getEntitlements();

retVal = baseAPI.doEntitlement_GetEntitlements();

Entitlement: /admin/ent

This method is used to retrieve all of the entitlements defined in Rapture.

This function takes no parameters.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlement retVal = entitlementApi.getEntitlement(entitlementName);

retVal = baseAPI.doEntitlement_GetEntitlement(entitlementName);

Entitlement: /admin/ent

Retrieves a single entitlement, or null if not found.

The base object used by the entitlements API.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlement retVal = entitlementApi.getEntitlementByAddress(entitlementURI);

retVal = baseAPI.doEntitlement_GetEntitlementByAddress(entitlementURI);

Entitlement: /admin/ent

Retrieves a single entitlement by using its URI.

The base object used by the entitlements API.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlementGroup retVal = entitlementApi.getEntitlementGroup(groupName);

retVal = baseAPI.doEntitlement_GetEntitlementGroup(groupName);

Entitlement: /admin/ent

Retrieves a single entitlement group.

A named collection of users who share any entitlements assigned to the group, as long as they remain members of the group.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlementGroup retVal = entitlementApi.getEntitlementGroupByAddress(groupURI);

retVal = baseAPI.doEntitlement_GetEntitlementGroupByAddress(groupURI);

Entitlement: /admin/ent

Retrieves a single entitlement group from its URI.

A named collection of users who share any entitlements assigned to the group, as long as they remain members of the group.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
List<RaptureEntitlementGroup> retVal = entitlementApi.getEntitlementGroups();

retVal = baseAPI.doEntitlement_GetEntitlementGroups();

Entitlement: /admin/ent

This method returns all of the entitlement groups defined in the Rapture environment.

This function takes no parameters.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlement retVal = entitlementApi.addEntitlement(entitlementName, initialGroup);

retVal = baseAPI.doEntitlement_AddEntitlement(entitlementName, initialGroup);

Entitlement: /admin/ent

This method adds a new entitlement, specifying an initial group that should be assigned to this entitlement. The reason for assigning an initial group is to prevent lock out.

The base object used by the entitlements API.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlement retVal = entitlementApi.addGroupToEntitlement(entitlementName, groupName);

retVal = baseAPI.doEntitlement_AddGroupToEntitlement(entitlementName, groupName);

Entitlement: /admin/ent

This method is used to add an entitlement group to an entitlement.

The base object used by the entitlements API.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlement retVal = entitlementApi.removeGroupFromEntitlement(entitlementName, groupName);

retVal = baseAPI.doEntitlement_RemoveGroupFromEntitlement(entitlementName, groupName);

Entitlement: /admin/ent

This method reverses the act of adding a group to an entitlement.

The base object used by the entitlements API.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
void retVal = entitlementApi.deleteEntitlement(entitlementName);

retVal = baseAPI.doEntitlement_DeleteEntitlement(entitlementName);

Entitlement: /admin/ent

This method removes an entitlement entirely from the system.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
void retVal = entitlementApi.deleteEntitlementGroup(groupName);

retVal = baseAPI.doEntitlement_DeleteEntitlementGroup(groupName);

Entitlement: /admin/ent

This method removes an entitlement group from the system.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlementGroup retVal = entitlementApi.addEntitlementGroup(groupName);

retVal = baseAPI.doEntitlement_AddEntitlementGroup(groupName);

Entitlement: /admin/ent

This method adds a new entitlement group to the system.

A named collection of users who share any entitlements assigned to the group, as long as they remain members of the group.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlementGroup retVal = entitlementApi.addUserToEntitlementGroup(groupName, userName);

retVal = baseAPI.doEntitlement_AddUserToEntitlementGroup(groupName, userName);

Entitlement: /admin/ent

This method adds a user to an existing entitlement group. The user will then have all of the privileges (entitlements) associated with that group.

A named collection of users who share any entitlements assigned to the group, as long as they remain members of the group.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
RaptureEntitlementGroup retVal = entitlementApi.removeUserFromEntitlementGroup(groupName, userName);

retVal = baseAPI.doEntitlement_RemoveUserFromEntitlementGroup(groupName, userName);

Entitlement: /admin/ent

This method reverses the act of the adding a user to a group.

A named collection of users who share any entitlements assigned to the group, as long as they remain members of the group.

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
List<RaptureEntitlement> retVal = entitlementApi.findEntitlementsByUser(username);

retVal = baseAPI.doEntitlement_FindEntitlementsByUser(username);

Entitlement: /admin/ent

Convenience method to get all the entitlements for a user

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
List<RaptureEntitlement> retVal = entitlementApi.findEntitlementsByGroup(groupname);

retVal = baseAPI.doEntitlement_FindEntitlementsByGroup(groupname);

Entitlement: /admin/ent

Convenience method to get all the entitlements for a group

HttpEntitlementApi entitlementApi = new HttpEntitlementApi(loginApi);
List<RaptureEntitlement> retVal = entitlementApi.findEntitlementsBySelf();

retVal = baseAPI.doEntitlement_FindEntitlementsBySelf();

Entitlement: /everyone

Convenience method to get all entitlements for the current user

This function takes no parameters.