Package cz.metacentrum.perun.core.api
Interface SecurityTeamsManager
- All Known Implementing Classes:
SecurityTeamsManagerEntry
public interface SecurityTeamsManager
- Author:
- Ondrej Velisek <ondrejvelisek@gmail.com>
-
Method Summary
Modifier and TypeMethodDescriptionvoidaddAdmin(PerunSession perunSession, SecurityTeam securityTeam, Group group) Create group as security admins group of given security team (all users in group will have security admin rights)voidaddAdmin(PerunSession perunSession, SecurityTeam securityTeam, User user) create security admin from given user and add him as security admin of given security teamvoidaddUserToBlacklist(PerunSession perunSession, SecurityTeam securityTeam, User user, String description) Add User to black list of security team to filter him out.createSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) Create new SecurityTeam.voiddeleteSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) Delete SecurityTeam.voiddeleteSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam, boolean forceDelete) Delete SecurityTeam.getAdminGroups(PerunSession sess, SecurityTeam securityTeam) Deprecated.getAdmins(PerunSession perunSession, SecurityTeam securityTeam, boolean onlyDirectAdmins) Deprecated.getAllSecurityTeams(PerunSession perunSession) get all security teams in perun systemgetBlacklist(PerunSession perunSession, Facility facility) get union of blacklists of all security teams assigned to facilitygetBlacklist(PerunSession perunSession, SecurityTeam securityTeam) get list of blacklisted users by security teamgetBlacklistWithDescription(PerunSession perunSession, Facility facility) get union of blacklists of all security teams assigned to facility containing also descriptiongetBlacklistWithDescription(PerunSession perunSession, SecurityTeam securityTeam) get list of blacklisted users by security team containing also descriptiongetSecurityTeamById(PerunSession perunSession, int id) Find existing SecurityTeam by ID.getSecurityTeamByName(PerunSession perunSession, String name) Find existing SecurityTeam by name.getSecurityTeams(PerunSession perunSession) Get list of SecurityTeams by access rights - PERUNADMIN : all teams - SECURITYADMIN : teams where user is adminvoidremoveAdmin(PerunSession perunSession, SecurityTeam securityTeam, Group group) Remove security admin role for given security team from groupvoidremoveAdmin(PerunSession perunSession, SecurityTeam securityTeam, User user) Remove security admin role for given security team from uservoidremoveUserFromBlacklist(PerunSession perunSession, SecurityTeam securityTeam, User user) remove user from blacklist of given security teamupdateSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) Updates SecurityTeam.
-
Method Details
-
addAdmin
void addAdmin(PerunSession perunSession, SecurityTeam securityTeam, User user) throws PrivilegeException, SecurityTeamNotExistsException, UserNotExistsException, AlreadyAdminException, RoleCannotBeManagedException, RoleCannotBeSetException create security admin from given user and add him as security admin of given security team- Parameters:
perunSession-securityTeam-user- user who will became a security administrator- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionUserNotExistsExceptionAlreadyAdminExceptionRoleCannotBeManagedExceptionRoleCannotBeSetException
-
addAdmin
void addAdmin(PerunSession perunSession, SecurityTeam securityTeam, Group group) throws PrivilegeException, SecurityTeamNotExistsException, GroupNotExistsException, AlreadyAdminException, RoleCannotBeManagedException, RoleCannotBeSetException Create group as security admins group of given security team (all users in group will have security admin rights)- Parameters:
perunSession-securityTeam-group- group which members will became a security administrators- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionGroupNotExistsExceptionAlreadyAdminExceptionRoleCannotBeManagedExceptionRoleCannotBeSetException
-
addUserToBlacklist
void addUserToBlacklist(PerunSession perunSession, SecurityTeam securityTeam, User user, String description) throws PrivilegeException, SecurityTeamNotExistsException, UserNotExistsException, UserAlreadyBlacklistedException Add User to black list of security team to filter him out.Description of adding can be null.
- Parameters:
perunSession-securityTeam-user-description-- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionUserNotExistsExceptionUserAlreadyBlacklistedException
-
createSecurityTeam
SecurityTeam createSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamExistsException Create new SecurityTeam.- Parameters:
perunSession-securityTeam- SecurityTeam object with prefilled name- Returns:
- Newly created Security team with new id
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin.SecurityTeamExistsException
-
deleteSecurityTeam
void deleteSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamNotExistsException, RelationExistsException Delete SecurityTeam.- Parameters:
perunSession-securityTeam-- Throws:
PrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamInternalErrorExceptionSecurityTeamNotExistsExceptionRelationExistsException- if team is assigned to any facility or has blacklisted users.
-
deleteSecurityTeam
void deleteSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam, boolean forceDelete) throws PrivilegeException, SecurityTeamNotExistsException, RelationExistsException Delete SecurityTeam.- Parameters:
perunSession-securityTeam-forceDelete- TRUE if Team should be forcefully deleted.- Throws:
PrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamInternalErrorExceptionSecurityTeamNotExistsExceptionRelationExistsException- if forceDelete == FALSE and team is assigned to any facility or has blacklisted users.
-
getAdminGroups
@Deprecated List<Group> getAdminGroups(PerunSession sess, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamNotExistsException Deprecated.Gets list of all group administrators of the SecurityTeam.- Parameters:
sess-securityTeam-- Returns:
- list of Group that are admins in the SecurityTeam.
- Throws:
InternalErrorExceptionPrivilegeExceptionSecurityTeamNotExistsException
-
getAdmins
@Deprecated List<User> getAdmins(PerunSession perunSession, SecurityTeam securityTeam, boolean onlyDirectAdmins) throws PrivilegeException, SecurityTeamNotExistsException Deprecated.get all security admins of given security team- Parameters:
perunSession-securityTeam-onlyDirectAdmins- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of users which are admis of given security team
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsException
-
getAllSecurityTeams
get all security teams in perun system- Parameters:
perunSession-- Returns:
- List of SecurityTeams or empty List
- Throws:
InternalErrorExceptionPrivilegeException
-
getBlacklist
List<User> getBlacklist(PerunSession perunSession, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamNotExistsException get list of blacklisted users by security team- Parameters:
perunSession-securityTeam-- Returns:
- list of blacklisted users by security team
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsException
-
getBlacklist
List<User> getBlacklist(PerunSession perunSession, Facility facility) throws PrivilegeException, FacilityNotExistsException get union of blacklists of all security teams assigned to facility- Parameters:
perunSession-facility-- Returns:
- list of blacklisted users for facility
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamFacilityNotExistsException
-
getBlacklistWithDescription
List<Pair<User,String>> getBlacklistWithDescription(PerunSession perunSession, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamNotExistsException get list of blacklisted users by security team containing also description- Parameters:
perunSession-securityTeam-- Returns:
- List of Pairs with blacklisted users by security team
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsException
-
getBlacklistWithDescription
List<Pair<User,String>> getBlacklistWithDescription(PerunSession perunSession, Facility facility) throws PrivilegeException, FacilityNotExistsException get union of blacklists of all security teams assigned to facility containing also description- Parameters:
perunSession-facility-- Returns:
- List of Pairs with blacklisted users for facility
- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamFacilityNotExistsException
-
getSecurityTeamById
SecurityTeam getSecurityTeamById(PerunSession perunSession, int id) throws PrivilegeException, SecurityTeamNotExistsException Find existing SecurityTeam by ID.- Parameters:
perunSession-id-- Returns:
- security team with given id
- Throws:
PrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamInternalErrorExceptionSecurityTeamNotExistsException
-
getSecurityTeamByName
SecurityTeam getSecurityTeamByName(PerunSession perunSession, String name) throws PrivilegeException, SecurityTeamNotExistsException Find existing SecurityTeam by name.- Parameters:
perunSession-name-- Returns:
- security team with given name
- Throws:
PrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamInternalErrorExceptionSecurityTeamNotExistsException
-
getSecurityTeams
Get list of SecurityTeams by access rights - PERUNADMIN : all teams - SECURITYADMIN : teams where user is admin- Parameters:
perunSession-- Returns:
- List of SecurityTeams or empty ArrayList
- Throws:
InternalErrorExceptionPrivilegeException
-
removeAdmin
void removeAdmin(PerunSession perunSession, SecurityTeam securityTeam, User user) throws PrivilegeException, SecurityTeamNotExistsException, UserNotExistsException, UserNotAdminException, RoleCannotBeManagedException Remove security admin role for given security team from user- Parameters:
perunSession-securityTeam-user-- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionUserNotExistsExceptionUserNotAdminExceptionRoleCannotBeManagedException
-
removeAdmin
void removeAdmin(PerunSession perunSession, SecurityTeam securityTeam, Group group) throws PrivilegeException, SecurityTeamNotExistsException, GroupNotExistsException, GroupNotAdminException, RoleCannotBeManagedException Remove security admin role for given security team from group- Parameters:
perunSession-securityTeam-group-- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionGroupNotExistsExceptionGroupNotAdminExceptionRoleCannotBeManagedException
-
removeUserFromBlacklist
void removeUserFromBlacklist(PerunSession perunSession, SecurityTeam securityTeam, User user) throws PrivilegeException, SecurityTeamNotExistsException, UserNotExistsException, UserAlreadyRemovedException remove user from blacklist of given security team- Parameters:
perunSession-securityTeam-user- user who will became a security administrator- Throws:
InternalErrorExceptionPrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamSecurityTeamNotExistsExceptionUserNotExistsExceptionUserAlreadyRemovedException
-
updateSecurityTeam
SecurityTeam updateSecurityTeam(PerunSession perunSession, SecurityTeam securityTeam) throws PrivilegeException, SecurityTeamNotExistsException, SecurityTeamExistsException Updates SecurityTeam.- Parameters:
perunSession-securityTeam-- Returns:
- returns updated SecurityTeam
- Throws:
PrivilegeException- Can do only PerunAdmin or SecurityAdmin of the SecurityTeamInternalErrorExceptionSecurityTeamNotExistsExceptionSecurityTeamExistsException
-