Interface GroupsManagerBl
- All Known Implementing Classes:
GroupsManagerBlImpl
Groups manager can do all work about groups in VOs.
You must get an instance of GroupsManager from instance of Perun (perun si singleton - see how to get it's instance on wiki):
GroupsManager gm = perun.getGroupsManager();
- Author:
- Michal Prochazka, Slavek Licehammer
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addGroupsToAutoRegistration
(PerunSession sess, List<Group> groups) Adds groups to a list of groups which can be registered into during vo registration.void
addGroupsToAutoRegistration
(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Adds groups to a list of groups which can be registered into during vo or group registration.void
addMember
(PerunSession perunSession, Group group, Member member) Adds member of the VO to the group in the same VO.void
addMember
(PerunSession perunSession, List<Group> groups, Member member) Adds member of the VO to the groups in the same VO.void
addMembers
(PerunSession perunSession, Group group, List<Member> members) Adds members of the VO to the group in the same VO.void
addMemberToMembersGroup
(PerunSession perunSession, Group group, Member member) Special addMember which is able to add members into the members and administrators group.void
addRelationMembers
(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.void
allowGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Sets flag required for including group to parent vo in a vo hierarchy.boolean
canExtendMembershipInGroup
(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or if no rules were set for the membershipExpirationboolean
canExtendMembershipInGroupWithReason
(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or throws exception with reason why use can't extends membershipvoid
checkGroupExists
(PerunSession sess, Group group) convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, List<Group> groups) This method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) This method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Resource resource, List<Group> groups) This method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, List<Group> groups) This method takes list of groups and creates list of RichGroups containing all attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, List<Group> groups, List<String> attrNames) This method takes list of groups and creates list of RichGroups containing selected attributesconvertGroupToRichGroupWithAttributes
(PerunSession sess, Group group) This method takes group and creates RichGroup containing all attributesconvertGroupToRichGroupWithAttributesByName
(PerunSession sess, Group group, List<String> attrNames) This method takes group and creates RichGroup containing selected attributesconvertToEnrichedGroup
(PerunSession sess, Group group, List<String> attrNames) Creates enrichedGroup from given group and load attributes with given names.void
copyMembers
(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) Copies direct members from one group to other groups in the same VO.createGroup
(PerunSession perunSession, Group parentGroup, Group group) Creates a new subgroup of the existing group.createGroup
(PerunSession perunSession, Vo vo, Group group) Creates a new top-level group and associates it with the VO from parameter.createGroupUnion
(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Performs union operation on two groups.void
deleteAllGroups
(PerunSession perunSession, Vo vo) Deletes all groups under the VO except built-in groups (members, admins groups).void
deleteGroup
(PerunSession perunSession, Group group, boolean forceDelete) If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception.void
deleteGroups
(PerunSession perunSession, List<Group> groups, boolean forceDelete) Delete all groups in list from perun.void
deleteGroupsFromAutoRegistration
(PerunSession sess, List<Group> groups) Deletes groups from a list of groups which can be registered into during vo registration.void
deleteGroupsFromAutoRegistration
(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Deletes groups from a list of groups which can be registered into during vo or group registration.void
deleteMembersGroup
(PerunSession sess, Vo vo) Deletes built-in members group.void
disallowGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Unsets flag required for including group to parent vo in a vo hierarchyvoid
expireMemberInGroup
(PerunSession sess, Member member, Group group) Set member's status in given group to EXPIREDvoid
extendMembershipInGroup
(PerunSession sess, Member member, Group group) Extend member membership in given group using membershipExpirationRules attribute defined in Group.filterMembersByMembershipTypeInGroup
(List<Member> members) This method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target listfilterOnlyAllowedAttributes
(PerunSession sess, EnrichedGroup enrichedGroup) For enrichedGroup filter all its group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, RichGroup richGroup) For richGroup filter all his group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.void
forceAllSubGroupsSynchronization
(PerunSession sess, Group group) Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)void
forceGroupStructureSynchronization
(PerunSession sess, Group group) Synchronize the group structure with an external group structure.void
forceGroupSynchronization
(PerunSession sess, Group group) Synchronize the group with external group.getActiveGroupMembers
(PerunSession perunSession, Group group) Return all members of the group who are active (valid) in the group.getActiveGroupMembers
(PerunSession sess, Group group, Status status) Return all members of the group who are active (valid) in the group and have specific status in the Vo.getAdminGroups
(PerunSession perunSession, Group group) Gets list of all group administrators of this group.getAdmins
(PerunSession perunSession, Group group) Deprecated.getAdmins
(PerunSession perunSession, Group group, boolean onlyDirectAdmins) Gets list of all administrators of this group.Returns all groups which can be included to VO.getAllAllowedGroupsToHierarchicalVo
(PerunSession sess, Vo vo, Vo memberVo) Returns groups which can be included to VO from specific member VO.getAllGroups
(PerunSession sess) Get all groups from all vos.getAllGroups
(PerunSession sess, Vo vo) Get all groups of the VO.Returns all groups which can be registered into during any vo registration.getAllGroupsWhereMemberIsActive
(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Included members group.getAllGroupsWithHierarchy
(PerunSession sess, Vo vo) Get all groups of the VO stored in the map reflecting the hierarchy.getAllMemberGroups
(PerunSession sess, Member member) Return all member's groups.getAllRichGroupsWithAttributesByNames
(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.getAllRichGroupsWithAttributesByNames
(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichGroups containing selected attributes filtered by role and its typegetAllRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.getAllRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)getAllSubGroups
(PerunSession sess, Group parentGroup) Get all subgroups of the parentGroup recursively.getAssignedGroupsToFacility
(PerunSession perunSession, Facility facility) Return list of assigned groups on all facility resources (without subgroups unless they are assigned too)getAssignedGroupsToResource
(PerunSession perunSession, Resource resource) Return list of assigned groups on the resource (without subgroups unless they are assigned too)getAssignedGroupsToResource
(PerunSession perunSession, Resource resource, boolean withSubGroups) Return list of assigned groups on the resource.getAssignedGroupsToResource
(PerunSession perunSession, Resource resource, Member member) Return list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific membergetAssociatedGroupsToFacility
(PerunSession perunSession, Facility facility) Return list of all associated groups from all facility resources (does not require ACTIVE group-resource status)getAssociatedGroupsToResource
(PerunSession perunSession, Resource resource) Return list of assigned groups on the resource.getAssociatedGroupsToResource
(PerunSession perunSession, Resource resource, Member member) Return list of groups associated with the resource with specified member.getDirectAdmins
(PerunSession perunSession, Group group) Deprecated.getDirectMemberGroupStatus
(PerunSession session, Member member, Group group) Returns members direct status in given group.getDirectRichAdmins
(PerunSession perunSession, Group group) Deprecated.getDirectRichAdminsWithSpecificAttributes
(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getFacilitiesWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of facilities where the given group is given the admin role.getGroupById
(PerunSession perunSession, int id) Search for the group with specified id in all VOs.getGroupByName
(PerunSession perunSession, Vo vo, String name) Search for the group with specified name in specified VO.getGroupDirectMembers
(PerunSession perunSession, Group group) Return all direct group members.int
getGroupDirectMembersCount
(PerunSession sess, Group group) Returns count of direct members in the groupgetGroupDirectRichMembers
(PerunSession sess, Group group) Returns direct group members in the RichMember object, which contains Member+User data.getGroupMemberById
(PerunSession sess, Group group, int memberId) Get group member by member ID.getGroupMembers
(PerunSession perunSession, Group group) Return all group members.getGroupMembers
(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Return all members of the group who has specific status in the group and also specific status in the Vo.getGroupMembers
(PerunSession perunSession, Group group, Status status) Return group members.int
getGroupMembersCount
(PerunSession perunSession, Group group) getGroupMembersCountsByGroupStatus
(PerunSession sess, Group group) Returns counts of group members by their group status.getGroupMembersCountsByVoStatus
(PerunSession sess, Group group) Returns counts of group members by their status in VO.getGroupMembersExceptInvalid
(PerunSession perunSession, Group group) Return only valid, suspended, expired and disabled group members.getGroupMembersExceptInvalidAndDisabled
(PerunSession perunSession, Group group) Return only valid, suspended and expired group members.getGroupResourcePairsByAttribute
(PerunSession sess, Attribute attribute) Returns all group-resource which have set the attribute with the value.getGroupRichMembers
(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembers
(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersExceptInvalid
(PerunSession sess, Group group) Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes
(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes
(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroups
(PerunSession sess, Vo vo) Get all groups of users under the VO.getGroupsByAttribute
(PerunSession sess, Attribute attribute) Returns all groups which have set the attribute with the value.getGroupsByIds
(PerunSession perunSession, List<Integer> ids) Search for the groups with specified ids in all VOs.getGroupsByPerunBean
(PerunSession sess, Facility facility) Returns list of groups connected with a facilitygetGroupsByPerunBean
(PerunSession sess, Host host) Returns list of groups connected with a hostgetGroupsByPerunBean
(PerunSession sess, Member member) Returns list of groups connected with a membergetGroupsByPerunBean
(PerunSession sess, Resource resource) Returns list of groups connected with a resourcegetGroupsByPerunBean
(PerunSession sess, User user) Returns list of groups connected with a usergetGroupsByPerunBean
(PerunSession sess, Vo vo) Returns list of groups connected with a voint
getGroupsCount
(PerunSession perunSession) Get count of all groups.int
getGroupsCount
(PerunSession sess, Vo vo) getGroupsForAutoRegistration
(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Returns all groups which can be registered into during group registration.getGroupsForAutoRegistration
(PerunSession sess, Vo vo) Returns all groups which can be registered into during vo registration.getGroupsForAutoRegistration
(PerunSession sess, Vo vo, ApplicationFormItem formItem) Returns all groups which can be registered into during vo registration.getGroupsPage
(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) Get page of groups from the given vo.Gets all groups which have enabled synchronization.getGroupsWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of groups where the given group is given the admin role.getGroupsWhereMemberIsActive
(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Excluded members group.getGroupsWhereMemberIsInactive
(PerunSession sess, Member member) Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.getGroupsWhereUserIsActiveMember
(PerunSession sess, User user, Vo vo) Returns groups in which the user is active member.getGroupsWithAssignedExtSourceInVo
(PerunSession sess, ExtSource source, Vo vo) Get all groups in specific vo with assigned extSourcegetGroupUnions
(PerunSession sess, Group group, boolean reverseDirection) Get list of group unions for specified group.getGroupUsers
(PerunSession perunSession, Group group) Return group users sorted by name.getInactiveGroupMembers
(PerunSession perunSession, Group group) Return all members of the group who are inactive (expired) in the group.getInactiveGroupMembers
(PerunSession sess, Group group, Status status) Return all members of the group who are inactive (expired) in the group and have specific status in the Vo.getIndirectMembershipPaths
(PerunSession sess, Member member, Group group) Get unique paths of groups via which member is indirectly included to the group.getMemberDirectGroups
(PerunSession sess, Member member) Get all groups (except member groups) where member has direct membership.getMemberGroups
(PerunSession sess, Member member) Returns all members groups.getMemberGroupsByAttribute
(PerunSession sess, Member member, Attribute attribute) Method return list of groups for selected member which (groups) has set specific attribute.getMemberRichGroupsWithAttributesByNames
(PerunSession sess, Member member, List<String> attrNames) Deprecated.getMemberRichGroupsWithAttributesByNames
(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups for specified member, containing selected attributes filtered by role and its type.getParentGroup
(PerunSession sess, Group group) Get parent group.getParentGroupMembers
(PerunSession sess, Group group) Get members from parent group.getParentGroupRichMembers
(PerunSession sess, Group group) Get members form the parent group in RichMember format.getParentGroupRichMembersWithAttributes
(PerunSession sess, Group group) Get members form the parent group in RichMember format including user/member attributes.getRichAdmins
(PerunSession perunSession, Group group) Deprecated.getRichAdmins
(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) Gets list of all richUser administrators of this group.getRichAdminsWithAttributes
(PerunSession perunSession, Group group) Deprecated.getRichAdminsWithSpecificAttributes
(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getRichGroupByIdWithAttributesByNames
(PerunSession sess, int groupId, List<String> attrNames) Returns RichGroup selected by id containing selected attributesgetRichGroupsWithAttributesAssignedToResource
(PerunSession sess, Member member, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to the resource filtered by specific member.getRichGroupsWithAttributesAssignedToResource
(PerunSession sess, Resource resource, List<String> attrNames) Get all RichGroups with selected attributes assigned to the resource.getRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames) Returns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)getServiceGroupMembers
(PerunSession perunSession, Group group) Return a list of all group members, who are service usersgetSubGroups
(PerunSession sess, Group parentGroup) Get all subgroups of the parent group under the VO.int
getSubGroupsCount
(PerunSession sess, Group parentGroup) Returns number of immediate subgroups of the parent group.getSubgroupsPage
(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Get page of subgroups from the given parent group.getTotalGroupStatusForMembers
(PerunSession session, Group group, List<Member> members) Returns total member's status of given members in given group.getTotalMemberGroupStatus
(PerunSession session, Member member, Group group) Returns total member's status in given group.getUserGroups
(PerunSession sess, User user) Return groups where user is member.getUserGroups
(PerunSession sess, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Return groups where user is member with allowed statuses in vo and group.getVo
(PerunSession sess, Group group) Gets the Vo which is owner of the group.getVosWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of VOs where the given group is given the admin role.boolean
hasGroupSynchronizedChild
(PerunSession session, Group group) Check if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.void
inactivateMember
(PerunSession sess, Member member, Group group) Inactivates member in group and sets its status to EXPIRED.boolean
isAllowedGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Returns flag representing if the group can be included in the (parent) vo's groupsboolean
isDirectGroupMember
(PerunSession sess, Group group, Member member) Return true if Member is direct member of the Groupboolean
isGroupForAnyAutoRegistration
(PerunSession sess, Group group) Check if group has automatic registration enabled in any form item.boolean
isGroupForAutoRegistration
(PerunSession sess, Group group, List<Integer> formItems) Check if group has automatic registration enabled in the given form item.boolean
isGroupInStructureSynchronizationTree
(PerunSession session, Group group) Check if the group or its subgroups are defined as synchronized from an external source at this moment.isGroupLastAdminInSomeFacility
(PerunSession sess, Group group) Check whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does.isGroupLastAdminInSomeFacility
(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do.isGroupLastAdminInSomeVo
(PerunSession sess, Group group) Check whether the group supplies the last VOADMIN in some vo, return those vos in which it does.isGroupLastAdminInSomeVo
(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do.boolean
isGroupMember
(PerunSession sess, Group group, Member member) Return true if Member is member of the Groupboolean
isGroupSynchronizedFromExternallSource
(PerunSession session, Group group) Check if the group is defined as synchronized from an external source at this moment.boolean
isUserMemberOfGroup
(PerunSession sess, User user, Group group) Checks whether the user is member of the group.void
moveGroup
(PerunSession sess, Group destinationGroup, Group movingGroup) Move one group structure under another group in same vo or as top level groupvoid
reactivateMember
(PerunSession sess, Member member, Group group) Reactivates member in group and sets its status to VALID.void
recalculateMemberGroupStatusRecursively
(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatuses) Calculates the state of given member in given group and calls this method recursively for all parent groups.void
removeGroupUnion
(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Removes a union relation between two groups.void
removeMember
(PerunSession perunSession, Group group, Member member) Removes member form the group.void
removeMember
(PerunSession perunSession, List<Group> groups, Member member) Removes member from groups.void
removeMemberFromMembersOrAdministratorsGroup
(PerunSession perunSession, Group group, Member member) Removes member from members or administrators group only.void
removeMembers
(PerunSession perunSession, Group group, List<Member> members) Removes members from the group.void
removeRelationMembers
(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.void
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.void
saveInformationAboutGroupStructureSynchronizationInNewTransaction
(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.void
saveInformationAboutGroupSynchronizationInNestedTransaction
(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.void
saveInformationAboutGroupSynchronizationInNewTransaction
(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.synchronizeGroup
(PerunSession sess, Group group) Synchronizes the group with the external group without checking if the synchronization is already in progress.void
Synchronize all groups which have enabled synchronization.void
Synchronize all groups structures which have enabled group structure synchronization.synchronizeGroupStructure
(PerunSession sess, Group group) Synchronize a group structure with an external source group structure under the group.updateGroup
(PerunSession perunSession, Group group) Updates group by ID.updateParentGroupId
(PerunSession perunSession, Group group) Updates parentGroupId.void
validateMemberInGroup
(PerunSession sess, Member member, Group group) Set member's status in given group to VALID
-
Method Details
-
addGroupsToAutoRegistration
void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups) throws GroupNotAllowedToAutoRegistrationException Adds groups to a list of groups which can be registered into during vo registration. This will NOT create empty application form for groups and will throw exception if none exists.- Parameters:
sess
- sessiongroups
- list of groups- Throws:
GroupNotAllowedToAutoRegistrationException
- if given group cannot be added to auto registration
-
addGroupsToAutoRegistration
void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws GroupNotAllowedToAutoRegistrationException, FormItemNotExistsException Adds groups to a list of groups which can be registered into during vo or group registration. This will NOT create empty application form for groups and will throw exception if none exists.- Parameters:
sess
- sessiongroups
- list of groupsformItem
- application form item- Throws:
GroupNotAllowedToAutoRegistrationException
- if given group cannot be added to auto registrationFormItemNotExistsException
-
addMember
void addMember(PerunSession perunSession, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Adds member of the VO to the group in the same VO. But not to administrators and members group.- Parameters:
perunSession
-group
-member
-- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addMember
void addMember(PerunSession perunSession, List<Group> groups, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Adds member of the VO to the groups in the same VO. But not to administrators and members group.- Parameters:
perunSession
-groups
-member
-- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addMemberToMembersGroup
void addMemberToMembersGroup(PerunSession perunSession, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Special addMember which is able to add members into the members and administrators group.- Parameters:
perunSession
-group
-member
-- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addMembers
void addMembers(PerunSession perunSession, Group group, List<Member> members) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Adds members of the VO to the group in the same VO. But not to administrators and members group.- Parameters:
perunSession
-group
-members
-- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addRelationMembers
void addRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws AlreadyMemberException, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException Method recalculates all relations between groups. Method recursively adds members from groups and all their relations. The method is called in case of: 1) added relation 2) added member 3) group creation 4) group movement- Parameters:
sess
- perun sessionresultGroup
- group to which members are added or removed fromchangedMembers
- list of changed members which is passed as argument to add indirect members method. List contains records of added indirect members from operand group.sourceGroupId
- id of a group from which members originate- Throws:
InternalErrorException
AlreadyMemberException
WrongReferenceAttributeValueException
WrongAttributeValueException
GroupNotExistsException
-
allowGroupToHierarchicalVo
void allowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException, RelationExistsException Sets flag required for including group to parent vo in a vo hierarchy.- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Throws:
RelationNotExistsException
- if group is not from parent vo's member vosRelationExistsException
- if group is already allowed to be included to parent vo
-
canExtendMembershipInGroup
Returns true if member in given group can extend membership or if no rules were set for the membershipExpiration- Parameters:
sess
- sessionmember
- membergroup
- group- Returns:
- true if given member can extend membership in given group or if no rules were set for the membership expiration, false otherwise
-
canExtendMembershipInGroupWithReason
boolean canExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) throws ExtendMembershipException Returns true if member in given group can extend membership or throws exception with reason why use can't extends membership- Parameters:
sess
- sessionmember
- membergroup
- group- Returns:
- true if given member can extend membership in given group or throws exception with reason why not
- Throws:
ExtendMembershipException
- reason why user can't extend membership
-
checkGroupExists
- Throws:
GroupNotExistsException
-
convertGroupToRichGroupWithAttributes
This method takes group and creates RichGroup containing all attributes- Parameters:
sess
-group
-- Returns:
- RichGroup
- Throws:
InternalErrorException
-
convertGroupToRichGroupWithAttributesByName
RichGroup convertGroupToRichGroupWithAttributesByName(PerunSession sess, Group group, List<String> attrNames) This method takes group and creates RichGroup containing selected attributes- Parameters:
sess
-group
-attrNames
- list of selected attributes- Returns:
- RichGroup
- Throws:
InternalErrorException
-
convertGroupsToRichGroupsWithAttributes
This method takes list of groups and creates list of RichGroups containing all attributes- Parameters:
sess
-groups
- list of groups- Returns:
- RichGroup
- Throws:
InternalErrorException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups) throws MemberGroupMismatchException This method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributes- Parameters:
sess
-member
- specified member which is assigned to groupsgroups
- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
MemberGroupMismatchException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups) throws GroupResourceMismatchException This method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributes- Parameters:
sess
-resource
- specified resource to which are groups assignedgroups
- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
InternalErrorException
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups, List<String> attrNames) This method takes list of groups and creates list of RichGroups containing selected attributes- Parameters:
sess
-groups
- list of groupsattrNames
- list of selected attributes- Returns:
- RichGroup
- Throws:
InternalErrorException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException This method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Parameters:
sess
-resource
-groups
-attrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
InternalErrorException
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) throws MemberGroupMismatchException, MemberNotExistsException, GroupNotExistsException This method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Parameters:
sess
-member
-groups
-attrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
InternalErrorException
GroupResourceMismatchException
MemberGroupMismatchException
MemberNotExistsException
GroupNotExistsException
-
convertGroupsToRichGroupsWithAttributes
List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException, MemberResourceMismatchException, MemberGroupMismatchException This method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning). If attribute with correct namespace is in the list, it will be return even with empty value (if no value exists).- Parameters:
sess
-member
- member to get member-resource and member-group attributes forresource
- resource to get group-resource and member-resource attributes forgroups
- to convert to richGroups and get group-resource and member-group attributes forattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
InternalErrorException
GroupResourceMismatchException
- if group is not assigned to resourceMemberResourceMismatchException
- if member is not assigned to groupMemberGroupMismatchException
- if member is not in the same vo as group
-
convertToEnrichedGroup
Creates enrichedGroup from given group and load attributes with given names. If the attrNames are null, all group attributes are added.- Parameters:
sess
- sessiongroup
- groupattrNames
- names of attributes to return- Returns:
- EnrichedGroup for given group with desired attributes
-
copyMembers
void copyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) throws WrongReferenceAttributeValueException, WrongAttributeValueException, MemberGroupMismatchException Copies direct members from one group to other groups in the same VO. The members are copied without their member-group attributes. Copies all direct members if members list is empty or null.- Parameters:
sess
- perun sessionsourceGroup
- group to copy members fromdestinationGroups
- groups to copy members tomembers
- members to be copies- Throws:
WrongReferenceAttributeValueException
WrongAttributeValueException
MemberGroupMismatchException
-
createGroup
Creates a new top-level group and associates it with the VO from parameter.For this method the new group has always same shortName like Name. Important: voId in object group is ignored
- Parameters:
perunSession
-vo
- to associates group withgroup
- new group with name without ":"- Returns:
- newly created top-level group
- Throws:
InternalErrorException
- if group.name contains ':' or other internal error occurGroupExistsException
-
createGroup
Group createGroup(PerunSession perunSession, Group parentGroup, Group group) throws GroupExistsException, GroupRelationNotAllowed, GroupRelationAlreadyExists Creates a new subgroup of the existing group.- Parameters:
perunSession
-parentGroup
-group
- group.name must contain only shortName (without ":"). Hierarchy is defined by parentGroup parameter.- Returns:
- newly created sub group with full group.Name with ":"
- Throws:
GroupExistsException
InternalErrorException
GroupRelationNotAllowed
GroupRelationAlreadyExists
-
createGroupUnion
Group createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws GroupRelationAlreadyExists, GroupRelationNotAllowed, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException, VoNotExistsException Performs union operation on two groups. Members from operand group are added to result group as indirect.- Parameters:
sess
- perun sessionresultGroup
- group to which members are addedoperandGroup
- group from which members are takenparentFlag
- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Returns:
- result group
- Throws:
GroupRelationAlreadyExists
GroupRelationNotAllowed
InternalErrorException
WrongReferenceAttributeValueException
WrongAttributeValueException
GroupNotExistsException
VoNotExistsException
-
deleteAllGroups
void deleteAllGroups(PerunSession perunSession, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Deletes all groups under the VO except built-in groups (members, admins groups).- Parameters:
perunSession
-vo
- VO- Throws:
InternalErrorException
GroupAlreadyRemovedException
GroupAlreadyRemovedFromResourceException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroup
void deleteGroup(PerunSession perunSession, Group group, boolean forceDelete) throws RelationExistsException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception. If forceDelete is true, delete group with all subgroups, members and administrators, then delete this group.- Parameters:
perunSession
-group
- group to deleteforceDelete
- if forceDelete is false, delete group only if is empty and has no subgroups, if is true, delete anyway with all connections- Throws:
InternalErrorException
RelationExistsException
GroupAlreadyRemovedException
GroupAlreadyRemovedFromResourceException
GroupNotExistsException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroups
void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Delete all groups in list from perun. (Except members group)If forceDelete is false, delete groups only if none of them (IN MOMENT OF DELETING) has subgroups and members, in other case throw exception. if forceDelete is true, delete groups with all subgroups and members.
Groups are deleted in order: from longest name to the shortest - ex: Group A:b:c will be deleted sooner than Group A:b etc. - reason for this: with group are deleted its subgroups too
Important: Groups can be from different VOs.
- Parameters:
perunSession
-groups
- list of groups to deletedforceDelete
- if forceDelete is false, delete groups only if all of them have no subgroups and no members, if is true, delete anyway with all connections- Throws:
InternalErrorException
GroupAlreadyRemovedException
RelationExistsException
GroupAlreadyRemovedFromResourceException
GroupNotExistsException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroupsFromAutoRegistration
Deletes groups from a list of groups which can be registered into during vo registration.- Parameters:
sess
- sessiongroups
- list of groups
-
deleteGroupsFromAutoRegistration
void deleteGroupsFromAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws FormItemNotExistsException Deletes groups from a list of groups which can be registered into during vo or group registration.- Parameters:
sess
- sessiongroups
- list of groupsformItem
- application form item- Throws:
FormItemNotExistsException
-
deleteMembersGroup
void deleteMembersGroup(PerunSession sess, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Deletes built-in members group. -
disallowGroupToHierarchicalVo
void disallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException Unsets flag required for including group to parent vo in a vo hierarchy- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Throws:
RelationNotExistsException
- if group is not allowed to be included in parent vo
-
expireMemberInGroup
Set member's status in given group to EXPIRED- Parameters:
sess
- perun sessionmember
- member whose status will be changedgroup
- group in which given member will be expired- Throws:
InternalErrorException
- internal error
-
extendMembershipInGroup
void extendMembershipInGroup(PerunSession sess, Member member, Group group) throws ExtendMembershipException Extend member membership in given group using membershipExpirationRules attribute defined in Group.- Parameters:
sess
- sessionmember
- membergroup
- group- Throws:
InternalErrorException
- internal errorExtendMembershipException
- extend membership exception
-
filterMembersByMembershipTypeInGroup
This method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target list- Parameters:
members
- list of members to filtering- Returns:
- filteredMembers list of members without duplicit after filtering
-
filterOnlyAllowedAttributes
For richGroup filter all his group attributes and remove all which principal has no access to.- Parameters:
sess
-richGroup
-- Returns:
- richGroup with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributes
For list of richGroups filter all their group attributes and remove all which principal has no access to.- Parameters:
sess
-richGroups
-- Returns:
- list of RichGroups with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributes
List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Parameters:
sess
-richGroups
-resource
- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributes
List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Parameters:
sess
-richGroups
-member
- optional member param used for contextresource
- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributes
For enrichedGroup filter all its group attributes and remove all which principal has no access to.- Parameters:
sess
-enrichedGroup
-- Returns:
- enrichedGroup with only allowed attributes
- Throws:
InternalErrorException
-
forceAllSubGroupsSynchronization
Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)- Parameters:
sess
-group
- the group where all its subgroups will be forced to synchronize
-
forceGroupStructureSynchronization
void forceGroupStructureSynchronization(PerunSession sess, Group group) throws GroupStructureSynchronizationAlreadyRunningException Synchronize the group structure with an external group structure. It checks if the synchronization of the same group is already in progress.- Parameters:
group
- the group to be forced this way- Throws:
InternalErrorException
GroupStructureSynchronizationAlreadyRunningException
-
forceGroupSynchronization
void forceGroupSynchronization(PerunSession sess, Group group) throws GroupSynchronizationAlreadyRunningException, GroupSynchronizationNotEnabledException Synchronize the group with external group. It checks if the synchronization of the same group is already in progress.- Parameters:
sess
-group
-- Throws:
InternalErrorException
GroupSynchronizationAlreadyRunningException
- when synchronization for the group is already runningGroupSynchronizationNotEnabledException
- when group doesn't have synchronization enabled
-
getActiveGroupMembers
Return all members of the group who are active (valid) in the group.Do not return expired members of the group.
- Parameters:
perunSession
- perun sessiongroup
- to get members from- Returns:
- list of active (valid) members
- Throws:
InternalErrorException
-
getActiveGroupMembers
Return all members of the group who are active (valid) in the group and have specific status in the Vo.Do not return expired members of the group.
- Parameters:
sess
- perun sessiongroup
- to get members fromstatus
- to get only members with this specific status in the Vo- Returns:
- list of active (valid) members with specific status in the Vo
- Throws:
InternalErrorException
-
getAdminGroups
Gets list of all group administrators of this group.- Parameters:
perunSession
-group
-- Returns:
- list of group administrators
- Throws:
InternalErrorException
-
getAdmins
Gets list of all administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.If onlyDirectAdmins is true, return only direct users of the group for supported role.
Supported roles: GroupAdmin
- Parameters:
perunSession
-group
-onlyDirectAdmins
- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of all user administrators of the given group for supported role
- Throws:
InternalErrorException
-
getAdmins
Deprecated.Gets list of all user administrators of this group. If some group is administrator of the given group, all members are included in the list.- Parameters:
perunSession
-group
-- Returns:
- list of administrators
- Throws:
InternalErrorException
-
getAllAllowedGroupsToHierarchicalVo
Returns all groups which can be included to VO.- Parameters:
sess
- sessionvo
- VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllAllowedGroupsToHierarchicalVo
Returns groups which can be included to VO from specific member VO.- Parameters:
sess
- sessionvo
- parent VOmemberVo
- member VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllGroups
Get all groups from all vos.- Parameters:
sess
- session- Returns:
- list of all groups
-
getAllGroups
Get all groups of the VO.- Parameters:
sess
-vo
-- Returns:
- list of groups
- Throws:
InternalErrorException
-
getAllGroupsForAutoRegistration
Returns all groups which can be registered into during any vo registration. This method serves only for migration to new functionality related to the new table.- Parameters:
sess
- session- Returns:
- list of groups
-
getAllGroupsWhereMemberIsActive
Returns all member's groups where member is in active state (is valid there) Included members group.- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in active state (valid)
- Throws:
InternalErrorException
-
getAllGroupsWithHierarchy
Get all groups of the VO stored in the map reflecting the hierarchy.- Parameters:
sess
-vo
-- Returns:
- map of the groups hierarchically organized
- Throws:
InternalErrorException
-
getAllMemberGroups
Return all member's groups. Included members and administrators groups.- Parameters:
sess
-member
-- Returns:
- Throws:
InternalErrorException
-
getAllRichGroupsWithAttributesByNames
@Deprecated List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.Returns all RichGroups containing selected attributes- Parameters:
sess
-vo
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
InternalErrorException
-
getAllRichGroupsWithAttributesByNames
List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichGroups containing selected attributes filtered by role and its type- Parameters:
sess
- perun sessionvo
- voattrNames
- if attrNames is null method will return RichGroups containing all attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
- Throws:
InternalErrorException
-
getAllRichSubGroupsWithAttributesByNames
@Deprecated List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.Returns all RichSubGroups from parentGroup containing selected attributes (all levels subgroups)- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
InternalErrorException
-
getAllRichSubGroupsWithAttributesByNames
List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
- Throws:
InternalErrorException
-
getAllSubGroups
Get all subgroups of the parentGroup recursively. (parentGroup subgroups, their subgroups etc...)- Parameters:
sess
-parentGroup
- parent group- Returns:
- list of groups
- Throws:
InternalErrorException
-
getAssignedGroupsToFacility
Return list of assigned groups on all facility resources (without subgroups unless they are assigned too)- Parameters:
perunSession
-facility
-- Returns:
- list of groups, which are assigned on all facility resources
- Throws:
InternalErrorException
-
getAssignedGroupsToResource
Return list of assigned groups on the resource (without subgroups unless they are assigned too)- Parameters:
perunSession
-resource
-- Returns:
- list of groups, which are assigned on the resource
- Throws:
InternalErrorException
-
getAssignedGroupsToResource
List<Group> getAssignedGroupsToResource(PerunSession perunSession, Resource resource, Member member) Return list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific member- Parameters:
perunSession
-resource
-member
-- Returns:
- list of groups, which are assigned on the resource and contain specific member
- Throws:
InternalErrorException
-
getAssignedGroupsToResource
List<Group> getAssignedGroupsToResource(PerunSession perunSession, Resource resource, boolean withSubGroups) Return list of assigned groups on the resource.- Parameters:
perunSession
-resource
-withSubGroups
- if true returns also all subgroups of assigned groups- Returns:
- list of groups, which are assigned on the resource
- Throws:
InternalErrorException
-
getAssociatedGroupsToFacility
Return list of all associated groups from all facility resources (does not require ACTIVE group-resource status)- Parameters:
perunSession
-facility
-- Returns:
- list of groups, which are associated with all facility resources
- Throws:
InternalErrorException
-
getAssociatedGroupsToResource
List<Group> getAssociatedGroupsToResource(PerunSession perunSession, Resource resource, Member member) Return list of groups associated with the resource with specified member. Does not require ACTIVE group-resource status.- Parameters:
perunSession
-resource
-member
-- Returns:
- list of groups, which are associated with the resource with specified member
- Throws:
InternalErrorException
-
getAssociatedGroupsToResource
Return list of assigned groups on the resource. Similar to assigned groups, but does not require ACTIVE group-resource status.- Parameters:
perunSession
-resource
-- Returns:
- list of groups, which are associated with the resource
- Throws:
InternalErrorException
-
getDirectAdmins
Deprecated.Gets list of direct user administrators of this group. 'Direct' means, there aren't included users, who are members of group administrators, in the returned list.- Parameters:
perunSession
-group
-- Returns:
- list of direct administrators
- Throws:
InternalErrorException
-
getDirectMemberGroupStatus
Returns members direct status in given group. This method doesn't calculate status from subgroups! If there is no relation, null is returned.- Parameters:
session
- sessionmember
- membergroup
- group- Returns:
- status of member in given group
- Throws:
InternalErrorException
- internal error
-
getDirectRichAdmins
Deprecated.Gets list of all administrators of this group, which are assigned directly, like RichUsers without attributes.- Parameters:
perunSession
-group
-- Throws:
InternalErrorException
-
getDirectRichAdminsWithSpecificAttributes
@Deprecated List<RichUser> getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Get list of Group administrators, which are directly assigned (not by group membership) with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Parameters:
perunSession
-group
-specificAttributes
-- Returns:
- list of RichUsers with specific attributes.
- Throws:
InternalErrorException
-
getFacilitiesWhereGroupIsAdmin
Get list of facilities where the given group is given the admin role.- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered facilities.
- Throws:
InternalErrorException
-
getGroupById
Search for the group with specified id in all VOs.- Parameters:
id
-perunSession
-- Returns:
- group with specified id or throws
- Throws:
InternalErrorException
GroupNotExistsException
-
getGroupByName
Search for the group with specified name in specified VO.IMPORTANT: need to use full name of group (ex. 'toplevel:a:b', not the shortname which is in this example 'b')
- Parameters:
perunSession
-vo
-name
-- Returns:
- group with specified name or throws in specified VO
- Throws:
InternalErrorException
GroupNotExistsException
-
getGroupDirectMembers
Return all direct group members.- Parameters:
perunSession
- perun sessiongroup
- group- Returns:
- list of direct members
- Throws:
InternalErrorException
- internal error
-
getGroupDirectMembersCount
Returns count of direct members in the group- Parameters:
sess
-group
-- Returns:
- count
-
getGroupDirectRichMembers
Returns direct group members in the RichMember object, which contains Member+User data.- Parameters:
sess
- sessiongroup
- group- Returns:
- list of direct RichMembers
- Throws:
InternalErrorException
- internal error
-
getGroupMemberById
Member getGroupMemberById(PerunSession sess, Group group, int memberId) throws NotGroupMemberException Get group member by member ID.- Parameters:
sess
-group
-memberId
-- Returns:
- Member
- Throws:
InternalErrorException
NotGroupMemberException
-
getGroupMembers
Return all group members.- Parameters:
perunSession
-group
-- Returns:
- list of users or empty list if the group is empty
- Throws:
InternalErrorException
-
getGroupMembers
List<Member> getGroupMembers(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Return all members of the group who has specific status in the group and also specific status in the Vo.For example: All members with valid status in the Vo and also valid status in the group.
- Parameters:
sess
- perun sessiongroup
- to get members fromstatusInGroup
- to get only members with this specific status in the groupstatus
- to get only members with this specific status in the Vo- Returns:
- list of members with specific status in group and specific status in the Vo
- Throws:
InternalErrorException
-
getGroupMembers
Return group members.- Parameters:
perunSession
-group
-status
-- Returns:
- list users or empty list if there are no users on specified page
- Throws:
InternalErrorException
-
getGroupMembersCount
- Parameters:
perunSession
-group
-- Returns:
- count of members of specified group
- Throws:
InternalErrorException
-
getGroupMembersCountsByGroupStatus
Returns counts of group members by their group status.- Parameters:
sess
-group
-- Returns:
- map of member status in group to count of group members with the status
-
getGroupMembersCountsByVoStatus
Returns counts of group members by their status in VO.- Parameters:
sess
-group
-- Returns:
- map of member status in VO to count of group members with the status
-
getGroupMembersExceptInvalid
Return only valid, suspended, expired and disabled group members.- Parameters:
perunSession
-group
-- Returns:
- list members or empty list if there are no such members
- Throws:
InternalErrorException
-
getGroupMembersExceptInvalidAndDisabled
Return only valid, suspended and expired group members.- Parameters:
perunSession
-group
-- Returns:
- list members or empty list if there are no such members
- Throws:
InternalErrorException
-
getGroupResourcePairsByAttribute
List<Pair<Group,Resource>> getGroupResourcePairsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Returns all group-resource which have set the attribute with the value. Searching only def and opt attributes.- Parameters:
sess
-attribute
-- Returns:
- Throws:
InternalErrorException
WrongAttributeAssignmentException
-
getGroupRichMembers
Returns group members in the RichMember object, which contains Member+User data.- Parameters:
sess
-group
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupRichMembers
Returns group members in the RichMember object, which contains Member+User data.- Parameters:
sess
-group
-status
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupRichMembersExceptInvalid
Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.- Parameters:
sess
-group
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupRichMembersWithAttributes
Returns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Parameters:
sess
-group
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupRichMembersWithAttributes
Returns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Parameters:
sess
-group
-status
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupRichMembersWithAttributesExceptInvalid
Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Parameters:
sess
-group
-- Returns:
- list of RichMembers
- Throws:
InternalErrorException
-
getGroupUnions
Get list of group unions for specified group.- Parameters:
sess
- perun sessiongroup
- groupreverseDirection
- if false get all operand groups of requested result group if true get all result groups of requested operand group- Returns:
- list of groups.
- Throws:
InternalErrorException
-
getGroupUsers
Return group users sorted by name.- Parameters:
perunSession
-group
-- Returns:
- list users sorted or empty list if there are no users on specified page
-
getGroups
Get all groups of users under the VO.- Parameters:
sess
-vo
- vo- Returns:
- list of groups
- Throws:
InternalErrorException
-
getGroupsByAttribute
List<Group> getGroupsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Returns all groups which have set the attribute with the value. Searching only def and opt attributes.- Parameters:
sess
-attribute
-- Returns:
- list of groups
- Throws:
InternalErrorException
WrongAttributeAssignmentException
-
getGroupsByIds
Search for the groups with specified ids in all VOs.- Parameters:
ids
-perunSession
-- Returns:
- groups with specified ids
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a member- Parameters:
sess
-member
-- Returns:
- list of groups connected with member
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a resource- Parameters:
sess
-resource
-- Returns:
- list of groups connected with resource
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a user- Parameters:
sess
-user
-- Returns:
- list of groups connected with user
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a host- Parameters:
sess
-host
-- Returns:
- list of groups connected with host
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a facility- Parameters:
sess
-facility
-- Returns:
- list of groups connected with facility
- Throws:
InternalErrorException
-
getGroupsByPerunBean
Returns list of groups connected with a vo- Parameters:
sess
-vo
-- Returns:
- list of groups connected with vo
- Throws:
InternalErrorException
-
getGroupsCount
- Parameters:
sess
-vo
-- Returns:
- count of VO's groups
- Throws:
InternalErrorException
-
getGroupsCount
Get count of all groups.- Parameters:
perunSession
-- Returns:
- count of all groups
- Throws:
InternalErrorException
-
getGroupsForAutoRegistration
Returns all groups which can be registered into during vo registration.- Parameters:
sess
- sessionvo
- vo- Returns:
- list of groups
-
getGroupsForAutoRegistration
Returns all groups which can be registered into during vo registration.- Parameters:
sess
- sessionvo
- voformItem
- application form item- Returns:
- list of groups
-
getGroupsForAutoRegistration
List<Group> getGroupsForAutoRegistration(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Returns all groups which can be registered into during group registration.- Parameters:
sess
- sessionregistrationGroup
- groupformItem
- application form item- Returns:
- list of groups
-
getGroupsPage
Paginated<RichGroup> getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) throws GroupNotExistsException, MemberNotExistsException, MemberGroupMismatchException Get page of groups from the given vo.- Parameters:
sess
- sessionvo
- voquery
- query with page informationattrNames
- attribute names- Returns:
- page of requested rich groups
- Throws:
GroupNotExistsException
MemberNotExistsException
MemberGroupMismatchException
-
getGroupsToSynchronize
Gets all groups which have enabled synchronization.- Parameters:
sess
-- Returns:
- list of groups to synchronize
- Throws:
InternalErrorException
GroupNotExistsException
-
getGroupsWhereGroupIsAdmin
Get list of groups where the given group is given the admin role.- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered groups.
- Throws:
InternalErrorException
-
getGroupsWhereMemberIsActive
Returns all member's groups where member is in active state (is valid there) Excluded members group.- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in active state (valid)
- Throws:
InternalErrorException
-
getGroupsWhereMemberIsInactive
Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in inactive state (expired)
- Throws:
InternalErrorException
-
getGroupsWhereUserIsActiveMember
Returns groups in which the user is active member. Groups are looked up only for the specified VO.- Parameters:
sess
- sessionuser
- user objectvo
- VO object- Returns:
- List of groups
-
getGroupsWithAssignedExtSourceInVo
Get all groups in specific vo with assigned extSource- Parameters:
sess
-source
-vo
-- Returns:
- l
- Throws:
InternalErrorException
-
getInactiveGroupMembers
Return all members of the group who are inactive (expired) in the group.Do not return active members of the group.
- Parameters:
perunSession
- perun sessiongroup
- to get members from- Returns:
- list of inactive (expired) members
- Throws:
InternalErrorException
-
getInactiveGroupMembers
Return all members of the group who are inactive (expired) in the group and have specific status in the Vo.Do not return active members of the group.
- Parameters:
sess
- perun sessiongroup
- to get members fromstatus
- to get only members with this specific status in the Vo- Returns:
- list of inactive (expired) members with specific status in the Vo
- Throws:
InternalErrorException
-
getIndirectMembershipPaths
List<List<Group>> getIndirectMembershipPaths(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException Get unique paths of groups via which member is indirectly included to the group. Cuts off after first included group.- Parameters:
sess
- perun sessionmember
- membergroup
- group in which the member is indirectly included- Returns:
- lists of groups [CURRENT GROUP -> SUBGROUP -> ... -> MEMBER'S SOURCE GROUP]
- Throws:
MemberNotExistsException
GroupNotExistsException
-
getMemberDirectGroups
Get all groups (except member groups) where member has direct membership.- Parameters:
sess
-member
- to get information about- Returns:
- list of groups where member is direct member (not members group), empty list if there is no such group
- Throws:
InternalErrorException
-
getMemberGroups
Returns all members groups. Except 'members' group.- Parameters:
sess
-member
-- Returns:
- Throws:
InternalErrorException
-
getMemberGroupsByAttribute
List<Group> getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) throws WrongAttributeAssignmentException Method return list of groups for selected member which (groups) has set specific attribute. Attribute can be only from namespace "GROUP"- Parameters:
sess
- sessmember
- memberattribute
- attribute from "GROUP" namespace- Returns:
- list of groups which contain member and have attribute with same value
- Throws:
InternalErrorException
WrongAttributeAssignmentException
-
getMemberRichGroupsWithAttributesByNames
@Deprecated List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) Deprecated.Return all RichGroups for specified member, containing selected attributes. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Parameters:
sess
- internal sessionmember
- the member to get the rich groups forattrNames
- list of selected attributes- Returns:
- list of rich groups with selected attributes
- Throws:
InternalErrorException
-
getMemberRichGroupsWithAttributesByNames
List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups for specified member, containing selected attributes filtered by role and its type. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Parameters:
sess
- internal sessionmember
- the member to get the rich groups forattrNames
- list of selected attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- list of rich groups with selected attributes
- Throws:
InternalErrorException
-
getParentGroup
Get parent group. If group is topLevel group or Members group, return Members group.- Parameters:
sess
-group
-- Returns:
- parent group
- Throws:
InternalErrorException
ParentGroupNotExistsException
-
getParentGroupMembers
Get members from parent group. If the parent group doesn't exist (this is top level group) return all VO (from which the group is) members instead.- Parameters:
sess
-group
-- Returns:
- Throws:
InternalErrorException
-
getParentGroupRichMembers
Get members form the parent group in RichMember format.- Parameters:
sess
-group
-- Returns:
- list of parent group rich members
- Throws:
InternalErrorException
-
getParentGroupRichMembersWithAttributes
Get members form the parent group in RichMember format including user/member attributes.- Parameters:
sess
-group
-- Returns:
- list of parent group rich members
- Throws:
InternalErrorException
-
getRichAdmins
List<RichUser> getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) throws UserNotExistsException Gets list of all richUser administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.Supported roles: GroupAdmin
If "onlyDirectAdmins" is "true", return only direct users of the group for supported role with specific attributes. If "allUserAttributes" is "true", do not specify attributes through list and return them all in objects richUser . Ignoring list of specific attributes.
- Parameters:
perunSession
-group
-specificAttributes
- list of specified attributes which are needed in object richUserallUserAttributes
- if true, get all possible user attributes and ignore list of specificAttributes (if false, get only specific attributes)onlyDirectAdmins
- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of RichUser administrators for the group and supported role with attributes
- Throws:
InternalErrorException
UserNotExistsException
-
getRichAdmins
Deprecated.Gets list of all administrators of this group like RichUsers without attributes.- Parameters:
perunSession
-group
-- Throws:
InternalErrorException
-
getRichAdminsWithAttributes
@Deprecated List<RichUser> getRichAdminsWithAttributes(PerunSession perunSession, Group group) throws UserNotExistsException Deprecated.Gets list of all administrators of this group like RichUsers with attributes.- Parameters:
perunSession
-group
-- Throws:
InternalErrorException
UserNotExistsException
-
getRichAdminsWithSpecificAttributes
@Deprecated List<RichUser> getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Get list of Group administrators with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Parameters:
perunSession
-group
-specificAttributes
-- Returns:
- list of RichUsers with specific attributes.
- Throws:
InternalErrorException
-
getRichGroupByIdWithAttributesByNames
RichGroup getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) throws GroupNotExistsException Returns RichGroup selected by id containing selected attributes- Parameters:
sess
-groupId
-attrNames
- if attrNames is null method will return RichGroup containing all attributes- Returns:
- RichGroup
- Throws:
InternalErrorException
GroupNotExistsException
-
getRichGroupsWithAttributesAssignedToResource
List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Resource resource, List<String> attrNames) Get all RichGroups with selected attributes assigned to the resource.- Parameters:
sess
-resource
- the resource to get assigned groups from itattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes assigned to the resource
- Throws:
InternalErrorException
-
getRichGroupsWithAttributesAssignedToResource
List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Member member, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to the resource filtered by specific member. Allowed namespaces of attributes are group, group-resource, member-group and member-resource.Last step is filtration of attributes: Attributes are filtered by rights of user in session. User get only those selected attributes he has rights to read.
- Parameters:
sess
-member
- member used for filtering returned groups (groups have to contain this member to be returned)resource
- resource to get assigned groups forattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroup objects with specific attributes specified by object Resource and object Member
- Throws:
InternalErrorException
-
getRichSubGroupsWithAttributesByNames
List<RichGroup> getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Returns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
InternalErrorException
-
getServiceGroupMembers
Return a list of all group members, who are service users- Parameters:
perunSession
-group
-- Returns:
- list of Members from given group who are service users
-
getSubGroups
Get all subgroups of the parent group under the VO.- Parameters:
sess
-parentGroup
- parent group- Returns:
- list of groups
- Throws:
InternalErrorException
-
getSubGroupsCount
Returns number of immediate subgroups of the parent group.- Parameters:
sess
-parentGroup
-- Returns:
- count of parent group immediate subgroups
- Throws:
InternalErrorException
-
getSubgroupsPage
Paginated<RichGroup> getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Get page of subgroups from the given parent group.- Parameters:
sess
- sessiongroup
- parent groupquery
- query with page informationattrNames
- attribute names- Returns:
- page of requested rich groups
-
getTotalGroupStatusForMembers
Map<Integer,MemberGroupStatus> getTotalGroupStatusForMembers(PerunSession session, Group group, List<Member> members) Returns total member's status of given members in given group.- Parameters:
session
- sessiongroup
- groupmembers
- members- Returns:
- total status of members in given group
-
getTotalMemberGroupStatus
Returns total member's status in given group. If there is no relation, null is returned.- Parameters:
session
- sessionmember
- membergroup
- group- Returns:
- total status of member in given group
- Throws:
InternalErrorException
- internal error
-
getUserGroups
Return groups where user is member.- Parameters:
sess
-user
-- Returns:
- list of groups
- Throws:
InternalErrorException
-
getUserGroups
List<Group> getUserGroups(PerunSession sess, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Return groups where user is member with allowed statuses in vo and group. If statuses are empty or null, all statuses are used.- Parameters:
sess
-user
-memberStatuses
- allowed statuses of member in VOmemberGroupStatuses
- allowed statuses of member in group- Returns:
- list of groups
- Throws:
InternalErrorException
-
getVo
Gets the Vo which is owner of the group.- Parameters:
sess
-group
-- Returns:
- Vo which is owner of the group.
- Throws:
InternalErrorException
-
getVosWhereGroupIsAdmin
Get list of VOs where the given group is given the admin role.- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered VOs.
- Throws:
InternalErrorException
-
hasGroupSynchronizedChild
Check if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.- Parameters:
session
-group
-- Returns:
- Throws:
InternalErrorException
-
inactivateMember
void inactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Inactivates member in group and sets its status to EXPIRED.- Parameters:
sess
- perun sessionmember
- membergroup
- group- Throws:
InternalErrorException
- internal errorMemberNotExistsException
- if given member is not direct member of given group
-
isAllowedGroupToHierarchicalVo
Returns flag representing if the group can be included in the (parent) vo's groups- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Returns:
- true if group can be included in vo's groups, false otherwise
-
isDirectGroupMember
Return true if Member is direct member of the Group- Parameters:
sess
- sessiongroup
- group where the membership is to be checkedmember
- member whose membership is to be checked- Returns:
- true if Member is direct member of the Group
- Throws:
InternalErrorException
-
isGroupForAnyAutoRegistration
Check if group has automatic registration enabled in any form item.- Parameters:
sess
- sessiongroup
- group to check
-
isGroupForAutoRegistration
Check if group has automatic registration enabled in the given form item.- Parameters:
sess
- sessiongroup
- group to checkformItems
- form items for which the group can be configured
-
isGroupInStructureSynchronizationTree
Check if the group or its subgroups are defined as synchronized from an external source at this moment.- Parameters:
session
-group
-- Returns:
- Throws:
InternalErrorException
-
isGroupLastAdminInSomeFacility
Check whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does. Such facilities could upon removal of the group be left without a person to manage them.- Parameters:
sess
- sessiongroup
- group- Returns:
- list of facilities which the group supplies last FACILITYADMIN to
-
isGroupLastAdminInSomeFacility
Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do. Such facilities could upon removal of the group be left without a person to manage them.- Parameters:
sess
- sessiongroups
- groups to check- Returns:
- list of groups which supply last FACILITYADMIN in some facility
-
isGroupLastAdminInSomeVo
Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do. Such vos could upon removal of the group be left without a person to manage them.- Parameters:
sess
- sessiongroups
- groups to check- Returns:
- list of groups which supply last VOADMIN in some facility
-
isGroupLastAdminInSomeVo
Check whether the group supplies the last VOADMIN in some vo, return those vos in which it does. Such vos could upon removal of the group be left without a person to manage them.- Parameters:
sess
- sessiongroup
- group- Returns:
- list of vos which the group supplies last VOADMIN to
-
isGroupMember
Return true if Member is member of the Group- Parameters:
sess
-group
-member
-- Returns:
- true if Member is member of the Group
- Throws:
InternalErrorException
-
isGroupSynchronizedFromExternallSource
Check if the group is defined as synchronized from an external source at this moment.- Parameters:
session
-group
-- Returns:
- Throws:
InternalErrorException
-
isUserMemberOfGroup
Checks whether the user is member of the group.- Parameters:
sess
-user
-group
-- Returns:
- true if the user is member of the group
- Throws:
InternalErrorException
-
moveGroup
void moveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) throws GroupMoveNotAllowedException, WrongAttributeValueException, WrongReferenceAttributeValueException Move one group structure under another group in same vo or as top level group- Parameters:
sess
- perun sessiondestinationGroup
- group to which is moving group moved, if it's null group will be moved as top level groupmovingGroup
- group which is moved to destination group- Throws:
InternalErrorException
GroupMoveNotAllowedException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
reactivateMember
void reactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Reactivates member in group and sets its status to VALID.- Parameters:
sess
- perun sessionmember
- membergroup
- group- Throws:
InternalErrorException
- internal errorMemberNotExistsException
- if given member is not member of given group
-
recalculateMemberGroupStatusRecursively
void recalculateMemberGroupStatusRecursively(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatuses) Calculates the state of given member in given group and calls this method recursively for all parent groups.- Parameters:
member
- membergroup
- grouppreviousStatuses
- previousStatuses- Throws:
InternalErrorException
- internal error
-
removeGroupUnion
void removeGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, GroupNotExistsException Removes a union relation between two groups. All indirect members that originate from operand group are removed from result group.- Parameters:
sess
- perun sessionresultGroup
- group from which members are removedoperandGroup
- group which members are removed from result groupparentFlag
- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Throws:
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
InternalErrorException
GroupNotExistsException
-
removeMember
void removeMember(PerunSession perunSession, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException Removes member form the group. But not from members or administrators group.- Parameters:
perunSession
-group
-member
-- Throws:
InternalErrorException
NotGroupMemberException
GroupNotExistsException
-
removeMember
void removeMember(PerunSession perunSession, List<Group> groups, Member member) throws NotGroupMemberException, GroupNotExistsException Removes member from groups. But not from members or administrators group.- Parameters:
perunSession
-groups
-member
-- Throws:
InternalErrorException
NotGroupMemberException
GroupNotExistsException
-
removeMemberFromMembersOrAdministratorsGroup
void removeMemberFromMembersOrAdministratorsGroup(PerunSession perunSession, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Removes member from members or administrators group only.- Parameters:
perunSession
-group
-member
-- Throws:
InternalErrorException
NotGroupMemberException
GroupNotExistsException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
removeMembers
void removeMembers(PerunSession perunSession, Group group, List<Member> members) throws NotGroupMemberException, GroupNotExistsException Removes members from the group. But not from members or administrators group.- Parameters:
perunSession
-group
-members
-- Throws:
InternalErrorException
NotGroupMemberException
GroupNotExistsException
-
removeRelationMembers
void removeRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws WrongReferenceAttributeValueException, NotGroupMemberException, WrongAttributeValueException, GroupNotExistsException Method recalculates all relations between groups. Method recursively removes members from groups and all their relations. The method is called in case of: 1) removed relation 2) removed member 3) group removal 4) group movement- Parameters:
sess
- perun sessionresultGroup
- group to which members are added or removed fromchangedMembers
- list of changed members which is passed as argument to add indirect members method. List contains records of removed indirect members from operand group.sourceGroupId
- id of a group from which members originate- Throws:
WrongReferenceAttributeValueException
NotGroupMemberException
WrongAttributeValueException
InternalErrorException
GroupNotExistsException
-
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
void saveInformationAboutGroupStructureSynchronizationInNestedTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException This method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in nested transaction. With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Parameters:
sess
- perun sessiongroup
- the group structure for synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
InternalErrorException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupStructureSynchronizationInNewTransaction
void saveInformationAboutGroupStructureSynchronizationInNewTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException This method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of it being used in synchronization of groups structures) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Parameters:
sess
- perun sessiongroup
- the group structure for synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
InternalErrorException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNestedTransaction
void saveInformationAboutGroupSynchronizationInNestedTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in nested transaction so it can be used in another transaction With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Parameters:
sess
- perun sessiongroup
- the group for synchronizationstartTime
- of the synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
InternalErrorException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNewTransaction
void saveInformationAboutGroupSynchronizationInNewTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of using in synchronization of groups) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Parameters:
sess
- perun sessiongroup
- the group for synchronizationstartTime
- of the synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
InternalErrorException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
synchronizeGroup
List<String> synchronizeGroup(PerunSession sess, Group group) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, GroupNotExistsException Synchronizes the group with the external group without checking if the synchronization is already in progress. If some members from extSource of this group were skipped, return info about them. if not, return empty string instead, which means all members was successfully load from extSource.- Parameters:
sess
-group
-- Returns:
- List of strings with skipped users with reasons why were skipped
- Throws:
InternalErrorException
AttributeNotExistsException
WrongAttributeAssignmentException
ExtSourceNotExistsException
GroupNotExistsException
-
synchronizeGroupStructure
List<String> synchronizeGroupStructure(PerunSession sess, Group group) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Synchronize a group structure with an external source group structure under the group.- Parameters:
sess
-group
- base group under which will be synchronized structure of groups- Returns:
- List of strings with skipped groups with reasons why were skipped
- Throws:
InternalErrorException
AttributeNotExistsException
WrongAttributeAssignmentException
ExtSourceNotExistsException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
synchronizeGroups
Synchronize all groups which have enabled synchronization. This method is run by the scheduler every 5 minutes.- Throws:
InternalErrorException
-
synchronizeGroupsStructures
Synchronize all groups structures which have enabled group structure synchronization. This method is run by the scheduler every 5 minutes.- Throws:
InternalErrorException
-
updateGroup
Updates group by ID.Update shortName (use shortName) and description. Group.name is ignored. Return Group with correctly set parameters (including group.name)
- Parameters:
perunSession
-group
- to update (use only ID, shortName and description)- Returns:
- updated group with correctly set parameters (including group.name)
- Throws:
InternalErrorException
GroupExistsException
- if group with same name already exists in the same VO
-
updateParentGroupId
Updates parentGroupId.!! IMPORTANT This method allows to change parentGroupId, but it doesn't update group and subGroup names !!
- Parameters:
perunSession
-group
- to update- Returns:
- group with updated parentGroupId
- Throws:
InternalErrorException
-
validateMemberInGroup
Set member's status in given group to VALID- Parameters:
sess
- perun sessionmember
- member whose status will be changedgroup
- group in which given member will be validated- Throws:
InternalErrorException
- internal error
-