Interface UsersManagerBl
- All Known Implementing Classes:
UsersManagerBlImpl
- Author:
- Michal Prochazka, Slavek Licehammer, Zora Sebestianova, Sona Mastrakova
-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addSpecificUserOwner
(PerunSession sess, User user, User specificUser) Add specificUser owner (the user) If not exists, create new ownership.addUserExtSource
(PerunSession perunSession, User user, UserExtSource userExtSource) Adds user's external sources.void
anonymizeUser
(PerunSession perunSession, User user, boolean force) Anonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted.void
blockLogins
(PerunSession sess, List<String> logins, String namespace, Integer relatedUserId) Block logins for given namespace or block logins globally (if no namespace is selected)void
changeEmail
(PerunSession sess, User user, String newEmail) Change user's email to email from user ext source.void
changeEmailCustom
(PerunSession sess, User user, String newEmail, String url, String lang, String path, String idp) Change user's email to custom email.void
changeName
(PerunSession sess, User user, String newUserName) Change user's name to user's name from user ext source.void
changeNameCustom
(PerunSession sess, User user, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Change user's name to custom name.void
changeNonAuthzPassword
(PerunSession sess, UUID token, String password, String lang) Changes user password in defined login-namespace based on token of the password reset request.void
changeOrganization
(PerunSession sess, User user, String newOrganizationName) Change organization from which user came to organization from user ext source.void
changeOrganizationCustom
(PerunSession sess, User user, String newOrganizationName) Change organization from which user came to custom organization.void
changePassword
(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) Changes user password in defined login-namespace.changePasswordRandom
(PerunSession session, User user, String loginNamespace) Generates new random password for given user and returns String representing HTML where is the new password.void
checkBlockedLogins
(PerunSession sess, String namespace, String userLogin, boolean ignoreCase) Check if login is blocked.void
checkPasswordResetRequestIsValid
(PerunSession sess, UUID token) Checks if the password reset request link is valid.void
checkPasswordStrength
(PerunSession sess, String password, String namespace, String login) Check password strength for the given namespace.void
checkReservedLogins
(PerunSession sess, String namespace, String login, boolean ignoreCase) Check if login exists in specified namespace or in any namespace (if namespace is null).void
checkUserExists
(PerunSession sess, User user) void
checkUserExtSourceExists
(PerunSession sess, UserExtSource userExtSource) void
checkUserExtSourceExistsById
(PerunSession sess, int id) convertRichUsersToRichUsersWithAttributes
(PerunSession sess, List<RichUser> richUsers) From List of Rich Users without attribute make list of Rich Users with attributesGet user and convert values of his object attributes: - firstName - lastName - middleName - titleBefore - titleAfter from emptyString (like "") to null.convertUsersToRichUsers
(PerunSession sess, List<User> users) From List of Users make list of RichUsers (without attributes)convertUsersToRichUsersWithAttributes
(PerunSession sess, List<RichUser> richUsers, List<AttributeDefinition> attrsDef) Convert RichUsers without attribute to RichUsers with specific attributes.convertUsersToRichUsersWithAttributesByNames
(PerunSession sess, List<User> users, List<String> attrNames) From List of Users make list of RichUsers (with attributes by names)convertUserToRichUserWithAttributesByNames
(PerunSession sess, User user, List<String> attrNames) From User make Rich user (with attributes by names)void
createAlternativePassword
(PerunSession sess, User user, String description, String loginNamespace, String password) Creates alternative password in external system.createServiceUser
(PerunSession sess, Candidate candidate, List<User> owners) From given candidate, creates a service user and assign given owners to him.createUser
(PerunSession sess, Candidate candidate) From given candidate, creates a user.createUser
(PerunSession perunSession, User user) Inserts user into DB.void
deleteAlternativePassword
(PerunSession sess, User user, String loginNamespace, String passwordId) Deletes alternative password in external system.void
deletePassword
(PerunSession sess, User user, String loginNamespace) Deletes password in external system for existing user.void
deletePassword
(PerunSession sess, String userLogin, String loginNamespace) Deletes password in external system.void
deleteReservedLoginsForNamespace
(PerunSession sess, String namespace) Deletes all reserved logins in given namespacevoid
deleteReservedLoginsOnlyByGivenApp
(PerunSession sess, int appId) Deletes reserved logins which can be deleted - they are used only in the given application.void
deleteUser
(PerunSession perunSession, User user) Deletes user.void
deleteUser
(PerunSession perunSession, User user, boolean forceDelete) Deletes user.filterOnlyAllowedAttributes
(PerunSession sess, RichUser richUser) For richUser filter all his user attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichUser> richUsers) For list of richUser filter all their user attributes and remove all which principal has no access to.filterOnlyAllowedAttributesForRichUserExtSources
(PerunSession sess, List<RichUserExtSource> richUserExtSources) From given list ofRichUserExtSource
removes the attributes which are not allowed for the current principal.findRichUsers
(PerunSession sess, String searchString) Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersByExactMatch
(PerunSession sess, String searchString) Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributes
(PerunSession sess, String searchString, List<String> attrNames) Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributesByExactMatch
(PerunSession sess, String searchString, List<String> attrNames) Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithoutSpecificVoWithAttributes
(PerunSession sess, Vo vo, String searchString, List<String> attrsName) Return list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.findUsers
(PerunSession sess, String searchString) Returns list of users' who matches the searchString, searching name, id, uuid, email and logins.findUsersByExactName
(PerunSession sess, String searchString) Returns list of users who exactly matches the searchStringfindUsersByName
(PerunSession sess, String searchString) Returns list of users who matches the searchStringfindUsersByName
(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Returns list of users who matches the fields.findUsersWithExtSourceAttributeValueEnding
(PerunSessionImpl sess, String attributeName, String valueEnd, List<String> excludeValueEnds) Finds users with UserExtSource with attribute value that ends with specified string but not with specified exclude strings.generateAccount
(PerunSession session, String namespace, Map<String, String> parameters) Generate user account in a backend system associated with login-namespace in Perun.getActiveUserExtSources
(PerunSession sess, User user) Get all users userExtSources with last_access not older than (now - m), where 'm' is number of months defined in CONSTANT in UsersManagerImpl.Returns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)getAllowedResources
(PerunSession sess, Facility facility, User user) Get all resources from the facility which have the user access on.getAllowedResources
(PerunSession sess, User user) Get all resources which have the user access on.getAllRichUsers
(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes
(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes
(PerunSession sess, boolean includedSpecificUsers, List<String> attrsNames) Get User to RichUser with attributes.getAllUserExtSourcesByTypeAndLogin
(PerunSession sess, String extType, String extLogin) Gets list of all users external sources by specific type and extLogin.getAssignedResources
(PerunSession sess, Facility facility, User user) Get all resources from the facility where the user is assigned.getAssignedResources
(PerunSession sess, User user) Get all resources where the user is assigned.getAssignedRichResources
(PerunSession sess, User user) Get all rich resources where the user is assigned.getAssociatedResources
(PerunSession sess, Facility facility, User user) Return all resources of specified facility with which user is associated through all his members.getAssociatedResources
(PerunSession sess, User user) Get all resources with which user can be associated (similar to assigned resources, but does not require ACTIVE group-resource assignment).getBlockedLoginsPage
(PerunSession sess, BlockedLoginsPageQuery query) Get page of blocked logins.getGroupsWhereUserIsActive
(PerunSession sess, Facility facility, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and facilitygetGroupsWhereUserIsActive
(PerunSession sess, Resource resource, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and resourcegetGroupsWhereUserIsAdmin
(PerunSession perunSession, User user) Returns list of Groups in Perun, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.getGroupsWhereUserIsAdmin
(PerunSession sess, Vo vo, User user) Returns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.int
getIdOfBlockedLogin
(PerunSession sess, String login, String namespace) Return ID of blocked logingetPasswordManagerModule
(PerunSession session, String namespace) Returns password manager module for specified login-namespace or falls back on generic password manager module.getPendingPreferredEmailChanges
(PerunSession sess, User user) Return list of email addresses of user, which are awaiting validation and are inside time window for validation.getRelatedUserIdByBlockedLoginInNamespace
(PerunSession sess, String login, String namespace) Get user id of the user who was related to the given login in the pastgetReservedLoginsByApp
(PerunSession sess, int appId) Gets reserved logins which are used in the given application.getReservedLoginsOnlyByGivenApp
(PerunSession sess, int appId) Gets reserved logins which can be deleted - they are used only in the given application.getRichUser
(PerunSession sess, User user) Get User to RichUser without attributes.getRichUserExtSources
(PerunSession sess, User user, List<String> attrsNames) Gets list of all user's external sources with attributes.getRichUsersByIds
(PerunSession sess, List<Integer> ids) Returns rich users without attributes by their ids.getRichUsersFromListOfUsers
(PerunSession sess, List<User> users) From Users makes RichUsers without attributes.getRichUsersWithAttributesByIds
(PerunSession sess, List<Integer> ids) Returns rich users with attributes by their ids.getRichUsersWithAttributesFromListOfUsers
(PerunSession sess, List<User> users) From Users makes RichUsers with attributes.Returns all RichUsers with attributes who are not member of any VO.getRichUsersWithoutVoWithAttributes
(PerunSession sess, List<String> attrsName) Return list of RichUsers which are not members of any VO and contain selected attributes.getRichUserWithAttributes
(PerunSession sess, User user) Get User to RichUser with attributes.getSpecificUsers
(PerunSession sess) Return all specific Users (only specific users)getSpecificUsersByUser
(PerunSession sess, User user) Return all specificUsers who are owned by the user and their ownership is not in status disabledgetSponsors
(PerunSession sess, Member sponsoredMember) Gets list of users that sponsor the member.getSponsorsForSponsoredMembersInVo
(PerunSession sess, int voId) Retrieves a map, that maps the ids of the sponsored members in the given VO to a list of their Sponsors with the corresponding Sponsorship objects.getUnanonymizedUsersBySpecificUser
(PerunSession sess, User specificUser) Return all users who owns the specificUser, their ownership is not in status disabled and are not anonymizedgetUserByExtSourceInformation
(PerunSession sess, PerunPrincipal principal) Get user by principal's additional identifiers or extSourceName and extSourceLogin.getUserByExtSourceNameAndExtLogin
(PerunSession sess, String extSourceName, String extLogin) Get user by extSourceName and extSourceLogingetUserById
(PerunSession perunSession, int id) Returns user by his/her id.getUserByMember
(PerunSession perunSession, Member member) Returns user by VO member.getUserByUserExtSource
(PerunSession perunSession, UserExtSource userExtSource) Returns user by his login in external source and external source.getUserByUserExtSources
(PerunSession sess, List<UserExtSource> userExtSources) Get the user based on one of the userExtSource.getUserExtSourceByExtLogin
(PerunSession perunSession, ExtSource source, String extLogin) Gets user's external source by the user's external login and external source.getUserExtSourceById
(PerunSession sess, int id) Get the user ext source by its id.getUserExtSourceByUniqueAttributeValue
(PerunSession sess, int attrId, String uniqueValue) Return userExtSource for specific attribute definition (specified by id) and unique value.getUserExtSourceByUniqueAttributeValue
(PerunSession sess, String attrName, String uniqueValue) Return userExtSource for specific attribute definition (specified by id) and unique value.getUserExtSourceFromMultipleIdentifiers
(PerunSession sess, PerunPrincipal principal) Iteratively searches through additional identifiers trying to find userExtSource with the same identifier.getUserExtSources
(PerunSession perunSession, User user) Gets list of all user's external sources of the user.getUserExtSourcesByIds
(PerunSession sess, List<Integer> ids) Get user ext sources by their ids.getUsers
(PerunSession sess) Returns all users (included specific users)getUsersByAttribute
(PerunSession sess, Attribute attribute) Returns all users who have set the attribute with the value.getUsersByAttribute
(PerunSession sess, Attribute attribute, boolean ignoreCase) Returns all users who have set the attribute with the value IGNORING CASE in the comparison.getUsersByAttribute
(PerunSession sess, String attributeName, String attributeValue) Returns all users who have set the attribute with the value.getUsersByAttributeValue
(PerunSession sess, String attributeName, String attributeValue) Returns all users who have the attribute with the value.getUsersByExtSourceTypeAndLogin
(PerunSession perunSession, String extSourceType, String login) Get all the users who have given type of the ExtSource and login.getUsersByIds
(PerunSession sess, List<Integer> usersIds) Batch method which returns users by theirs ids.getUsersByPerunBean
(PerunSession sess, Facility facility) Returns list of users connected with a facilitygetUsersByPerunBean
(PerunSession sess, Group group) Returns list of users connected with a groupgetUsersByPerunBean
(PerunSession sess, Host host) Returns list of users connected with a hostgetUsersByPerunBean
(PerunSession sess, Member member) Returns list of users connected with a membergetUsersByPerunBean
(PerunSession sess, Resource resource) Returns list of users connected with a resourcegetUsersByPerunBean
(PerunSession sess, Vo vo) Returns list of users connected with a vogetUsersBySpecificUser
(PerunSession sess, User specificUser) Return all users who owns the specificUser and their ownership is not in status disabledint
getUsersCount
(PerunSession perunSession) Get count of all users.getUsersPage
(PerunSession sess, UsersPageQuery query, List<String> attrNames) Get page of users with the given attributes.getUsersReservedLogins
(PerunSession sess, User user) Return list of all reserved logins for specific user (pair is namespace and login)getUsersWithoutSpecificVo
(PerunSession sess, Vo vo, String searchString) Return list of users who matches the searchString, searching name, email and logins and are not member in specific VO.Returns all users who are not member of any VO.getVosWhereUserIsAdmin
(PerunSession perunSession, User user) Returns list of VOs, where the user is an Administrator.getVosWhereUserIsMember
(PerunSession perunSession, User user) Returns list of VOs, where the user is a member.boolean
isLoginAvailable
(PerunSession sess, String loginNamespace, String login) Checks if the login is available in the namespace.boolean
isLoginBlocked
(PerunSession sess, String login, boolean ignoreCase) Return true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not.boolean
isLoginBlockedForNamespace
(PerunSession sess, String login, String namespace, boolean ignoreCase) Return true if login is blocked for given namespace, false if not When the namespace is null, then the method behaves like isLoginBlockedGlobally(), so it checks if the login is blocked globally.boolean
isLoginBlockedGlobally
(PerunSession sess, String login) Return true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not Globally banned logins are ALWAYS case-insensitive.boolean
isUserAnonymized
(PerunSession sess, User user) Checks whether user has been anonymized or not.boolean
isUserPerunAdmin
(PerunSession sess, User user) Deprecated.boolean
loginExist
(PerunSession sess, User user, String loginNamespace) Checks if login exists in given login-namespace.void
moveUserExtSource
(PerunSession perunSession, User sourceUser, User targetUser, UserExtSource userExtSource) Take UserExtSource from sourceUser and move it to the targetUser.void
removeAllUserExtSources
(PerunSession sess, User user) Removes all user's external sources.void
removeSpecificUserOwner
(PerunSession sess, User user, User specificUser) Remove specificUser owner (the user) Only disable ownership of user and specificUservoid
removeSpecificUserOwner
(PerunSession sess, User user, User specificUser, boolean forceDelete) Remove specificUser owner (the user).void
removeUserExtSource
(PerunSession perunSession, User user, UserExtSource userExtSource) Removes user's external sources.void
requestPreferredEmailChange
(PerunSession sess, String url, User user, String email, String lang, String path, String idp) Request change of user's preferred email address.void
reservePassword
(PerunSession sess, User user, String loginNamespace, String password) Reserves the password in external system.void
reservePassword
(PerunSession sess, String userLogin, String loginNamespace, String password) Reserves the password in external system.void
reserveRandomPassword
(PerunSession sess, User user, String loginNamespace) Reserves random password in external system.void
setLogin
(PerunSession sess, User user, String loginNamespace, String login) Allow users to manually add login in supported namespace if same login is not reservedsetSpecificUser
(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) Set specific user type for specific user and set ownership of this user for the owner.boolean
specificUserOwnershipExists
(PerunSession sess, User user, User specificUser) Return true if ownership of user and specificUser already exists.void
unblockLogins
(PerunSession sess, List<String> logins, String namespace) Unblock logins for given namespace or unblock logins globally (if no namespace is selected)void
unblockLoginsById
(PerunSession sess, List<Integer> loginIds) Unblock logins by id globally, or in the namespace they were initially blocked.void
unblockLoginsForNamespace
(PerunSession sess, String namespace) Unblock all logins for given namespaceunsetSpecificUser
(PerunSession sess, User specificUser, SpecificUserType specificUserType) Remove all ownerships of this specific user and unset this specific user type from this specific user.updateNameTitles
(PerunSession perunSession, User user) Updates titles before/after users name.updateUser
(PerunSession perunSession, User user) Updates users data in DB.updateUserExtSource
(PerunSession perunSession, UserExtSource userExtSource) Updates user's userExtSource in DB.void
updateUserExtSourceLastAccess
(PerunSession perunSession, UserExtSource userExtSource) Updates user's userExtSource last access time in DB.boolean
userExtSourceExists
(PerunSession sess, UserExtSource userExtSource) void
validatePassword
(PerunSession sess, User user, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.void
validatePassword
(PerunSession sess, String userLogin, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.validatePreferredEmailChange
(PerunSession sess, User user, UUID token) Validate change of user's preferred email address.void
validateSSHKey
(PerunSession sess, String sshKey) Validate ssh public key, throws exception if validation fails
-
Field Details
-
ORIGIN_IDENTITY_PROVIDER_KEY
- See Also:
-
MULTIVALUE_ATTRIBUTE_SEPARATOR_REGEX
- See Also:
-
ADDITIONAL_IDENTIFIERS_ATTRIBUTE_NAME
- See Also:
-
ADDITIONAL_IDENTIFIERS_PERUN_ATTRIBUTE_NAME
- See Also:
-
-
Method Details
-
addSpecificUserOwner
void addSpecificUserOwner(PerunSession sess, User user, User specificUser) throws RelationExistsException Add specificUser owner (the user) If not exists, create new ownership. If exists, only enable ownership for user and specificUser- Parameters:
sess
-user
- the userspecificUser
- the specificUser- Throws:
InternalErrorException
RelationExistsException
- If there is such user (the user) who try to add
-
addUserExtSource
UserExtSource addUserExtSource(PerunSession perunSession, User user, UserExtSource userExtSource) throws UserExtSourceExistsException Adds user's external sources.- Parameters:
perunSession
-user
-userExtSource
-- Returns:
- user external auth object with newly generated ID
- Throws:
InternalErrorException
UserExtSourceExistsException
-
anonymizeUser
void anonymizeUser(PerunSession perunSession, User user, boolean force) throws RelationExistsException, AnonymizationNotSupportedException Anonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted. Also deletes other user's related data, e.g. authorships of users publications, mail change and password reset requests, bans... If force is true then also removes associated members.- Parameters:
perunSession
-user
-force
-- Throws:
InternalErrorException
RelationExistsException
- if the user has some members assignedAnonymizationNotSupportedException
- if an attribute should be anonymized but its module doesn't specify the anonymization process or if the anonymization is not supported at this instance
-
blockLogins
void blockLogins(PerunSession sess, List<String> logins, String namespace, Integer relatedUserId) throws LoginIsAlreadyBlockedException, LoginExistsException Block logins for given namespace or block logins globally (if no namespace is selected)- Parameters:
sess
-logins
- list of logins to be blockednamespace
- namespace where the logins should be blocked (null means block the logins globally)relatedUserId
- id of the user related to the login or null if the relatedUserId should not be stored- Throws:
LoginIsAlreadyBlockedException
LoginExistsException
-
changeNonAuthzPassword
void changeNonAuthzPassword(PerunSession sess, UUID token, String password, String lang) throws UserNotExistsException, LoginNotExistsException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException, PasswordResetLinkExpiredException, PasswordResetLinkNotValidException Changes user password in defined login-namespace based on token of the password reset request.- Parameters:
sess
- PerunSessiontoken
- token for the password reset requestpassword
- new passwordlang
- Language to get notification in- Throws:
InternalErrorException
UserNotExistsException
- When the user who requested the password reset doesn't existLoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configurationPasswordResetLinkExpiredException
- When the password reset request expiredPasswordResetLinkNotValidException
- When the password reset request was already used or has never existedPasswordChangeFailedException
- When password change failedPasswordOperationTimeoutException
- When password change timed outPasswordStrengthFailedException
-
changePassword
void changePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Changes user password in defined login-namespace. If checkOldPassword is true, then ask authentication system if old password is correct. user must exists.- Parameters:
sess
-user
- user object which is used to get userLogin from the loginNamespaceloginNamespace
-oldPassword
-newPassword
-checkOldPassword
-- Throws:
InternalErrorException
PasswordDoesntMatchException
- When old password does not matchPasswordChangeFailedException
LoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutException
PasswordStrengthFailedException
-
changePasswordRandom
String changePasswordRandom(PerunSession session, User user, String loginNamespace) throws PasswordOperationTimeoutException, LoginNotExistsException, PasswordChangeFailedException, InvalidLoginException, PasswordStrengthException Generates new random password for given user and returns String representing HTML where is the new password.The HTML template is taken from entityless attribute randomPwdResetTemplate and the loginNamespace is used as a key.
- Parameters:
session
- sessionuser
- userloginNamespace
- login namespace- Returns:
- String representing HTML with data about new generated password
- Throws:
PasswordOperationTimeoutException
- password change timed outInternalErrorException
- internal errorPasswordChangeFailedException
- password change failedLoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configuration
-
checkBlockedLogins
void checkBlockedLogins(PerunSession sess, String namespace, String userLogin, boolean ignoreCase) throws LoginIsAlreadyBlockedException Check if login is blocked. Login can be blocked by default (used by internal components), globally or in namespace.- Parameters:
sess
- sessionnamespace
- attributeuserLogin
- loginignoreCase
- ignore case (work as case-insensitive)- Throws:
LoginIsAlreadyBlockedException
- when login is blocked
-
checkPasswordResetRequestIsValid
void checkPasswordResetRequestIsValid(PerunSession sess, UUID token) throws PasswordResetLinkExpiredException, PasswordResetLinkNotValidException Checks if the password reset request link is valid. The request is valid, if it was created, never used and hasn't expired yet.- Parameters:
sess
- PerunSessiontoken
- token for the request to check- Throws:
PasswordResetLinkExpiredException
- when the reset link expiredPasswordResetLinkNotValidException
- when the reset link was already used or has never existed
-
checkPasswordStrength
void checkPasswordStrength(PerunSession sess, String password, String namespace, String login) throws PasswordStrengthException Check password strength for the given namespace. If the password is too weak, the PasswordStrengthException is thrown- Parameters:
password
- password, that will be checkednamespace
- namespace, that will be used to check the strength of the passwordlogin
- login, which may be required for correct password strength check- Throws:
PasswordStrengthException
- When password doesn't match expected strength by namespace configuration
-
checkReservedLogins
void checkReservedLogins(PerunSession sess, String namespace, String login, boolean ignoreCase) throws AlreadyReservedLoginException Check if login exists in specified namespace or in any namespace (if namespace is null).- Parameters:
sess
-namespace
- namespace for login, null for all namespacelogin
- login to checkignoreCase
- TRUE to perform case-insensitive check- Throws:
InternalErrorException
AlreadyReservedLoginException
- throw this exception if login already exist in table of reserved logins
-
checkUserExists
- Throws:
UserNotExistsException
-
checkUserExtSourceExists
void checkUserExtSourceExists(PerunSession sess, UserExtSource userExtSource) throws UserExtSourceNotExistsException - Throws:
UserExtSourceNotExistsException
-
checkUserExtSourceExistsById
- Throws:
UserExtSourceNotExistsException
-
convertRichUsersToRichUsersWithAttributes
List<RichUser> convertRichUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers) throws UserNotExistsException From List of Rich Users without attribute make list of Rich Users with attributes- Parameters:
sess
-richUsers
-- Returns:
- list of Rich Users with attributes
- Throws:
InternalErrorException
UserNotExistsException
-
convertUserEmptyStringsInObjectAttributesIntoNull
Get user and convert values of his object attributes: - firstName - lastName - middleName - titleBefore - titleAfter from emptyString (like "") to null. If these values are not empty strings, do not change them. If user is null, return null.- Parameters:
user
- user to converting- Returns:
- converted user
-
convertUserToRichUserWithAttributesByNames
RichUser convertUserToRichUserWithAttributesByNames(PerunSession sess, User user, List<String> attrNames) From User make Rich user (with attributes by names)- Parameters:
sess
- sessionuser
- user to be convertedattrNames
- list of Strings with attribute names- Returns:
- RichUser with attributes
- Throws:
InternalErrorException
- internal error
-
convertUsersToRichUsers
From List of Users make list of RichUsers (without attributes)- Parameters:
sess
-users
-- Returns:
- list of RIch Users without attributes
- Throws:
InternalErrorException
-
convertUsersToRichUsersWithAttributes
List<RichUser> convertUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers, List<AttributeDefinition> attrsDef) Convert RichUsers without attribute to RichUsers with specific attributes. Specific by list of Attributes. If in list of Attributes is some notUser attribute, it is skipped.- Parameters:
sess
-richUsers
-attrsDef
-- Returns:
- list of RichUsers with specific attributes
- Throws:
InternalErrorException
-
convertUsersToRichUsersWithAttributesByNames
List<RichUser> convertUsersToRichUsersWithAttributesByNames(PerunSession sess, List<User> users, List<String> attrNames) From List of Users make list of RichUsers (with attributes by names)- Parameters:
sess
-users
-- Returns:
- list of RIch Users without attributes
- Throws:
InternalErrorException
-
createAlternativePassword
void createAlternativePassword(PerunSession sess, User user, String description, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordStrengthException Creates alternative password in external system.- Parameters:
sess
-user
-description
- - description of a password (e.g. 'mobile phone', 'tablet', ...)loginNamespace
-password
- string representation of password- Throws:
InternalErrorException
PasswordCreationFailedException
LoginNotExistsException
- When user doesn't have login in specified namespacePasswordStrengthException
- When password doesn't match expected strength by namespace configuration
-
createServiceUser
User createServiceUser(PerunSession sess, Candidate candidate, List<User> owners) throws WrongAttributeAssignmentException, UserExtSourceExistsException, WrongReferenceAttributeValueException, WrongAttributeValueException, AttributeNotExistsException From given candidate, creates a service user and assign given owners to him. This method also checks if some of given userExtSources do exist. If so, this method throws a UserExtSourceExistsException. This method can also set only user-def and user-opt attributes for the given candidate.- Parameters:
sess
- sessioncandidate
- candidateowners
- owners to be set for the new user- Returns:
- created service user
- Throws:
AttributeNotExistsException
- if some of the given attributes dont existWrongAttributeAssignmentException
- if some of the given attributes have unsupported namespaceUserExtSourceExistsException
- if some of the given UES already existWrongReferenceAttributeValueException
- if some of the given attribute value cannot be set because of some other attribute constraintWrongAttributeValueException
- if some of the given attribute value is invalid
-
createUser
Inserts user into DB.- Parameters:
perunSession
-user
-- Throws:
InternalErrorException
-
createUser
User createUser(PerunSession sess, Candidate candidate) throws UserExtSourceExistsException, AttributeNotExistsException, WrongAttributeAssignmentException, WrongAttributeValueException, WrongReferenceAttributeValueException From given candidate, creates a user. This method also checks if some of given userExtSources do exist. If so, this method throws a UserExtSourceExistsException. This method can also set only user-def and user-opt attributes for the given candidate.- Parameters:
sess
- sessioncandidate
- candidate- Returns:
- created user
- Throws:
AttributeNotExistsException
- if some of the given attributes dont existWrongAttributeAssignmentException
- if some of the given attributes have unsupported namespaceUserExtSourceExistsException
- if some of the given UES already existWrongReferenceAttributeValueException
- if some of the given attribute value cannot be set because of some other attribute constraintWrongAttributeValueException
- if some of the given attribute value is invalid
-
deleteAlternativePassword
void deleteAlternativePassword(PerunSession sess, User user, String loginNamespace, String passwordId) throws PasswordDeletionFailedException, LoginNotExistsException Deletes alternative password in external system.- Parameters:
sess
-loginNamespace
-passwordId
- passwords ID- Throws:
InternalErrorException
UserNotExistsException
PasswordDeletionFailedException
LoginNotExistsException
- When user doesn't have login in specified namespace
-
deletePassword
void deletePassword(PerunSession sess, String userLogin, String loginNamespace) throws PasswordDeletionFailedException, LoginNotExistsException, PasswordOperationTimeoutException, InvalidLoginException Deletes password in external system. User must not exists.- Parameters:
sess
-userLogin
- string representation of the userLoginloginNamespace
-- Throws:
InternalErrorException
PasswordDeletionFailedException
LoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordOperationTimeoutException
-
deletePassword
void deletePassword(PerunSession sess, User user, String loginNamespace) throws PasswordDeletionFailedException, LoginNotExistsException, PasswordOperationTimeoutException, InvalidLoginException Deletes password in external system for existing user. User's login for specified namespace must exist in Perun.- Parameters:
sess
- perunSessionuser
- for which the password will be deletedloginNamespace
- from which the password will be deleted- Throws:
PasswordDeletionFailedException
LoginNotExistsException
- When user doesn't have login in specified namespacePasswordOperationTimeoutException
InvalidLoginException
- When login of user has invalid syntax (is not allowed)
-
deleteReservedLoginsForNamespace
Deletes all reserved logins in given namespace- Parameters:
sess
- PerunSessionnamespace
- Namespace
-
deleteReservedLoginsOnlyByGivenApp
void deleteReservedLoginsOnlyByGivenApp(PerunSession sess, int appId) throws PasswordOperationTimeoutException, InvalidLoginException, PasswordDeletionFailedException Deletes reserved logins which can be deleted - they are used only in the given application. Deletes them from both KDC and DB.- Parameters:
sess
-appId
-- Throws:
PasswordOperationTimeoutException
InvalidLoginException
PasswordDeletionFailedException
-
deleteUser
void deleteUser(PerunSession perunSession, User user) throws RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Deletes user.- Parameters:
perunSession
-user
-- Throws:
InternalErrorException
RelationExistsException
- if user has some members assignedMemberAlreadyRemovedException
- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException
- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException
- if there are no rows affected by deleting specific user in DBDeletionNotSupportedException
- if the deletion of users is not supported at this instance
-
deleteUser
void deleteUser(PerunSession perunSession, User user, boolean forceDelete) throws RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Deletes user. If forceDelete is true, then removes also associated members.- Parameters:
perunSession
-user
-forceDelete
- if true, deletes also all members if they are assigned to the user- Throws:
InternalErrorException
RelationExistsException
- if forceDelete is false and the user has some members assignedMemberAlreadyRemovedException
- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException
- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException
- if there are no rows affected by deleting specific user in DBnDeletionNotSupportedException
- if the deletion of users is not supported at this instance
-
filterOnlyAllowedAttributes
For richUser filter all his user attributes and remove all which principal has no access to.- Parameters:
sess
-richUser
-- Returns:
- richUser with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributes
For list of richUser filter all their user attributes and remove all which principal has no access to.- Parameters:
sess
-richUsers
-- Returns:
- list of RichUsers with only allowed attributes
- Throws:
InternalErrorException
-
filterOnlyAllowedAttributesForRichUserExtSources
List<RichUserExtSource> filterOnlyAllowedAttributesForRichUserExtSources(PerunSession sess, List<RichUserExtSource> richUserExtSources) From given list ofRichUserExtSource
removes the attributes which are not allowed for the current principal. The attributes are removed from the given list and the list is also returned.- Parameters:
sess
- sessionrichUserExtSources
- richUserExtSources to be filtered- Returns:
- list of filtered richUserExtSources
-
findRichUsers
Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.- Parameters:
sess
-searchString
-- Returns:
- list of richusers
- Throws:
InternalErrorException
UserNotExistsException
-
findRichUsersByExactMatch
List<RichUser> findRichUsersByExactMatch(PerunSession sess, String searchString) throws UserNotExistsException Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins. Name part is searched for exact match.- Parameters:
sess
-searchString
-- Returns:
- list of richusers
- Throws:
InternalErrorException
UserNotExistsException
-
findRichUsersWithAttributes
List<RichUser> findRichUsersWithAttributes(PerunSession sess, String searchString, List<String> attrNames) throws UserNotExistsException Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.- Parameters:
sess
-searchString
-attrNames
-- Returns:
- list of RichUsers
- Throws:
InternalErrorException
UserNotExistsException
-
findRichUsersWithAttributesByExactMatch
List<RichUser> findRichUsersWithAttributesByExactMatch(PerunSession sess, String searchString, List<String> attrNames) throws UserNotExistsException Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins. Name part is searched for exact match.- Parameters:
sess
-searchString
-attrNames
-- Returns:
- list of RichUsers
- Throws:
InternalErrorException
UserNotExistsException
-
findRichUsersWithoutSpecificVoWithAttributes
List<RichUser> findRichUsersWithoutSpecificVoWithAttributes(PerunSession sess, Vo vo, String searchString, List<String> attrsName) throws UserNotExistsException Return list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.- Parameters:
sess
-vo
-searchString
-attrsName
-- Returns:
- list of RichUser
- Throws:
InternalErrorException
UserNotExistsException
-
findUsers
Returns list of users' who matches the searchString, searching name, id, uuid, email and logins.- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
InternalErrorException
-
findUsersByExactName
Returns list of users who exactly matches the searchString- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
InternalErrorException
-
findUsersByName
Returns list of users who matches the searchString- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
InternalErrorException
-
findUsersByName
List<User> findUsersByName(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Returns list of users who matches the fields.- Parameters:
sess
-titleBefore
-firstName
-middleName
-lastName
-titleAfter
-- Returns:
- list of users
- Throws:
InternalErrorException
-
findUsersWithExtSourceAttributeValueEnding
List<User> findUsersWithExtSourceAttributeValueEnding(PerunSessionImpl sess, String attributeName, String valueEnd, List<String> excludeValueEnds) throws AttributeNotExistsException Finds users with UserExtSource with attribute value that ends with specified string but not with specified exclude strings. This method is written to find all users with schacHomeOrganization domains ending with valueEnd, but not with exludeValueEnds.- Parameters:
sess
- sessionattributeName
- UserExtSource attribute namevalueEnd
- required attribute value endingexcludeValueEnds
- exclude these attribute value endings- Returns:
- list of users
- Throws:
AttributeNotExistsException
-
generateAccount
Map<String,String> generateAccount(PerunSession session, String namespace, Map<String, String> parameters) throws PasswordStrengthExceptionGenerate user account in a backend system associated with login-namespace in Perun.This method consumes optional parameters map. Requirements are implementation-dependant for each login-namespace.
Returns map with 1: key=login-namespace attribute urn, value=generated login 2: rest of opt response attributes...
- Parameters:
session
-namespace
- Namespace to generate account inparameters
- Optional parameters- Returns:
- Map of data from backed response
- Throws:
InternalErrorException
PasswordStrengthException
- When password doesn't match expected strength by namespace configuration
-
getActiveUserExtSources
Get all users userExtSources with last_access not older than (now - m), where 'm' is number of months defined in CONSTANT in UsersManagerImpl.- Parameters:
sess
-user
- user to get extSources for- Returns:
- list of active user extSources (not older than now - m)
- Throws:
InternalErrorException
-
getAllBlockedLoginsInNamespaces
Returns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)- Parameters:
sess
-- Returns:
- list of all blocked logins in namespaces
-
getAllRichUsers
Get All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsers- Parameters:
sess
-includedSpecificUsers
- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
- Throws:
InternalErrorException
-
getAllRichUsersWithAttributes
List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers) throws UserNotExistsException Get All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsers This method get all RichUsers included Attributes.- Parameters:
sess
-includedSpecificUsers
- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
- Throws:
InternalErrorException
UserNotExistsException
-
getAllRichUsersWithAttributes
List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers, List<String> attrsNames) throws UserNotExistsException Get User to RichUser with attributes.- Parameters:
sess
-includedSpecificUsers
-attrsNames
-- Returns:
- Throws:
InternalErrorException
UserNotExistsException
-
getAllUserExtSourcesByTypeAndLogin
List<UserExtSource> getAllUserExtSourcesByTypeAndLogin(PerunSession sess, String extType, String extLogin) Gets list of all users external sources by specific type and extLogin.- Parameters:
sess
-extType
- - type of extSource (ex. 'IDP')extLogin
- - extLogin of userExtSource- Returns:
- list of userExtSources with type and login, empty list if no such userExtSource exists
- Throws:
InternalErrorException
-
getAllowedResources
Get all resources from the facility which have the user access on.- Parameters:
sess
-facility
-user
-- Returns:
- list of resources which have the user access on
- Throws:
InternalErrorException
-
getAllowedResources
Get all resources which have the user access on.- Parameters:
sess
-user
-- Returns:
- list of resources which have the user access on
-
getAssignedResources
Get all resources from the facility where the user is assigned.- Parameters:
sess
-facility
-user
-- Returns:
- list of resources which have the user access on
-
getAssignedResources
Get all resources where the user is assigned.- Parameters:
sess
-user
-- Returns:
- list of resources which have the user access on
-
getAssignedRichResources
Get all rich resources where the user is assigned.- Parameters:
sess
-user
-- Returns:
- list of rich resources which have the user access on
-
getAssociatedResources
Return all resources of specified facility with which user is associated through all his members. Does not require ACTIVE group-resource assignment.- Parameters:
sess
-facility
-user
-- Returns:
- All resources with which user is associated
-
getAssociatedResources
Get all resources with which user can be associated (similar to assigned resources, but does not require ACTIVE group-resource assignment).- Parameters:
sess
-user
-- Returns:
- list of resources with which the user is associated
-
getBlockedLoginsPage
Get page of blocked logins.- Parameters:
sess
- sessionquery
- query with page information- Returns:
- page of requested blocked logins
-
getGroupsWhereUserIsActive
Return all groups where user is active (has VALID status in VO and Group together) for specified user and resource- Parameters:
sess
- PerunSessionresource
- Only groups assigned to this resource might be returneduser
- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified resource
-
getGroupsWhereUserIsActive
Return all groups where user is active (has VALID status in VO and Group together) for specified user and facility- Parameters:
sess
- PerunSessionfacility
- Only groups assigned to this facility (all its resources) might be returneduser
- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified facility
-
getGroupsWhereUserIsAdmin
Returns list of Groups in Perun, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.- Parameters:
perunSession
-user
-- Returns:
- list of Groups, where user or some of his groups is an Administrator
- Throws:
InternalErrorException
-
getGroupsWhereUserIsAdmin
Returns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.- Parameters:
sess
-vo
- selected Vo under which we are looking for groupsuser
- manager of groups we are looking for- Returns:
- list of Groups, where user or some of his groups (in the Vo) is an Administrator
- Throws:
InternalErrorException
-
getIdOfBlockedLogin
Return ID of blocked login- Parameters:
sess
- sessionlogin
- loginnamespace
- namespace- Returns:
- id of login blocked in specified namespace
-
getPasswordManagerModule
Returns password manager module for specified login-namespace or falls back on generic password manager module. Throws exception if no module implementation is found or it can't be instantiated.- Parameters:
session
- session with authznamespace
- specific namespace- Returns:
- Password manager module for namespace or 'generic' module.
- Throws:
InternalErrorException
- When module instantiation fails or no module implementation is found by class loader.
-
getPendingPreferredEmailChanges
List<String> getPendingPreferredEmailChanges(PerunSession sess, User user) throws WrongAttributeAssignmentException, AttributeNotExistsException Return list of email addresses of user, which are awaiting validation and are inside time window for validation. If there is no preferred email change request pending or requests are outside time window for validation, returns empty list.- Parameters:
sess
- PerunSessionuser
- User to check pending request for- Returns:
- List
user's email addresses pending validation - Throws:
InternalErrorException
WrongAttributeAssignmentException
AttributeNotExistsException
-
getRelatedUserIdByBlockedLoginInNamespace
Integer getRelatedUserIdByBlockedLoginInNamespace(PerunSession sess, String login, String namespace) throws LoginIsNotBlockedException Get user id of the user who was related to the given login in the past- Parameters:
sess
- sessionlogin
- blocked loginnamespace
- namespace where the login is blocked- Returns:
- user id or null if there is no related user id
- Throws:
LoginIsNotBlockedException
-
getReservedLoginsByApp
Gets reserved logins which are used in the given application.- Parameters:
sess
-appId
-- Returns:
- list of logins (Pair: left - namespace, right - login)
-
getReservedLoginsOnlyByGivenApp
Gets reserved logins which can be deleted - they are used only in the given application.- Parameters:
sess
-appId
-- Returns:
- list of logins (Pair: left - namespace, right - login)
-
getRichUser
Get User to RichUser without attributes.- Parameters:
sess
-user
-- Returns:
- Throws:
InternalErrorException
-
getRichUserExtSources
List<RichUserExtSource> getRichUserExtSources(PerunSession sess, User user, List<String> attrsNames) Gets list of all user's external sources with attributes. If any of the attribute names is incorrect then the value is silently skipped. If the attrsNames is null, then this method returns all ues attributes.- Parameters:
sess
- sessionuser
- user for who should be the data returnedattrsNames
- list of attribute names that should be found, if null or empty return all- Returns:
- list of user's external sources with attributes
- Throws:
InternalErrorException
- internal error
-
getRichUserWithAttributes
Get User to RichUser with attributes.- Parameters:
sess
-user
-- Returns:
- Throws:
InternalErrorException
UserNotExistsException
-
getRichUsersByIds
Returns rich users without attributes by their ids.- Parameters:
sess
-ids
-- Returns:
- list of rich users with specified ids
- Throws:
InternalErrorException
-
getRichUsersFromListOfUsers
From Users makes RichUsers without attributes.- Parameters:
sess
-users
- users to convert- Returns:
- list of richUsers
- Throws:
InternalErrorException
-
getRichUsersWithAttributesByIds
List<RichUser> getRichUsersWithAttributesByIds(PerunSession sess, List<Integer> ids) throws UserNotExistsException Returns rich users with attributes by their ids.- Parameters:
sess
-ids
-- Returns:
- list of rich users with specified ids
- Throws:
InternalErrorException
UserNotExistsException
-
getRichUsersWithAttributesFromListOfUsers
List<RichUser> getRichUsersWithAttributesFromListOfUsers(PerunSession sess, List<User> users) throws UserNotExistsException From Users makes RichUsers with attributes.- Parameters:
sess
-users
- users to convert- Returns:
- list of richUsers
- Throws:
InternalErrorException
UserNotExistsException
-
getRichUsersWithoutVoAssigned
Returns all RichUsers with attributes who are not member of any VO.- Parameters:
sess
-- Returns:
- list of richUsers who are not member of any VO
- Throws:
InternalErrorException
UserNotExistsException
-
getRichUsersWithoutVoWithAttributes
List<RichUser> getRichUsersWithoutVoWithAttributes(PerunSession sess, List<String> attrsName) throws UserNotExistsException Return list of RichUsers which are not members of any VO and contain selected attributes.- Parameters:
sess
-attrsName
-- Returns:
- list of RichUsers
- Throws:
InternalErrorException
UserNotExistsException
-
getSpecificUsers
Return all specific Users (only specific users)- Parameters:
sess
-- Returns:
- list of all specific users in perun
- Throws:
InternalErrorException
-
getSpecificUsersByUser
Return all specificUsers who are owned by the user and their ownership is not in status disabled- Parameters:
sess
-user
- the user- Returns:
- list of specific users who are owned by the user
- Throws:
InternalErrorException
-
getSponsors
Gets list of users that sponsor the member.- Parameters:
sess
- perun sessionsponsoredMember
- member which is sponsored- Returns:
- list of users that sponsor the member.
- Throws:
InternalErrorException
-
getSponsorsForSponsoredMembersInVo
Map<Integer,List<Pair<User, getSponsorsForSponsoredMembersInVoSponsorship>>> (PerunSession sess, int voId) Retrieves a map, that maps the ids of the sponsored members in the given VO to a list of their Sponsors with the corresponding Sponsorship objects.- Parameters:
sess
- perun sessionvoId
- id of a vo for whose members to retrieve the sponsors- Returns:
- Map of memberIds in the Vo with Lists of Pairs of their Sponsor and Sponsorship objects
-
getUserByExtSourceInformation
User getUserByExtSourceInformation(PerunSession sess, PerunPrincipal principal) throws UserExtSourceNotExistsException, UserNotExistsException, ExtSourceNotExistsException Get user by principal's additional identifiers or extSourceName and extSourceLogin. Additional identifiers are used in case principal's extSource was send through proxy which has enabled multiple identifiers. extSourceName and extSourceLogin are used otherwise.- Parameters:
sess
-principal
-- Returns:
- Throws:
UserExtSourceNotExistsException
UserNotExistsException
ExtSourceNotExistsException
-
getUserByExtSourceNameAndExtLogin
User getUserByExtSourceNameAndExtLogin(PerunSession sess, String extSourceName, String extLogin) throws ExtSourceNotExistsException, UserExtSourceNotExistsException, UserNotExistsException Get user by extSourceName and extSourceLogin- Parameters:
sess
-extSourceName
-extLogin
-- Returns:
- user
- Throws:
ExtSourceNotExistsException
UserExtSourceNotExistsException
UserNotExistsException
InternalErrorException
-
getUserById
Returns user by his/her id.- Parameters:
perunSession
-id
-- Returns:
- user
- Throws:
InternalErrorException
UserNotExistsException
-
getUserByMember
Returns user by VO member.- Parameters:
perunSession
-member
-- Returns:
- user
- Throws:
InternalErrorException
-
getUserByUserExtSource
User getUserByUserExtSource(PerunSession perunSession, UserExtSource userExtSource) throws UserNotExistsException Returns user by his login in external source and external source.- Parameters:
perunSession
-userExtSource
-- Returns:
- selected user or throws UserNotExistsException in case the user doesn't exists
- Throws:
InternalErrorException
UserNotExistsException
-
getUserByUserExtSources
User getUserByUserExtSources(PerunSession sess, List<UserExtSource> userExtSources) throws UserNotExistsException Get the user based on one of the userExtSource.- Parameters:
sess
-userExtSources
-- Returns:
- user
- Throws:
InternalErrorException
UserNotExistsException
-
getUserExtSourceByExtLogin
UserExtSource getUserExtSourceByExtLogin(PerunSession perunSession, ExtSource source, String extLogin) throws UserExtSourceNotExistsException Gets user's external source by the user's external login and external source.- Parameters:
perunSession
-source
-extLogin
-- Returns:
- user external source object
- Throws:
InternalErrorException
UserExtSourceNotExistsException
-
getUserExtSourceById
UserExtSource getUserExtSourceById(PerunSession sess, int id) throws UserExtSourceNotExistsException Get the user ext source by its id.- Parameters:
sess
-id
-- Returns:
- user external source for the id
- Throws:
InternalErrorException
UserExtSourceNotExistsException
-
getUserExtSourceByUniqueAttributeValue
UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, int attrId, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException Return userExtSource for specific attribute definition (specified by id) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Parameters:
sess
-attrId
- attribute id used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue
- value used for searching- Returns:
- userExtSource found by attribute id and it's unique value
- Throws:
InternalErrorException
- if attrId or uniqueValue is in incorrect formatUserExtSourceNotExistsException
- if userExtSource can't be foundAttributeNotExistsException
- if attribute can't be found by it's id
-
getUserExtSourceByUniqueAttributeValue
UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, String attrName, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException Return userExtSource for specific attribute definition (specified by id) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Parameters:
sess
-attrName
- attribute name used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue
- value used for searching- Returns:
- userExtSource found by attribute name and it's unique value
- Throws:
InternalErrorException
- if attrName or uniqueValue is in incorrect formatUserExtSourceNotExistsException
- if userExtSource can't be foundAttributeNotExistsException
- if attribute can't be found by it's name
-
getUserExtSourceFromMultipleIdentifiers
UserExtSource getUserExtSourceFromMultipleIdentifiers(PerunSession sess, PerunPrincipal principal) throws UserExtSourceNotExistsException Iteratively searches through additional identifiers trying to find userExtSource with the same identifier. Returns first found userExtSource or throw an exception when no matching userExtSource is found.- Parameters:
sess
- PerunSession to retrieve UserExtSourceprincipal
- PerunPrincipal which contains additionalIdentifiers- Returns:
- UserExtSource found using additionalIdentifiers
- Throws:
UserExtSourceNotExistsException
- When no matching userExtSource is found
-
getUserExtSources
Gets list of all user's external sources of the user.- Parameters:
perunSession
-user
-- Returns:
- list of user's external sources
- Throws:
InternalErrorException
-
getUserExtSourcesByIds
Get user ext sources by their ids.- Parameters:
sess
-ids
-- Returns:
- list of user external sources with specified ids
- Throws:
InternalErrorException
-
getUsers
Returns all users (included specific users)- Parameters:
sess
-- Returns:
- list of all users
- Throws:
InternalErrorException
-
getUsersByAttribute
Returns all users who have set the attribute with the value. Searching only def and opt attributes.- Parameters:
sess
-attribute
-- Returns:
- list of users
- Throws:
InternalErrorException
-
getUsersByAttribute
Returns all users who have set the attribute with the value. Searching by attributeName. Searching only def and opt attributes. Can find only attributes with String Value by this way! (not Integer, Map or List)- Parameters:
sess
-attributeName
-attributeValue
-- Returns:
- list of users
- Throws:
InternalErrorException
-
getUsersByAttribute
Returns all users who have set the attribute with the value IGNORING CASE in the comparison. Searching only def and opt attributes.- Parameters:
sess
-attribute
-ignoreCase
- TRUE to perform case-insensitive check- Returns:
- list of users
- Throws:
InternalErrorException
-
getUsersByAttributeValue
Returns all users who have the attribute with the value. attributeValue is not converted to the attribute type, it is always type of String.- Parameters:
sess
-attributeName
-attributeValue
-- Returns:
- list of users
- Throws:
InternalErrorException
-
getUsersByExtSourceTypeAndLogin
List<User> getUsersByExtSourceTypeAndLogin(PerunSession perunSession, String extSourceType, String login) Get all the users who have given type of the ExtSource and login.- Parameters:
perunSession
- perun sessionextSourceType
- type of the user extSourcelogin
- login of the user- Returns:
- all users with given parameters
- Throws:
InternalErrorException
-
getUsersByIds
Batch method which returns users by theirs ids.- Parameters:
sess
-usersIds
-- Returns:
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a group- Parameters:
sess
-group
-- Returns:
- list of users connected with group
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a member- Parameters:
sess
-member
-- Returns:
- list of users connected with member
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a resource- Parameters:
sess
-resource
-- Returns:
- list of users connected with resource
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a host- Parameters:
sess
-host
-- Returns:
- list of users connected with host
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a facility- Parameters:
sess
-facility
-- Returns:
- list of users connected with facility
- Throws:
InternalErrorException
-
getUsersByPerunBean
Returns list of users connected with a vo- Parameters:
sess
-vo
-- Returns:
- list of users connected with vo
- Throws:
InternalErrorException
-
getUsersBySpecificUser
Return all users who owns the specificUser and their ownership is not in status disabled- Parameters:
sess
-specificUser
- the specific User- Returns:
- list of user who owns the specificUser
- Throws:
InternalErrorException
-
getUnanonymizedUsersBySpecificUser
Return all users who owns the specificUser, their ownership is not in status disabled and are not anonymized- Parameters:
sess
-specificUser
- the specific User- Returns:
- list of user who owns the specificUser
- Throws:
InternalErrorException
-
getUsersCount
Get count of all users.- Parameters:
perunSession
-- Returns:
- count of all users
- Throws:
InternalErrorException
-
getUsersPage
Get page of users with the given attributes.- Parameters:
sess
- sessionquery
- query with page informationattrNames
- list of attribute names- Returns:
- page of requested rich users
-
getUsersReservedLogins
Return list of all reserved logins for specific user (pair is namespace and login)- Parameters:
user
- for which get reserved logins- Returns:
- list of pairs namespace and login
-
getUsersWithoutSpecificVo
Return list of users who matches the searchString, searching name, email and logins and are not member in specific VO.- Parameters:
sess
-vo
-searchString
-- Returns:
- list of users
- Throws:
InternalErrorException
-
getUsersWithoutVoAssigned
Returns all users who are not member of any VO.- Parameters:
sess
-- Returns:
- list of users who are not member of any VO
- Throws:
InternalErrorException
-
getVosWhereUserIsAdmin
Returns list of VOs, where the user is an Administrator. Including VOs, where the user is a VALID member of authorized group.- Parameters:
perunSession
-user
-- Returns:
- list of VOs, where the user is an Administrator.
- Throws:
InternalErrorException
-
getVosWhereUserIsMember
Returns list of VOs, where the user is a member.- Parameters:
perunSession
-user
-- Returns:
- list of VOs, where the user is a member.
- Throws:
InternalErrorException
-
isLoginAvailable
boolean isLoginAvailable(PerunSession sess, String loginNamespace, String login) throws InvalidLoginException Checks if the login is available in the namespace. Returns FALSE is is already occupied, throws exception if value is not allowed.- Parameters:
sess
-loginNamespace
- in which the login will be checked (provide only the name of the namespace, not the whole attribute name)login
- to be checked- Returns:
- true if login is available, false otherwise
- Throws:
InvalidLoginException
- When login to check has invalid syntax or is not allowed.
-
isLoginBlocked
Return true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not. Globally banned logins are ALWAYS case-insensitive (ignoreCase value is not taken into account for them).- Parameters:
sess
-login
- login to checkignoreCase
-- Returns:
- true if login is blocked
-
isLoginBlockedForNamespace
boolean isLoginBlockedForNamespace(PerunSession sess, String login, String namespace, boolean ignoreCase) Return true if login is blocked for given namespace, false if not When the namespace is null, then the method behaves like isLoginBlockedGlobally(), so it checks if the login is blocked globally. Globally banned logins are ALWAYS case-insensitive.- Parameters:
sess
-login
- login to checknamespace
- namespace for loginignoreCase
-- Returns:
- true if login is blocked for given namespace (or globally for null namespace)
-
isLoginBlockedGlobally
Return true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not Globally banned logins are ALWAYS case-insensitive.- Parameters:
sess
-login
- login to check- Returns:
- true if login is blocked globally
-
isUserAnonymized
Checks whether user has been anonymized or not.- Parameters:
sess
-user
-- Returns:
- true if user has been anonymized, false otherwise.
-
isUserPerunAdmin
Deprecated.Returns true if the user is PERUNADMIN.- Parameters:
sess
-user
-- Returns:
- true if the user is PERUNADMIN, false otherwise.
- Throws:
InternalErrorException
-
loginExist
Checks if login exists in given login-namespace.- Parameters:
sess
- perunSessionuser
-loginNamespace
-- Returns:
- True if login for user exists in given namespace, false otherwise
-
moveUserExtSource
void moveUserExtSource(PerunSession perunSession, User sourceUser, User targetUser, UserExtSource userExtSource) Take UserExtSource from sourceUser and move it to the targetUser.It removes old UserExtSource with all it's attributes from sourceUser and creates and assigns the new one with the same settings to target user.
- Parameters:
perunSession
-sourceUser
- user with UserExtSource to movetargetUser
- user for who will be UserExtSource moveduserExtSource
- the UserExtSource which will be moved from sourceUser to targetUser- Throws:
InternalErrorException
-
removeAllUserExtSources
Removes all user's external sources. It also means removing all it's attributes.- Parameters:
sess
- sessionuser
- owner of external sources- Throws:
InternalErrorException
-
removeSpecificUserOwner
void removeSpecificUserOwner(PerunSession sess, User user, User specificUser) throws RelationNotExistsException, SpecificUserOwnerAlreadyRemovedException Remove specificUser owner (the user) Only disable ownership of user and specificUser- Parameters:
sess
-user
- the userspecificUser
- the specificUser- Throws:
InternalErrorException
RelationNotExistsException
- if there is no such user (the user) to removeSpecificUserOwnerAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
removeSpecificUserOwner
void removeSpecificUserOwner(PerunSession sess, User user, User specificUser, boolean forceDelete) throws RelationNotExistsException, SpecificUserOwnerAlreadyRemovedException Remove specificUser owner (the user). If forceDelete false, only disable ownership of user and specificUser. If forceDelete true, delete this ownership from DB.- Parameters:
sess
-user
- the userspecificUser
- the specificUserforceDelete
- if true, remove from database, if false, only disable this ownership- Throws:
InternalErrorException
RelationNotExistsException
- if there is no such user (the user) to removeSpecificUserOwnerAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
removeUserExtSource
void removeUserExtSource(PerunSession perunSession, User user, UserExtSource userExtSource) throws UserExtSourceAlreadyRemovedException Removes user's external sources. It also means removing all it's attributes.- Parameters:
perunSession
-user
-userExtSource
-- Throws:
InternalErrorException
UserExtSourceAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
requestPreferredEmailChange
void requestPreferredEmailChange(PerunSession sess, String url, User user, String email, String lang, String path, String idp) Request change of user's preferred email address. Change in attribute value is not done, until email address is verified by link in email notice. (urn:perun:user:attribute-def:def:preferredEmail)- Parameters:
sess
- PerunSessionurl
- base URL of running perun instance passed from RPC.user
- User to request preferred email change foremail
- new email addresslang
- language to get confirmation mail in (optional)path
- path that is appended to the url of the verification link (optional)idp
- authentication method appended to query parameters of verification link (optional)- Throws:
InternalErrorException
-
reservePassword
void reservePassword(PerunSession sess, String userLogin, String loginNamespace, String password) throws PasswordCreationFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Reserves the password in external system. User must not exists.- Parameters:
sess
-userLogin
- string representation of the userLoginloginNamespace
-password
-- Throws:
InternalErrorException
PasswordCreationFailedException
InvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutException
PasswordStrengthFailedException
-
reservePassword
void reservePassword(PerunSession sess, User user, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Reserves the password in external system. User must exists. User's login for specified namespace must exist in Perun.- Parameters:
sess
-user
-loginNamespace
-password
-- Throws:
InternalErrorException
PasswordCreationFailedException
LoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutException
PasswordStrengthFailedException
-
reserveRandomPassword
void reserveRandomPassword(PerunSession sess, User user, String loginNamespace) throws PasswordCreationFailedException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException Reserves random password in external system. User must exists. User's login for specified namespace must exist in Perun.- Parameters:
sess
-user
-loginNamespace
-- Throws:
InternalErrorException
PasswordCreationFailedException
LoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordOperationTimeoutException
PasswordStrengthFailedException
-
setLogin
Allow users to manually add login in supported namespace if same login is not reserved- Parameters:
sess
-user
-loginNamespace
-login
-- Throws:
InternalErrorException
-
setSpecificUser
User setSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) throws RelationExistsException Set specific user type for specific user and set ownership of this user for the owner.- Parameters:
sess
- perun sessionspecificUser
- specific userspecificUserType
- specific type of userowner
- user, who will be owner of the specific user- Returns:
- specific user with specific user type set
- Throws:
InternalErrorException
RelationExistsException
-
specificUserOwnershipExists
Return true if ownership of user and specificUser already exists. Return false if not. Looking for enabled and also for disabled ownership.- Parameters:
sess
-user
-specificUser
-- Returns:
- Throws:
InternalErrorException
-
unblockLogins
void unblockLogins(PerunSession sess, List<String> logins, String namespace) throws LoginIsNotBlockedException Unblock logins for given namespace or unblock logins globally (if no namespace is selected)- Parameters:
sess
-logins
- logins list of logins to be unblockednamespace
- namespace where the logins should be unblocked (null means unblock the logins globally)- Throws:
LoginIsNotBlockedException
-
unblockLoginsById
Unblock logins by id globally, or in the namespace they were initially blocked.- Parameters:
sess
- sessionloginIds
- list of login ids- Throws:
LoginIsNotBlockedException
- when login is not blocked
-
unblockLoginsForNamespace
Unblock all logins for given namespace- Parameters:
sess
- PerunSessionnamespace
- Namespace or null for globally blocked
-
unsetSpecificUser
User unsetSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType) throws ServiceOnlyRoleAssignedException Remove all ownerships of this specific user and unset this specific user type from this specific user.- Parameters:
sess
- perun sessionspecificUser
- specific userspecificUserType
- specific type of user- Returns:
- user who is no more specific
- Throws:
InternalErrorException
ServiceOnlyRoleAssignedException
- when trying to unset service flag from a user with service only role
-
updateNameTitles
Updates titles before/after users name. New titles must be set inside User object. Setting any title to null will remove title from name. Other user's properties are ignored.- Parameters:
perunSession
-user
-- Returns:
- updated user with new titles before/after name
- Throws:
InternalErrorException
UserNotExistsException
- if user not exists when method trying to update him
-
updateUser
Updates users data in DB.- Parameters:
perunSession
-user
-- Returns:
- updated user
- Throws:
InternalErrorException
UserNotExistsException
- if user not exists when method trying to update him
-
updateUserExtSource
UserExtSource updateUserExtSource(PerunSession perunSession, UserExtSource userExtSource) throws UserExtSourceExistsException Updates user's userExtSource in DB.- Parameters:
perunSession
-userExtSource
-- Returns:
- updated userExtSource
- Throws:
InternalErrorException
UserExtSourceExistsException
- When UES with same login/extSource already exists.
-
updateUserExtSourceLastAccess
Updates user's userExtSource last access time in DB. We can get information which userExtSource has been used as a last one.- Parameters:
perunSession
-userExtSource
-- Throws:
InternalErrorException
-
userExtSourceExists
-
validatePassword
void validatePassword(PerunSession sess, String userLogin, String loginNamespace) throws PasswordCreationFailedException, InvalidLoginException Validates the password in external system and sets user extSources and extSource related attributes. User must not exists.- Parameters:
sess
-userLogin
- string representation of the userLoginloginNamespace
-- Throws:
InternalErrorException
PasswordCreationFailedException
InvalidLoginException
- When login of user has invalid syntax (is not allowed)
-
validatePassword
void validatePassword(PerunSession sess, User user, String loginNamespace) throws PasswordCreationFailedException, LoginNotExistsException, InvalidLoginException Validates the password in external system and sets user extSources and extSource related attributes. User must exists. User's login for specified namespace must exist in Perun.- Parameters:
sess
-user
-loginNamespace
-- Throws:
InternalErrorException
PasswordCreationFailedException
LoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)
-
validatePreferredEmailChange
String validatePreferredEmailChange(PerunSession sess, User user, UUID token) throws WrongAttributeValueException, WrongAttributeAssignmentException, AttributeNotExistsException, WrongReferenceAttributeValueException Validate change of user's preferred email address. New email address is set as value of urn:perun:user:attribute-def:def:preferredEmail attribute.- Parameters:
sess
- PerunSessionuser
- User to validate email address fortoken
- token for the email change request to validate- Returns:
- String return new preferred email
- Throws:
InternalErrorException
WrongAttributeValueException
- If new email address is in wrong formatWrongAttributeAssignmentException
AttributeNotExistsException
- If user:preferredEmail attribute doesn't exists.WrongReferenceAttributeValueException
-
validateSSHKey
Validate ssh public key, throws exception if validation fails- Parameters:
sess
- sesssshKey
- ssh public key to verify- Throws:
SSHKeyNotValidException
- when validation fails
-
changeOrganization
void changeOrganization(PerunSession sess, User user, String newOrganizationName) throws PersonalDataChangeNotEnabledException, UserExtSourceNotExistsException Change organization from which user came to organization from user ext source.- Parameters:
sess
- sessionuser
- usernewOrganizationName
- new organization name- Throws:
PersonalDataChangeNotEnabledException
- If change of organization to organization from ues is not enabled.UserExtSourceNotExistsException
- If user ext source with given organization name and required loa does not exist.
-
changeOrganizationCustom
void changeOrganizationCustom(PerunSession sess, User user, String newOrganizationName) throws PersonalDataChangeNotEnabledException Change organization from which user came to custom organization. If check from admin is required, then UserOrganizationChangeRequested audit log will be created. Otherwise, it will be set immediately.- Parameters:
sess
- sessionuser
- usernewOrganizationName
- new organization name- Throws:
PersonalDataChangeNotEnabledException
- If change of organization to custom organization is not enabled.
-
changeName
void changeName(PerunSession sess, User user, String newUserName) throws UserExtSourceNotExistsException, PersonalDataChangeNotEnabledException Change user's name to user's name from user ext source.- Parameters:
sess
- sessionuser
- usernewUserName
- new user's name- Throws:
PersonalDataChangeNotEnabledException
- If change of user's name to user's name from ues is not enabled.UserExtSourceNotExistsException
- If user ext source with given user's name and required loa does not exist.
-
changeNameCustom
void changeNameCustom(PerunSession sess, User user, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) throws PersonalDataChangeNotEnabledException Change user's name to custom name. If check from admin is required, then UserNameChangeRequest audit log will be created. Otherwise, it will be set immediately.- Parameters:
sess
- sessionuser
- usertitleBefore
- new title beforefirstName
- new first namemiddleName
- new middle namelastName
- new last nametitleAfter
- new title after- Throws:
PersonalDataChangeNotEnabledException
- If change of user's name to custom name is not enabled.
-
changeEmail
void changeEmail(PerunSession sess, User user, String newEmail) throws PersonalDataChangeNotEnabledException, UserExtSourceNotExistsException Change user's email to email from user ext source.- Parameters:
sess
- sessionuser
- usernewEmail
- new email- Throws:
PersonalDataChangeNotEnabledException
- If change of user's email to email from ues is not enabled.UserExtSourceNotExistsException
- If user ext source with given email and required loa does not exist.
-
changeEmailCustom
void changeEmailCustom(PerunSession sess, User user, String newEmail, String url, String lang, String path, String idp) throws PersonalDataChangeNotEnabledException Change user's email to custom email. If verification is required, then verification email will be sent. Otherwise, it will be set immediately.- Parameters:
sess
- sessionuser
- usernewEmail
- new emailurl
- base URL of running perun instance passed from RPC.lang
- Language to get confirmation mail in (optional)path
- path that is appended to the url of the verification link (optional)idp
- authentication method appended to query parameters of verification link (optional)- Throws:
PersonalDataChangeNotEnabledException
- If change of user's email to custom email is not enabled.
-