Class GroupsManagerBlImpl
- All Implemented Interfaces:
GroupsManagerBl
- Author:
- Michal Prochazka michalp@ics.muni.cz, Slavek Licehammer glory@ics.muni.cz
-
Field Summary
-
Constructor Summary
ConstructorDescriptionGroupsManagerBlImpl
(GroupsManagerImplApi groupsManagerImpl) Create new instance of this class. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
addDirectMember
(PerunSession sess, Group group, Member member) Add a record of the member with a DIRECT membership type to the group.void
addGroupsToAutoRegistration
(PerunSession sess, List<Group> groups) Adds groups to a list of groups which can be registered into during vo registration.void
addGroupsToAutoRegistration
(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Adds groups to a list of groups which can be registered into during vo or group registration.addIndirectMembers
(PerunSession sess, Group group, List<Member> members, int sourceGroupId) Add records of the members with an INDIRECT membership type to the group.void
addMember
(PerunSession sess, Group group, Member member) Adds member of the VO to the group in the same VO.void
addMember
(PerunSession sess, List<Group> groups, Member member) Adds member of the VO to the groups in the same VO.void
addMembers
(PerunSession sess, Group group, List<Member> members) Adds members of the VO to the group in the same VO.void
addMemberToMembersGroup
(PerunSession sess, Group group, Member member) Special addMember which is able to add members into the members and administrators group.void
addMissingMemberWhileSynchronization
(PerunSession sess, Group group, Candidate candidate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<String> skippedMembers) Get new candidate and add him to the Group.void
addRelationMembers
(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.void
allowGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Sets flag required for including group to parent vo in a vo hierarchy.boolean
canExtendMembershipInGroup
(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or if no rules were set for the membershipExpirationboolean
canExtendMembershipInGroupWithReason
(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or throws exception with reason why use can't extends membershipvoid
checkGroupExists
(PerunSession sess, Group group) convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, List<Group> groups) This method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) This method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, Resource resource, List<Group> groups) This method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes
(PerunSession sess, List<Group> groups) This method takes list of groups and creates list of RichGroups containing all attributesconvertGroupsToRichGroupsWithAttributes
(PerunSession sess, List<Group> groups, List<String> attrNames) This method takes list of groups and creates list of RichGroups containing selected attributesconvertGroupToRichGroupWithAttributes
(PerunSession sess, Group group) This method takes group and creates RichGroup containing all attributesconvertGroupToRichGroupWithAttributesByName
(PerunSession sess, Group group, List<String> attrNames) This method takes group and creates RichGroup containing selected attributesconvertToEnrichedGroup
(PerunSession sess, Group group, List<String> attrNames) Creates enrichedGroup from given group and load attributes with given names.void
copyMembers
(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) Copies direct members from one group to other groups in the same VO.createGroup
(PerunSession sess, Group parentGroup, Group group) Creates a new subgroup of the existing group.createGroup
(PerunSession sess, Vo vo, Group group) Creates a new top-level group and associates it with the VO from parameter.createGroupUnion
(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Performs union operation on two groups.void
deleteAllGroups
(PerunSession sess, Vo vo) Deletes all groups under the VO except built-in groups (members, admins groups).void
deleteGroup
(PerunSession sess, Group group, boolean forceDelete) If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception.void
deleteGroups
(PerunSession perunSession, List<Group> groups, boolean forceDelete) Delete all groups in list from perun.void
deleteGroupsFromAutoRegistration
(PerunSession sess, List<Group> groups) Deletes groups from a list of groups which can be registered into during vo registration.void
deleteGroupsFromAutoRegistration
(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Deletes groups from a list of groups which can be registered into during vo or group registration.void
deleteMembersGroup
(PerunSession sess, Vo vo) Deletes built-in members group.void
disallowGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Unsets flag required for including group to parent vo in a vo hierarchyvoid
expireMemberInGroup
(PerunSession sess, Member member, Group group) Set member's status in given group to EXPIREDvoid
extendMembershipInGroup
(PerunSession sess, Member member, Group group) Extend member membership in given group using membershipExpirationRules attribute defined in Group.filterMembersByMembershipTypeInGroup
(List<Member> members) This method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target listfilterOnlyAllowedAttributes
(PerunSession sess, EnrichedGroup enrichedGroup) For enrichedGroup filter all its group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, RichGroup richGroup) For richGroup filter all his group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes
(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.void
forceAllSubGroupsSynchronization
(PerunSession sess, Group group) Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)void
forceGroupStructureSynchronization
(PerunSession sess, Group group) Synchronize the group structure with an external group structure.void
forceGroupSynchronization
(PerunSession sess, Group group) Synchronize the group with external group.getActiveGroupMembers
(PerunSession sess, Group group) Return all members of the group who are active (valid) in the group.getActiveGroupMembers
(PerunSession sess, Group group, Status status) Return all members of the group who are active (valid) in the group and have specific status in the Vo.getAdminGroups
(PerunSession sess, Group group) Gets list of all group administrators of this group.getAdmins
(PerunSession sess, Group group) Deprecated.getAdmins
(PerunSession perunSession, Group group, boolean onlyDirectAdmins) Gets list of all administrators of this group.Returns all groups which can be included to VO.getAllAllowedGroupsToHierarchicalVo
(PerunSession sess, Vo vo, Vo memberVo) Returns groups which can be included to VO from specific member VO.getAllGroups
(PerunSession sess) Get all groups from all vos.getAllGroups
(PerunSession sess, Vo vo) Get all groups of the VO.Returns all groups which can be registered into during any vo registration.getAllGroupsWhereMemberIsActive
(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Included members group.getAllGroupsWithHierarchy
(PerunSession sess, Vo vo) Get all groups of the VO stored in the map reflecting the hierarchy.getAllMemberGroups
(PerunSession sess, Member member) Return all member's groups.getAllRichGroupsWithAttributesByNames
(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.getAllRichGroupsWithAttributesByNames
(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichGroups containing selected attributes filtered by role and its typegetAllRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.getAllRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)getAllSubGroups
(PerunSession sess, Group parentGroup) Get all subgroups of the parentGroup recursively.getAssignedGroupsToFacility
(PerunSession sess, Facility facility) Return list of assigned groups on all facility resources (without subgroups unless they are assigned too)getAssignedGroupsToResource
(PerunSession sess, Resource resource) Return list of assigned groups on the resource (without subgroups unless they are assigned too)getAssignedGroupsToResource
(PerunSession sess, Resource resource, boolean withSubGroups) Return list of assigned groups on the resource.getAssignedGroupsToResource
(PerunSession sess, Resource resource, Member member) Return list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific membergetAssociatedGroupsToFacility
(PerunSession sess, Facility facility) Return list of all associated groups from all facility resources (does not require ACTIVE group-resource status)getAssociatedGroupsToResource
(PerunSession sess, Resource resource) Return list of assigned groups on the resource.getAssociatedGroupsToResource
(PerunSession sess, Resource resource, Member member) Return list of groups associated with the resource with specified member.getDirectAdmins
(PerunSession sess, Group group) Deprecated.getDirectMemberGroupStatus
(PerunSession session, Member member, Group group) Returns members direct status in given group.getDirectRichAdmins
(PerunSession perunSession, Group group) Deprecated.getDirectRichAdminsWithSpecificAttributes
(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getFacilitiesWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of facilities where the given group is given the admin role.getGroupById
(PerunSession sess, int id) Search for the group with specified id in all VOs.getGroupByName
(PerunSession sess, Vo vo, String name) Search for the group with specified name in specified VO.getGroupDirectMembers
(PerunSession sess, Group group) Return all direct group members.int
getGroupDirectMembersCount
(PerunSession sess, Group group) Returns count of direct members in the groupgetGroupDirectRichMembers
(PerunSession sess, Group group) Returns direct group members in the RichMember object, which contains Member+User data.getGroupMemberById
(PerunSession sess, Group group, int memberId) Get group member by member ID.getGroupMembers
(PerunSession sess, Group group) Return all group members.getGroupMembers
(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Return all members of the group who has specific status in the group and also specific status in the Vo.getGroupMembers
(PerunSession sess, Group group, Status status) Return group members.int
getGroupMembersCount
(PerunSession sess, Group group) getGroupMembersCountsByGroupStatus
(PerunSession sess, Group group) Returns counts of group members by their group status.getGroupMembersCountsByVoStatus
(PerunSession sess, Group group) Returns counts of group members by their status in VO.getGroupMembersExceptInvalid
(PerunSession sess, Group group) Return only valid, suspended, expired and disabled group members.getGroupMembersExceptInvalidAndDisabled
(PerunSession sess, Group group) Return only valid, suspended and expired group members.getGroupResourcePairsByAttribute
(PerunSession sess, Attribute attribute) Returns all group-resource which have set the attribute with the value.getGroupRichMembers
(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembers
(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersExceptInvalid
(PerunSession sess, Group group) Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes
(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes
(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroups
(PerunSession sess, Vo vo) Get all groups of users under the VO.getGroupsByAttribute
(PerunSession sess, Attribute attribute) Returns all groups which have set the attribute with the value.getGroupsByIds
(PerunSession sess, List<Integer> ids) Search for the groups with specified ids in all VOs.getGroupsByPerunBean
(PerunSession sess, Facility facility) Returns list of groups connected with a facilitygetGroupsByPerunBean
(PerunSession sess, Host host) Returns list of groups connected with a hostgetGroupsByPerunBean
(PerunSession sess, Member member) Returns list of groups connected with a membergetGroupsByPerunBean
(PerunSession sess, Resource resource) Returns list of groups connected with a resourcegetGroupsByPerunBean
(PerunSession sess, User user) Returns list of groups connected with a usergetGroupsByPerunBean
(PerunSession sess, Vo vo) Returns list of groups connected with a voint
getGroupsCount
(PerunSession sess) Get count of all groups.int
getGroupsCount
(PerunSession sess, Vo vo) getGroupsForAutoRegistration
(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Returns all groups which can be registered into during group registration.getGroupsForAutoRegistration
(PerunSession sess, Vo vo) Returns all groups which can be registered into during vo registration.getGroupsForAutoRegistration
(PerunSession sess, Vo vo, ApplicationFormItem formItem) Returns all groups which can be registered into during vo registration.Gets the groupsManagerImpl for this instance.getGroupsPage
(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) Get page of groups from the given vo.Gets all groups which have enabled synchronization.getGroupsWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of groups where the given group is given the admin role.getGroupsWhereMemberIsActive
(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Excluded members group.getGroupsWhereMemberIsInactive
(PerunSession sess, Member member) Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.getGroupsWhereUserIsActiveMember
(PerunSession sess, User user, Vo vo) Returns groups in which the user is active member.getGroupsWithAssignedExtSourceInVo
(PerunSession sess, ExtSource source, Vo vo) Get all groups in specific vo with assigned extSourcegetGroupUnions
(PerunSession session, Group group, boolean reverseDirection) Get list of group unions for specified group.getGroupUsers
(PerunSession perunSession, Group group) Return group users sorted by name.getInactiveGroupMembers
(PerunSession sess, Group group) Return all members of the group who are inactive (expired) in the group.getInactiveGroupMembers
(PerunSession sess, Group group, Status status) Return all members of the group who are inactive (expired) in the group and have specific status in the Vo.getIndirectMembershipPaths
(PerunSession sess, Member member, Group group) Get unique paths of groups via which member is indirectly included to the group.getMemberDirectGroups
(PerunSession sess, Member member) Get all groups (except member groups) where member has direct membership.getMemberGroups
(PerunSession sess, Member member) Returns all members groups.getMemberGroupsByAttribute
(PerunSession sess, Member member, Attribute attribute) Method return list of groups for selected member which (groups) has set specific attribute.getMemberRichGroupsWithAttributesByNames
(PerunSession sess, Member member, List<String> attrNames) Deprecated.getMemberRichGroupsWithAttributesByNames
(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups for specified member, containing selected attributes filtered by role and its type.getParentGroup
(PerunSession sess, Group group) Get parent group.getParentGroupMembers
(PerunSession sess, Group group) Get members from parent group.getParentGroupRichMembers
(PerunSession sess, Group group) Get members form the parent group in RichMember format.getParentGroupRichMembersWithAttributes
(PerunSession sess, Group group) Get members form the parent group in RichMember format including user/member attributes.Gets the perunBl.getRichAdmins
(PerunSession perunSession, Group group) Deprecated.getRichAdmins
(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) Gets list of all richUser administrators of this group.getRichAdminsWithAttributes
(PerunSession perunSession, Group group) Deprecated.getRichAdminsWithSpecificAttributes
(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getRichGroupByIdWithAttributesByNames
(PerunSession sess, int groupId, List<String> attrNames) Returns RichGroup selected by id containing selected attributesgetRichGroupsWithAttributesAssignedToResource
(PerunSession sess, Member member, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to the resource filtered by specific member.getRichGroupsWithAttributesAssignedToResource
(PerunSession sess, Resource resource, List<String> attrNames) Get all RichGroups with selected attributes assigned to the resource.getRichSubGroupsWithAttributesByNames
(PerunSession sess, Group parentGroup, List<String> attrNames) Returns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)getServiceGroupMembers
(PerunSession sess, Group group) Return a list of all group members, who are service usersgetSubGroups
(PerunSession sess, Group parentGroup) Get all subgroups of the parent group under the VO.int
getSubGroupsCount
(PerunSession sess, Group parentGroup) Returns number of immediate subgroups of the parent group.getSubgroupsPage
(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Get page of subgroups from the given parent group.getTotalGroupStatusForMembers
(PerunSession session, Group group, List<Member> members) Returns total member's status of given members in given group.getTotalMemberGroupStatus
(PerunSession session, Member member, Group group) Returns total member's status in given group.getUserGroups
(PerunSession perunSession, User user) Return groups where user is member.getUserGroups
(PerunSession perunSession, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Return groups where user is member with allowed statuses in vo and group.getVo
(PerunSession sess, Group group) Gets the Vo which is owner of the group.getVosWhereGroupIsAdmin
(PerunSession perunSession, Group group) Get list of VOs where the given group is given the admin role.protected boolean
hasCandidateExistingMember
(Candidate candidate, RichMember richMember) Compare richMember userExtSources with Candidate's userExtSources, if some of the useExtSource fits.boolean
hasGroupSynchronizedChild
(PerunSession session, Group group) Check if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.void
inactivateMember
(PerunSession sess, Member member, Group group) Inactivates member in group and sets its status to EXPIRED.boolean
isAllowedGroupToHierarchicalVo
(PerunSession sess, Group group, Vo vo) Returns flag representing if the group can be included in the (parent) vo's groupsboolean
isDirectGroupMember
(PerunSession sess, Group group, Member member) Return true if Member is direct member of the Groupboolean
isGroupForAnyAutoRegistration
(PerunSession sess, Group group) Check if group has automatic registration enabled in any form item.boolean
isGroupForAutoRegistration
(PerunSession sess, Group group, List<Integer> formItems) Check if group has automatic registration enabled in the given form item.boolean
isGroupInStructureSynchronizationTree
(PerunSession session, Group group) Check if the group or its subgroups are defined as synchronized from an external source at this moment.isGroupLastAdminInSomeFacility
(PerunSession sess, Group group) Check whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does.isGroupLastAdminInSomeFacility
(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do.isGroupLastAdminInSomeVo
(PerunSession sess, Group group) Check whether the group supplies the last VOADMIN in some vo, return those vos in which it does.isGroupLastAdminInSomeVo
(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do.boolean
isGroupMember
(PerunSession sess, Group group, Member member) Return true if Member is member of the Groupboolean
isGroupSynchronizedFromExternallSource
(PerunSession session, Group group) Check if the group is defined as synchronized from an external source at this moment.boolean
Check if synchronizing groups is suspended.boolean
isUserMemberOfGroup
(PerunSession sess, User user, Group group) Checks whether the user is member of the group.void
moveGroup
(PerunSession sess, Group destinationGroup, Group movingGroup) Move one group structure under another group in same vo or as top level groupvoid
reactivateMember
(PerunSession sess, Member member, Group group) Reactivates member in group and sets its status to VALID.void
recalculateMemberGroupStatusRecursively
(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatus) Calculates the state of given member in given group and if it differs from given 'previousState' calls this method recursively for all parent groups.void
removeFormerMemberWhileSynchronization
(PerunSession sess, Group group, RichMember memberToRemove, boolean isAuthoritative) Remove former member from group (if he is not listed in ExtSource).void
removeGroupUnion
(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Removes a union relation between two groups.void
removeMember
(PerunSession sess, Group group, Member member) Removes member form the group.void
removeMember
(PerunSession sess, List<Group> groups, Member member) Removes member from groups.void
removeMemberFromMembersOrAdministratorsGroup
(PerunSession sess, Group group, Member member) Removes member from members or administrators group only.void
removeMembers
(PerunSession sess, Group group, List<Member> members) Removes members from the group.void
removeRelationMembers
(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.void
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.void
saveInformationAboutGroupStructureSynchronizationInNewTransaction
(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.void
saveInformationAboutGroupSynchronizationInNestedTransaction
(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.void
saveInformationAboutGroupSynchronizationInNewTransaction
(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.void
setPerunBl
(PerunBl perunBl) void
suspendGroupSynchronization
(PerunSession sess, boolean suspend) Suspend synchronizing groups and their structures.synchronizeGroup
(PerunSession sess, Group group) Synchronizes the group with the external group without checking if the synchronization is already in progress.void
Start and check threads with synchronization of groups.void
Synchronize all groups structures which have enabled group structure synchronization.synchronizeGroupStructure
(PerunSession sess, Group baseGroup) Synchronize a group structure with an external source group structure under the group.void
updateExistingMemberWhileSynchronization
(PerunSession sess, Group group, Candidate candidate, RichMember memberToUpdate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<AttributeDefinition> attrDefs) Get candidate and corresponding memberToUpdate and update his attributes, extSources, expiration and status.updateGroup
(PerunSession sess, Group group) Updates group by ID.updateParentGroupId
(PerunSession sess, Group group) Updates parentGroupId.void
validateMemberInGroup
(PerunSession sess, Member member, Group group) Set member's status in given group to VALID
-
Field Details
-
GROUP_LOGIN
- See Also:
-
PARENT_GROUP_LOGIN
- See Also:
-
GROUP_NAME
- See Also:
-
GROUP_DESCRIPTION
- See Also:
-
OVERWRITE_USER_ATTRIBUTES
- See Also:
-
MERGE_MEMBER_ATTRIBUTES
- See Also:
-
MERGE_GROUP_ATTRIBUTES
- See Also:
-
GROUP_SYNC_DEFAULT_DATA
-
-
Constructor Details
-
GroupsManagerBlImpl
Create new instance of this class.
-
-
Method Details
-
addDirectMember
protected void addDirectMember(PerunSession sess, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Add a record of the member with a DIRECT membership type to the group.- Parameters:
sess
- perun sessiongroup
- group to add member tomember
- member to be added as DIRECT- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addGroupsToAutoRegistration
public void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups) throws GroupNotAllowedToAutoRegistrationException Description copied from interface:GroupsManagerBl
Adds groups to a list of groups which can be registered into during vo registration. This will NOT create empty application form for groups and will throw exception if none exists.- Specified by:
addGroupsToAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- list of groups- Throws:
GroupNotAllowedToAutoRegistrationException
- if given group cannot be added to auto registration
-
addGroupsToAutoRegistration
public void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws GroupNotAllowedToAutoRegistrationException, FormItemNotExistsException Description copied from interface:GroupsManagerBl
Adds groups to a list of groups which can be registered into during vo or group registration. This will NOT create empty application form for groups and will throw exception if none exists.- Specified by:
addGroupsToAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- list of groupsformItem
- application form item- Throws:
GroupNotAllowedToAutoRegistrationException
- if given group cannot be added to auto registrationFormItemNotExistsException
-
addIndirectMembers
protected List<Member> addIndirectMembers(PerunSession sess, Group group, List<Member> members, int sourceGroupId) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException Add records of the members with an INDIRECT membership type to the group.- Parameters:
sess
- perun sessiongroup
- group to add members tomembers
- list of members to add as INDIRECTsourceGroupId
- id of a group from which members originate- Returns:
- list of members that were not members already
- Throws:
InternalErrorException
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
addMember
public void addMember(PerunSession sess, Group group, Member member) throws WrongReferenceAttributeValueException, AlreadyMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Adds member of the VO to the group in the same VO. But not to administrators and members group.- Specified by:
addMember
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-member
-- Throws:
WrongReferenceAttributeValueException
AlreadyMemberException
WrongAttributeValueException
GroupNotExistsException
-
addMember
public void addMember(PerunSession sess, List<Group> groups, Member member) throws WrongReferenceAttributeValueException, AlreadyMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Adds member of the VO to the groups in the same VO. But not to administrators and members group.- Specified by:
addMember
in interfaceGroupsManagerBl
- Parameters:
sess
-groups
-member
-- Throws:
WrongReferenceAttributeValueException
AlreadyMemberException
WrongAttributeValueException
GroupNotExistsException
-
addMemberToMembersGroup
public void addMemberToMembersGroup(PerunSession sess, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Special addMember which is able to add members into the members and administrators group.- Specified by:
addMemberToMembersGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-member
-- Throws:
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addMembers
public void addMembers(PerunSession sess, Group group, List<Member> members) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Adds members of the VO to the group in the same VO. But not to administrators and members group.- Specified by:
addMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-members
-- Throws:
AlreadyMemberException
WrongAttributeValueException
WrongReferenceAttributeValueException
GroupNotExistsException
-
addMissingMemberWhileSynchronization
public void addMissingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<String> skippedMembers) Description copied from interface:GroupsManagerBl
Get new candidate and add him to the Group.If Candidate can't be added to Group, skip him and add this information to skippedMembers list.
When creating new member from Candidate, if user already exists, merge his attributes, if attribute exists in list of overwriteUserAttributesList, update it instead of merging.
This method runs in separate transaction.
- Specified by:
addMissingMemberWhileSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to be synchronizedcandidate
- new member (candidate)overwriteUserAttributesList
- list of attributes to be updated for user if foundmergeMemberAttributesList
- list of attributes to be merged for member if foundskippedMembers
- list of not successfully synchronized members
-
addRelationMembers
public void addRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws AlreadyMemberException, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Method recalculates all relations between groups. Method recursively adds members from groups and all their relations. The method is called in case of: 1) added relation 2) added member 3) group creation 4) group movement- Specified by:
addRelationMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionresultGroup
- group to which members are added or removed fromchangedMembers
- list of changed members which is passed as argument to add indirect members method. List contains records of added indirect members from operand group.sourceGroupId
- id of a group from which members originate- Throws:
AlreadyMemberException
WrongReferenceAttributeValueException
WrongAttributeValueException
GroupNotExistsException
-
allowGroupToHierarchicalVo
public void allowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException, RelationExistsException Description copied from interface:GroupsManagerBl
Sets flag required for including group to parent vo in a vo hierarchy.- Specified by:
allowGroupToHierarchicalVo
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Throws:
RelationNotExistsException
- if group is not from parent vo's member vosRelationExistsException
- if group is already allowed to be included to parent vo
-
canExtendMembershipInGroup
Description copied from interface:GroupsManagerBl
Returns true if member in given group can extend membership or if no rules were set for the membershipExpiration- Specified by:
canExtendMembershipInGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionmember
- membergroup
- group- Returns:
- true if given member can extend membership in given group or if no rules were set for the membership expiration, false otherwise
-
canExtendMembershipInGroupWithReason
public boolean canExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) throws ExtendMembershipException Description copied from interface:GroupsManagerBl
Returns true if member in given group can extend membership or throws exception with reason why use can't extends membership- Specified by:
canExtendMembershipInGroupWithReason
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionmember
- membergroup
- group- Returns:
- true if given member can extend membership in given group or throws exception with reason why not
- Throws:
ExtendMembershipException
- reason why user can't extend membership
-
checkGroupExists
- Specified by:
checkGroupExists
in interfaceGroupsManagerBl
- Throws:
GroupNotExistsException
-
convertGroupToRichGroupWithAttributes
Description copied from interface:GroupsManagerBl
This method takes group and creates RichGroup containing all attributes- Specified by:
convertGroupToRichGroupWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- RichGroup
-
convertGroupToRichGroupWithAttributesByName
public RichGroup convertGroupToRichGroupWithAttributesByName(PerunSession sess, Group group, List<String> attrNames) Description copied from interface:GroupsManagerBl
This method takes group and creates RichGroup containing selected attributes- Specified by:
convertGroupToRichGroupWithAttributesByName
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-attrNames
- list of selected attributes- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups) Description copied from interface:GroupsManagerBl
This method takes list of groups and creates list of RichGroups containing all attributes- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-groups
- list of groups- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups) throws MemberGroupMismatchException Description copied from interface:GroupsManagerBl
This method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributes- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-member
- specified member which is assigned to groupsgroups
- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
MemberGroupMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups) throws GroupResourceMismatchException Description copied from interface:GroupsManagerBl
This method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributes- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
- specified resource to which are groups assignedgroups
- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups, List<String> attrNames) Description copied from interface:GroupsManagerBl
This method takes list of groups and creates list of RichGroups containing selected attributes- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-groups
- list of groupsattrNames
- list of selected attributes- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException Description copied from interface:GroupsManagerBl
This method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-groups
-attrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) throws MemberGroupMismatchException, MemberNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBl
This method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-member
-groups
-attrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
MemberGroupMismatchException
MemberNotExistsException
GroupNotExistsException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException, MemberGroupMismatchException Description copied from interface:GroupsManagerBl
This method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning). If attribute with correct namespace is in the list, it will be return even with empty value (if no value exists).- Specified by:
convertGroupsToRichGroupsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-member
- member to get member-resource and member-group attributes forresource
- resource to get group-resource and member-resource attributes forgroups
- to convert to richGroups and get group-resource and member-group attributes forattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
GroupResourceMismatchException
- if group is not assigned to resourceMemberGroupMismatchException
- if member is not in the same vo as group
-
convertToEnrichedGroup
Description copied from interface:GroupsManagerBl
Creates enrichedGroup from given group and load attributes with given names. If the attrNames are null, all group attributes are added.- Specified by:
convertToEnrichedGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- groupattrNames
- names of attributes to return- Returns:
- EnrichedGroup for given group with desired attributes
-
copyMembers
public void copyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) throws WrongReferenceAttributeValueException, WrongAttributeValueException, MemberGroupMismatchException Description copied from interface:GroupsManagerBl
Copies direct members from one group to other groups in the same VO. The members are copied without their member-group attributes. Copies all direct members if members list is empty or null.- Specified by:
copyMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionsourceGroup
- group to copy members fromdestinationGroups
- groups to copy members tomembers
- members to be copies- Throws:
WrongReferenceAttributeValueException
WrongAttributeValueException
MemberGroupMismatchException
-
createGroup
Description copied from interface:GroupsManagerBl
Creates a new top-level group and associates it with the VO from parameter.For this method the new group has always same shortName like Name. Important: voId in object group is ignored
- Specified by:
createGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
- to associates group withgroup
- new group with name without ":"- Returns:
- newly created top-level group
- Throws:
GroupExistsException
-
createGroup
public Group createGroup(PerunSession sess, Group parentGroup, Group group) throws GroupExistsException, GroupRelationNotAllowed, GroupRelationAlreadyExists Description copied from interface:GroupsManagerBl
Creates a new subgroup of the existing group.- Specified by:
createGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
-group
- group.name must contain only shortName (without ":"). Hierarchy is defined by parentGroup parameter.- Returns:
- newly created sub group with full group.Name with ":"
- Throws:
GroupExistsException
GroupRelationNotAllowed
GroupRelationAlreadyExists
-
createGroupUnion
public Group createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException, GroupRelationAlreadyExists, GroupRelationNotAllowed, VoNotExistsException Description copied from interface:GroupsManagerBl
Performs union operation on two groups. Members from operand group are added to result group as indirect.- Specified by:
createGroupUnion
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionresultGroup
- group to which members are addedoperandGroup
- group from which members are takenparentFlag
- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Returns:
- result group
- Throws:
WrongReferenceAttributeValueException
WrongAttributeValueException
GroupNotExistsException
GroupRelationAlreadyExists
GroupRelationNotAllowed
VoNotExistsException
-
deleteAllGroups
public void deleteAllGroups(PerunSession sess, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBl
Deletes all groups under the VO except built-in groups (members, admins groups).- Specified by:
deleteAllGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
- VO- Throws:
GroupAlreadyRemovedException
GroupAlreadyRemovedFromResourceException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroup
public void deleteGroup(PerunSession sess, Group group, boolean forceDelete) throws RelationExistsException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBl
If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception. If forceDelete is true, delete group with all subgroups, members and administrators, then delete this group.- Specified by:
deleteGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
- group to deleteforceDelete
- if forceDelete is false, delete group only if is empty and has no subgroups, if is true, delete anyway with all connections- Throws:
RelationExistsException
GroupAlreadyRemovedException
GroupAlreadyRemovedFromResourceException
GroupNotExistsException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroups
public void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBl
Delete all groups in list from perun. (Except members group)If forceDelete is false, delete groups only if none of them (IN MOMENT OF DELETING) has subgroups and members, in other case throw exception. if forceDelete is true, delete groups with all subgroups and members.
Groups are deleted in order: from longest name to the shortest - ex: Group A:b:c will be deleted sooner than Group A:b etc. - reason for this: with group are deleted its subgroups too
Important: Groups can be from different VOs.
- Specified by:
deleteGroups
in interfaceGroupsManagerBl
- Parameters:
perunSession
-groups
- list of groups to deletedforceDelete
- if forceDelete is false, delete groups only if all of them have no subgroups and no members, if is true, delete anyway with all connections- Throws:
GroupAlreadyRemovedException
RelationExistsException
GroupAlreadyRemovedFromResourceException
GroupNotExistsException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
deleteGroupsFromAutoRegistration
Description copied from interface:GroupsManagerBl
Deletes groups from a list of groups which can be registered into during vo registration.- Specified by:
deleteGroupsFromAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- list of groups
-
deleteGroupsFromAutoRegistration
public void deleteGroupsFromAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws FormItemNotExistsException Description copied from interface:GroupsManagerBl
Deletes groups from a list of groups which can be registered into during vo or group registration.- Specified by:
deleteGroupsFromAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- list of groupsformItem
- application form item- Throws:
FormItemNotExistsException
-
deleteMembersGroup
public void deleteMembersGroup(PerunSession sess, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBl
Deletes built-in members group.- Specified by:
deleteMembersGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-- Throws:
GroupAlreadyRemovedException
GroupAlreadyRemovedFromResourceException
GroupNotExistsException
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
-
disallowGroupToHierarchicalVo
public void disallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException Description copied from interface:GroupsManagerBl
Unsets flag required for including group to parent vo in a vo hierarchy- Specified by:
disallowGroupToHierarchicalVo
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Throws:
RelationNotExistsException
- if group is not allowed to be included in parent vo
-
expireMemberInGroup
Description copied from interface:GroupsManagerBl
Set member's status in given group to EXPIRED- Specified by:
expireMemberInGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- member whose status will be changedgroup
- group in which given member will be expired
-
extendMembershipInGroup
public void extendMembershipInGroup(PerunSession sess, Member member, Group group) throws ExtendMembershipException Description copied from interface:GroupsManagerBl
Extend member membership in given group using membershipExpirationRules attribute defined in Group.- Specified by:
extendMembershipInGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionmember
- membergroup
- group- Throws:
ExtendMembershipException
- extend membership exception
-
filterMembersByMembershipTypeInGroup
Description copied from interface:GroupsManagerBl
This method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target list- Specified by:
filterMembersByMembershipTypeInGroup
in interfaceGroupsManagerBl
- Parameters:
members
- list of members to filtering- Returns:
- filteredMembers list of members without duplicit after filtering
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBl
For richGroup filter all his group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-richGroup
-- Returns:
- richGroup with only allowed attributes
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBl
For list of richGroups filter all their group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-richGroups
-- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
public List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) Description copied from interface:GroupsManagerBl
For list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Specified by:
filterOnlyAllowedAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-richGroups
-resource
- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
public List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) Description copied from interface:GroupsManagerBl
For list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Specified by:
filterOnlyAllowedAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-richGroups
-member
- optional member param used for contextresource
- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBl
For enrichedGroup filter all its group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-enrichedGroup
-- Returns:
- enrichedGroup with only allowed attributes
-
forceAllSubGroupsSynchronization
Description copied from interface:GroupsManagerBl
Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)- Specified by:
forceAllSubGroupsSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
-group
- the group where all its subgroups will be forced to synchronize
-
forceGroupStructureSynchronization
public void forceGroupStructureSynchronization(PerunSession sess, Group group) throws GroupStructureSynchronizationAlreadyRunningException Description copied from interface:GroupsManagerBl
Synchronize the group structure with an external group structure. It checks if the synchronization of the same group is already in progress.- Specified by:
forceGroupStructureSynchronization
in interfaceGroupsManagerBl
- Parameters:
group
- the group to be forced this way- Throws:
GroupStructureSynchronizationAlreadyRunningException
-
forceGroupSynchronization
public void forceGroupSynchronization(PerunSession sess, Group group) throws GroupSynchronizationAlreadyRunningException, GroupSynchronizationNotEnabledException Description copied from interface:GroupsManagerBl
Synchronize the group with external group. It checks if the synchronization of the same group is already in progress.- Specified by:
forceGroupSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Throws:
GroupSynchronizationAlreadyRunningException
- when synchronization for the group is already runningGroupSynchronizationNotEnabledException
- when group doesn't have synchronization enabled
-
getActiveGroupMembers
Description copied from interface:GroupsManagerBl
Return all members of the group who are active (valid) in the group.Do not return expired members of the group.
- Specified by:
getActiveGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to get members from- Returns:
- list of active (valid) members
-
getActiveGroupMembers
Description copied from interface:GroupsManagerBl
Return all members of the group who are active (valid) in the group and have specific status in the Vo.Do not return expired members of the group.
- Specified by:
getActiveGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to get members fromstatus
- to get only members with this specific status in the Vo- Returns:
- list of active (valid) members with specific status in the Vo
-
getAdminGroups
Description copied from interface:GroupsManagerBl
Gets list of all group administrators of this group.- Specified by:
getAdminGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of group administrators
-
getAdmins
Description copied from interface:GroupsManagerBl
Gets list of all administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.If onlyDirectAdmins is true, return only direct users of the group for supported role.
Supported roles: GroupAdmin
- Specified by:
getAdmins
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-onlyDirectAdmins
- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of all user administrators of the given group for supported role
-
getAdmins
Deprecated.Description copied from interface:GroupsManagerBl
Gets list of all user administrators of this group. If some group is administrator of the given group, all members are included in the list.- Specified by:
getAdmins
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of administrators
-
getAllAllowedGroupsToHierarchicalVo
Description copied from interface:GroupsManagerBl
Returns all groups which can be included to VO.- Specified by:
getAllAllowedGroupsToHierarchicalVo
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionvo
- VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllAllowedGroupsToHierarchicalVo
Description copied from interface:GroupsManagerBl
Returns groups which can be included to VO from specific member VO.- Specified by:
getAllAllowedGroupsToHierarchicalVo
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionvo
- parent VOmemberVo
- member VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllGroups
Description copied from interface:GroupsManagerBl
Get all groups from all vos.- Specified by:
getAllGroups
in interfaceGroupsManagerBl
- Parameters:
sess
- session- Returns:
- list of all groups
-
getAllGroups
Description copied from interface:GroupsManagerBl
Get all groups of the VO.- Specified by:
getAllGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-- Returns:
- list of groups
-
getAllGroupsForAutoRegistration
Description copied from interface:GroupsManagerBl
Returns all groups which can be registered into during any vo registration. This method serves only for migration to new functionality related to the new table.- Specified by:
getAllGroupsForAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- session- Returns:
- list of groups
-
getAllGroupsWhereMemberIsActive
Description copied from interface:GroupsManagerBl
Returns all member's groups where member is in active state (is valid there) Included members group.- Specified by:
getAllGroupsWhereMemberIsActive
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in active state (valid)
-
getAllGroupsWithHierarchy
Description copied from interface:GroupsManagerBl
Get all groups of the VO stored in the map reflecting the hierarchy.- Specified by:
getAllGroupsWithHierarchy
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-- Returns:
- map of the groups hierarchically organized
-
getAllMemberGroups
Description copied from interface:GroupsManagerBl
Return all member's groups. Included members and administrators groups.- Specified by:
getAllMemberGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-member
-- Returns:
-
getAllRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBl
Returns all RichGroups containing selected attributes- Specified by:
getAllRichGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getAllRichGroupsWithAttributesByNames
public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBl
Returns all RichGroups containing selected attributes filtered by role and its type- Specified by:
getAllRichGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionvo
- voattrNames
- if attrNames is null method will return RichGroups containing all attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
-
getAllRichSubGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBl
Returns all RichSubGroups from parentGroup containing selected attributes (all levels subgroups)- Specified by:
getAllRichSubGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getAllRichSubGroupsWithAttributesByNames
public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBl
Returns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)- Specified by:
getAllRichSubGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
-
getAllSubGroups
Description copied from interface:GroupsManagerBl
Get all subgroups of the parentGroup recursively. (parentGroup subgroups, their subgroups etc...)- Specified by:
getAllSubGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
- parent group- Returns:
- list of groups
-
getAssignedGroupsToFacility
Description copied from interface:GroupsManagerBl
Return list of assigned groups on all facility resources (without subgroups unless they are assigned too)- Specified by:
getAssignedGroupsToFacility
in interfaceGroupsManagerBl
- Parameters:
sess
-facility
-- Returns:
- list of groups, which are assigned on all facility resources
-
getAssignedGroupsToResource
Description copied from interface:GroupsManagerBl
Return list of assigned groups on the resource (without subgroups unless they are assigned too)- Specified by:
getAssignedGroupsToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-- Returns:
- list of groups, which are assigned on the resource
-
getAssignedGroupsToResource
Description copied from interface:GroupsManagerBl
Return list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific member- Specified by:
getAssignedGroupsToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-member
-- Returns:
- list of groups, which are assigned on the resource and contain specific member
-
getAssignedGroupsToResource
public List<Group> getAssignedGroupsToResource(PerunSession sess, Resource resource, boolean withSubGroups) Description copied from interface:GroupsManagerBl
Return list of assigned groups on the resource.- Specified by:
getAssignedGroupsToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-withSubGroups
- if true returns also all subgroups of assigned groups- Returns:
- list of groups, which are assigned on the resource
-
getAssociatedGroupsToFacility
Description copied from interface:GroupsManagerBl
Return list of all associated groups from all facility resources (does not require ACTIVE group-resource status)- Specified by:
getAssociatedGroupsToFacility
in interfaceGroupsManagerBl
- Parameters:
sess
-facility
-- Returns:
- list of groups, which are associated with all facility resources
-
getAssociatedGroupsToResource
public List<Group> getAssociatedGroupsToResource(PerunSession sess, Resource resource, Member member) Description copied from interface:GroupsManagerBl
Return list of groups associated with the resource with specified member. Does not require ACTIVE group-resource status.- Specified by:
getAssociatedGroupsToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-member
-- Returns:
- list of groups, which are associated with the resource with specified member
-
getAssociatedGroupsToResource
Description copied from interface:GroupsManagerBl
Return list of assigned groups on the resource. Similar to assigned groups, but does not require ACTIVE group-resource status.- Specified by:
getAssociatedGroupsToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-- Returns:
- list of groups, which are associated with the resource
-
getDirectAdmins
Deprecated.Description copied from interface:GroupsManagerBl
Gets list of direct user administrators of this group. 'Direct' means, there aren't included users, who are members of group administrators, in the returned list.- Specified by:
getDirectAdmins
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of direct administrators
-
getDirectMemberGroupStatus
public MemberGroupStatus getDirectMemberGroupStatus(PerunSession session, Member member, Group group) Description copied from interface:GroupsManagerBl
Returns members direct status in given group. This method doesn't calculate status from subgroups! If there is no relation, null is returned.- Specified by:
getDirectMemberGroupStatus
in interfaceGroupsManagerBl
- Parameters:
session
- sessionmember
- membergroup
- group- Returns:
- status of member in given group
-
getDirectRichAdmins
Deprecated.Description copied from interface:GroupsManagerBl
Gets list of all administrators of this group, which are assigned directly, like RichUsers without attributes.- Specified by:
getDirectRichAdmins
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-
-
getDirectRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Description copied from interface:GroupsManagerBl
Get list of Group administrators, which are directly assigned (not by group membership) with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getDirectRichAdminsWithSpecificAttributes
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-specificAttributes
-- Returns:
- list of RichUsers with specific attributes.
-
getFacilitiesWhereGroupIsAdmin
Description copied from interface:GroupsManagerBl
Get list of facilities where the given group is given the admin role.- Specified by:
getFacilitiesWhereGroupIsAdmin
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered facilities.
-
getGroupById
Description copied from interface:GroupsManagerBl
Search for the group with specified id in all VOs.- Specified by:
getGroupById
in interfaceGroupsManagerBl
- Parameters:
sess
-id
-- Returns:
- group with specified id or throws
- Throws:
GroupNotExistsException
-
getGroupByName
Description copied from interface:GroupsManagerBl
Search for the group with specified name in specified VO.IMPORTANT: need to use full name of group (ex. 'toplevel:a:b', not the shortname which is in this example 'b')
- Specified by:
getGroupByName
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-name
-- Returns:
- group with specified name or throws in specified VO
- Throws:
GroupNotExistsException
-
getGroupDirectMembers
Description copied from interface:GroupsManagerBl
Return all direct group members.- Specified by:
getGroupDirectMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- group- Returns:
- list of direct members
-
getGroupDirectMembersCount
Description copied from interface:GroupsManagerBl
Returns count of direct members in the group- Specified by:
getGroupDirectMembersCount
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- count
-
getGroupDirectRichMembers
Description copied from interface:GroupsManagerBl
Returns direct group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupDirectRichMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group- Returns:
- list of direct RichMembers
-
getGroupMemberById
public Member getGroupMemberById(PerunSession sess, Group group, int memberId) throws NotGroupMemberException Description copied from interface:GroupsManagerBl
Get group member by member ID.- Specified by:
getGroupMemberById
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-memberId
-- Returns:
- Member
- Throws:
NotGroupMemberException
-
getGroupMembers
Description copied from interface:GroupsManagerBl
Return all group members.- Specified by:
getGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of users or empty list if the group is empty
-
getGroupMembers
public List<Member> getGroupMembers(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Description copied from interface:GroupsManagerBl
Return all members of the group who has specific status in the group and also specific status in the Vo.For example: All members with valid status in the Vo and also valid status in the group.
- Specified by:
getGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to get members fromstatusInGroup
- to get only members with this specific status in the groupstatus
- to get only members with this specific status in the Vo- Returns:
- list of members with specific status in group and specific status in the Vo
-
getGroupMembers
Description copied from interface:GroupsManagerBl
Return group members.- Specified by:
getGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-status
-- Returns:
- list users or empty list if there are no users on specified page
-
getGroupMembersCount
- Specified by:
getGroupMembersCount
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- count of members of specified group
-
getGroupMembersCountsByGroupStatus
public Map<MemberGroupStatus,Integer> getGroupMembersCountsByGroupStatus(PerunSession sess, Group group) Description copied from interface:GroupsManagerBl
Returns counts of group members by their group status.- Specified by:
getGroupMembersCountsByGroupStatus
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- map of member status in group to count of group members with the status
-
getGroupMembersCountsByVoStatus
Description copied from interface:GroupsManagerBl
Returns counts of group members by their status in VO.- Specified by:
getGroupMembersCountsByVoStatus
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- map of member status in VO to count of group members with the status
-
getGroupMembersExceptInvalid
Description copied from interface:GroupsManagerBl
Return only valid, suspended, expired and disabled group members.- Specified by:
getGroupMembersExceptInvalid
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list members or empty list if there are no such members
-
getGroupMembersExceptInvalidAndDisabled
Description copied from interface:GroupsManagerBl
Return only valid, suspended and expired group members.- Specified by:
getGroupMembersExceptInvalidAndDisabled
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list members or empty list if there are no such members
-
getGroupResourcePairsByAttribute
public List<Pair<Group,Resource>> getGroupResourcePairsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBl
Returns all group-resource which have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getGroupResourcePairsByAttribute
in interfaceGroupsManagerBl
- Parameters:
sess
-attribute
-- Returns:
- Throws:
WrongAttributeAssignmentException
-
getGroupRichMembers
Description copied from interface:GroupsManagerBl
Returns group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of RichMembers
-
getGroupRichMembers
Description copied from interface:GroupsManagerBl
Returns group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-status
-- Returns:
- list of RichMembers
-
getGroupRichMembersExceptInvalid
Description copied from interface:GroupsManagerBl
Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersExceptInvalid
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributes
Description copied from interface:GroupsManagerBl
Returns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributes
public List<RichMember> getGroupRichMembersWithAttributes(PerunSession sess, Group group, Status status) Description copied from interface:GroupsManagerBl
Returns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-status
-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributesExceptInvalid
public List<RichMember> getGroupRichMembersWithAttributesExceptInvalid(PerunSession sess, Group group) Description copied from interface:GroupsManagerBl
Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesExceptInvalid
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of RichMembers
-
getGroupUnions
Description copied from interface:GroupsManagerBl
Get list of group unions for specified group.- Specified by:
getGroupUnions
in interfaceGroupsManagerBl
- Parameters:
session
- perun sessiongroup
- groupreverseDirection
- if false get all operand groups of requested result group if true get all result groups of requested operand group- Returns:
- list of groups.
-
getGroupUsers
Description copied from interface:GroupsManagerBl
Return group users sorted by name.- Specified by:
getGroupUsers
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-- Returns:
- list users sorted or empty list if there are no users on specified page
-
getGroups
Description copied from interface:GroupsManagerBl
Get all groups of users under the VO.- Specified by:
getGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
- vo- Returns:
- list of groups
-
getGroupsByAttribute
public List<Group> getGroupsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBl
Returns all groups which have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getGroupsByAttribute
in interfaceGroupsManagerBl
- Parameters:
sess
-attribute
-- Returns:
- list of groups
- Throws:
WrongAttributeAssignmentException
-
getGroupsByIds
Description copied from interface:GroupsManagerBl
Search for the groups with specified ids in all VOs.- Specified by:
getGroupsByIds
in interfaceGroupsManagerBl
- Parameters:
sess
-ids
-- Returns:
- groups with specified ids
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a member- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-member
-- Returns:
- list of groups connected with member
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a resource- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
-- Returns:
- list of groups connected with resource
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a user- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-user
-- Returns:
- list of groups connected with user
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a host- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-host
-- Returns:
- list of groups connected with host
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a facility- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-facility
-- Returns:
- list of groups connected with facility
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBl
Returns list of groups connected with a vo- Specified by:
getGroupsByPerunBean
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-- Returns:
- list of groups connected with vo
-
getGroupsCount
- Specified by:
getGroupsCount
in interfaceGroupsManagerBl
- Parameters:
sess
-vo
-- Returns:
- count of VO's groups
-
getGroupsCount
Description copied from interface:GroupsManagerBl
Get count of all groups.- Specified by:
getGroupsCount
in interfaceGroupsManagerBl
- Parameters:
sess
-- Returns:
- count of all groups
-
getGroupsForAutoRegistration
Description copied from interface:GroupsManagerBl
Returns all groups which can be registered into during vo registration.- Specified by:
getGroupsForAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionvo
- vo- Returns:
- list of groups
-
getGroupsForAutoRegistration
public List<Group> getGroupsForAutoRegistration(PerunSession sess, Vo vo, ApplicationFormItem formItem) Description copied from interface:GroupsManagerBl
Returns all groups which can be registered into during vo registration.- Specified by:
getGroupsForAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionvo
- voformItem
- application form item- Returns:
- list of groups
-
getGroupsForAutoRegistration
public List<Group> getGroupsForAutoRegistration(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Description copied from interface:GroupsManagerBl
Returns all groups which can be registered into during group registration.- Specified by:
getGroupsForAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionregistrationGroup
- groupformItem
- application form item- Returns:
- list of groups
-
getGroupsManagerImpl
Gets the groupsManagerImpl for this instance.- Returns:
- The groupsManagerImpl.
-
getGroupsPage
public Paginated<RichGroup> getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) throws GroupNotExistsException, MemberNotExistsException, MemberGroupMismatchException Description copied from interface:GroupsManagerBl
Get page of groups from the given vo.- Specified by:
getGroupsPage
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionvo
- voquery
- query with page informationattrNames
- attribute names- Returns:
- page of requested rich groups
- Throws:
GroupNotExistsException
MemberNotExistsException
MemberGroupMismatchException
-
getGroupsToSynchronize
Description copied from interface:GroupsManagerBl
Gets all groups which have enabled synchronization.- Specified by:
getGroupsToSynchronize
in interfaceGroupsManagerBl
- Parameters:
sess
-- Returns:
- list of groups to synchronize
-
getGroupsWhereGroupIsAdmin
Description copied from interface:GroupsManagerBl
Get list of groups where the given group is given the admin role.- Specified by:
getGroupsWhereGroupIsAdmin
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered groups.
-
getGroupsWhereMemberIsActive
Description copied from interface:GroupsManagerBl
Returns all member's groups where member is in active state (is valid there) Excluded members group.- Specified by:
getGroupsWhereMemberIsActive
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in active state (valid)
-
getGroupsWhereMemberIsInactive
Description copied from interface:GroupsManagerBl
Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.- Specified by:
getGroupsWhereMemberIsInactive
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- member to get groups for- Returns:
- list of groups where member is in inactive state (expired)
-
getGroupsWhereUserIsActiveMember
Description copied from interface:GroupsManagerBl
Returns groups in which the user is active member. Groups are looked up only for the specified VO.- Specified by:
getGroupsWhereUserIsActiveMember
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionuser
- user objectvo
- VO object- Returns:
- List of groups
-
getGroupsWithAssignedExtSourceInVo
Description copied from interface:GroupsManagerBl
Get all groups in specific vo with assigned extSource- Specified by:
getGroupsWithAssignedExtSourceInVo
in interfaceGroupsManagerBl
- Parameters:
sess
-source
-vo
-- Returns:
- l
-
getInactiveGroupMembers
Description copied from interface:GroupsManagerBl
Return all members of the group who are inactive (expired) in the group.Do not return active members of the group.
- Specified by:
getInactiveGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to get members from- Returns:
- list of inactive (expired) members
-
getInactiveGroupMembers
Description copied from interface:GroupsManagerBl
Return all members of the group who are inactive (expired) in the group and have specific status in the Vo.Do not return active members of the group.
- Specified by:
getInactiveGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to get members fromstatus
- to get only members with this specific status in the Vo- Returns:
- list of inactive (expired) members with specific status in the Vo
-
getIndirectMembershipPaths
public List<List<Group>> getIndirectMembershipPaths(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Get unique paths of groups via which member is indirectly included to the group. Cuts off after first included group.- Specified by:
getIndirectMembershipPaths
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- membergroup
- group in which the member is indirectly included- Returns:
- lists of groups [CURRENT GROUP -> SUBGROUP -> ... -> MEMBER'S SOURCE GROUP]
- Throws:
MemberNotExistsException
GroupNotExistsException
-
getMemberDirectGroups
Description copied from interface:GroupsManagerBl
Get all groups (except member groups) where member has direct membership.- Specified by:
getMemberDirectGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-member
- to get information about- Returns:
- list of groups where member is direct member (not members group), empty list if there is no such group
-
getMemberGroups
Description copied from interface:GroupsManagerBl
Returns all members groups. Except 'members' group.- Specified by:
getMemberGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-member
-- Returns:
-
getMemberGroupsByAttribute
public List<Group> getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBl
Method return list of groups for selected member which (groups) has set specific attribute. Attribute can be only from namespace "GROUP"- Specified by:
getMemberGroupsByAttribute
in interfaceGroupsManagerBl
- Parameters:
sess
- sessmember
- memberattribute
- attribute from "GROUP" namespace- Returns:
- list of groups which contain member and have attribute with same value
- Throws:
WrongAttributeAssignmentException
-
getMemberRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBl
Return all RichGroups for specified member, containing selected attributes. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
- internal sessionmember
- the member to get the rich groups forattrNames
- list of selected attributes- Returns:
- list of rich groups with selected attributes
-
getMemberRichGroupsWithAttributesByNames
public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBl
Return all RichGroups for specified member, containing selected attributes filtered by role and its type. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
- internal sessionmember
- the member to get the rich groups forattrNames
- list of selected attributesroles
- list of selected roles (if empty, then return groups by all roles)types
- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- list of rich groups with selected attributes
-
getParentGroup
Description copied from interface:GroupsManagerBl
Get parent group. If group is topLevel group or Members group, return Members group.- Specified by:
getParentGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- parent group
- Throws:
ParentGroupNotExistsException
-
getParentGroupMembers
Description copied from interface:GroupsManagerBl
Get members from parent group. If the parent group doesn't exist (this is top level group) return all VO (from which the group is) members instead.- Specified by:
getParentGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
-
getParentGroupRichMembers
Description copied from interface:GroupsManagerBl
Get members form the parent group in RichMember format.- Specified by:
getParentGroupRichMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of parent group rich members
-
getParentGroupRichMembersWithAttributes
Description copied from interface:GroupsManagerBl
Get members form the parent group in RichMember format including user/member attributes.- Specified by:
getParentGroupRichMembersWithAttributes
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of parent group rich members
-
getPerunBl
Gets the perunBl.- Returns:
- The perunBl.
-
getRichAdmins
public List<RichUser> getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) throws UserNotExistsException Description copied from interface:GroupsManagerBl
Gets list of all richUser administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.Supported roles: GroupAdmin
If "onlyDirectAdmins" is "true", return only direct users of the group for supported role with specific attributes. If "allUserAttributes" is "true", do not specify attributes through list and return them all in objects richUser . Ignoring list of specific attributes.
- Specified by:
getRichAdmins
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-specificAttributes
- list of specified attributes which are needed in object richUserallUserAttributes
- if true, get all possible user attributes and ignore list of specificAttributes (if false, get only specific attributes)onlyDirectAdmins
- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of RichUser administrators for the group and supported role with attributes
- Throws:
UserNotExistsException
-
getRichAdmins
Deprecated.Description copied from interface:GroupsManagerBl
Gets list of all administrators of this group like RichUsers without attributes.- Specified by:
getRichAdmins
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-
-
getRichAdminsWithAttributes
@Deprecated public List<RichUser> getRichAdminsWithAttributes(PerunSession perunSession, Group group) throws UserNotExistsException Deprecated.Description copied from interface:GroupsManagerBl
Gets list of all administrators of this group like RichUsers with attributes.- Specified by:
getRichAdminsWithAttributes
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-- Throws:
UserNotExistsException
-
getRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Description copied from interface:GroupsManagerBl
Get list of Group administrators with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getRichAdminsWithSpecificAttributes
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
-specificAttributes
-- Returns:
- list of RichUsers with specific attributes.
-
getRichGroupByIdWithAttributesByNames
public RichGroup getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) throws GroupNotExistsException Description copied from interface:GroupsManagerBl
Returns RichGroup selected by id containing selected attributes- Specified by:
getRichGroupByIdWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
-groupId
-attrNames
- if attrNames is null method will return RichGroup containing all attributes- Returns:
- RichGroup
- Throws:
GroupNotExistsException
-
getRichGroupsWithAttributesAssignedToResource
public List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Resource resource, List<String> attrNames) Description copied from interface:GroupsManagerBl
Get all RichGroups with selected attributes assigned to the resource.- Specified by:
getRichGroupsWithAttributesAssignedToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-resource
- the resource to get assigned groups from itattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes assigned to the resource
-
getRichGroupsWithAttributesAssignedToResource
public List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Member member, Resource resource, List<String> attrNames) Description copied from interface:GroupsManagerBl
Get list of all richGroups with selected attributes assigned to the resource filtered by specific member. Allowed namespaces of attributes are group, group-resource, member-group and member-resource.Last step is filtration of attributes: Attributes are filtered by rights of user in session. User get only those selected attributes he has rights to read.
- Specified by:
getRichGroupsWithAttributesAssignedToResource
in interfaceGroupsManagerBl
- Parameters:
sess
-member
- member used for filtering returned groups (groups have to contain this member to be returned)resource
- resource to get assigned groups forattrNames
- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroup objects with specific attributes specified by object Resource and object Member
-
getRichSubGroupsWithAttributesByNames
public List<RichGroup> getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Description copied from interface:GroupsManagerBl
Returns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)- Specified by:
getRichSubGroupsWithAttributesByNames
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
-attrNames
- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getServiceGroupMembers
Description copied from interface:GroupsManagerBl
Return a list of all group members, who are service users- Specified by:
getServiceGroupMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- list of Members from given group who are service users
-
getSubGroups
Description copied from interface:GroupsManagerBl
Get all subgroups of the parent group under the VO.- Specified by:
getSubGroups
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
- parent group- Returns:
- list of groups
-
getSubGroupsCount
Description copied from interface:GroupsManagerBl
Returns number of immediate subgroups of the parent group.- Specified by:
getSubGroupsCount
in interfaceGroupsManagerBl
- Parameters:
sess
-parentGroup
-- Returns:
- count of parent group immediate subgroups
-
getSubgroupsPage
public Paginated<RichGroup> getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Description copied from interface:GroupsManagerBl
Get page of subgroups from the given parent group.- Specified by:
getSubgroupsPage
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- parent groupquery
- query with page informationattrNames
- attribute names- Returns:
- page of requested rich groups
-
getTotalGroupStatusForMembers
public Map<Integer,MemberGroupStatus> getTotalGroupStatusForMembers(PerunSession session, Group group, List<Member> members) Description copied from interface:GroupsManagerBl
Returns total member's status of given members in given group.- Specified by:
getTotalGroupStatusForMembers
in interfaceGroupsManagerBl
- Parameters:
session
- sessiongroup
- groupmembers
- members- Returns:
- total status of members in given group
-
getTotalMemberGroupStatus
public MemberGroupStatus getTotalMemberGroupStatus(PerunSession session, Member member, Group group) Description copied from interface:GroupsManagerBl
Returns total member's status in given group. If there is no relation, null is returned.- Specified by:
getTotalMemberGroupStatus
in interfaceGroupsManagerBl
- Parameters:
session
- sessionmember
- membergroup
- group- Returns:
- total status of member in given group
-
getUserGroups
Description copied from interface:GroupsManagerBl
Return groups where user is member.- Specified by:
getUserGroups
in interfaceGroupsManagerBl
- Parameters:
perunSession
-user
-- Returns:
- list of groups
-
getUserGroups
public List<Group> getUserGroups(PerunSession perunSession, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Description copied from interface:GroupsManagerBl
Return groups where user is member with allowed statuses in vo and group. If statuses are empty or null, all statuses are used.- Specified by:
getUserGroups
in interfaceGroupsManagerBl
- Parameters:
perunSession
-user
-memberStatuses
- allowed statuses of member in VOmemberGroupStatuses
- allowed statuses of member in group- Returns:
- list of groups
-
getVo
Description copied from interface:GroupsManagerBl
Gets the Vo which is owner of the group.- Specified by:
getVo
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- Vo which is owner of the group.
-
getVosWhereGroupIsAdmin
Description copied from interface:GroupsManagerBl
Get list of VOs where the given group is given the admin role.- Specified by:
getVosWhereGroupIsAdmin
in interfaceGroupsManagerBl
- Parameters:
perunSession
-group
- with the admin role.- Returns:
- List of administered VOs.
-
hasCandidateExistingMember
Compare richMember userExtSources with Candidate's userExtSources, if some of the useExtSource fits.- Parameters:
candidate
-richMember
-- Returns:
- true if richMember.userExtSources contains some of the candidate.useExtSource
-
hasGroupSynchronizedChild
Description copied from interface:GroupsManagerBl
Check if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.- Specified by:
hasGroupSynchronizedChild
in interfaceGroupsManagerBl
- Parameters:
session
-group
-- Returns:
-
inactivateMember
public void inactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Description copied from interface:GroupsManagerBl
Inactivates member in group and sets its status to EXPIRED.- Specified by:
inactivateMember
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- membergroup
- group- Throws:
MemberNotExistsException
- if given member is not direct member of given group
-
isAllowedGroupToHierarchicalVo
Description copied from interface:GroupsManagerBl
Returns flag representing if the group can be included in the (parent) vo's groups- Specified by:
isAllowedGroupToHierarchicalVo
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- groupvo
- parent vo- Returns:
- true if group can be included in vo's groups, false otherwise
-
isDirectGroupMember
Description copied from interface:GroupsManagerBl
Return true if Member is direct member of the Group- Specified by:
isDirectGroupMember
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group where the membership is to be checkedmember
- member whose membership is to be checked- Returns:
- true if Member is direct member of the Group
-
isGroupForAnyAutoRegistration
Description copied from interface:GroupsManagerBl
Check if group has automatic registration enabled in any form item.- Specified by:
isGroupForAnyAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group to check
-
isGroupForAutoRegistration
Description copied from interface:GroupsManagerBl
Check if group has automatic registration enabled in the given form item.- Specified by:
isGroupForAutoRegistration
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group to checkformItems
- form items for which the group can be configured
-
isGroupInStructureSynchronizationTree
Description copied from interface:GroupsManagerBl
Check if the group or its subgroups are defined as synchronized from an external source at this moment.- Specified by:
isGroupInStructureSynchronizationTree
in interfaceGroupsManagerBl
- Parameters:
session
-group
-- Returns:
-
isGroupLastAdminInSomeFacility
Description copied from interface:GroupsManagerBl
Check whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does. Such facilities could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeFacility
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group- Returns:
- list of facilities which the group supplies last FACILITYADMIN to
-
isGroupLastAdminInSomeFacility
Description copied from interface:GroupsManagerBl
Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do. Such facilities could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeFacility
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- groups to check- Returns:
- list of groups which supply last FACILITYADMIN in some facility
-
isGroupLastAdminInSomeVo
Description copied from interface:GroupsManagerBl
Check whether the group supplies the last VOADMIN in some vo, return those vos in which it does. Such vos could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeVo
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroup
- group- Returns:
- list of vos which the group supplies last VOADMIN to
-
isGroupLastAdminInSomeVo
Description copied from interface:GroupsManagerBl
Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do. Such vos could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeVo
in interfaceGroupsManagerBl
- Parameters:
sess
- sessiongroups
- groups to check- Returns:
- list of groups which supply last VOADMIN in some facility
-
isGroupMember
Description copied from interface:GroupsManagerBl
Return true if Member is member of the Group- Specified by:
isGroupMember
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-member
-- Returns:
- true if Member is member of the Group
-
isGroupSynchronizedFromExternallSource
Description copied from interface:GroupsManagerBl
Check if the group is defined as synchronized from an external source at this moment.- Specified by:
isGroupSynchronizedFromExternallSource
in interfaceGroupsManagerBl
- Parameters:
session
-group
-- Returns:
-
isUserMemberOfGroup
Description copied from interface:GroupsManagerBl
Checks whether the user is member of the group.- Specified by:
isUserMemberOfGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-user
-group
-- Returns:
- true if the user is member of the group
-
moveGroup
public void moveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) throws GroupMoveNotAllowedException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBl
Move one group structure under another group in same vo or as top level group- Specified by:
moveGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiondestinationGroup
- group to which is moving group moved, if it's null group will be moved as top level groupmovingGroup
- group which is moved to destination group- Throws:
GroupMoveNotAllowedException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
reactivateMember
public void reactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Description copied from interface:GroupsManagerBl
Reactivates member in group and sets its status to VALID.- Specified by:
reactivateMember
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- membergroup
- group- Throws:
MemberNotExistsException
- if given member is not member of given group
-
recalculateMemberGroupStatusRecursively
public void recalculateMemberGroupStatusRecursively(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatus) Calculates the state of given member in given group and if it differs from given 'previousState' calls this method recursively for all parent groups.- Specified by:
recalculateMemberGroupStatusRecursively
in interfaceGroupsManagerBl
- Parameters:
member
- membergroup
- grouppreviousStatus
- previousStatus- Throws:
InternalErrorException
- internal error
-
removeFormerMemberWhileSynchronization
public void removeFormerMemberWhileSynchronization(PerunSession sess, Group group, RichMember memberToRemove, boolean isAuthoritative) throws GroupNotExistsException Description copied from interface:GroupsManagerBl
Remove former member from group (if he is not listed in ExtSource).If this is membersGroup (of some Vo) try to disableMember, if not possible then delete him. If this is regular group (of some Vo) remove him and if this group is also his last authoritative group, disable or delete him also in the Vo.
This method runs in separate transaction.
- Specified by:
removeFormerMemberWhileSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to be synchronizedmemberToRemove
- member to be removed from Group- Throws:
GroupNotExistsException
- if group does not exist
-
removeGroupUnion
public void removeGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, GroupNotExistsException Description copied from interface:GroupsManagerBl
Removes a union relation between two groups. All indirect members that originate from operand group are removed from result group.- Specified by:
removeGroupUnion
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionresultGroup
- group from which members are removedoperandGroup
- group which members are removed from result groupparentFlag
- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Throws:
GroupRelationDoesNotExist
GroupRelationCannotBeRemoved
GroupNotExistsException
-
removeMember
public void removeMember(PerunSession sess, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Removes member form the group. But not from members or administrators group.- Specified by:
removeMember
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-member
-- Throws:
NotGroupMemberException
GroupNotExistsException
-
removeMember
public void removeMember(PerunSession sess, List<Group> groups, Member member) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Removes member from groups. But not from members or administrators group.- Specified by:
removeMember
in interfaceGroupsManagerBl
- Parameters:
sess
-groups
-member
-- Throws:
NotGroupMemberException
GroupNotExistsException
-
removeMemberFromMembersOrAdministratorsGroup
public void removeMemberFromMembersOrAdministratorsGroup(PerunSession sess, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBl
Removes member from members or administrators group only.- Specified by:
removeMemberFromMembersOrAdministratorsGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-member
-- Throws:
NotGroupMemberException
GroupNotExistsException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
removeMembers
public void removeMembers(PerunSession sess, Group group, List<Member> members) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Removes members from the group. But not from members or administrators group.- Specified by:
removeMembers
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-members
-- Throws:
NotGroupMemberException
GroupNotExistsException
-
removeRelationMembers
public void removeRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws WrongReferenceAttributeValueException, NotGroupMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Method recalculates all relations between groups. Method recursively removes members from groups and all their relations. The method is called in case of: 1) removed relation 2) removed member 3) group removal 4) group movement- Specified by:
removeRelationMembers
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionresultGroup
- group to which members are added or removed fromchangedMembers
- list of changed members which is passed as argument to add indirect members method. List contains records of removed indirect members from operand group.sourceGroupId
- id of a group from which members originate- Throws:
WrongReferenceAttributeValueException
NotGroupMemberException
WrongAttributeValueException
GroupNotExistsException
-
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
public void saveInformationAboutGroupStructureSynchronizationInNestedTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBl
This method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in nested transaction. With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Specified by:
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- the group structure for synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupStructureSynchronizationInNewTransaction
public void saveInformationAboutGroupStructureSynchronizationInNewTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBl
This method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of it being used in synchronization of groups structures) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Specified by:
saveInformationAboutGroupStructureSynchronizationInNewTransaction
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- the group structure for synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNestedTransaction
public void saveInformationAboutGroupSynchronizationInNestedTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBl
This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in nested transaction so it can be used in another transaction With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Specified by:
saveInformationAboutGroupSynchronizationInNestedTransaction
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- the group for synchronizationstartTime
- of the synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNewTransaction
public void saveInformationAboutGroupSynchronizationInNewTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBl
This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of using in synchronization of groups) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Specified by:
saveInformationAboutGroupSynchronizationInNewTransaction
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- the group for synchronizationstartTime
- of the synchronizationfailedDueToException
- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage
- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsException
WrongReferenceAttributeValueException
WrongAttributeAssignmentException
WrongAttributeValueException
-
setPerunBl
-
synchronizeGroup
public List<String> synchronizeGroup(PerunSession sess, Group group) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBl
Synchronizes the group with the external group without checking if the synchronization is already in progress. If some members from extSource of this group were skipped, return info about them. if not, return empty string instead, which means all members was successfully load from extSource.- Specified by:
synchronizeGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
-- Returns:
- List of strings with skipped users with reasons why were skipped
- Throws:
AttributeNotExistsException
WrongAttributeAssignmentException
ExtSourceNotExistsException
GroupNotExistsException
-
synchronizeGroupStructure
public List<String> synchronizeGroupStructure(PerunSession sess, Group baseGroup) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBl
Synchronize a group structure with an external source group structure under the group.- Specified by:
synchronizeGroupStructure
in interfaceGroupsManagerBl
- Parameters:
sess
-baseGroup
- base group under which will be synchronized structure of groups- Returns:
- List of strings with skipped groups with reasons why were skipped
- Throws:
AttributeNotExistsException
WrongAttributeAssignmentException
ExtSourceNotExistsException
WrongAttributeValueException
WrongReferenceAttributeValueException
-
synchronizeGroups
Start and check threads with synchronization of groups. (max threads is defined by constant) It also add new groups to the queue. This method is run by the scheduler every 5 minutes.Note: this method is synchronized
- Specified by:
synchronizeGroups
in interfaceGroupsManagerBl
- Throws:
InternalErrorException
-
synchronizeGroupsStructures
Description copied from interface:GroupsManagerBl
Synchronize all groups structures which have enabled group structure synchronization. This method is run by the scheduler every 5 minutes.- Specified by:
synchronizeGroupsStructures
in interfaceGroupsManagerBl
-
updateExistingMemberWhileSynchronization
public void updateExistingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, RichMember memberToUpdate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<AttributeDefinition> attrDefs) Description copied from interface:GroupsManagerBl
Get candidate and corresponding memberToUpdate and update his attributes, extSources, expiration and status.For Member - updateAttributes For User - updateAttributes if exists in list of overwriteUserAttributesList, in other case just mergeAttributes.
updateAttributes = store new values mergeAttributes = for List and Map add new values, do not remove old one, for other cases store new values (like String, Integer etc.)
This method runs in separate transaction.
- Specified by:
updateExistingMemberWhileSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessiongroup
- to be synchronizedcandidate
- candidate to update bymemberToUpdate
- richMember for updating in Perun by information from extSourceoverwriteUserAttributesList
- list of user attributes to be updated instead of mergedmergeMemberAttributesList
- list of member attributes to be merged instead of updatedattrDefs
- list of attribute definitions to update from candidate, if null the list is filled in process
-
updateGroup
Description copied from interface:GroupsManagerBl
Updates group by ID.Update shortName (use shortName) and description. Group.name is ignored. Return Group with correctly set parameters (including group.name)
- Specified by:
updateGroup
in interfaceGroupsManagerBl
- Parameters:
sess
-group
- to update (use only ID, shortName and description)- Returns:
- updated group with correctly set parameters (including group.name)
- Throws:
GroupExistsException
- if group with same name already exists in the same VO
-
updateParentGroupId
Description copied from interface:GroupsManagerBl
Updates parentGroupId.!! IMPORTANT This method allows to change parentGroupId, but it doesn't update group and subGroup names !!
- Specified by:
updateParentGroupId
in interfaceGroupsManagerBl
- Parameters:
sess
-group
- to update- Returns:
- group with updated parentGroupId
-
suspendGroupSynchronization
Description copied from interface:GroupsManagerBl
Suspend synchronizing groups and their structures.- Specified by:
suspendGroupSynchronization
in interfaceGroupsManagerBl
- Parameters:
sess
- sessionsuspend
- whether to suspend or unsuspend
-
isSuspendedGroupSynchronization
public boolean isSuspendedGroupSynchronization()Description copied from interface:GroupsManagerBl
Check if synchronizing groups is suspended.- Specified by:
isSuspendedGroupSynchronization
in interfaceGroupsManagerBl
- Returns:
- True if suspended, false if synchronizing
-
validateMemberInGroup
Description copied from interface:GroupsManagerBl
Set member's status in given group to VALID- Specified by:
validateMemberInGroup
in interfaceGroupsManagerBl
- Parameters:
sess
- perun sessionmember
- member whose status will be changedgroup
- group in which given member will be validated
-