Package cz.metacentrum.perun.core.blImpl
Class UsersManagerBlImpl
java.lang.Object
cz.metacentrum.perun.core.blImpl.UsersManagerBlImpl
- All Implemented Interfaces:
UsersManagerBl
UsersManager business logic
- Author:
- Michal Prochazka michalp@ics.muni.cz, Slavek Licehammer glory@ics.muni.cz, Sona Mastrakova
-
Field Summary
Fields inherited from interface cz.metacentrum.perun.core.bl.UsersManagerBl
ADDITIONAL_IDENTIFIERS_ATTRIBUTE_NAME, ADDITIONAL_IDENTIFIERS_PERUN_ATTRIBUTE_NAME, MULTIVALUE_ATTRIBUTE_SEPARATOR_REGEX, ORIGIN_IDENTITY_PROVIDER_KEY -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddSpecificUserOwner(PerunSession sess, User user, User specificUser) Add specificUser owner (the user) If not exists, create new ownership.addUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) Adds user's external sources.voidanonymizeUser(PerunSession sess, User user, boolean force) Anonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted.voidblockLogins(PerunSession sess, List<String> logins, String namespace, Integer relatedUserId) Block logins for given namespace or block logins globally (if no namespace is selected)voidchangeNonAuthzPassword(PerunSession sess, String token, String password, String lang) Changes user password in defined login-namespace based on token of the password reset request.voidchangePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) Changes user password in defined login-namespace.changePasswordRandom(PerunSession session, User user, String namespace) Generates new random password for given user and returns String representing HTML where is the new password.voidcheckBlockedLogins(PerunSession sess, String namespace, String userLogin, boolean ignoreCase) Check if login is blocked.voidcheckPasswordResetRequestIsValid(PerunSession sess, String token) Checks if the password reset request link is valid.voidcheckPasswordStrength(PerunSession sess, String password, String namespace, String login) Check password strength for the given namespace.voidcheckReservedLogins(PerunSession sess, String namespace, String login, boolean ignoreCase) Check if login exists in specified namespace or in any namespace (if namespace is null).voidcheckUserExists(PerunSession sess, User user) voidcheckUserExtSourceExists(PerunSession sess, UserExtSource userExtSource) voidcheckUserExtSourceExistsById(PerunSession sess, int id) convertRichUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers) From List of Rich Users without attribute make list of Rich Users with attributesGet user and convert values of his object attributes: - firstName - lastName - middleName - titleBefore - titleAfter from emptyString (like "") to null.convertUsersToRichUsers(PerunSession sess, List<User> users) From List of Users make list of RichUsers (without attributes)convertUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers, List<AttributeDefinition> attrsDef) Convert RichUsers without attribute to RichUsers with specific attributes.convertUsersToRichUsersWithAttributesByNames(PerunSession sess, List<User> users, List<String> attrNames) From List of Users make list of RichUsers (with attributes by names)convertUserToRichUserWithAttributesByNames(PerunSession sess, User user, List<String> attrNames) From User make Rich user (with attributes by names)voidcreateAlternativePassword(PerunSession sess, User user, String description, String loginNamespace, String password) Creates alternative password in external system.createServiceUser(PerunSession sess, Candidate candidate, List<User> owners) From given candidate, creates a service user and assign given owners to him.createUser(PerunSession sess, Candidate candidate) From given candidate, creates a user.createUser(PerunSession sess, User user) Inserts user into DB.voiddeleteAlternativePassword(PerunSession sess, User user, String loginNamespace, String passwordId) Deletes alternative password in external system.voiddeletePassword(PerunSession sess, User user, String loginNamespace) Deletes password in external system for existing user.voiddeletePassword(PerunSession sess, String userLogin, String loginNamespace) Deletes password in external system.voiddeleteReservedLoginsForNamespace(PerunSession sess, String namespace) Deletes all reserved logins in given namespacevoiddeleteReservedLoginsOnlyByGivenApp(PerunSession sess, int appId) Deletes reserved logins which can be deleted - they are used only in the given application.voiddeleteUser(PerunSession sess, User user) Deletes user.voiddeleteUser(PerunSession sess, User user, boolean forceDelete) Deletes user.filterOnlyAllowedAttributes(PerunSession sess, RichUser richUser) For richUser filter all his user attributes and remove all which principal has no access to.filterOnlyAllowedAttributes(PerunSession sess, List<RichUser> richUsers) For list of richUser filter all their user attributes and remove all which principal has no access to.filterOnlyAllowedAttributesForRichUserExtSources(PerunSession sess, List<RichUserExtSource> richUserExtSources) From given list ofRichUserExtSourceremoves the attributes which are not allowed for the current principal.findRichUsers(PerunSession sess, String searchString) Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersByExactMatch(PerunSession sess, String searchString) Returns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributes(PerunSession sess, String searchString, List<String> attrsName) Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributesByExactMatch(PerunSession sess, String searchString, List<String> attrsName) Returns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithoutSpecificVoWithAttributes(PerunSession sess, Vo vo, String searchString, List<String> attrsName) Return list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.findUsers(PerunSession sess, String searchString) Returns list of users' who matches the searchString, searching name, id, uuid, email and logins.findUsersByExactMatch(PerunSession sess, String searchString) findUsersByExactName(PerunSession sess, String searchString) Returns list of users who exactly matches the searchStringfindUsersByName(PerunSession sess, String searchString) Returns list of users who matches the searchStringfindUsersByName(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Returns list of users who matches the fields.findUsersWithExtSourceAttributeValueEnding(PerunSessionImpl sess, String attributeName, String valueEnd, List<String> excludeValueEnds) Finds users with UserExtSource with attribute value that ends with specified string but not with specified exclude strings.generateAccount(PerunSession sess, String loginNamespace, Map<String, String> parameters) Generate user account in a backend system associated with login-namespace in Perun.getActiveUserExtSources(PerunSession sess, User user) Get all users userExtSources with last_access not older than (now - m), where 'm' is number of months defined in CONSTANT in UsersManagerImpl.Returns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)getAllowedResources(PerunSession sess, Facility facility, User user) Get all resources from the facility which have the user access on.getAllowedResources(PerunSession sess, User user) Get all resources which have the user access on.getAllRichUsers(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers, List<String> attrsName) Get User to RichUser with attributes.getAllUserExtSourcesByTypeAndLogin(PerunSession sess, String extType, String extLogin) Gets list of all users external sources by specific type and extLogin.getAssignedResources(PerunSession sess, Facility facility, User user) Get all resources from the facility where the user is assigned.getAssignedResources(PerunSession sess, User user) Get all resources where the user is assigned.getAssignedRichResources(PerunSession sess, User user) Get all rich resources where the user is assigned.getAssociatedResources(PerunSession sess, Facility facility, User user) Return all resources of specified facility with which user is associated through all his members.getAssociatedResources(PerunSession sess, User user) Get all resources with which user can be associated (similar to assigned resources, but does not require ACTIVE group-resource assignment).getBlockedLoginsPage(PerunSession sess, BlockedLoginsPageQuery query) Get page of blocked logins.getGroupsWhereUserIsActive(PerunSession sess, Facility facility, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and facilitygetGroupsWhereUserIsActive(PerunSession sess, Resource resource, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and resourcegetGroupsWhereUserIsAdmin(PerunSession sess, User user) Returns list of Groups in Perun, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.getGroupsWhereUserIsAdmin(PerunSession sess, Vo vo, User user) Returns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.intgetIdOfBlockedLogin(PerunSession sess, String login, String namespace) Return ID of blocked logingetPasswordManagerModule(PerunSession session, String namespace) Returns password manager module for specified login-namespace or falls back on generic password manager module.getPendingPreferredEmailChanges(PerunSession sess, User user) Return list of email addresses of user, which are awaiting validation and are inside time window for validation.Gets the perunBl for this instance.getRelatedUserIdByBlockedLoginInNamespace(PerunSession sess, String login, String namespace) Get user id of the user who was related to the given login in the pastgetReservedLoginsByApp(PerunSession sess, int appId) Gets reserved logins which are used in the given application.getReservedLoginsOnlyByGivenApp(PerunSession sess, int appId) Gets reserved logins which can be deleted - they are used only in the given application.getRichUser(PerunSession sess, User user) Get User to RichUser without attributes.getRichUserExtSources(PerunSession sess, User user, List<String> attrsNames) Gets list of all user's external sources with attributes.getRichUsersByIds(PerunSession sess, List<Integer> ids) Returns rich users without attributes by their ids.getRichUsersFromListOfUsers(PerunSession sess, List<User> users) From Users makes RichUsers without attributes.getRichUsersWithAttributesByIds(PerunSession sess, List<Integer> ids) Returns rich users with attributes by their ids.getRichUsersWithAttributesFromListOfUsers(PerunSession sess, List<User> users) From Users makes RichUsers with attributes.Returns all RichUsers with attributes who are not member of any VO.getRichUsersWithoutVoWithAttributes(PerunSession sess, List<String> attrsName) Return list of RichUsers which are not members of any VO and contain selected attributes.getRichUserWithAttributes(PerunSession sess, User user) Get User to RichUser with attributes.getSpecificUsers(PerunSession sess) Return all specific Users (only specific users)getSpecificUsersByUser(PerunSession sess, User user) Return all specificUsers who are owned by the user and their ownership is not in status disabledgetSponsors(PerunSession sess, Member sponsoredMember) Gets list of users that sponsor the member.getSponsorsForSponsoredMembersInVo(PerunSession sess, int voId) Retrieves a map, that maps the ids of the sponsored members in the given VO to a list of their Sponsors with the corresponding Sponsorship objects.getUserByExtSourceInformation(PerunSession sess, PerunPrincipal principal) Get user by principal's additional identifiers or extSourceName and extSourceLogin.getUserByExtSourceNameAndExtLogin(PerunSession sess, String extSourceName, String extLogin) Get user by extSourceName and extSourceLogingetUserById(PerunSession sess, int id) Returns user by his/her id.getUserByMember(PerunSession sess, Member member) Returns user by VO member.getUserByUserExtSource(PerunSession sess, UserExtSource userExtSource) Returns user by his login in external source and external source.getUserByUserExtSources(PerunSession sess, List<UserExtSource> userExtSources) Get the user based on one of the userExtSource.getUserExtSourceByExtLogin(PerunSession sess, ExtSource source, String extLogin) Gets user's external source by the user's external login and external source.getUserExtSourceById(PerunSession sess, int id) Get the user ext source by its id.getUserExtSourceByUniqueAttributeValue(PerunSession sess, int attrId, String uniqueValue) Return userExtSource for specific attribute definition (specified by id) and unique value.getUserExtSourceByUniqueAttributeValue(PerunSession sess, String attrName, String uniqueValue) Return userExtSource for specific attribute definition (specified by id) and unique value.getUserExtSourceFromMultipleIdentifiers(PerunSession sess, PerunPrincipal principal) Iteratively searches through additional identifiers trying to find userExtSource with the same identifier.getUserExtSources(PerunSession sess, User user) Gets list of all user's external sources of the user.getUserExtSourcesByIds(PerunSession sess, List<Integer> ids) Get user ext sources by their ids.getUsers(PerunSession sess) Returns all users (included specific users)getUsersByAttribute(PerunSession sess, Attribute attribute) Returns all users who have set the attribute with the value.getUsersByAttribute(PerunSession sess, Attribute attribute, boolean ignoreCase) Returns all users who have set the attribute with the value IGNORING CASE in the comparison.getUsersByAttribute(PerunSession sess, String attributeName, String attributeValue) Search attributes directly in the DB only if the attr is def or opt and value is type of String, otherwise load all users and search in a loop.getUsersByAttributeValue(PerunSession sess, String attributeName, String attributeValue) Returns all users who have the attribute with the value.getUsersByExtSourceTypeAndLogin(PerunSession perunSession, String extSourceType, String login) Get all the users who have given type of the ExtSource and login.getUsersByIds(PerunSession sess, List<Integer> usersIds) Batch method which returns users by theirs ids.getUsersByPerunBean(PerunSession sess, Facility facility) Returns list of users connected with a facilitygetUsersByPerunBean(PerunSession sess, Group group) Returns list of users connected with a groupgetUsersByPerunBean(PerunSession sess, Host host) Returns list of users connected with a hostgetUsersByPerunBean(PerunSession sess, Member member) Returns list of users connected with a membergetUsersByPerunBean(PerunSession sess, Resource resource) Returns list of users connected with a resourcegetUsersByPerunBean(PerunSession sess, Vo vo) Returns list of users connected with a vogetUsersBySpecificUser(PerunSession sess, User specificUser) Return all users who owns the specificUser and their ownership is not in status disabledintgetUsersCount(PerunSession sess) Get count of all users.Gets the usersManagerImpl for this instance.getUsersPage(PerunSession sess, UsersPageQuery query, List<String> attrNames) Get page of users with the given attributes.getUsersReservedLogins(PerunSession sess, User user) Return list of all reserved logins for specific user (pair is namespace and login)getUsersWithoutSpecificVo(PerunSession sess, Vo vo, String searchString) Return list of users who matches the searchString, searching name, email and logins and are not member in specific VO.Returns all users who are not member of any VO.getVosWhereUserIsAdmin(PerunSession sess, User user) Returns list of VOs, where the user is an Administrator.getVosWhereUserIsMember(PerunSession sess, User user) Returns list of VOs, where the user is a member.booleanisLoginAvailable(PerunSession sess, String loginNamespace, String login) Checks if the login is available in the namespace.booleanisLoginBlocked(PerunSession sess, String login, boolean ignoreCase) Return true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not.booleanisLoginBlockedForNamespace(PerunSession sess, String login, String namespace, boolean ignoreCase) Return true if login is blocked for given namespace, false if not When the namespace is null, then the method behaves like isLoginBlockedGlobally(), so it checks if the login is blocked globally.booleanisLoginBlockedGlobally(PerunSession sess, String login) Return true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not Globally banned logins are ALWAYS case-insensitive.booleanisUserAnonymized(PerunSession sess, User user) Checks whether user has been anonymized or not.booleanisUserPerunAdmin(PerunSession sess, User user) Deprecated.booleanloginExist(PerunSession sess, User user, String loginNamespace) Checks if login exists in given login-namespace.voidmoveUserExtSource(PerunSession sess, User sourceUser, User targetUser, UserExtSource userExtSource) Take UserExtSource from sourceUser and move it to the targetUser.voidremoveAllUserExtSources(PerunSession sess, User user) Removes all user's external sources.voidremoveSpecificUserOwner(PerunSession sess, User user, User specificUser) Remove specificUser owner (the user) Only disable ownership of user and specificUservoidremoveSpecificUserOwner(PerunSession sess, User user, User specificUser, boolean forceDelete) Remove specificUser owner (the user).voidremoveUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) Removes user's external sources.voidrequestPreferredEmailChange(PerunSession sess, String url, User user, String email, String lang, String path, String idp) Request change of user's preferred email address.voidreservePassword(PerunSession sess, User user, String loginNamespace, String password) Reserves the password in external system.voidreservePassword(PerunSession sess, String userLogin, String loginNamespace, String password) Reserves the password in external system.voidreserveRandomPassword(PerunSession sess, User user, String loginNamespace) Reserves random password in external system.voidsetLogin(PerunSession sess, User user, String loginNamespace, String login) Allow users to manually add login in supported namespace if same login is not reservedvoidsetPerunBl(PerunBl perunBl) setSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) Set specific user type for specific user and set ownership of this user for the owner.booleanspecificUserOwnershipExists(PerunSession sess, User user, User specificUser) Return true if ownership of user and specificUser already exists.voidunblockLogins(PerunSession sess, List<String> logins, String namespace) Unblock logins for given namespace or unblock logins globally (if no namespace is selected)voidunblockLoginsById(PerunSession sess, List<Integer> loginIds) Unblock logins by id globally, or in the namespace they were initially blocked.voidunblockLoginsForNamespace(PerunSession sess, String namespace) Unblock all logins for given namespaceunsetSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType) Remove all ownerships of this specific user and unset this specific user type from this specific user.updateNameTitles(PerunSession sess, User user) Updates titles before/after users name.updateUser(PerunSession sess, User user) Updates users data in DB.updateUserExtSource(PerunSession sess, UserExtSource userExtSource) Updates user's userExtSource in DB.voidupdateUserExtSourceLastAccess(PerunSession sess, UserExtSource userExtSource) Updates user's userExtSource last access time in DB.booleanuserExtSourceExists(PerunSession sess, UserExtSource userExtSource) voidvalidatePassword(PerunSession sess, User user, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.voidvalidatePassword(PerunSession sess, String userLogin, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.validatePreferredEmailChange(PerunSession sess, User user, String token) Validate change of user's preferred email address.voidvalidateSSHKey(PerunSession sess, String sshKey) Validate ssh public key, throws exception if validation fails
-
Constructor Details
-
UsersManagerBlImpl
Constructor.- Parameters:
usersManagerImpl- connection pool
-
-
Method Details
-
addSpecificUserOwner
public void addSpecificUserOwner(PerunSession sess, User user, User specificUser) throws RelationExistsException Description copied from interface:UsersManagerBlAdd specificUser owner (the user) If not exists, create new ownership. If exists, only enable ownership for user and specificUser- Specified by:
addSpecificUserOwnerin interfaceUsersManagerBluser- the userspecificUser- the specificUser- Throws:
RelationExistsException- If there is such user (the user) who try to add
-
addUserExtSource
public UserExtSource addUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) throws UserExtSourceExistsException Description copied from interface:UsersManagerBlAdds user's external sources.- Specified by:
addUserExtSourcein interfaceUsersManagerBl- Returns:
- user external auth object with newly generated ID
- Throws:
UserExtSourceExistsException
-
anonymizeUser
public void anonymizeUser(PerunSession sess, User user, boolean force) throws RelationExistsException, AnonymizationNotSupportedException Description copied from interface:UsersManagerBlAnonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted. Also deletes other user's related data, e.g. authorships of users publications, mail change and password reset requests, bans... If force is true then also removes associated members.- Specified by:
anonymizeUserin interfaceUsersManagerBl- Throws:
RelationExistsException- if the user has some members assignedAnonymizationNotSupportedException- if an attribute should be anonymized but its module doesn't specify the anonymization process or if the anonymization is not supported at this instance
-
blockLogins
public void blockLogins(PerunSession sess, List<String> logins, String namespace, Integer relatedUserId) throws LoginIsAlreadyBlockedException, LoginExistsException Description copied from interface:UsersManagerBlBlock logins for given namespace or block logins globally (if no namespace is selected)- Specified by:
blockLoginsin interfaceUsersManagerBllogins- list of logins to be blockednamespace- namespace where the logins should be blocked (null means block the logins globally)relatedUserId- id of the user related to the login or null if the relatedUserId should not be stored- Throws:
LoginIsAlreadyBlockedExceptionLoginExistsException
-
changeNonAuthzPassword
public void changeNonAuthzPassword(PerunSession sess, String token, String password, String lang) throws LoginNotExistsException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException, PasswordResetLinkExpiredException, PasswordResetLinkNotValidException, UserNotExistsException Description copied from interface:UsersManagerBlChanges user password in defined login-namespace based on token of the password reset request.- Specified by:
changeNonAuthzPasswordin interfaceUsersManagerBl- Parameters:
sess- PerunSessiontoken- token for the password reset requestpassword- new passwordlang- Language to get notification in- Throws:
LoginNotExistsException- When user doesn't have login in specified namespacePasswordChangeFailedException- When password change failedPasswordOperationTimeoutException- When password change timed outInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordStrengthException- When password doesn't match expected strength by namespace configurationPasswordResetLinkExpiredException- When the password reset request expiredPasswordResetLinkNotValidException- When the password reset request was already used or has never existedUserNotExistsException- When the user who requested the password reset doesn't existPasswordStrengthFailedException
-
changePassword
public void changePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManagerBlChanges user password in defined login-namespace. If checkOldPassword is true, then ask authentication system if old password is correct. user must exists.- Specified by:
changePasswordin interfaceUsersManagerBluser- user object which is used to get userLogin from the loginNamespace- Throws:
LoginNotExistsException- When user doesn't have login in specified namespacePasswordDoesntMatchException- When old password does not matchPasswordChangeFailedExceptionInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordStrengthException- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutExceptionPasswordStrengthFailedException
-
changePasswordRandom
public String changePasswordRandom(PerunSession session, User user, String namespace) throws PasswordOperationTimeoutException, LoginNotExistsException, PasswordChangeFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManagerBlGenerates new random password for given user and returns String representing HTML where is the new password.The HTML template is taken from entityless attribute randomPwdResetTemplate and the loginNamespace is used as a key.
- Specified by:
changePasswordRandomin interfaceUsersManagerBl- Parameters:
session- sessionuser- usernamespace- login namespace- Returns:
- String representing HTML with data about new generated password
- Throws:
PasswordOperationTimeoutException- password change timed outLoginNotExistsException- When user doesn't have login in specified namespacePasswordChangeFailedException- password change failedInvalidLoginException- When When login of user has invalid syntax (is not allowed)PasswordStrengthException- When password doesn't match expected strength by namespace configuration
-
checkBlockedLogins
public void checkBlockedLogins(PerunSession sess, String namespace, String userLogin, boolean ignoreCase) throws LoginIsAlreadyBlockedException Description copied from interface:UsersManagerBlCheck if login is blocked. Login can be blocked by default (used by internal components), globally or in namespace.- Specified by:
checkBlockedLoginsin interfaceUsersManagerBl- Parameters:
sess- sessionnamespace- attributeuserLogin- loginignoreCase- ignore case (work as case-insensitive)- Throws:
LoginIsAlreadyBlockedException- when login is blocked
-
checkPasswordResetRequestIsValid
public void checkPasswordResetRequestIsValid(PerunSession sess, String token) throws PasswordResetLinkExpiredException, PasswordResetLinkNotValidException Description copied from interface:UsersManagerBlChecks if the password reset request link is valid. The request is valid, if it was created, never used and hasn't expired yet.- Specified by:
checkPasswordResetRequestIsValidin interfaceUsersManagerBl- Parameters:
sess- PerunSessiontoken- token for the request to check- Throws:
PasswordResetLinkExpiredException- when the reset link expiredPasswordResetLinkNotValidException- when the reset link was already used or has never existed
-
checkPasswordStrength
public void checkPasswordStrength(PerunSession sess, String password, String namespace, String login) throws PasswordStrengthException Description copied from interface:UsersManagerBlCheck password strength for the given namespace. If the password is too weak, the PasswordStrengthException is thrown- Specified by:
checkPasswordStrengthin interfaceUsersManagerBlpassword- password, that will be checkednamespace- namespace, that will be used to check the strength of the passwordlogin- login, which may be required for correct password strength check- Throws:
PasswordStrengthException- When password doesn't match expected strength by namespace configuration
-
checkReservedLogins
public void checkReservedLogins(PerunSession sess, String namespace, String login, boolean ignoreCase) throws AlreadyReservedLoginException Description copied from interface:UsersManagerBlCheck if login exists in specified namespace or in any namespace (if namespace is null).- Specified by:
checkReservedLoginsin interfaceUsersManagerBlnamespace- namespace for login, null for all namespacelogin- login to checkignoreCase- TRUE to perform case-insensitive check- Throws:
AlreadyReservedLoginException- throw this exception if login already exist in table of reserved logins
-
checkUserExists
- Specified by:
checkUserExistsin interfaceUsersManagerBl- Throws:
UserNotExistsException
-
checkUserExtSourceExists
public void checkUserExtSourceExists(PerunSession sess, UserExtSource userExtSource) throws UserExtSourceNotExistsException - Specified by:
checkUserExtSourceExistsin interfaceUsersManagerBl- Throws:
UserExtSourceNotExistsException
-
checkUserExtSourceExistsById
public void checkUserExtSourceExistsById(PerunSession sess, int id) throws UserExtSourceNotExistsException - Specified by:
checkUserExtSourceExistsByIdin interfaceUsersManagerBl- Throws:
UserExtSourceNotExistsException
-
convertRichUsersToRichUsersWithAttributes
public List<RichUser> convertRichUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers) throws UserNotExistsException Description copied from interface:UsersManagerBlFrom List of Rich Users without attribute make list of Rich Users with attributes- Specified by:
convertRichUsersToRichUsersWithAttributesin interfaceUsersManagerBl- Returns:
- list of Rich Users with attributes
- Throws:
UserNotExistsException
-
convertUserEmptyStringsInObjectAttributesIntoNull
Description copied from interface:UsersManagerBlGet user and convert values of his object attributes: - firstName - lastName - middleName - titleBefore - titleAfter from emptyString (like "") to null. If these values are not empty strings, do not change them. If user is null, return null.- Specified by:
convertUserEmptyStringsInObjectAttributesIntoNullin interfaceUsersManagerBl- Parameters:
user- user to converting- Returns:
- converted user
-
convertUserToRichUserWithAttributesByNames
public RichUser convertUserToRichUserWithAttributesByNames(PerunSession sess, User user, List<String> attrNames) Description copied from interface:UsersManagerBlFrom User make Rich user (with attributes by names)- Specified by:
convertUserToRichUserWithAttributesByNamesin interfaceUsersManagerBl- Parameters:
sess- sessionuser- user to be convertedattrNames- list of Strings with attribute names- Returns:
- RichUser with attributes
-
convertUsersToRichUsers
Description copied from interface:UsersManagerBlFrom List of Users make list of RichUsers (without attributes)- Specified by:
convertUsersToRichUsersin interfaceUsersManagerBl- Returns:
- list of RIch Users without attributes
-
convertUsersToRichUsersWithAttributes
public List<RichUser> convertUsersToRichUsersWithAttributes(PerunSession sess, List<RichUser> richUsers, List<AttributeDefinition> attrsDef) Description copied from interface:UsersManagerBlConvert RichUsers without attribute to RichUsers with specific attributes. Specific by list of Attributes. If in list of Attributes is some notUser attribute, it is skipped.- Specified by:
convertUsersToRichUsersWithAttributesin interfaceUsersManagerBl- Returns:
- list of RichUsers with specific attributes
-
convertUsersToRichUsersWithAttributesByNames
public List<RichUser> convertUsersToRichUsersWithAttributesByNames(PerunSession sess, List<User> users, List<String> attrNames) Description copied from interface:UsersManagerBlFrom List of Users make list of RichUsers (with attributes by names)- Specified by:
convertUsersToRichUsersWithAttributesByNamesin interfaceUsersManagerBl- Returns:
- list of RIch Users without attributes
-
createAlternativePassword
public void createAlternativePassword(PerunSession sess, User user, String description, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordStrengthException Description copied from interface:UsersManagerBlCreates alternative password in external system.- Specified by:
createAlternativePasswordin interfaceUsersManagerBldescription- - description of a password (e.g. 'mobile phone', 'tablet', ...)password- string representation of password- Throws:
PasswordCreationFailedExceptionLoginNotExistsException- When user doesn't have login in specified namespacePasswordStrengthException- When password doesn't match expected strength by namespace configuration
-
createServiceUser
public User createServiceUser(PerunSession sess, Candidate candidate, List<User> owners) throws WrongAttributeAssignmentException, UserExtSourceExistsException, WrongReferenceAttributeValueException, WrongAttributeValueException, AttributeNotExistsException Description copied from interface:UsersManagerBlFrom given candidate, creates a service user and assign given owners to him. This method also checks if some of given userExtSources do exist. If so, this method throws a UserExtSourceExistsException. This method can also set only user-def and user-opt attributes for the given candidate.- Specified by:
createServiceUserin interfaceUsersManagerBl- Parameters:
sess- sessioncandidate- candidateowners- owners to be set for the new user- Returns:
- created service user
- Throws:
WrongAttributeAssignmentException- if some of the given attributes have unsupported namespaceUserExtSourceExistsException- if some of the given UES already existWrongReferenceAttributeValueException- if some of the given attribute value cannot be set because of some other attribute constraintWrongAttributeValueException- if some of the given attribute value is invalidAttributeNotExistsException- if some of the given attributes dont exist
-
createUser
Description copied from interface:UsersManagerBlInserts user into DB.- Specified by:
createUserin interfaceUsersManagerBl
-
createUser
public User createUser(PerunSession sess, Candidate candidate) throws UserExtSourceExistsException, WrongAttributeAssignmentException, WrongAttributeValueException, WrongReferenceAttributeValueException, AttributeNotExistsException Description copied from interface:UsersManagerBlFrom given candidate, creates a user. This method also checks if some of given userExtSources do exist. If so, this method throws a UserExtSourceExistsException. This method can also set only user-def and user-opt attributes for the given candidate.- Specified by:
createUserin interfaceUsersManagerBl- Parameters:
sess- sessioncandidate- candidate- Returns:
- created user
- Throws:
UserExtSourceExistsException- if some of the given UES already existWrongAttributeAssignmentException- if some of the given attributes have unsupported namespaceWrongAttributeValueException- if some of the given attribute value is invalidWrongReferenceAttributeValueException- if some of the given attribute value cannot be set because of some other attribute constraintAttributeNotExistsException- if some of the given attributes dont exist
-
deleteAlternativePassword
public void deleteAlternativePassword(PerunSession sess, User user, String loginNamespace, String passwordId) throws PasswordDeletionFailedException, LoginNotExistsException Description copied from interface:UsersManagerBlDeletes alternative password in external system.- Specified by:
deleteAlternativePasswordin interfaceUsersManagerBlpasswordId- passwords ID- Throws:
PasswordDeletionFailedExceptionLoginNotExistsException- When user doesn't have login in specified namespace
-
deletePassword
public void deletePassword(PerunSession sess, String userLogin, String loginNamespace) throws LoginNotExistsException, PasswordDeletionFailedException, PasswordOperationTimeoutException, InvalidLoginException Description copied from interface:UsersManagerBlDeletes password in external system. User must not exists.- Specified by:
deletePasswordin interfaceUsersManagerBluserLogin- string representation of the userLogin- Throws:
LoginNotExistsException- When user doesn't have login in specified namespacePasswordDeletionFailedExceptionInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordOperationTimeoutException
-
deletePassword
public void deletePassword(PerunSession sess, User user, String loginNamespace) throws LoginNotExistsException, PasswordDeletionFailedException, PasswordOperationTimeoutException, InvalidLoginException Description copied from interface:UsersManagerBlDeletes password in external system for existing user. User's login for specified namespace must exist in Perun.- Specified by:
deletePasswordin interfaceUsersManagerBl- Parameters:
sess- perunSessionuser- for which the password will be deletedloginNamespace- from which the password will be deleted- Throws:
LoginNotExistsException- When user doesn't have login in specified namespacePasswordDeletionFailedExceptionPasswordOperationTimeoutExceptionInvalidLoginException- When login of user has invalid syntax (is not allowed)
-
deleteReservedLoginsForNamespace
Description copied from interface:UsersManagerBlDeletes all reserved logins in given namespace- Specified by:
deleteReservedLoginsForNamespacein interfaceUsersManagerBl- Parameters:
sess- PerunSessionnamespace- Namespace
-
deleteReservedLoginsOnlyByGivenApp
public void deleteReservedLoginsOnlyByGivenApp(PerunSession sess, int appId) throws PasswordOperationTimeoutException, InvalidLoginException, PasswordDeletionFailedException Description copied from interface:UsersManagerBlDeletes reserved logins which can be deleted - they are used only in the given application. Deletes them from both KDC and DB.- Specified by:
deleteReservedLoginsOnlyByGivenAppin interfaceUsersManagerBl- Throws:
PasswordOperationTimeoutExceptionInvalidLoginExceptionPasswordDeletionFailedException
-
deleteUser
public void deleteUser(PerunSession sess, User user) throws RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Description copied from interface:UsersManagerBlDeletes user.- Specified by:
deleteUserin interfaceUsersManagerBl- Throws:
RelationExistsException- if user has some members assignedMemberAlreadyRemovedException- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException- if there are no rows affected by deleting specific user in DBDeletionNotSupportedException- if the deletion of users is not supported at this instance
-
deleteUser
public void deleteUser(PerunSession sess, User user, boolean forceDelete) throws RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Description copied from interface:UsersManagerBlDeletes user. If forceDelete is true, then removes also associated members.- Specified by:
deleteUserin interfaceUsersManagerBlforceDelete- if true, deletes also all members if they are assigned to the user- Throws:
RelationExistsException- if forceDelete is false and the user has some members assignedMemberAlreadyRemovedException- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException- if there are no rows affected by deleting specific user in DBnDeletionNotSupportedException- if the deletion of users is not supported at this instance
-
filterOnlyAllowedAttributes
Description copied from interface:UsersManagerBlFor richUser filter all his user attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributesin interfaceUsersManagerBl- Returns:
- richUser with only allowed attributes
-
filterOnlyAllowedAttributes
Description copied from interface:UsersManagerBlFor list of richUser filter all their user attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributesin interfaceUsersManagerBl- Returns:
- list of RichUsers with only allowed attributes
-
filterOnlyAllowedAttributesForRichUserExtSources
public List<RichUserExtSource> filterOnlyAllowedAttributesForRichUserExtSources(PerunSession sess, List<RichUserExtSource> richUserExtSources) Description copied from interface:UsersManagerBlFrom given list ofRichUserExtSourceremoves the attributes which are not allowed for the current principal. The attributes are removed from the given list and the list is also returned.- Specified by:
filterOnlyAllowedAttributesForRichUserExtSourcesin interfaceUsersManagerBl- Parameters:
sess- sessionrichUserExtSources- richUserExtSources to be filtered- Returns:
- list of filtered richUserExtSources
-
findRichUsers
public List<RichUser> findRichUsers(PerunSession sess, String searchString) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins.- Specified by:
findRichUsersin interfaceUsersManagerBl- Returns:
- list of richusers
- Throws:
UserNotExistsException
-
findRichUsersByExactMatch
public List<RichUser> findRichUsersByExactMatch(PerunSession sess, String searchString) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns list of richusers with attributes who matches the searchString, searching name, id, uuid, email, logins. Name part is searched for exact match.- Specified by:
findRichUsersByExactMatchin interfaceUsersManagerBl- Returns:
- list of richusers
- Throws:
UserNotExistsException
-
findRichUsersWithAttributes
public List<RichUser> findRichUsersWithAttributes(PerunSession sess, String searchString, List<String> attrsName) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins.- Specified by:
findRichUsersWithAttributesin interfaceUsersManagerBl- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
-
findRichUsersWithAttributesByExactMatch
public List<RichUser> findRichUsersWithAttributesByExactMatch(PerunSession sess, String searchString, List<String> attrsName) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns list of RichUsers with selected attributes who matches the searchString, searching name, id, uuid, email, logins. Name part is searched for exact match.- Specified by:
findRichUsersWithAttributesByExactMatchin interfaceUsersManagerBl- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
-
findRichUsersWithoutSpecificVoWithAttributes
public List<RichUser> findRichUsersWithoutSpecificVoWithAttributes(PerunSession sess, Vo vo, String searchString, List<String> attrsName) throws UserNotExistsException Description copied from interface:UsersManagerBlReturn list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.- Specified by:
findRichUsersWithoutSpecificVoWithAttributesin interfaceUsersManagerBl- Returns:
- list of RichUser
- Throws:
UserNotExistsException
-
findUsers
Description copied from interface:UsersManagerBlReturns list of users' who matches the searchString, searching name, id, uuid, email and logins.- Specified by:
findUsersin interfaceUsersManagerBl- Returns:
- list of users
-
findUsersByExactMatch
-
findUsersByExactName
Description copied from interface:UsersManagerBlReturns list of users who exactly matches the searchString- Specified by:
findUsersByExactNamein interfaceUsersManagerBl- Returns:
- list of users
-
findUsersByName
Description copied from interface:UsersManagerBlReturns list of users who matches the searchString- Specified by:
findUsersByNamein interfaceUsersManagerBl- Returns:
- list of users
-
findUsersByName
public List<User> findUsersByName(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Description copied from interface:UsersManagerBlReturns list of users who matches the fields.- Specified by:
findUsersByNamein interfaceUsersManagerBl- Returns:
- list of users
-
findUsersWithExtSourceAttributeValueEnding
public List<User> findUsersWithExtSourceAttributeValueEnding(PerunSessionImpl sess, String attributeName, String valueEnd, List<String> excludeValueEnds) throws AttributeNotExistsException Description copied from interface:UsersManagerBlFinds users with UserExtSource with attribute value that ends with specified string but not with specified exclude strings. This method is written to find all users with schacHomeOrganization domains ending with valueEnd, but not with exludeValueEnds.- Specified by:
findUsersWithExtSourceAttributeValueEndingin interfaceUsersManagerBl- Parameters:
sess- sessionattributeName- UserExtSource attribute namevalueEnd- required attribute value endingexcludeValueEnds- exclude these attribute value endings- Returns:
- list of users
- Throws:
AttributeNotExistsException
-
generateAccount
public Map<String,String> generateAccount(PerunSession sess, String loginNamespace, Map<String, String> parameters) throws PasswordStrengthExceptionDescription copied from interface:UsersManagerBlGenerate user account in a backend system associated with login-namespace in Perun.This method consumes optional parameters map. Requirements are implementation-dependant for each login-namespace.
Returns map with 1: key=login-namespace attribute urn, value=generated login 2: rest of opt response attributes...
- Specified by:
generateAccountin interfaceUsersManagerBlloginNamespace- Namespace to generate account inparameters- Optional parameters- Returns:
- Map of data from backed response
- Throws:
PasswordStrengthException- When password doesn't match expected strength by namespace configuration
-
getActiveUserExtSources
Description copied from interface:UsersManagerBlGet all users userExtSources with last_access not older than (now - m), where 'm' is number of months defined in CONSTANT in UsersManagerImpl.- Specified by:
getActiveUserExtSourcesin interfaceUsersManagerBluser- user to get extSources for- Returns:
- list of active user extSources (not older than now - m)
-
getAllBlockedLoginsInNamespaces
Description copied from interface:UsersManagerBlReturns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)- Specified by:
getAllBlockedLoginsInNamespacesin interfaceUsersManagerBl- Returns:
- list of all blocked logins in namespaces
-
getAllRichUsers
Description copied from interface:UsersManagerBlGet All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsers- Specified by:
getAllRichUsersin interfaceUsersManagerBlincludedSpecificUsers- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
-
getAllRichUsersWithAttributes
public List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers) throws UserNotExistsException Description copied from interface:UsersManagerBlGet All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsers This method get all RichUsers included Attributes.- Specified by:
getAllRichUsersWithAttributesin interfaceUsersManagerBlincludedSpecificUsers- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
-
getAllRichUsersWithAttributes
public List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers, List<String> attrsName) throws UserNotExistsException Description copied from interface:UsersManagerBlGet User to RichUser with attributes.- Specified by:
getAllRichUsersWithAttributesin interfaceUsersManagerBl- Returns:
- Throws:
UserNotExistsException
-
getAllUserExtSourcesByTypeAndLogin
public List<UserExtSource> getAllUserExtSourcesByTypeAndLogin(PerunSession sess, String extType, String extLogin) Description copied from interface:UsersManagerBlGets list of all users external sources by specific type and extLogin.- Specified by:
getAllUserExtSourcesByTypeAndLoginin interfaceUsersManagerBlextType- - type of extSource (ex. 'IDP')extLogin- - extLogin of userExtSource- Returns:
- list of userExtSources with type and login, empty list if no such userExtSource exists
-
getAllowedResources
Description copied from interface:UsersManagerBlGet all resources from the facility which have the user access on.- Specified by:
getAllowedResourcesin interfaceUsersManagerBl- Returns:
- list of resources which have the user access on
-
getAllowedResources
Description copied from interface:UsersManagerBlGet all resources which have the user access on.- Specified by:
getAllowedResourcesin interfaceUsersManagerBl- Returns:
- list of resources which have the user access on
-
getAssignedResources
Description copied from interface:UsersManagerBlGet all resources from the facility where the user is assigned.- Specified by:
getAssignedResourcesin interfaceUsersManagerBl- Returns:
- list of resources which have the user access on
-
getAssignedResources
Description copied from interface:UsersManagerBlGet all resources where the user is assigned.- Specified by:
getAssignedResourcesin interfaceUsersManagerBl- Returns:
- list of resources which have the user access on
-
getAssignedRichResources
Description copied from interface:UsersManagerBlGet all rich resources where the user is assigned.- Specified by:
getAssignedRichResourcesin interfaceUsersManagerBl- Returns:
- list of rich resources which have the user access on
-
getAssociatedResources
Description copied from interface:UsersManagerBlReturn all resources of specified facility with which user is associated through all his members. Does not require ACTIVE group-resource assignment.- Specified by:
getAssociatedResourcesin interfaceUsersManagerBl- Returns:
- All resources with which user is associated
-
getAssociatedResources
Description copied from interface:UsersManagerBlGet all resources with which user can be associated (similar to assigned resources, but does not require ACTIVE group-resource assignment).- Specified by:
getAssociatedResourcesin interfaceUsersManagerBl- Returns:
- list of resources with which the user is associated
-
getBlockedLoginsPage
public Paginated<BlockedLogin> getBlockedLoginsPage(PerunSession sess, BlockedLoginsPageQuery query) Description copied from interface:UsersManagerBlGet page of blocked logins.- Specified by:
getBlockedLoginsPagein interfaceUsersManagerBl- Parameters:
sess- sessionquery- query with page information- Returns:
- page of requested blocked logins
-
getGroupsWhereUserIsActive
Description copied from interface:UsersManagerBlReturn all groups where user is active (has VALID status in VO and Group together) for specified user and resource- Specified by:
getGroupsWhereUserIsActivein interfaceUsersManagerBl- Parameters:
sess- PerunSessionresource- Only groups assigned to this resource might be returneduser- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified resource
-
getGroupsWhereUserIsActive
Description copied from interface:UsersManagerBlReturn all groups where user is active (has VALID status in VO and Group together) for specified user and facility- Specified by:
getGroupsWhereUserIsActivein interfaceUsersManagerBl- Parameters:
sess- PerunSessionfacility- Only groups assigned to this facility (all its resources) might be returneduser- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified facility
-
getGroupsWhereUserIsAdmin
Description copied from interface:UsersManagerBlReturns list of Groups in Perun, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.- Specified by:
getGroupsWhereUserIsAdminin interfaceUsersManagerBl- Returns:
- list of Groups, where user or some of his groups is an Administrator
-
getGroupsWhereUserIsAdmin
Description copied from interface:UsersManagerBlReturns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.- Specified by:
getGroupsWhereUserIsAdminin interfaceUsersManagerBlvo- selected Vo under which we are looking for groupsuser- manager of groups we are looking for- Returns:
- list of Groups, where user or some of his groups (in the Vo) is an Administrator
-
getIdOfBlockedLogin
Description copied from interface:UsersManagerBlReturn ID of blocked login- Specified by:
getIdOfBlockedLoginin interfaceUsersManagerBl- Parameters:
sess- sessionlogin- loginnamespace- namespace- Returns:
- id of login blocked in specified namespace
-
getPasswordManagerModule
Description copied from interface:UsersManagerBlReturns password manager module for specified login-namespace or falls back on generic password manager module. Throws exception if no module implementation is found or it can't be instantiated.- Specified by:
getPasswordManagerModulein interfaceUsersManagerBl- Parameters:
session- session with authznamespace- specific namespace- Returns:
- Password manager module for namespace or 'generic' module.
-
getPendingPreferredEmailChanges
public List<String> getPendingPreferredEmailChanges(PerunSession sess, User user) throws WrongAttributeAssignmentException, AttributeNotExistsException Description copied from interface:UsersManagerBlReturn list of email addresses of user, which are awaiting validation and are inside time window for validation. If there is no preferred email change request pending or requests are outside time window for validation, returns empty list.- Specified by:
getPendingPreferredEmailChangesin interfaceUsersManagerBl- Parameters:
sess- PerunSessionuser- User to check pending request for- Returns:
- List
user's email addresses pending validation - Throws:
WrongAttributeAssignmentExceptionAttributeNotExistsException
-
getPerunBl
Gets the perunBl for this instance.- Returns:
- The perunBl.
-
getRelatedUserIdByBlockedLoginInNamespace
public Integer getRelatedUserIdByBlockedLoginInNamespace(PerunSession sess, String login, String namespace) throws LoginIsNotBlockedException Description copied from interface:UsersManagerBlGet user id of the user who was related to the given login in the past- Specified by:
getRelatedUserIdByBlockedLoginInNamespacein interfaceUsersManagerBl- Parameters:
sess- sessionlogin- blocked loginnamespace- namespace where the login is blocked- Returns:
- user id or null if there is no related user id
- Throws:
LoginIsNotBlockedException
-
getReservedLoginsByApp
Description copied from interface:UsersManagerBlGets reserved logins which are used in the given application.- Specified by:
getReservedLoginsByAppin interfaceUsersManagerBl- Returns:
- list of logins (Pair: left - namespace, right - login)
-
getReservedLoginsOnlyByGivenApp
Description copied from interface:UsersManagerBlGets reserved logins which can be deleted - they are used only in the given application.- Specified by:
getReservedLoginsOnlyByGivenAppin interfaceUsersManagerBl- Returns:
- list of logins (Pair: left - namespace, right - login)
-
getRichUser
Description copied from interface:UsersManagerBlGet User to RichUser without attributes.- Specified by:
getRichUserin interfaceUsersManagerBl- Returns:
-
getRichUserExtSources
public List<RichUserExtSource> getRichUserExtSources(PerunSession sess, User user, List<String> attrsNames) Description copied from interface:UsersManagerBlGets list of all user's external sources with attributes. If any of the attribute names is incorrect then the value is silently skipped. If the attrsNames is null, then this method returns all ues attributes.- Specified by:
getRichUserExtSourcesin interfaceUsersManagerBl- Parameters:
sess- sessionuser- user for who should be the data returnedattrsNames- list of attribute names that should be found, if null or empty return all- Returns:
- list of user's external sources with attributes
-
getRichUserWithAttributes
public RichUser getRichUserWithAttributes(PerunSession sess, User user) throws UserNotExistsException Description copied from interface:UsersManagerBlGet User to RichUser with attributes.- Specified by:
getRichUserWithAttributesin interfaceUsersManagerBl- Returns:
- Throws:
UserNotExistsException
-
getRichUsersByIds
Description copied from interface:UsersManagerBlReturns rich users without attributes by their ids.- Specified by:
getRichUsersByIdsin interfaceUsersManagerBl- Returns:
- list of rich users with specified ids
-
getRichUsersFromListOfUsers
Description copied from interface:UsersManagerBlFrom Users makes RichUsers without attributes.- Specified by:
getRichUsersFromListOfUsersin interfaceUsersManagerBlusers- users to convert- Returns:
- list of richUsers
-
getRichUsersWithAttributesByIds
public List<RichUser> getRichUsersWithAttributesByIds(PerunSession sess, List<Integer> ids) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns rich users with attributes by their ids.- Specified by:
getRichUsersWithAttributesByIdsin interfaceUsersManagerBl- Returns:
- list of rich users with specified ids
- Throws:
UserNotExistsException
-
getRichUsersWithAttributesFromListOfUsers
public List<RichUser> getRichUsersWithAttributesFromListOfUsers(PerunSession sess, List<User> users) throws UserNotExistsException Description copied from interface:UsersManagerBlFrom Users makes RichUsers with attributes.- Specified by:
getRichUsersWithAttributesFromListOfUsersin interfaceUsersManagerBlusers- users to convert- Returns:
- list of richUsers
- Throws:
UserNotExistsException
-
getRichUsersWithoutVoAssigned
public List<RichUser> getRichUsersWithoutVoAssigned(PerunSession sess) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns all RichUsers with attributes who are not member of any VO.- Specified by:
getRichUsersWithoutVoAssignedin interfaceUsersManagerBl- Returns:
- list of richUsers who are not member of any VO
- Throws:
UserNotExistsException
-
getRichUsersWithoutVoWithAttributes
public List<RichUser> getRichUsersWithoutVoWithAttributes(PerunSession sess, List<String> attrsName) throws UserNotExistsException Description copied from interface:UsersManagerBlReturn list of RichUsers which are not members of any VO and contain selected attributes.- Specified by:
getRichUsersWithoutVoWithAttributesin interfaceUsersManagerBl- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
-
getSpecificUsers
Description copied from interface:UsersManagerBlReturn all specific Users (only specific users)- Specified by:
getSpecificUsersin interfaceUsersManagerBl- Returns:
- list of all specific users in perun
-
getSpecificUsersByUser
Description copied from interface:UsersManagerBlReturn all specificUsers who are owned by the user and their ownership is not in status disabled- Specified by:
getSpecificUsersByUserin interfaceUsersManagerBluser- the user- Returns:
- list of specific users who are owned by the user
-
getSponsors
Description copied from interface:UsersManagerBlGets list of users that sponsor the member.- Specified by:
getSponsorsin interfaceUsersManagerBl- Parameters:
sess- perun sessionsponsoredMember- member which is sponsored- Returns:
- list of users that sponsor the member.
-
getSponsorsForSponsoredMembersInVo
public Map<Integer,List<Pair<User, getSponsorsForSponsoredMembersInVoSponsorship>>> (PerunSession sess, int voId) Description copied from interface:UsersManagerBlRetrieves a map, that maps the ids of the sponsored members in the given VO to a list of their Sponsors with the corresponding Sponsorship objects.- Specified by:
getSponsorsForSponsoredMembersInVoin interfaceUsersManagerBl- Parameters:
sess- perun sessionvoId- id of a vo for whose members to retrieve the sponsors- Returns:
- Map of memberIds in the Vo with Lists of Pairs of their Sponsor and Sponsorship objects
-
getUserByExtSourceInformation
public User getUserByExtSourceInformation(PerunSession sess, PerunPrincipal principal) throws UserExtSourceNotExistsException, UserNotExistsException, ExtSourceNotExistsException Description copied from interface:UsersManagerBlGet user by principal's additional identifiers or extSourceName and extSourceLogin. Additional identifiers are used in case principal's extSource was send through proxy which has enabled multiple identifiers. extSourceName and extSourceLogin are used otherwise.- Specified by:
getUserByExtSourceInformationin interfaceUsersManagerBl- Returns:
- Throws:
UserExtSourceNotExistsExceptionUserNotExistsExceptionExtSourceNotExistsException
-
getUserByExtSourceNameAndExtLogin
public User getUserByExtSourceNameAndExtLogin(PerunSession sess, String extSourceName, String extLogin) throws ExtSourceNotExistsException, UserExtSourceNotExistsException, UserNotExistsException Description copied from interface:UsersManagerBlGet user by extSourceName and extSourceLogin- Specified by:
getUserByExtSourceNameAndExtLoginin interfaceUsersManagerBl- Returns:
- user
- Throws:
ExtSourceNotExistsExceptionUserExtSourceNotExistsExceptionUserNotExistsException
-
getUserById
Description copied from interface:UsersManagerBlReturns user by his/her id.- Specified by:
getUserByIdin interfaceUsersManagerBl- Returns:
- user
- Throws:
UserNotExistsException
-
getUserByMember
Description copied from interface:UsersManagerBlReturns user by VO member.- Specified by:
getUserByMemberin interfaceUsersManagerBl- Returns:
- user
-
getUserByUserExtSource
public User getUserByUserExtSource(PerunSession sess, UserExtSource userExtSource) throws UserNotExistsException Description copied from interface:UsersManagerBlReturns user by his login in external source and external source.- Specified by:
getUserByUserExtSourcein interfaceUsersManagerBl- Returns:
- selected user or throws UserNotExistsException in case the user doesn't exists
- Throws:
UserNotExistsException
-
getUserByUserExtSources
public User getUserByUserExtSources(PerunSession sess, List<UserExtSource> userExtSources) throws UserNotExistsException Description copied from interface:UsersManagerBlGet the user based on one of the userExtSource.- Specified by:
getUserByUserExtSourcesin interfaceUsersManagerBl- Returns:
- user
- Throws:
UserNotExistsException
-
getUserExtSourceByExtLogin
public UserExtSource getUserExtSourceByExtLogin(PerunSession sess, ExtSource source, String extLogin) throws UserExtSourceNotExistsException Description copied from interface:UsersManagerBlGets user's external source by the user's external login and external source.- Specified by:
getUserExtSourceByExtLoginin interfaceUsersManagerBl- Returns:
- user external source object
- Throws:
UserExtSourceNotExistsException
-
getUserExtSourceById
public UserExtSource getUserExtSourceById(PerunSession sess, int id) throws UserExtSourceNotExistsException Description copied from interface:UsersManagerBlGet the user ext source by its id.- Specified by:
getUserExtSourceByIdin interfaceUsersManagerBl- Returns:
- user external source for the id
- Throws:
UserExtSourceNotExistsException
-
getUserExtSourceByUniqueAttributeValue
public UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, int attrId, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException Description copied from interface:UsersManagerBlReturn userExtSource for specific attribute definition (specified by id) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Specified by:
getUserExtSourceByUniqueAttributeValuein interfaceUsersManagerBlattrId- attribute id used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue- value used for searching- Returns:
- userExtSource found by attribute id and it's unique value
- Throws:
AttributeNotExistsException- if attribute can't be found by it's idUserExtSourceNotExistsException- if userExtSource can't be found
-
getUserExtSourceByUniqueAttributeValue
public UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, String attrName, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException Description copied from interface:UsersManagerBlReturn userExtSource for specific attribute definition (specified by id) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Specified by:
getUserExtSourceByUniqueAttributeValuein interfaceUsersManagerBlattrName- attribute name used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue- value used for searching- Returns:
- userExtSource found by attribute name and it's unique value
- Throws:
AttributeNotExistsException- if attribute can't be found by it's nameUserExtSourceNotExistsException- if userExtSource can't be found
-
getUserExtSourceFromMultipleIdentifiers
public UserExtSource getUserExtSourceFromMultipleIdentifiers(PerunSession sess, PerunPrincipal principal) throws UserExtSourceNotExistsException Description copied from interface:UsersManagerBlIteratively searches through additional identifiers trying to find userExtSource with the same identifier. Returns first found userExtSource or throw an exception when no matching userExtSource is found.- Specified by:
getUserExtSourceFromMultipleIdentifiersin interfaceUsersManagerBl- Parameters:
sess- PerunSession to retrieve UserExtSourceprincipal- PerunPrincipal which contains additionalIdentifiers- Returns:
- UserExtSource found using additionalIdentifiers
- Throws:
UserExtSourceNotExistsException- When no matching userExtSource is found
-
getUserExtSources
Description copied from interface:UsersManagerBlGets list of all user's external sources of the user.- Specified by:
getUserExtSourcesin interfaceUsersManagerBl- Returns:
- list of user's external sources
-
getUserExtSourcesByIds
Description copied from interface:UsersManagerBlGet user ext sources by their ids.- Specified by:
getUserExtSourcesByIdsin interfaceUsersManagerBl- Returns:
- list of user external sources with specified ids
-
getUsers
Description copied from interface:UsersManagerBlReturns all users (included specific users)- Specified by:
getUsersin interfaceUsersManagerBl- Returns:
- list of all users
-
getUsersByAttribute
Description copied from interface:UsersManagerBlReturns all users who have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getUsersByAttributein interfaceUsersManagerBl- Returns:
- list of users
-
getUsersByAttribute
public List<User> getUsersByAttribute(PerunSession sess, String attributeName, String attributeValue) Search attributes directly in the DB only if the attr is def or opt and value is type of String, otherwise load all users and search in a loop.- Specified by:
getUsersByAttributein interfaceUsersManagerBl- Returns:
- list of users
-
getUsersByAttribute
Description copied from interface:UsersManagerBlReturns all users who have set the attribute with the value IGNORING CASE in the comparison. Searching only def and opt attributes.- Specified by:
getUsersByAttributein interfaceUsersManagerBlignoreCase- TRUE to perform case-insensitive check- Returns:
- list of users
-
getUsersByAttributeValue
public List<User> getUsersByAttributeValue(PerunSession sess, String attributeName, String attributeValue) Description copied from interface:UsersManagerBlReturns all users who have the attribute with the value. attributeValue is not converted to the attribute type, it is always type of String.- Specified by:
getUsersByAttributeValuein interfaceUsersManagerBl- Returns:
- list of users
-
getUsersByExtSourceTypeAndLogin
public List<User> getUsersByExtSourceTypeAndLogin(PerunSession perunSession, String extSourceType, String login) Description copied from interface:UsersManagerBlGet all the users who have given type of the ExtSource and login.- Specified by:
getUsersByExtSourceTypeAndLoginin interfaceUsersManagerBl- Parameters:
perunSession- perun sessionextSourceType- type of the user extSourcelogin- login of the user- Returns:
- all users with given parameters
-
getUsersByIds
Description copied from interface:UsersManagerBlBatch method which returns users by theirs ids.- Specified by:
getUsersByIdsin interfaceUsersManagerBl- Returns:
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a group- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with group
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a member- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with member
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a resource- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with resource
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a host- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with host
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a facility- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with facility
-
getUsersByPerunBean
Description copied from interface:UsersManagerBlReturns list of users connected with a vo- Specified by:
getUsersByPerunBeanin interfaceUsersManagerBl- Returns:
- list of users connected with vo
-
getUsersBySpecificUser
Description copied from interface:UsersManagerBlReturn all users who owns the specificUser and their ownership is not in status disabled- Specified by:
getUsersBySpecificUserin interfaceUsersManagerBlspecificUser- the specific User- Returns:
- list of user who owns the specificUser
-
getUsersCount
Description copied from interface:UsersManagerBlGet count of all users.- Specified by:
getUsersCountin interfaceUsersManagerBl- Returns:
- count of all users
-
getUsersManagerImpl
Gets the usersManagerImpl for this instance.- Returns:
- The usersManagerImpl.
-
getUsersPage
public Paginated<RichUser> getUsersPage(PerunSession sess, UsersPageQuery query, List<String> attrNames) Description copied from interface:UsersManagerBlGet page of users with the given attributes.- Specified by:
getUsersPagein interfaceUsersManagerBl- Parameters:
sess- sessionquery- query with page informationattrNames- list of attribute names- Returns:
- page of requested rich users
-
getUsersReservedLogins
Description copied from interface:UsersManagerBlReturn list of all reserved logins for specific user (pair is namespace and login)- Specified by:
getUsersReservedLoginsin interfaceUsersManagerBluser- for which get reserved logins- Returns:
- list of pairs namespace and login
-
getUsersWithoutSpecificVo
Description copied from interface:UsersManagerBlReturn list of users who matches the searchString, searching name, email and logins and are not member in specific VO.- Specified by:
getUsersWithoutSpecificVoin interfaceUsersManagerBl- Returns:
- list of users
-
getUsersWithoutVoAssigned
Description copied from interface:UsersManagerBlReturns all users who are not member of any VO.- Specified by:
getUsersWithoutVoAssignedin interfaceUsersManagerBl- Returns:
- list of users who are not member of any VO
-
getVosWhereUserIsAdmin
Description copied from interface:UsersManagerBlReturns list of VOs, where the user is an Administrator. Including VOs, where the user is a VALID member of authorized group.- Specified by:
getVosWhereUserIsAdminin interfaceUsersManagerBl- Returns:
- list of VOs, where the user is an Administrator.
-
getVosWhereUserIsMember
Description copied from interface:UsersManagerBlReturns list of VOs, where the user is a member.- Specified by:
getVosWhereUserIsMemberin interfaceUsersManagerBl- Returns:
- list of VOs, where the user is a member.
-
isLoginAvailable
public boolean isLoginAvailable(PerunSession sess, String loginNamespace, String login) throws InvalidLoginException Description copied from interface:UsersManagerBlChecks if the login is available in the namespace. Returns FALSE is is already occupied, throws exception if value is not allowed.- Specified by:
isLoginAvailablein interfaceUsersManagerBlloginNamespace- in which the login will be checked (provide only the name of the namespace, not the whole attribute name)login- to be checked- Returns:
- true if login is available, false otherwise
- Throws:
InvalidLoginException- When login to check has invalid syntax or is not allowed.
-
isLoginBlocked
Description copied from interface:UsersManagerBlReturn true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not. Globally banned logins are ALWAYS case-insensitive (ignoreCase value is not taken into account for them).- Specified by:
isLoginBlockedin interfaceUsersManagerBllogin- login to check- Returns:
- true if login is blocked
-
isLoginBlockedForNamespace
public boolean isLoginBlockedForNamespace(PerunSession sess, String login, String namespace, boolean ignoreCase) Description copied from interface:UsersManagerBlReturn true if login is blocked for given namespace, false if not When the namespace is null, then the method behaves like isLoginBlockedGlobally(), so it checks if the login is blocked globally. Globally banned logins are ALWAYS case-insensitive.- Specified by:
isLoginBlockedForNamespacein interfaceUsersManagerBllogin- login to checknamespace- namespace for login- Returns:
- true if login is blocked for given namespace (or globally for null namespace)
-
isLoginBlockedGlobally
Description copied from interface:UsersManagerBlReturn true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not Globally banned logins are ALWAYS case-insensitive.- Specified by:
isLoginBlockedGloballyin interfaceUsersManagerBllogin- login to check- Returns:
- true if login is blocked globally
-
isUserAnonymized
Description copied from interface:UsersManagerBlChecks whether user has been anonymized or not.- Specified by:
isUserAnonymizedin interfaceUsersManagerBl- Returns:
- true if user has been anonymized, false otherwise.
-
isUserPerunAdmin
Deprecated.Description copied from interface:UsersManagerBlReturns true if the user is PERUNADMIN.- Specified by:
isUserPerunAdminin interfaceUsersManagerBl- Returns:
- true if the user is PERUNADMIN, false otherwise.
-
loginExist
Description copied from interface:UsersManagerBlChecks if login exists in given login-namespace.- Specified by:
loginExistin interfaceUsersManagerBl- Parameters:
sess- perunSession- Returns:
- True if login for user exists in given namespace, false otherwise
-
moveUserExtSource
public void moveUserExtSource(PerunSession sess, User sourceUser, User targetUser, UserExtSource userExtSource) Description copied from interface:UsersManagerBlTake UserExtSource from sourceUser and move it to the targetUser.It removes old UserExtSource with all it's attributes from sourceUser and creates and assigns the new one with the same settings to target user.
- Specified by:
moveUserExtSourcein interfaceUsersManagerBlsourceUser- user with UserExtSource to movetargetUser- user for who will be UserExtSource moveduserExtSource- the UserExtSource which will be moved from sourceUser to targetUser
-
removeAllUserExtSources
Description copied from interface:UsersManagerBlRemoves all user's external sources. It also means removing all it's attributes.- Specified by:
removeAllUserExtSourcesin interfaceUsersManagerBl- Parameters:
sess- sessionuser- owner of external sources
-
removeSpecificUserOwner
public void removeSpecificUserOwner(PerunSession sess, User user, User specificUser) throws RelationNotExistsException, SpecificUserOwnerAlreadyRemovedException Description copied from interface:UsersManagerBlRemove specificUser owner (the user) Only disable ownership of user and specificUser- Specified by:
removeSpecificUserOwnerin interfaceUsersManagerBluser- the userspecificUser- the specificUser- Throws:
RelationNotExistsException- if there is no such user (the user) to removeSpecificUserOwnerAlreadyRemovedException- if there are 0 rows affected by deleting from DB
-
removeSpecificUserOwner
public void removeSpecificUserOwner(PerunSession sess, User user, User specificUser, boolean forceDelete) throws RelationNotExistsException, SpecificUserOwnerAlreadyRemovedException Description copied from interface:UsersManagerBlRemove specificUser owner (the user). If forceDelete false, only disable ownership of user and specificUser. If forceDelete true, delete this ownership from DB.- Specified by:
removeSpecificUserOwnerin interfaceUsersManagerBluser- the userspecificUser- the specificUserforceDelete- if true, remove from database, if false, only disable this ownership- Throws:
RelationNotExistsException- if there is no such user (the user) to removeSpecificUserOwnerAlreadyRemovedException- if there are 0 rows affected by deleting from DB
-
removeUserExtSource
public void removeUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) throws UserExtSourceAlreadyRemovedException Description copied from interface:UsersManagerBlRemoves user's external sources. It also means removing all it's attributes.- Specified by:
removeUserExtSourcein interfaceUsersManagerBl- Throws:
UserExtSourceAlreadyRemovedException- if there are 0 rows affected by deleting from DB
-
requestPreferredEmailChange
public void requestPreferredEmailChange(PerunSession sess, String url, User user, String email, String lang, String path, String idp) Description copied from interface:UsersManagerBlRequest change of user's preferred email address. Change in attribute value is not done, until email address is verified by link in email notice. (urn:perun:user:attribute-def:def:preferredEmail)- Specified by:
requestPreferredEmailChangein interfaceUsersManagerBl- Parameters:
sess- PerunSessionurl- base URL of running perun instance passed from RPC.user- User to request preferred email change foremail- new email addresslang- language to get confirmation mail in (optional)path- path that is appended to the url of the verification link (optional)idp- authentication method appended to query parameters of verification link (optional)
-
reservePassword
public void reservePassword(PerunSession sess, String userLogin, String loginNamespace, String password) throws PasswordCreationFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManagerBlReserves the password in external system. User must not exists.- Specified by:
reservePasswordin interfaceUsersManagerBluserLogin- string representation of the userLogin- Throws:
PasswordCreationFailedExceptionInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordStrengthException- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutExceptionPasswordStrengthFailedException
-
reservePassword
public void reservePassword(PerunSession sess, User user, String loginNamespace, String password) throws PasswordCreationFailedException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManagerBlReserves the password in external system. User must exists. User's login for specified namespace must exist in Perun.- Specified by:
reservePasswordin interfaceUsersManagerBl- Throws:
PasswordCreationFailedExceptionLoginNotExistsException- When user doesn't have login in specified namespaceInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordStrengthException- When password doesn't match expected strength by namespace configurationPasswordOperationTimeoutExceptionPasswordStrengthFailedException
-
reserveRandomPassword
public void reserveRandomPassword(PerunSession sess, User user, String loginNamespace) throws PasswordCreationFailedException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException Description copied from interface:UsersManagerBlReserves random password in external system. User must exists. User's login for specified namespace must exist in Perun.- Specified by:
reserveRandomPasswordin interfaceUsersManagerBl- Throws:
PasswordCreationFailedExceptionLoginNotExistsException- When user doesn't have login in specified namespaceInvalidLoginException- When login of user has invalid syntax (is not allowed)PasswordOperationTimeoutExceptionPasswordStrengthFailedException
-
setLogin
Description copied from interface:UsersManagerBlAllow users to manually add login in supported namespace if same login is not reserved- Specified by:
setLoginin interfaceUsersManagerBl
-
setPerunBl
-
setSpecificUser
public User setSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) throws RelationExistsException Description copied from interface:UsersManagerBlSet specific user type for specific user and set ownership of this user for the owner.- Specified by:
setSpecificUserin interfaceUsersManagerBl- Parameters:
sess- perun sessionspecificUser- specific userspecificUserType- specific type of userowner- user, who will be owner of the specific user- Returns:
- specific user with specific user type set
- Throws:
RelationExistsException
-
specificUserOwnershipExists
Description copied from interface:UsersManagerBlReturn true if ownership of user and specificUser already exists. Return false if not. Looking for enabled and also for disabled ownership.- Specified by:
specificUserOwnershipExistsin interfaceUsersManagerBl- Returns:
-
unblockLogins
public void unblockLogins(PerunSession sess, List<String> logins, String namespace) throws LoginIsNotBlockedException Description copied from interface:UsersManagerBlUnblock logins for given namespace or unblock logins globally (if no namespace is selected)- Specified by:
unblockLoginsin interfaceUsersManagerBllogins- logins list of logins to be unblockednamespace- namespace where the logins should be unblocked (null means unblock the logins globally)- Throws:
LoginIsNotBlockedException
-
unblockLoginsById
public void unblockLoginsById(PerunSession sess, List<Integer> loginIds) throws LoginIsNotBlockedException Description copied from interface:UsersManagerBlUnblock logins by id globally, or in the namespace they were initially blocked.- Specified by:
unblockLoginsByIdin interfaceUsersManagerBl- Parameters:
sess- sessionloginIds- list of login ids- Throws:
LoginIsNotBlockedException- when login is not blocked
-
unblockLoginsForNamespace
Description copied from interface:UsersManagerBlUnblock all logins for given namespace- Specified by:
unblockLoginsForNamespacein interfaceUsersManagerBl- Parameters:
sess- PerunSessionnamespace- Namespace or null for globally blocked
-
unsetSpecificUser
public User unsetSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType) Description copied from interface:UsersManagerBlRemove all ownerships of this specific user and unset this specific user type from this specific user.- Specified by:
unsetSpecificUserin interfaceUsersManagerBl- Parameters:
sess- perun sessionspecificUser- specific userspecificUserType- specific type of user- Returns:
- user who is no more specific
-
updateNameTitles
Description copied from interface:UsersManagerBlUpdates titles before/after users name. New titles must be set inside User object. Setting any title to null will remove title from name. Other user's properties are ignored.- Specified by:
updateNameTitlesin interfaceUsersManagerBl- Returns:
- updated user with new titles before/after name
- Throws:
UserNotExistsException- if user not exists when method trying to update him
-
updateUser
Description copied from interface:UsersManagerBlUpdates users data in DB.- Specified by:
updateUserin interfaceUsersManagerBl- Returns:
- updated user
- Throws:
UserNotExistsException- if user not exists when method trying to update him
-
updateUserExtSource
public UserExtSource updateUserExtSource(PerunSession sess, UserExtSource userExtSource) throws UserExtSourceExistsException Description copied from interface:UsersManagerBlUpdates user's userExtSource in DB.- Specified by:
updateUserExtSourcein interfaceUsersManagerBl- Returns:
- updated userExtSource
- Throws:
UserExtSourceExistsException- When UES with same login/extSource already exists.
-
updateUserExtSourceLastAccess
Description copied from interface:UsersManagerBlUpdates user's userExtSource last access time in DB. We can get information which userExtSource has been used as a last one.- Specified by:
updateUserExtSourceLastAccessin interfaceUsersManagerBl
-
userExtSourceExists
- Specified by:
userExtSourceExistsin interfaceUsersManagerBl
-
validatePassword
public void validatePassword(PerunSession sess, String userLogin, String loginNamespace) throws PasswordCreationFailedException, InvalidLoginException Description copied from interface:UsersManagerBlValidates the password in external system and sets user extSources and extSource related attributes. User must not exists.- Specified by:
validatePasswordin interfaceUsersManagerBluserLogin- string representation of the userLogin- Throws:
PasswordCreationFailedExceptionInvalidLoginException- When login of user has invalid syntax (is not allowed)
-
validatePassword
public void validatePassword(PerunSession sess, User user, String loginNamespace) throws PasswordCreationFailedException, LoginNotExistsException, InvalidLoginException Description copied from interface:UsersManagerBlValidates the password in external system and sets user extSources and extSource related attributes. User must exists. User's login for specified namespace must exist in Perun.- Specified by:
validatePasswordin interfaceUsersManagerBl- Throws:
PasswordCreationFailedExceptionLoginNotExistsException- When user doesn't have login in specified namespaceInvalidLoginException- When login of user has invalid syntax (is not allowed)
-
validatePreferredEmailChange
public String validatePreferredEmailChange(PerunSession sess, User user, String token) throws WrongAttributeValueException, WrongAttributeAssignmentException, AttributeNotExistsException, WrongReferenceAttributeValueException Description copied from interface:UsersManagerBlValidate change of user's preferred email address. New email address is set as value of urn:perun:user:attribute-def:def:preferredEmail attribute.- Specified by:
validatePreferredEmailChangein interfaceUsersManagerBl- Parameters:
sess- PerunSessionuser- User to validate email address fortoken- token for the email change request to validate- Returns:
- String return new preferred email
- Throws:
WrongAttributeValueException- If new email address is in wrong formatWrongAttributeAssignmentExceptionAttributeNotExistsException- If user:preferredEmail attribute doesn't exists.WrongReferenceAttributeValueException
-
validateSSHKey
Description copied from interface:UsersManagerBlValidate ssh public key, throws exception if validation fails- Specified by:
validateSSHKeyin interfaceUsersManagerBl- Parameters:
sess- sesssshKey- ssh public key to verify- Throws:
SSHKeyNotValidException- when validation fails
-