Package cz.metacentrum.perun.core.entry
Class GroupsManagerEntry
java.lang.Object
cz.metacentrum.perun.core.entry.GroupsManagerEntry
- All Implemented Interfaces:
GroupsManager
GroupsManager entry logic
- Author:
- Michal Prochazka michalp@ics.muni.cz, Slavek Licehammer glory@ics.muni.cz
-
Field Summary
Fields inherited from interface cz.metacentrum.perun.core.api.GroupsManager
GROUP_FLAT_SYNCHRONIZATION_ATTRNAME, GROUP_FULL_NAME_REGEXP, GROUP_MEMBERSHIP_EXPIRATION_RULES_ATTRNAME, GROUP_SHORT_NAME_REGEXP, GROUP_START_OF_LAST_SUCCESSFUL_SYNC_ATTRNAME, GROUP_START_OF_LAST_SYNC_ATTRNAME, GROUP_STRUCTURE_SYNCHRO_INTERVAL_ATTRNAME, GROUP_STRUCTURE_SYNCHRO_TIMES_ATTRNAME, GROUP_SYNCHRO_TIMES_ATTRNAME, GROUP_SYNCHRONIZATION_FILE_ATTRNAME, GROUPAUTHORITATIVEGROUP_ATTRNAME, GROUPEXTSOURCE_ATTRNAME, GROUPLIGHTWEIGHTSYNCHRONIZATION_ATTRNAME, GROUPMEMBERSEXTSOURCE_ATTRNAME, GROUPMEMBERSFILTER_ATTRNAME, GROUPMEMBERSQUERY_ATTRNAME, GROUPS_STRUCTURE_LOGIN_ATTRNAME, GROUPS_STRUCTURE_LOGIN_PREFIX_ATTRNAME, GROUPS_STRUCTURE_SYNCHRO_ENABLED_ATTRNAME, GROUPSQUERY_ATTRNAME, GROUPSYNCHROENABLED_ATTRNAME, GROUPSYNCHROINTERVAL_ATTRNAME -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddAdmin(PerunSession sess, Group group, Group authorizedGroup) Adds a group administrator to the group.voidaddAdmin(PerunSession sess, Group group, User user) Adds a user administrator of the group.voidaddMember(PerunSession sess, Group group, Member member) Adds member of the VO to the group in the same VO.voidaddMember(PerunSession sess, List<Group> groups, Member member) Adds member of the VO to the groups in the same VO.voidaddMembers(PerunSession sess, Group group, List<Member> members) Adds members of the VO to the group in the same VO.voidallowGroupsToHierarchicalVo(PerunSession sess, List<Group> groups, Vo vo) Sets flag required for including groups to parent vo in a vo hierarchy.voidallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Sets flag required for including group to parent vo in a vo hierarchy.booleancanExtendMembershipInGroup(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or if no rules were set for the membershipExpirationbooleancanExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or throws exception with reason why use can't extends membershipvoidcopyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) Copies direct members from one group to other groups in the same VO.createGroup(PerunSession sess, Group parentGroup, Group group) Creates a new subgroup of the existing group.createGroup(PerunSession sess, Vo vo, Group group) Creates a new top-level group and associates it with the VO from parameter.createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup) Performs union operation on two groups.voiddeleteAllGroups(PerunSession sess, Vo vo) Deletes all groups under the VO except built-in groups (members, admins groups).voiddeleteGroup(PerunSession sess, Group group) Deletes group only if has no subgroups and no members.voiddeleteGroup(PerunSession sess, Group group, boolean forceDelete) If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception.voiddeleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) Delete all groups in list from perun.voiddisallowGroupsToHierarchicalVo(PerunSession sess, List<Group> groups, Vo vo) Unsets flag required for including groups to parent vo in a vo hierarchyvoiddisallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Unsets flag required for including group to parent vo in a vo hierarchyvoidextendMembershipInGroup(PerunSession sess, Member member, Group group) Extend member membership in given group using membershipExpirationRules attribute defined in Group.voidforceAllSubGroupsSynchronization(PerunSession sess, Group group) Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)voidforceGroupStructureSynchronization(PerunSession sess, Group group) Puts the group on the first place to the queue of groups waiting for group structure synchronization.voidforceGroupSynchronization(PerunSession sess, Group group) Synchronizes the group with the external group.getActiveGroupMembers(PerunSession sess, Group group) Return all members of the group who are active (valid) in the group.getAdminGroups(PerunSession sess, Group group) Gets list of all group administrators of given group.getAdmins(PerunSession sess, Group group) Deprecated.getAdmins(PerunSession perunSession, Group group, boolean onlyDirectAdmins) Gets list of all administrators of this group.Returns all groups which can be included to VO.getAllAllowedGroupsToHierarchicalVo(PerunSession sess, Vo vo, Vo memberVo) Returns groups which can be included to VO from specific member VO.getAllGroups(PerunSession sess) Get all groups from all vos.getAllGroups(PerunSession sess, Vo vo) Get groups of Vo by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all groups in vo - GROUPADMIN : only groups where user is admingetAllGroupsWhereMemberIsActive(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Included members group.getAllGroupsWithHierarchy(PerunSession sess, Vo vo) Get groups of the VO stored in the map reflecting the hierarchy by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all Groups - GROUPADMIN : only groups where user is groupAdmingetAllMemberGroups(PerunSession sess, Member member) Return all member's groups.getAllRichGroups(PerunSession sess) Get all groups with all attributes.getAllRichGroups(PerunSession sess, List<String> attrNames) Get all groups with their specified attributes.getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups containing selected attributes filtered by role and its typegetAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichSubGroups in parentGroup (all levels sub groups) containing selected attributes filtered by role and its type,getAllSubGroups(PerunSession sess, Group parentGroup) Get all subgroups of the parentGroup recursively.getDirectAdmins(PerunSession sess, Group group) Deprecated.getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getGroupById(PerunSession sess, int id) Search for the group with specified id in all VOs.getGroupByName(PerunSession sess, Vo vo, String name) Search for the group with specified name in specified VO.getGroupDirectMembers(PerunSession sess, Group group) Return all direct group members.intgetGroupDirectMembersCount(PerunSession sess, Group group) Returns count of direct members in the groupgetGroupDirectRichMembers(PerunSession sess, Group group) Returns direct group members in the RichMember object, which contains Member+User data.getGroupMemberById(PerunSession sess, Group group, int memberId) Get group member by member ID.getGroupMembers(PerunSession sess, Group group) Return all group members.getGroupMembers(PerunSession sess, Group group, Status status) Return group members with specified vo membership status.intgetGroupMembersCount(PerunSession sess, Group group) getGroupMembersCountsByGroupStatus(PerunSession sess, Group group) Returns counts of group members by their group status.getGroupMembersCountsByVoStatus(PerunSession sess, Group group) Returns counts of group members by their status in VO.getGroupRichMembers(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembers(PerunSession sess, Group group, Status status) Returns group members with specified membership status in the RichMember object, which contains Member+User data.getGroupRichMembersByIds(PerunSession sess, int groupId, List<Integer> memberIds, List<String> attrNames) Returns list of RichMembers with requested attributes by their member IDs from given group.getGroupRichMembersWithAttributes(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes(PerunSession sess, Group group, Status status) Returns group members with specified membership status in the RichMember object, which contains Member+User data.getGroups(PerunSession sess, Vo vo) Get groups of users under the VO by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all groups - GROUPADMIN : only groups where user is GroupAdmingetGroupsByIds(PerunSession sess, List<Integer> ids) Search for the groups with specified ids in all VOs.intgetGroupsCount(PerunSession sess) Get count of all groupsintgetGroupsCount(PerunSession sess, Vo vo) Gets the groupsManagerBl for this instance.getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) Get page of groups from the given vo.getGroupsWhereMemberIsActive(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Excluded members group.getGroupsWhereMemberIsInactive(PerunSession sess, Member member) Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.getGroupsWhereUserIsActiveMember(PerunSession sess, User user, Vo vo) Returns groups in which the user is active member.getGroupUnions(PerunSession sess, Group group, boolean reverseDirection) Get list of group unions for specified group.getInactiveGroupMembers(PerunSession sess, Group group) Return all members of the group who are inactive (expired) in the group.getIndirectMembershipPaths(PerunSession sess, Member member, Group group) Get unique paths of groups via which member is indirectly included to the group.getMemberGroups(PerunSession sess, Member member) Returns all member's groups.getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) Method return list of groups for selected member which (groups) has set specific attribute.getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) Deprecated.getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups for specified member, containing selected attributes filtered by role and its type.getParentGroup(PerunSession sess, Group group) Get parent group.getParentGroupMembers(PerunSession sess, Group group) Get members from parent group.getParentGroupRichMembers(PerunSession sess, Group group) Get members form the parent group in RichMember format.getParentGroupRichMembersWithAttributes(PerunSession sess, Group group) Get members form the parent group in RichMember format including user/member attributes.getRichAdmins(PerunSession perunSession, Group group) Deprecated.getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) Gets list of all richUser administrators of this group.getRichAdminsWithAttributes(PerunSession perunSession, Group group) Deprecated.getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) Return RichGroup selected by id containing selected attributesgetRichGroupsAssignedToResourceWithAttributesByNames(PerunSession sess, Member member, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to the resource filtered by specific member.getRichGroupsAssignedToResourceWithAttributesByNames(PerunSession sess, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to resource.getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Return RichSubGroups in parentGroup (only 1 level subgroups) containing selected attributesgetSubGroups(PerunSession sess, Group parentGroup) Get all subgroups of the parent group under the VO.intgetSubGroupsCount(PerunSession sess, Group parentGroup) Returns number of immediate subgroups of the parent group.getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Get page of subgroups from the given parent group.getVo(PerunSession sess, Group group) Gets the Vo which is owner of the group.booleanisAllowedGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Returns flag representing if the group can be included in the (parent) vo's groupsbooleanisDirectGroupMember(PerunSession sess, Group group, Member member) Return true if Member is direct member of the GroupisGroupLastAdminInSomeFacility(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do.isGroupLastAdminInSomeVo(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do.booleanisGroupMember(PerunSession sess, Group group, Member member) Return true if Member is member of the GroupbooleanCheck if synchronizing groups is suspended.voidmoveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) Move one group structure under another group in same vo or as top level groupvoidremoveAdmin(PerunSession sess, Group group, Group authorizedGroup) Removes a group administrator of the group.voidremoveAdmin(PerunSession sess, Group group, User user) Removes a user administrator form the group.voidremoveGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup) Removes a union relation between two groups.voidremoveGroupUnions(PerunSession sess, Group resultGroup, List<Group> operandGroups) Removes a union relations between groups.voidremoveMember(PerunSession sess, Group group, Member member) Removes member form the group.voidremoveMember(PerunSession sess, Member member, List<Group> groups) Removes a member from a list of groups.voidremoveMembers(PerunSession sess, Group group, List<Member> members) Removes members from a group.voidsetGroupsManagerBl(GroupsManagerBl groupsManagerBl) Sets the groupsManagerBl for this instance.setMemberGroupStatus(PerunSession sess, Member member, Group group, MemberGroupStatus status) Set Members Group status for specified DIRECT member and group.voidsetPerunBl(PerunBl perunBl) Sets the perunBl for this instance.voidsuspendGroupSynchronization(PerunSession sess, boolean suspend) Suspend synchronizing groups and their structures.voidSynchronize all groups which have enabled synchronization.voidSynchronize all groups structures (with members) which have enabled group structure synchronization.updateGroup(PerunSession sess, Group group) Updates group by ID.
-
Constructor Details
-
GroupsManagerEntry
-
GroupsManagerEntry
public GroupsManagerEntry()
-
-
Method Details
-
addAdmin
public void addAdmin(PerunSession sess, Group group, User user) throws AlreadyAdminException, PrivilegeException, GroupNotExistsException, UserNotExistsException, RoleCannotBeManagedException, RoleCannotBeSetException Description copied from interface:GroupsManagerAdds a user administrator of the group.- Specified by:
addAdminin interfaceGroupsManager- Parameters:
sess-group-user-- Throws:
AlreadyAdminExceptionPrivilegeExceptionGroupNotExistsExceptionUserNotExistsExceptionRoleCannotBeManagedExceptionRoleCannotBeSetException
-
addAdmin
public void addAdmin(PerunSession sess, Group group, Group authorizedGroup) throws AlreadyAdminException, PrivilegeException, GroupNotExistsException, RoleCannotBeManagedException, RoleCannotBeSetException Description copied from interface:GroupsManagerAdds a group administrator to the group.- Specified by:
addAdminin interfaceGroupsManager- Parameters:
sess-group- - group that will be assigned admins (users) from authorizedGroupauthorizedGroup- - group that will be given the privilege- Throws:
AlreadyAdminExceptionPrivilegeExceptionGroupNotExistsExceptionRoleCannotBeManagedExceptionRoleCannotBeSetException
-
addMember
public void addMember(PerunSession sess, List<Group> groups, Member member) throws MemberNotExistsException, PrivilegeException, AlreadyMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerAdds member of the VO to the groups in the same VO.- Specified by:
addMemberin interfaceGroupsManager- Parameters:
sess-groups- list of groups, the member will be added tomember- member to be added- Throws:
MemberNotExistsExceptionPrivilegeExceptionAlreadyMemberExceptionGroupNotExistsExceptionWrongAttributeValueException- if any member attribute value, required by resource (on which the group is assigned), is wrongWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionAttributeNotExistsExceptionExternallyManagedException
-
addMember
public void addMember(PerunSession sess, Group group, Member member) throws MemberNotExistsException, PrivilegeException, AlreadyMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerAdds member of the VO to the group in the same VO.- Specified by:
addMemberin interfaceGroupsManager- Parameters:
sess-group-member-- Throws:
MemberNotExistsExceptionPrivilegeExceptionAlreadyMemberExceptionGroupNotExistsExceptionWrongAttributeValueException- if any member attribute value, required by resource (on which the group is assigned), is wrongWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionAttributeNotExistsExceptionExternallyManagedException
-
addMembers
public void addMembers(PerunSession sess, Group group, List<Member> members) throws MemberNotExistsException, PrivilegeException, AlreadyMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerAdds members of the VO to the group in the same VO.- Specified by:
addMembersin interfaceGroupsManager- Parameters:
sess-group- list of groups, the member will be added tomembers- member to be added- Throws:
MemberNotExistsExceptionPrivilegeExceptionAlreadyMemberExceptionGroupNotExistsExceptionWrongAttributeValueException- if any member attribute value, required by resource (on which the group is assigned), is wrongWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionAttributeNotExistsExceptionExternallyManagedException
-
allowGroupToHierarchicalVo
public void allowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws VoNotExistsException, GroupNotExistsException, PrivilegeException, RelationNotExistsException, RelationExistsException Description copied from interface:GroupsManagerSets flag required for including group to parent vo in a vo hierarchy.- Specified by:
allowGroupToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Throws:
VoNotExistsException- if vo does not existGroupNotExistsException- if group does not existPrivilegeException- insufficient rightsRelationNotExistsException- if group is not from parent vo's member vosRelationExistsException- if group is already allowed to be included to parent vo
-
allowGroupsToHierarchicalVo
public void allowGroupsToHierarchicalVo(PerunSession sess, List<Group> groups, Vo vo) throws VoNotExistsException, GroupNotExistsException, PrivilegeException, RelationNotExistsException, RelationExistsException Description copied from interface:GroupsManagerSets flag required for including groups to parent vo in a vo hierarchy.- Specified by:
allowGroupsToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- perun sessiongroups- list of groupsvo- parent vo- Throws:
VoNotExistsException- if vo does not existGroupNotExistsException- if group does not existPrivilegeException- insufficient rightsRelationNotExistsException- if group is not from parent vo's member vosRelationExistsException- if group is already allowed to be included to parent vo
-
canExtendMembershipInGroup
public boolean canExtendMembershipInGroup(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns true if member in given group can extend membership or if no rules were set for the membershipExpiration- Specified by:
canExtendMembershipInGroupin interfaceGroupsManager- Parameters:
sess- sessionmember- membergroup- group- Returns:
- true if given member can extend membership in given group or if no rules were set for the membership expiration, false otherwise
- Throws:
MemberNotExistsExceptionGroupNotExistsExceptionPrivilegeException
-
canExtendMembershipInGroupWithReason
public boolean canExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException, PrivilegeException, ExtendMembershipException Description copied from interface:GroupsManagerReturns true if member in given group can extend membership or throws exception with reason why use can't extends membership- Specified by:
canExtendMembershipInGroupWithReasonin interfaceGroupsManager- Parameters:
sess- sessionmember- membergroup- group- Returns:
- true if given member can extend membership in given group or throws exception with reason why not
- Throws:
ExtendMembershipException- reason why user can't extend membershipMemberNotExistsExceptionGroupNotExistsExceptionPrivilegeException
-
copyMembers
public void copyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) throws WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException, MemberNotExistsException, GroupGroupMismatchException, PrivilegeException, ExternallyManagedException, MemberGroupMismatchException Description copied from interface:GroupsManagerCopies direct members from one group to other groups in the same VO. The members are copied without their member-group attributes. Copies all direct members if members list is empty or null.- Specified by:
copyMembersin interfaceGroupsManager- Parameters:
sess- perun sessionsourceGroup- group to copy members fromdestinationGroups- groups to copy members tomembers- members to be copied- Throws:
WrongReferenceAttributeValueExceptionWrongAttributeValueExceptionGroupNotExistsException- when one of the groups does not existMemberNotExistsException- when one of the members does not existGroupGroupMismatchException- when the groups are not in the same VoPrivilegeExceptionExternallyManagedException- when destination group is managed from an external sourceMemberGroupMismatchException
-
createGroup
public Group createGroup(PerunSession sess, Vo vo, Group group) throws GroupExistsException, PrivilegeException, VoNotExistsException Description copied from interface:GroupsManagerCreates a new top-level group and associates it with the VO from parameter.For this method the new group has always same shortName like Name. Important: voId in object group is ignored
- Specified by:
createGroupin interfaceGroupsManager- Parameters:
sess-vo- to associates group withgroup- new group with name without ":"- Returns:
- newly created top-level group
- Throws:
GroupExistsExceptionPrivilegeExceptionVoNotExistsException
-
createGroup
public Group createGroup(PerunSession sess, Group parentGroup, Group group) throws GroupNotExistsException, GroupExistsException, PrivilegeException, GroupRelationNotAllowed, GroupRelationAlreadyExists, ExternallyManagedException Description copied from interface:GroupsManagerCreates a new subgroup of the existing group.- Specified by:
createGroupin interfaceGroupsManager- Parameters:
sess-parentGroup-group- group.name must contain only shortName (without ":"). Hierarchy is defined by parentGroup parameter.- Returns:
- newly created sub group with full group.Name with ":"
- Throws:
GroupNotExistsExceptionGroupExistsExceptionPrivilegeExceptionGroupRelationNotAllowedGroupRelationAlreadyExistsExternallyManagedException
-
createGroupUnion
public Group createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup) throws GroupNotExistsException, PrivilegeException, GroupRelationNotAllowed, GroupRelationAlreadyExists, WrongAttributeValueException, WrongReferenceAttributeValueException, ExternallyManagedException, VoNotExistsException Description copied from interface:GroupsManagerPerforms union operation on two groups. Members from operand group are added to result group as indirect.- Specified by:
createGroupUnionin interfaceGroupsManager- Parameters:
sess- perun sessionresultGroup- group to which members are addedoperandGroup- group from which members are taken- Returns:
- result group
- Throws:
GroupNotExistsExceptionPrivilegeExceptionGroupRelationNotAllowedGroupRelationAlreadyExistsWrongAttributeValueExceptionWrongReferenceAttributeValueExceptionVoNotExistsExceptionExternallyManagedException
-
deleteAllGroups
public void deleteAllGroups(PerunSession sess, Vo vo) throws VoNotExistsException, PrivilegeException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerDeletes all groups under the VO except built-in groups (members, admins groups).- Specified by:
deleteAllGroupsin interfaceGroupsManager- Parameters:
sess-vo- VO- Throws:
VoNotExistsExceptionPrivilegeExceptionGroupAlreadyRemovedException- if there is at least 1 group not affected by deleting from DBGroupAlreadyRemovedFromResourceException- if there is at least 1 group on resource affected by deleting from DBGroupRelationDoesNotExistGroupRelationCannotBeRemoved
-
deleteGroup
public void deleteGroup(PerunSession sess, Group group, boolean forceDelete) throws GroupNotExistsException, PrivilegeException, RelationExistsException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, ExternallyManagedException Description copied from interface:GroupsManagerIf forceDelete is false, delete only group and if this group has members or subgroups, throw an exception. If forceDelete is true, delete group with all subgroups, members and administrators, then delete this group.- Specified by:
deleteGroupin interfaceGroupsManager- Parameters:
sess-group- group to deleteforceDelete- if forceDelete is false, delete group only if is empty and has no subgroups, if is true, delete anyway with all connections- Throws:
GroupNotExistsExceptionPrivilegeExceptionRelationExistsExceptionGroupAlreadyRemovedExceptionGroupAlreadyRemovedFromResourceExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemovedExternallyManagedException
-
deleteGroup
public void deleteGroup(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException, RelationExistsException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, ExternallyManagedException Description copied from interface:GroupsManagerDeletes group only if has no subgroups and no members. Other way throw exception. This method is same like deleteGroup(sess, group, false) with false for forceDelete- Specified by:
deleteGroupin interfaceGroupsManager- Parameters:
sess-group- group to delete- Throws:
GroupNotExistsExceptionPrivilegeExceptionRelationExistsExceptionGroupAlreadyRemovedExceptionGroupAlreadyRemovedFromResourceExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemovedExternallyManagedException
-
deleteGroups
public void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupNotExistsException, PrivilegeException, GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, ExternallyManagedException Description copied from interface:GroupsManagerDelete all groups in list from perun. (Except members group)If forceDelete is false, delete groups only if none of them (IN MOMENT OF DELETING) has subgroups and members, in other case throw exception. if forceDelete is true, delete groups with all subgroups and members.
Groups are deleted in order: from longest name to the shortest - ex: Group A:b:c will be deleted sooner than Group A:b etc. - reason for this: with group are deleted its subgroups too
Important: Groups can be from different VOs.
- Specified by:
deleteGroupsin interfaceGroupsManager- Parameters:
perunSession-groups- list of groups to deletedforceDelete- if forceDelete is false, delete groups only if all of them have no subgroups and no members, if is true, delete anyway with all connections- Throws:
GroupNotExistsException- If any group not exists in perunPrivilegeException- if user has no right to call delete operation on any of these groupsGroupAlreadyRemovedException- if any groups is already deletedRelationExistsException- raise if group has subgroups or member (forceDelete is false)GroupAlreadyRemovedFromResourceException- if any group is already removed from resourceGroupRelationDoesNotExistGroupRelationCannotBeRemovedExternallyManagedException
-
disallowGroupToHierarchicalVo
public void disallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws VoNotExistsException, GroupNotExistsException, PrivilegeException, RelationNotExistsException Description copied from interface:GroupsManagerUnsets flag required for including group to parent vo in a vo hierarchy- Specified by:
disallowGroupToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Throws:
VoNotExistsException- if vo does not existGroupNotExistsException- if group does not existPrivilegeException- insufficient rightsRelationNotExistsException- if group is not allowed to be included in parent vo
-
disallowGroupsToHierarchicalVo
public void disallowGroupsToHierarchicalVo(PerunSession sess, List<Group> groups, Vo vo) throws VoNotExistsException, GroupNotExistsException, PrivilegeException, RelationNotExistsException Description copied from interface:GroupsManagerUnsets flag required for including groups to parent vo in a vo hierarchy- Specified by:
disallowGroupsToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- perun sessiongroups- list of groupsvo- parent vo- Throws:
VoNotExistsException- if vo does not existGroupNotExistsException- if group does not existPrivilegeException- insufficient rightsRelationNotExistsException- if group is not allowed to be included in parent vo
-
extendMembershipInGroup
public void extendMembershipInGroup(PerunSession sess, Member member, Group group) throws ExtendMembershipException, PrivilegeException, MemberNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerExtend member membership in given group using membershipExpirationRules attribute defined in Group.- Specified by:
extendMembershipInGroupin interfaceGroupsManager- Parameters:
sess- sessionmember- membergroup- group- Throws:
ExtendMembershipException- extend membership exceptionPrivilegeExceptionMemberNotExistsExceptionGroupNotExistsException
-
forceAllSubGroupsSynchronization
public void forceAllSubGroupsSynchronization(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerForce synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)- Specified by:
forceAllSubGroupsSynchronizationin interfaceGroupsManager- Parameters:
sess-group- the group where all its subgroups will be forced to synchronize- Throws:
GroupNotExistsException- when group not exists in PerunPrivilegeException- user is not privileged to call this method
-
forceGroupStructureSynchronization
public void forceGroupStructureSynchronization(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException, GroupStructureSynchronizationAlreadyRunningException Description copied from interface:GroupsManagerPuts the group on the first place to the queue of groups waiting for group structure synchronization.- Specified by:
forceGroupStructureSynchronizationin interfaceGroupsManager- Parameters:
sess-group-- Throws:
GroupNotExistsExceptionPrivilegeExceptionGroupStructureSynchronizationAlreadyRunningException
-
forceGroupSynchronization
public void forceGroupSynchronization(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException, GroupSynchronizationAlreadyRunningException, GroupSynchronizationNotEnabledException Description copied from interface:GroupsManagerSynchronizes the group with the external group.- Specified by:
forceGroupSynchronizationin interfaceGroupsManager- Parameters:
sess-group-- Throws:
GroupNotExistsExceptionPrivilegeExceptionGroupSynchronizationAlreadyRunningException- when synchronization for the group is already runningGroupSynchronizationNotEnabledException- when group doesn't have synchronization enabled
-
getActiveGroupMembers
public List<Member> getActiveGroupMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturn all members of the group who are active (valid) in the group.Do not return expired members of the group.
- Specified by:
getActiveGroupMembersin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- to get members from- Returns:
- list of active (valid) members
- Throws:
PrivilegeException- insufficient permissionGroupNotExistsException- when group does not exist
-
getAdminGroups
public List<Group> getAdminGroups(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGets list of all group administrators of given group.- Specified by:
getAdminGroupsin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of all group administrators of the given group
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getAdmins
public List<User> getAdmins(PerunSession perunSession, Group group, boolean onlyDirectAdmins) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGets list of all administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.If onlyDirectAdmins is true, return only direct users of the group for supported role.
Supported roles: GroupAdmin
- Specified by:
getAdminsin interfaceGroupsManager- Parameters:
perunSession-group-onlyDirectAdmins- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of all user administrators of the given group for supported role
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getAdmins
@Deprecated public List<User> getAdmins(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Deprecated.Description copied from interface:GroupsManagerGets list of all user administrators of this group. If some group is administrator of the given group, all members are included in the list.- Specified by:
getAdminsin interfaceGroupsManager- Parameters:
sess-group-- Throws:
PrivilegeExceptionGroupNotExistsException
-
getAllAllowedGroupsToHierarchicalVo
public List<Group> getAllAllowedGroupsToHierarchicalVo(PerunSession sess, Vo vo) throws VoNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns all groups which can be included to VO.- Specified by:
getAllAllowedGroupsToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- sessionvo- parent VO- Returns:
- list of allowed groups to hierarchical VO
- Throws:
VoNotExistsException- if given VO does not existPrivilegeException- if unauthorized
-
getAllAllowedGroupsToHierarchicalVo
public List<Group> getAllAllowedGroupsToHierarchicalVo(PerunSession sess, Vo vo, Vo memberVo) throws VoNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns groups which can be included to VO from specific member VO.- Specified by:
getAllAllowedGroupsToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- sessionvo- parent VOmemberVo- member VO- Returns:
- list of allowed groups to hierarchical VO
- Throws:
VoNotExistsException- if given parent VO or member VO does not existPrivilegeException- if unauthorized
-
getAllGroups
Description copied from interface:GroupsManagerGet all groups from all vos. Returned groups are filtered based on the principal rights.- Specified by:
getAllGroupsin interfaceGroupsManager- Parameters:
sess- session- Returns:
- list of all groups
- Throws:
PrivilegeException- if the principal has insufficient permission
-
getAllGroups
public List<Group> getAllGroups(PerunSession sess, Vo vo) throws PrivilegeException, VoNotExistsException Description copied from interface:GroupsManagerGet groups of Vo by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all groups in vo - GROUPADMIN : only groups where user is admin- Specified by:
getAllGroupsin interfaceGroupsManager- Parameters:
sess-vo-- Returns:
- list of groups
- Throws:
PrivilegeExceptionVoNotExistsException
-
getAllGroupsWhereMemberIsActive
public List<Group> getAllGroupsWhereMemberIsActive(PerunSession sess, Member member) throws PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerReturns all member's groups where member is in active state (is valid there) Included members group.- Specified by:
getAllGroupsWhereMemberIsActivein interfaceGroupsManager- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in active state (valid)
- Throws:
PrivilegeException- user is not privileged to call this methodMemberNotExistsException- member in parameter not exists in perun
-
getAllGroupsWithHierarchy
public Map<Group,Object> getAllGroupsWithHierarchy(PerunSession sess, Vo vo) throws PrivilegeException, VoNotExistsException Description copied from interface:GroupsManagerGet groups of the VO stored in the map reflecting the hierarchy by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all Groups - GROUPADMIN : only groups where user is groupAdmin- Specified by:
getAllGroupsWithHierarchyin interfaceGroupsManager- Parameters:
sess-vo-- Returns:
- map of the groups hierarchically organized
- Throws:
PrivilegeExceptionVoNotExistsException
-
getAllMemberGroups
public List<Group> getAllMemberGroups(PerunSession sess, Member member) throws PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerReturn all member's groups. Included members groups.- Specified by:
getAllMemberGroupsin interfaceGroupsManager- Parameters:
sess-member-- Returns:
- Throws:
PrivilegeExceptionMemberNotExistsException
-
getAllRichGroups
Description copied from interface:GroupsManagerGet all groups with all attributes.- Specified by:
getAllRichGroupsin interfaceGroupsManager- Parameters:
sess- session- Returns:
- list of all groups with specified attributes
- Throws:
PrivilegeException- if the principal has insufficient permission
-
getAllRichGroups
public List<RichGroup> getAllRichGroups(PerunSession sess, List<String> attrNames) throws PrivilegeException Description copied from interface:GroupsManagerGet all groups with their specified attributes. If theattrNamesare null or empty, all group attributes are returned.- Specified by:
getAllRichGroupsin interfaceGroupsManager- Parameters:
sess- sessionattrNames- list of attribute names to get- Returns:
- list of all groups with specified attributes
- Throws:
PrivilegeException- if the principal has insufficient permission
-
getAllRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) throws VoNotExistsException, PrivilegeException Deprecated.Description copied from interface:GroupsManagerReturn all RichGroups containing selected attributes- Specified by:
getAllRichGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-vo-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
VoNotExistsExceptionPrivilegeException
-
getAllRichGroupsWithAttributesByNames
public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) throws VoNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn all RichGroups containing selected attributes filtered by role and its type- Specified by:
getAllRichGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess- perun sessionvo- voattrNames- if attrNames is null method will return RichGroups containing all attributesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
- Throws:
VoNotExistsExceptionPrivilegeException
-
getAllRichSubGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) throws GroupNotExistsException, PrivilegeException Deprecated.Description copied from interface:GroupsManagerReturn all RichSubGroups in parentGroup (all levels sub groups) containing selected attributes- Specified by:
getAllRichSubGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-parentGroup-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getAllRichSubGroupsWithAttributesByNames
public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn all RichSubGroups in parentGroup (all levels sub groups) containing selected attributes filtered by role and its type,- Specified by:
getAllRichSubGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess- perun sessionparentGroup- parent groupattrNames- if attrNames is null method will return RichGroups containing all attributesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getAllSubGroups
public List<Group> getAllSubGroups(PerunSession sess, Group parentGroup) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGet all subgroups of the parentGroup recursively. (parentGroup subgroups, their subgroups etc...)- Specified by:
getAllSubGroupsin interfaceGroupsManager- Parameters:
sess-parentGroup- parent group- Returns:
- list of groups
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getDirectAdmins
@Deprecated public List<User> getDirectAdmins(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Deprecated.Description copied from interface:GroupsManagerGets list of direct user administrators of this group. 'Direct' means, there aren't included users, who are members of group administrators, in the returned list.- Specified by:
getDirectAdminsin interfaceGroupsManager- Parameters:
sess-group-- Throws:
PrivilegeExceptionGroupNotExistsException
-
getDirectRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) throws PrivilegeException, GroupNotExistsException Deprecated.Description copied from interface:GroupsManagerGet list of Group administrators, which are directly assigned (not by group membership) with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getDirectRichAdminsWithSpecificAttributesin interfaceGroupsManager- Parameters:
perunSession-group-specificAttributes-- Returns:
- list of RichUsers with specific attributes.
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupById
public Group getGroupById(PerunSession sess, int id) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerSearch for the group with specified id in all VOs.- Specified by:
getGroupByIdin interfaceGroupsManager- Parameters:
sess-id-- Returns:
- group with specified id or throws GroupNotExistsException
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getGroupByName
public Group getGroupByName(PerunSession sess, Vo vo, String name) throws GroupNotExistsException, PrivilegeException, VoNotExistsException Description copied from interface:GroupsManagerSearch for the group with specified name in specified VO.IMPORTANT: need to use full name of group (ex. 'toplevel:a:b', not the shortname which is in this example 'b')
- Specified by:
getGroupByNamein interfaceGroupsManager- Parameters:
sess-vo-name-- Returns:
- group with specified name or throws GroupNotExistsException in specified VO
- Throws:
GroupNotExistsExceptionPrivilegeExceptionVoNotExistsException
-
getGroupDirectMembers
public List<Member> getGroupDirectMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturn all direct group members.- Specified by:
getGroupDirectMembersin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- group- Returns:
- list of direct members
- Throws:
PrivilegeException- insufficient permissionGroupNotExistsException- when group does not exist
-
getGroupDirectMembersCount
public int getGroupDirectMembersCount(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns count of direct members in the group- Specified by:
getGroupDirectMembersCountin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- count
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getGroupDirectRichMembers
public List<RichMember> getGroupDirectRichMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns direct group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupDirectRichMembersin interfaceGroupsManager- Parameters:
sess- sessiongroup- group- Returns:
- list of direct RichMembers
- Throws:
PrivilegeException- insufficient permissionGroupNotExistsException- when group does not exist
-
getGroupMemberById
public Member getGroupMemberById(PerunSession sess, Group group, int memberId) throws NotGroupMemberException, GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerGet group member by member ID.- Specified by:
getGroupMemberByIdin interfaceGroupsManager- Parameters:
sess-group-memberId-- Returns:
- Member
- Throws:
NotGroupMemberExceptionGroupNotExistsExceptionPrivilegeException
-
getGroupMembers
public List<Member> getGroupMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturn all group members.- Specified by:
getGroupMembersin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of members or empty list if the group is empty
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupMembers
public List<Member> getGroupMembers(PerunSession sess, Group group, Status status) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturn group members with specified vo membership status.- Specified by:
getGroupMembersin interfaceGroupsManager- Parameters:
sess-group-status-- Returns:
- list of members with specified membership status or empty list if no such member is found in group
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupMembersCount
public int getGroupMembersCount(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException - Specified by:
getGroupMembersCountin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- count of members of specified group
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getGroupMembersCountsByGroupStatus
public Map<MemberGroupStatus,Integer> getGroupMembersCountsByGroupStatus(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns counts of group members by their group status.- Specified by:
getGroupMembersCountsByGroupStatusin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- map of member status in group to count of group members with the status
- Throws:
GroupNotExistsException- when the group doesn't existPrivilegeException
-
getGroupMembersCountsByVoStatus
public Map<Status,Integer> getGroupMembersCountsByVoStatus(PerunSession sess, Group group) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns counts of group members by their status in VO.- Specified by:
getGroupMembersCountsByVoStatusin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- map of member status in VO to count of group members with the status
- Throws:
GroupNotExistsException- when the group doesn't existPrivilegeException
-
getGroupRichMembers
public List<RichMember> getGroupRichMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of RichMembers
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupRichMembers
public List<RichMember> getGroupRichMembers(PerunSession sess, Group group, Status status) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns group members with specified membership status in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersin interfaceGroupsManager- Parameters:
sess-group-status-- Returns:
- list of RichMembers
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupRichMembersByIds
public List<RichMember> getGroupRichMembersByIds(PerunSession sess, int groupId, List<Integer> memberIds, List<String> attrNames) throws GroupNotExistsException, PrivilegeException, AttributeNotExistsException Description copied from interface:GroupsManagerReturns list of RichMembers with requested attributes by their member IDs from given group. Skips invalid member IDs (unknown or not members of group). Supports member, member-group (stored in memberAttributes) and user attributes (stored in userAttributes).- Specified by:
getGroupRichMembersByIdsin interfaceGroupsManager- Parameters:
sess- perun sessiongroupId- group idmemberIds- ids of members to include in resultattrNames- names of attributes to include in RichMembers- Returns:
- list of RichMembers
- Throws:
GroupNotExistsExceptionPrivilegeExceptionAttributeNotExistsException
-
getGroupRichMembersWithAttributes
public List<RichMember> getGroupRichMembersWithAttributes(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of RichMembers
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupRichMembersWithAttributes
public List<RichMember> getGroupRichMembersWithAttributes(PerunSession sess, Group group, Status status) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns group members with specified membership status in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesin interfaceGroupsManager- Parameters:
sess-group-status-- Returns:
- list of RichMembers
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getGroupUnions
public List<Group> getGroupUnions(PerunSession sess, Group group, boolean reverseDirection) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerGet list of group unions for specified group.- Specified by:
getGroupUnionsin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- groupreverseDirection- if false get all operand groups of requested result group if true get all result groups of requested operand group- Returns:
- list of groups.
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getGroups
public List<Group> getGroups(PerunSession sess, Vo vo) throws PrivilegeException, VoNotExistsException Description copied from interface:GroupsManagerGet groups of users under the VO by ACCESS RIGHTS: If user is: - PERUNADMIN or VOADMIN : all groups - GROUPADMIN : only groups where user is GroupAdmin- Specified by:
getGroupsin interfaceGroupsManager- Parameters:
sess-vo- vo- Returns:
- list of groups
- Throws:
PrivilegeExceptionVoNotExistsException
-
getGroupsByIds
Description copied from interface:GroupsManagerSearch for the groups with specified ids in all VOs.- Specified by:
getGroupsByIdsin interfaceGroupsManager- Parameters:
sess-ids-- Returns:
- groups with specified ids
- Throws:
PrivilegeException
-
getGroupsCount
- Specified by:
getGroupsCountin interfaceGroupsManager- Parameters:
sess-vo-- Returns:
- count of VO's groups
- Throws:
PrivilegeExceptionVoNotExistsException
-
getGroupsCount
Description copied from interface:GroupsManagerGet count of all groups- Specified by:
getGroupsCountin interfaceGroupsManager- Parameters:
sess-- Returns:
- count of all groups
-
getGroupsManagerBl
Gets the groupsManagerBl for this instance.- Returns:
- The groupsManagerBl.
-
getGroupsManagerImpl
-
getGroupsPage
public Paginated<RichGroup> getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) throws VoNotExistsException, PrivilegeException, MemberNotExistsException, GroupNotExistsException, MemberGroupMismatchException Description copied from interface:GroupsManagerGet page of groups from the given vo.- Specified by:
getGroupsPagein interfaceGroupsManager- Parameters:
sess- sessionvo- voquery- query with page informationattrNames- attribute names- Returns:
- page of requested rich groups
- Throws:
VoNotExistsExceptionPrivilegeExceptionMemberNotExistsExceptionGroupNotExistsExceptionMemberGroupMismatchException
-
getGroupsWhereMemberIsActive
public List<Group> getGroupsWhereMemberIsActive(PerunSession sess, Member member) throws PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerReturns all member's groups where member is in active state (is valid there) Excluded members group.- Specified by:
getGroupsWhereMemberIsActivein interfaceGroupsManager- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in active state (valid)
- Throws:
PrivilegeException- user is not privileged to call this methodMemberNotExistsException- member in parameter not exists in perun
-
getGroupsWhereMemberIsInactive
public List<Group> getGroupsWhereMemberIsInactive(PerunSession sess, Member member) throws PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerReturns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.- Specified by:
getGroupsWhereMemberIsInactivein interfaceGroupsManager- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in inactive state (expired)
- Throws:
PrivilegeException- user is not privileged to call this methodMemberNotExistsException- member in parameter not exists in perun
-
getGroupsWhereUserIsActiveMember
public List<Group> getGroupsWhereUserIsActiveMember(PerunSession sess, User user, Vo vo) throws VoNotExistsException, UserNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns groups in which the user is active member. Groups are looked up only for the specified VO- Specified by:
getGroupsWhereUserIsActiveMemberin interfaceGroupsManager- Parameters:
sess- sessionuser- user objectvo- VO object- Returns:
- List of groups
- Throws:
VoNotExistsExceptionUserNotExistsExceptionPrivilegeException
-
getInactiveGroupMembers
public List<Member> getInactiveGroupMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturn all members of the group who are inactive (expired) in the group.Do not return active members of the group.
- Specified by:
getInactiveGroupMembersin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- to get members from- Returns:
- list of inactive (expired) members
- Throws:
PrivilegeException- insufficient permissionGroupNotExistsException- when group does not exist
-
getIndirectMembershipPaths
public List<List<Group>> getIndirectMembershipPaths(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerGet unique paths of groups via which member is indirectly included to the group. Cuts off after first included group.- Specified by:
getIndirectMembershipPathsin interfaceGroupsManager- Parameters:
sess- perun sessionmember- membergroup- group in which the member is indirectly included- Returns:
- lists of groups [CURRENT GROUP -> SUBGROUP -> ... -> MEMBER'S SOURCE GROUP]
- Throws:
MemberNotExistsExceptionGroupNotExistsExceptionPrivilegeException
-
getMemberGroups
public List<Group> getMemberGroups(PerunSession sess, Member member) throws PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerReturns all member's groups. Except members groups.- Specified by:
getMemberGroupsin interfaceGroupsManager- Parameters:
sess-member-- Returns:
- Throws:
PrivilegeExceptionMemberNotExistsException
-
getMemberGroupsByAttribute
public List<Group> getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) throws WrongAttributeAssignmentException, PrivilegeException, MemberNotExistsException, AttributeNotExistsException Description copied from interface:GroupsManagerMethod return list of groups for selected member which (groups) has set specific attribute. Attribute can be only from namespace "GROUP"- Specified by:
getMemberGroupsByAttributein interfaceGroupsManager- Parameters:
sess- sessmember- memerattribute- attribute from "GROUP" namespace- Returns:
- list of groups which contain member and have attribute with same value
- Throws:
WrongAttributeAssignmentExceptionPrivilegeExceptionMemberNotExistsExceptionAttributeNotExistsException
-
getMemberRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) throws MemberNotExistsException, PrivilegeException Deprecated.Description copied from interface:GroupsManagerReturn all RichGroups for specified member, containing selected attributes. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess- internal sessionmember- the member to get the rich groups forattrNames- list of selected attributes from supported namespaces- Returns:
- list of rich groups with selected attributes
- Throws:
MemberNotExistsExceptionPrivilegeException
-
getMemberRichGroupsWithAttributesByNames
public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) throws MemberNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn all RichGroups for specified member, containing selected attributes filtered by role and its type. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess- internal sessionmember- the member to get the rich groups forattrNames- list of selected attributes from supported namespacesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- list of rich groups with selected attributes
- Throws:
MemberNotExistsExceptionPrivilegeException
-
getParentGroup
public Group getParentGroup(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException, ParentGroupNotExistsException Description copied from interface:GroupsManagerGet parent group. If group is topLevel group or Members group, return Members group.- Specified by:
getParentGroupin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- parent group
- Throws:
GroupNotExistsExceptionParentGroupNotExistsExceptionPrivilegeException
-
getParentGroupMembers
public List<Member> getParentGroupMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGet members from parent group. If the parent group doesn't exist (this is top level group) return all VO (from which the group is) members instead.- Specified by:
getParentGroupMembersin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getParentGroupRichMembers
public List<RichMember> getParentGroupRichMembers(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGet members form the parent group in RichMember format.- Specified by:
getParentGroupRichMembersin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of parent group rich members
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getParentGroupRichMembersWithAttributes
public List<RichMember> getParentGroupRichMembersWithAttributes(PerunSession sess, Group group) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGet members form the parent group in RichMember format including user/member attributes.- Specified by:
getParentGroupRichMembersWithAttributesin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- list of parent group rich members
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getPerunBl
-
getRichAdmins
public List<RichUser> getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) throws PrivilegeException, GroupNotExistsException, UserNotExistsException Description copied from interface:GroupsManagerGets list of all richUser administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.Supported roles: GroupAdmin
If "onlyDirectAdmins" is "true", return only direct users of the group for supported role with specific attributes. If "allUserAttributes" is "true", do not specify attributes through list and return them all in objects richUser. Ignoring list of specific attributes.
- Specified by:
getRichAdminsin interfaceGroupsManager- Parameters:
perunSession-group-specificAttributes- list of specified attributes which are needed in object richUserallUserAttributes- if true, get all possible user attributes and ignore list of specificAttributes (if false, get only specific attributes)onlyDirectAdmins- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of RichUser administrators for the group and supported role with attributes
- Throws:
PrivilegeExceptionGroupNotExistsExceptionUserNotExistsException
-
getRichAdmins
@Deprecated public List<RichUser> getRichAdmins(PerunSession perunSession, Group group) throws PrivilegeException, GroupNotExistsException Deprecated.Description copied from interface:GroupsManagerGets list of all administrators of this group like RichUsers without attributes.- Specified by:
getRichAdminsin interfaceGroupsManager- Parameters:
perunSession-group-- Throws:
PrivilegeExceptionGroupNotExistsException
-
getRichAdminsWithAttributes
@Deprecated public List<RichUser> getRichAdminsWithAttributes(PerunSession perunSession, Group group) throws PrivilegeException, GroupNotExistsException, UserNotExistsException Deprecated.Description copied from interface:GroupsManagerGets list of all administrators of this group like RichUsers with attributes.- Specified by:
getRichAdminsWithAttributesin interfaceGroupsManager- Parameters:
perunSession-group-- Throws:
PrivilegeExceptionGroupNotExistsExceptionUserNotExistsException
-
getRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) throws PrivilegeException, GroupNotExistsException Deprecated.Description copied from interface:GroupsManagerGet list of Group administrators with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getRichAdminsWithSpecificAttributesin interfaceGroupsManager- Parameters:
perunSession-group-specificAttributes-- Returns:
- list of RichUsers with specific attributes.
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getRichGroupByIdWithAttributesByNames
public RichGroup getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn RichGroup selected by id containing selected attributes- Specified by:
getRichGroupByIdWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-groupId-attrNames- if attrNames is null method will return RichGroup containing all attributes- Returns:
- RichGroup
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getRichGroupsAssignedToResourceWithAttributesByNames
public List<RichGroup> getRichGroupsAssignedToResourceWithAttributesByNames(PerunSession sess, Resource resource, List<String> attrNames) throws ResourceNotExistsException, PrivilegeException Description copied from interface:GroupsManagerGet list of all richGroups with selected attributes assigned to resource. Allowed namespaces of attributes are group and group-resource.Last step is filtration of attributes: Attributes are filtered by rights of user in session. User get only those selected attributes he has rights to read.
- Specified by:
getRichGroupsAssignedToResourceWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-resource- resource to get assigned groups forattrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroup objects with specific attributes specified by object Resource and object Member.
- Throws:
ResourceNotExistsExceptionPrivilegeException
-
getRichGroupsAssignedToResourceWithAttributesByNames
public List<RichGroup> getRichGroupsAssignedToResourceWithAttributesByNames(PerunSession sess, Member member, Resource resource, List<String> attrNames) throws ResourceNotExistsException, PrivilegeException, MemberNotExistsException Description copied from interface:GroupsManagerGet list of all richGroups with selected attributes assigned to the resource filtered by specific member. Allowed namespaces of attributes are group, group-resource, member-groupLast step is filtration of attributes: Attributes are filtered by rights of user in session. User get only those selected attributes he has rights to read.
- Specified by:
getRichGroupsAssignedToResourceWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-member- member used for filtering returned groups (groups have to contain this member to be returned)resource- resource to get assigned groups forattrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroup objects with specific attributes specified by object Resource and object Member
- Throws:
ResourceNotExistsExceptionPrivilegeExceptionMemberNotExistsException
-
getRichSubGroupsWithAttributesByNames
public List<RichGroup> getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn RichSubGroups in parentGroup (only 1 level subgroups) containing selected attributes- Specified by:
getRichSubGroupsWithAttributesByNamesin interfaceGroupsManager- Parameters:
sess-parentGroup-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getSubGroups
public List<Group> getSubGroups(PerunSession sess, Group parentGroup) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerGet all subgroups of the parent group under the VO.- Specified by:
getSubGroupsin interfaceGroupsManager- Parameters:
sess-parentGroup- parent group- Returns:
- list of groups
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getSubGroupsCount
public int getSubGroupsCount(PerunSession sess, Group parentGroup) throws PrivilegeException, GroupNotExistsException Description copied from interface:GroupsManagerReturns number of immediate subgroups of the parent group.- Specified by:
getSubGroupsCountin interfaceGroupsManager- Parameters:
sess-parentGroup-- Returns:
- count of parent group immediate subgroups
- Throws:
PrivilegeExceptionGroupNotExistsException
-
getSubgroupsPage
public Paginated<RichGroup> getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerGet page of subgroups from the given parent group.- Specified by:
getSubgroupsPagein interfaceGroupsManager- Parameters:
sess- sessiongroup- parent groupquery- query with page informationattrNames- attribute names- Returns:
- page of requested rich groups
- Throws:
GroupNotExistsExceptionPrivilegeException
-
getVo
Description copied from interface:GroupsManagerGets the Vo which is owner of the group.- Specified by:
getVoin interfaceGroupsManager- Parameters:
sess-group-- Returns:
- Vo which is owner of the group.
- Throws:
GroupNotExistsExceptionPrivilegeException
-
isAllowedGroupToHierarchicalVo
public boolean isAllowedGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws VoNotExistsException, GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturns flag representing if the group can be included in the (parent) vo's groups- Specified by:
isAllowedGroupToHierarchicalVoin interfaceGroupsManager- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Returns:
- true if group can be included in vo's groups, false otherwise
- Throws:
VoNotExistsException- if vo does not existGroupNotExistsException- if group does not existPrivilegeException- insufficient rights
-
isDirectGroupMember
public boolean isDirectGroupMember(PerunSession sess, Group group, Member member) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerReturn true if Member is direct member of the Group- Specified by:
isDirectGroupMemberin interfaceGroupsManager- Parameters:
sess- sessiongroup- group where the membership is to be checkedmember- member whose membership is to be checked- Returns:
- true if Member is direct member of the Group
- Throws:
GroupNotExistsExceptionPrivilegeException
-
isGroupLastAdminInSomeFacility
public List<Group> isGroupLastAdminInSomeFacility(PerunSession sess, List<Group> groups) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerCheck whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do. Such facilities could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeFacilityin interfaceGroupsManager- Parameters:
sess- sessiongroups- groups to check- Returns:
- list of groups which supply last FACILITYADMIN in some facility
- Throws:
GroupNotExistsException- group does not existPrivilegeException- insufficient rights
-
isGroupLastAdminInSomeVo
public List<Group> isGroupLastAdminInSomeVo(PerunSession sess, List<Group> groups) throws GroupNotExistsException, PrivilegeException Description copied from interface:GroupsManagerCheck whether some of the groups supply the last VOADMIN in some vo, return the groups that do. Such vos could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeVoin interfaceGroupsManager- Parameters:
sess- sessiongroups- groups to check- Returns:
- list of groups which supply last VOADMIN in some facility
- Throws:
GroupNotExistsException- group does not existPrivilegeException- insufficient rights
-
isGroupMember
public boolean isGroupMember(PerunSession sess, Group group, Member member) throws PrivilegeException, GroupNotExistsException, MemberNotExistsException Description copied from interface:GroupsManagerReturn true if Member is member of the Group- Specified by:
isGroupMemberin interfaceGroupsManager- Parameters:
sess-group-member-- Returns:
- true if Member is member of the Group
- Throws:
PrivilegeExceptionGroupNotExistsExceptionMemberNotExistsException
-
moveGroup
public void moveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) throws GroupNotExistsException, PrivilegeException, GroupMoveNotAllowedException, WrongAttributeValueException, WrongReferenceAttributeValueException, ExternallyManagedException Description copied from interface:GroupsManagerMove one group structure under another group in same vo or as top level group- Specified by:
moveGroupin interfaceGroupsManager- Parameters:
sess- perun sessiondestinationGroup- group to which is moving group moved, if it's null group will be moved as top level groupmovingGroup- group which is moved to destination group- Throws:
GroupNotExistsExceptionPrivilegeExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueExceptionGroupMoveNotAllowedExceptionExternallyManagedException
-
removeAdmin
public void removeAdmin(PerunSession sess, Group group, User user) throws PrivilegeException, GroupNotExistsException, UserNotAdminException, UserNotExistsException, RoleCannotBeManagedException Description copied from interface:GroupsManagerRemoves a user administrator form the group.- Specified by:
removeAdminin interfaceGroupsManager- Parameters:
sess-group-user-- Throws:
PrivilegeExceptionGroupNotExistsExceptionUserNotAdminExceptionUserNotExistsExceptionRoleCannotBeManagedException
-
removeAdmin
public void removeAdmin(PerunSession sess, Group group, Group authorizedGroup) throws PrivilegeException, GroupNotExistsException, GroupNotAdminException, RoleCannotBeManagedException Description copied from interface:GroupsManagerRemoves a group administrator of the group.- Specified by:
removeAdminin interfaceGroupsManager- Parameters:
sess-group-authorizedGroup- group that will be removed the privilege- Throws:
PrivilegeExceptionGroupNotExistsExceptionGroupNotAdminExceptionRoleCannotBeManagedException
-
removeGroupUnion
public void removeGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup) throws GroupNotExistsException, PrivilegeException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, ExternallyManagedException Description copied from interface:GroupsManagerRemoves a union relation between two groups. All indirect members that originate from operand group are removed from result group.- Specified by:
removeGroupUnionin interfaceGroupsManager- Parameters:
sess- perun sessionresultGroup- group from which members are removedoperandGroup- group which members are removed from result group- Throws:
GroupNotExistsExceptionPrivilegeExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemovedExternallyManagedException
-
removeGroupUnions
public void removeGroupUnions(PerunSession sess, Group resultGroup, List<Group> operandGroups) throws GroupNotExistsException, PrivilegeException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, ExternallyManagedException Description copied from interface:GroupsManagerRemoves a union relations between groups. All indirect members that originate from operand groups are removed from result group.- Specified by:
removeGroupUnionsin interfaceGroupsManager- Parameters:
sess- perun sessionresultGroup- group from which members are removedoperandGroups- groups which members are removed from result group- Throws:
GroupNotExistsExceptionPrivilegeExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemovedExternallyManagedException
-
removeMember
public void removeMember(PerunSession sess, Group group, Member member) throws MemberNotExistsException, NotGroupMemberException, PrivilegeException, GroupNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerRemoves member form the group.- Specified by:
removeMemberin interfaceGroupsManager- Parameters:
sess-group- group, from which the member is to be removedmember- Member to be removed- Throws:
MemberNotExistsException- when member doesn't existNotGroupMemberException- when member is not in the groupPrivilegeExceptionGroupNotExistsException- when the group doesn't existWrongAttributeAssignmentException- when assigning atribute to wrong entityAttributeNotExistsException- when attribute doesn't existExternallyManagedException- when the group is externally managed
-
removeMember
public void removeMember(PerunSession sess, Member member, List<Group> groups) throws MemberNotExistsException, NotGroupMemberException, PrivilegeException, GroupNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerRemoves a member from a list of groups.- Specified by:
removeMemberin interfaceGroupsManager- Parameters:
sess-member- Member to be removedgroups- list of groups, from which the member is to be removed, can be empty- Throws:
MemberNotExistsException- when member doesn't existNotGroupMemberException- when member is not in the groupPrivilegeExceptionGroupNotExistsException- when the group doesn't existWrongAttributeAssignmentException- when assigning atribute to wrong entityAttributeNotExistsException- when attribute doesn't existExternallyManagedException- when the group is externally managed
-
removeMembers
public void removeMembers(PerunSession sess, Group group, List<Member> members) throws MemberNotExistsException, NotGroupMemberException, PrivilegeException, GroupNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException, ExternallyManagedException Description copied from interface:GroupsManagerRemoves members from a group.- Specified by:
removeMembersin interfaceGroupsManager- Parameters:
sess-group- group, from which the members are to be removedmembers- list of members to be removed, can be empty- Throws:
MemberNotExistsException- when member doesn't existNotGroupMemberException- when member is not in the groupPrivilegeExceptionGroupNotExistsException- when the group doesn't existWrongAttributeAssignmentException- when assigning atribute to wrong entityAttributeNotExistsException- when attribute doesn't existExternallyManagedException- when the group is externally managed
-
setGroupsManagerBl
Sets the groupsManagerBl for this instance.- Parameters:
groupsManagerBl- The groupsManagerBl.
-
setMemberGroupStatus
public Member setMemberGroupStatus(PerunSession sess, Member member, Group group, MemberGroupStatus status) throws GroupNotExistsException, MemberNotExistsException, PrivilegeException, NotGroupMemberException Description copied from interface:GroupsManagerSet Members Group status for specified DIRECT member and group. Member with newly calculated group membership status is returned.Please note, that if member is also sourced from sub-groups or groups in relation and has VALID status in any of them, then resulting status is still VALID. In order to really expire such member is to set EXPIRED status also to all sourcing sub-groups or groups in relation.
- Specified by:
setMemberGroupStatusin interfaceGroupsManager- Parameters:
sess- perun sessionmember- member to set status forgroup- group to set status instatus- status to set (VALID/EXPIRED)- Returns:
- Member with newly calculated status.
- Throws:
GroupNotExistsExceptionMemberNotExistsExceptionPrivilegeExceptionNotGroupMemberException
-
setPerunBl
Sets the perunBl for this instance.- Parameters:
perunBl- The perunBl.
-
suspendGroupSynchronization
public void suspendGroupSynchronization(PerunSession sess, boolean suspend) throws PrivilegeException Description copied from interface:GroupsManagerSuspend synchronizing groups and their structures. Groups being currently synchronized will finish.- Specified by:
suspendGroupSynchronizationin interfaceGroupsManager- Parameters:
sess- sessionsuspend- whether to suspend or unsuspend- Throws:
PrivilegeException
-
isSuspendedGroupSynchronization
Description copied from interface:GroupsManagerCheck if synchronizing groups is suspended.- Specified by:
isSuspendedGroupSynchronizationin interfaceGroupsManager- Returns:
- True if suspended, false if synchronizing
- Throws:
PrivilegeException
-
synchronizeGroups
Description copied from interface:GroupsManagerSynchronize all groups which have enabled synchronization. This method is run by the scheduler every 5 minutes.- Specified by:
synchronizeGroupsin interfaceGroupsManager- Throws:
PrivilegeException
-
synchronizeGroupsStructures
Description copied from interface:GroupsManagerSynchronize all groups structures (with members) which have enabled group structure synchronization. This method is run by the scheduler every 5 minutes.- Specified by:
synchronizeGroupsStructuresin interfaceGroupsManager- Throws:
PrivilegeException
-
updateGroup
public Group updateGroup(PerunSession sess, Group group) throws GroupNotExistsException, GroupExistsException, PrivilegeException Description copied from interface:GroupsManagerUpdates group by ID.Update shortName (use shortName) and description. Group.name is ignored. Return Group with correctly set parameters (including group.name)
- Specified by:
updateGroupin interfaceGroupsManager- Parameters:
sess-group- to update (use only ID, shortName and description)- Returns:
- updated group with correctly set parameters (including group.name)
- Throws:
GroupNotExistsExceptionGroupExistsException- if group with same name already exists in the same VOPrivilegeException
-