Package cz.metacentrum.perun.core.entry

Class SecurityTeamsManagerEntry

java.lang.Object

cz.metacentrum.perun.core.entry.SecurityTeamsManagerEntry

All Implemented Interfaces:

SecurityTeamsManager

public class SecurityTeamsManagerEntry
extends Object
implements SecurityTeamsManager

Author:

Ondrej Velisek invalid input: '<'ondrejvelisek@gmail.com>

Constructor Summary

Constructors

Constructor	Description
SecurityTeamsManagerEntry()
SecurityTeamsManagerEntry(PerunBl perunBl)

Method Summary

Modifier and Type	Method	Description
void	addAdmin(PerunSession sess, SecurityTeam securityTeam, Group group)	Create group as security admins group of given security team (all users in group will have security admin rights)
void	addAdmin(PerunSession sess, SecurityTeam securityTeam, User user)	create security admin from given user and add him as security admin of given security team
void	addUserToBlacklist(PerunSession sess, SecurityTeam securityTeam, User user, String description)	Add User to black list of security team to filter him out.
SecurityTeam	createSecurityTeam(PerunSession sess, SecurityTeam securityTeam)	Create new SecurityTeam.
void	deleteSecurityTeam(PerunSession sess, SecurityTeam securityTeam)	Delete SecurityTeam.
void	deleteSecurityTeam(PerunSession sess, SecurityTeam securityTeam, boolean forceDelete)	Delete SecurityTeam.
List<Group>	getAdminGroups(PerunSession sess, SecurityTeam securityTeam)	Gets list of all group administrators of the SecurityTeam.
List<User>	getAdmins(PerunSession sess, SecurityTeam securityTeam, boolean onlyDirectAdmins)	get all security admins of given security team
List<SecurityTeam>	getAllSecurityTeams(PerunSession sess)	get all security teams in perun system
List<User>	getBlacklist(PerunSession sess, Facility facility)	get union of blacklists of all security teams assigned to facility
List<User>	getBlacklist(PerunSession sess, SecurityTeam securityTeam)	get list of blacklisted users by security team
List<Pair<User,String>>	getBlacklistWithDescription(PerunSession sess, Facility facility)	get union of blacklists of all security teams assigned to facility containing also description
List<Pair<User,String>>	getBlacklistWithDescription(PerunSession sess, SecurityTeam securityTeam)	get list of blacklisted users by security team containing also description
PerunBl	getPerunBl()
SecurityTeam	getSecurityTeamById(PerunSession sess, int id)	Find existing SecurityTeam by ID.
SecurityTeam	getSecurityTeamByName(PerunSession sess, String name)	Find existing SecurityTeam by name.
List<SecurityTeam>	getSecurityTeams(PerunSession sess)	Get list of SecurityTeams by access rights - PERUNADMIN : all teams - SECURITYADMIN : teams where user is admin
SecurityTeamsManagerBl	getSecurityTeamsManagerBl()
void	removeAdmin(PerunSession sess, SecurityTeam securityTeam, Group group)	Remove security admin role for given security team from group
void	removeAdmin(PerunSession sess, SecurityTeam securityTeam, User user)	Remove security admin role for given security team from user
void	removeUserFromBlacklist(PerunSession sess, SecurityTeam securityTeam, User user)	remove user from blacklist of given security team
void	setPerunBl(PerunBl perunBl)
void	setSecurityTeamsManagerBl(SecurityTeamsManagerBl securityTeamsManagerBl)
SecurityTeam	updateSecurityTeam(PerunSession sess, SecurityTeam securityTeam)	Updates SecurityTeam.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityTeamsManagerEntry

public SecurityTeamsManagerEntry(PerunBl perunBl)

SecurityTeamsManagerEntry

public SecurityTeamsManagerEntry()

Method Details

addAdmin

public void addAdmin(PerunSession sess,
 SecurityTeam securityTeam,
 User user)
              throws PrivilegeException,
SecurityTeamNotExistsException,
UserNotExistsException,
AlreadyAdminException,
RoleCannotBeManagedException,
RoleCannotBeSetException

Description copied from interface: SecurityTeamsManager

create security admin from given user and add him as security admin of given security team

Specified by:

addAdmin in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

user - user who will became a security administrator

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

UserNotExistsException

AlreadyAdminException

RoleCannotBeManagedException

RoleCannotBeSetException

addAdmin

public void addAdmin(PerunSession sess,
 SecurityTeam securityTeam,
 Group group)
              throws PrivilegeException,
SecurityTeamNotExistsException,
GroupNotExistsException,
AlreadyAdminException,
RoleCannotBeManagedException,
RoleCannotBeSetException

Description copied from interface: SecurityTeamsManager

Create group as security admins group of given security team (all users in group will have security admin rights)

Specified by:

addAdmin in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

group - group which members will became a security administrators

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

GroupNotExistsException

AlreadyAdminException

RoleCannotBeManagedException

RoleCannotBeSetException

addUserToBlacklist

public void addUserToBlacklist(PerunSession sess,
 SecurityTeam securityTeam,
 User user,
 String description)
                        throws PrivilegeException,
SecurityTeamNotExistsException,
UserNotExistsException,
UserAlreadyBlacklistedException

Description copied from interface: SecurityTeamsManager

Add User to black list of security team to filter him out.

Description of adding can be null.

Specified by:

addUserToBlacklist in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

user -

description -

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

UserNotExistsException

UserAlreadyBlacklistedException

createSecurityTeam

public SecurityTeam createSecurityTeam(PerunSession sess,
 SecurityTeam securityTeam)
                                throws PrivilegeException,
SecurityTeamExistsException

Description copied from interface: SecurityTeamsManager

Create new SecurityTeam.

Specified by:

createSecurityTeam in interface SecurityTeamsManager

Parameters:

sess -

securityTeam - SecurityTeam object with prefilled name

Returns:

Newly created Security team with new id

Throws:

PrivilegeException - Can do only PerunAdmin.

SecurityTeamExistsException

deleteSecurityTeam

public void deleteSecurityTeam(PerunSession sess,
 SecurityTeam securityTeam)
                        throws PrivilegeException,
SecurityTeamNotExistsException,
RelationExistsException

Description copied from interface: SecurityTeamsManager

Delete SecurityTeam.

Specified by:

deleteSecurityTeam in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

RelationExistsException - if team is assigned to any facility or has blacklisted users.

deleteSecurityTeam

public void deleteSecurityTeam(PerunSession sess,
 SecurityTeam securityTeam,
 boolean forceDelete)
                        throws PrivilegeException,
SecurityTeamNotExistsException,
RelationExistsException

Description copied from interface: SecurityTeamsManager

Delete SecurityTeam.

Specified by:

deleteSecurityTeam in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

forceDelete - TRUE if Team should be forcefully deleted.

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

RelationExistsException - if forceDelete == FALSE and team is assigned to any facility or has blacklisted users.

getAdminGroups

public List<Group> getAdminGroups(PerunSession sess,
 SecurityTeam securityTeam)
                           throws SecurityTeamNotExistsException,
PrivilegeException

Description copied from interface: SecurityTeamsManager

Gets list of all group administrators of the SecurityTeam.

Specified by:

getAdminGroups in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

Returns:

list of Group that are admins in the SecurityTeam.

Throws:

PrivilegeException

SecurityTeamNotExistsException

getAdmins

public List<User> getAdmins(PerunSession sess,
 SecurityTeam securityTeam,
 boolean onlyDirectAdmins)
                     throws PrivilegeException,
SecurityTeamNotExistsException

Description copied from interface: SecurityTeamsManager

get all security admins of given security team

Specified by:

getAdmins in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

onlyDirectAdmins - if true, get only direct user administrators (if false, get both direct and indirect)

Returns:

list of users which are admis of given security team

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

getAllSecurityTeams

public List<SecurityTeam> getAllSecurityTeams(PerunSession sess)
                                       throws PrivilegeException

Description copied from interface: SecurityTeamsManager

get all security teams in perun system

Specified by:

getAllSecurityTeams in interface SecurityTeamsManager

Parameters:

sess -

Returns:

List of SecurityTeams or empty List

Throws:

PrivilegeException

getBlacklist

public List<User> getBlacklist(PerunSession sess,
 SecurityTeam securityTeam)
                        throws PrivilegeException,
SecurityTeamNotExistsException

Description copied from interface: SecurityTeamsManager

get list of blacklisted users by security team

Specified by:

getBlacklist in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

Returns:

list of blacklisted users by security team

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

getBlacklist

public List<User> getBlacklist(PerunSession sess,
 Facility facility)
                        throws PrivilegeException,
FacilityNotExistsException

Description copied from interface: SecurityTeamsManager

get union of blacklists of all security teams assigned to facility

Specified by:

getBlacklist in interface SecurityTeamsManager

Parameters:

sess -

facility -

Returns:

list of blacklisted users for facility

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

FacilityNotExistsException

getBlacklistWithDescription

public List<Pair<User,String>> getBlacklistWithDescription(PerunSession sess,
 SecurityTeam securityTeam)
                                                    throws PrivilegeException,
SecurityTeamNotExistsException

Description copied from interface: SecurityTeamsManager

get list of blacklisted users by security team containing also description

Specified by:

getBlacklistWithDescription in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

Returns:

List of Pairs with blacklisted users by security team

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

getBlacklistWithDescription

public List<Pair<User,String>> getBlacklistWithDescription(PerunSession sess,
 Facility facility)
                                                    throws PrivilegeException,
FacilityNotExistsException

Description copied from interface: SecurityTeamsManager

get union of blacklists of all security teams assigned to facility containing also description

Specified by:

getBlacklistWithDescription in interface SecurityTeamsManager

Parameters:

sess -

facility -

Returns:

List of Pairs with blacklisted users for facility

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

FacilityNotExistsException

getPerunBl

public PerunBl getPerunBl()

getSecurityTeamById

public SecurityTeam getSecurityTeamById(PerunSession sess,
 int id)
                                 throws PrivilegeException,
SecurityTeamNotExistsException

Description copied from interface: SecurityTeamsManager

Find existing SecurityTeam by ID.

Specified by:

getSecurityTeamById in interface SecurityTeamsManager

Parameters:

sess -

id -

Returns:

security team with given id

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

getSecurityTeamByName

public SecurityTeam getSecurityTeamByName(PerunSession sess,
 String name)
                                   throws PrivilegeException,
SecurityTeamNotExistsException

Description copied from interface: SecurityTeamsManager

Find existing SecurityTeam by name.

Specified by:

getSecurityTeamByName in interface SecurityTeamsManager

Parameters:

sess -

name -

Returns:

security team with given name

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

getSecurityTeams

public List<SecurityTeam> getSecurityTeams(PerunSession sess)
                                    throws PrivilegeException

Description copied from interface: SecurityTeamsManager

Get list of SecurityTeams by access rights - PERUNADMIN : all teams - SECURITYADMIN : teams where user is admin

Specified by:

getSecurityTeams in interface SecurityTeamsManager

Parameters:

sess -

Returns:

List of SecurityTeams or empty ArrayList

Throws:

PrivilegeException

getSecurityTeamsManagerBl

public SecurityTeamsManagerBl getSecurityTeamsManagerBl()

removeAdmin

public void removeAdmin(PerunSession sess,
 SecurityTeam securityTeam,
 User user)
                 throws PrivilegeException,
SecurityTeamNotExistsException,
UserNotExistsException,
UserNotAdminException,
RoleCannotBeManagedException

Description copied from interface: SecurityTeamsManager

Remove security admin role for given security team from user

Specified by:

removeAdmin in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

user -

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

UserNotExistsException

UserNotAdminException

RoleCannotBeManagedException

removeAdmin

public void removeAdmin(PerunSession sess,
 SecurityTeam securityTeam,
 Group group)
                 throws PrivilegeException,
SecurityTeamNotExistsException,
GroupNotExistsException,
GroupNotAdminException,
RoleCannotBeManagedException

Description copied from interface: SecurityTeamsManager

Remove security admin role for given security team from group

Specified by:

removeAdmin in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

group -

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

GroupNotExistsException

GroupNotAdminException

RoleCannotBeManagedException

removeUserFromBlacklist

public void removeUserFromBlacklist(PerunSession sess,
 SecurityTeam securityTeam,
 User user)
                             throws PrivilegeException,
SecurityTeamNotExistsException,
UserNotExistsException,
UserAlreadyRemovedException

Description copied from interface: SecurityTeamsManager

remove user from blacklist of given security team

Specified by:

removeUserFromBlacklist in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

user - user who will became a security administrator

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

UserNotExistsException

UserAlreadyRemovedException

setPerunBl

public void setPerunBl(PerunBl perunBl)

setSecurityTeamsManagerBl

public void setSecurityTeamsManagerBl(SecurityTeamsManagerBl securityTeamsManagerBl)

updateSecurityTeam

public SecurityTeam updateSecurityTeam(PerunSession sess,
 SecurityTeam securityTeam)
                                throws PrivilegeException,
SecurityTeamNotExistsException,
SecurityTeamExistsException

Description copied from interface: SecurityTeamsManager

Updates SecurityTeam.

Specified by:

updateSecurityTeam in interface SecurityTeamsManager

Parameters:

sess -

securityTeam -

Returns:

returns updated SecurityTeam

Throws:

PrivilegeException - Can do only PerunAdmin or SecurityAdmin of the SecurityTeam

SecurityTeamNotExistsException

SecurityTeamExistsException