Class UsersManagerEntry
- All Implemented Interfaces:
UsersManager
- Author:
- Slavek Licehammer glory@ics.muni.cz, Sona Mastrakova
-
Field Summary
Fields inherited from interface cz.metacentrum.perun.core.api.UsersManager
USERS_QUERY
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addSpecificUserOwner
(PerunSession sess, User user, User specificUser) Add specificUser owner (the user) If not exists, create new ownership.addUserExtSource
(PerunSession sess, User user, UserExtSource userExtSource) Adds user's external sources.addUserExtSourceWithAttributes
(PerunSession sess, User user, UserExtSource userExtSource, List<Attribute> uesAttributes) Adds userExternalSource to the user along with the ues attributes.void
anonymizeUser
(PerunSession sess, User user, boolean force) Anonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted.void
blockLogins
(PerunSession sess, List<String> logins, String namespace) Block logins for given namespace or block logins globally (if no namespace is selected)void
changeEmail
(PerunSession sess, User user, String newEmail) Change user's email to email from user ext source.void
changeEmailCustom
(PerunSession sess, User user, String newEmail, String url, String lang, String path, String idp) Change user's email to custom email.void
changeName
(PerunSession sess, User user, String newUserName) Change user's name to user's name from user ext source.void
changeNameCustom
(PerunSession sess, User user, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Change user's name to custom name.void
changeNonAuthzPassword
(PerunSession sess, UUID token, String password, String lang) Changes user password in defined login-namespace based on token parameter.void
changeOrganization
(PerunSession sess, User user, String newOrganizationName) Change organization from which user came to organization from user ext source.void
changeOrganizationCustom
(PerunSession sess, User user, String newOrganizationName) Change organization from which user came to custom organization.void
changePassword
(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) Changes user password in defined login-namespace.void
changePassword
(PerunSession sess, String login, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) Changes user password in defined login-namespace.changePasswordRandom
(PerunSession sess, User user, String loginNamespace) Generates new random password for given user and returns String representing HTML where is the new password.void
checkPasswordResetRequestIsValid
(PerunSession sess, UUID token) Checks if the password reset request is valid.void
checkPasswordStrength
(PerunSession sess, String password, String namespace, String login) Check password strength for the given namespace.void
createAlternativePassword
(PerunSession sess, User user, String description, String loginNamespace, String password) Creates alternative password in external system.createServiceUser
(PerunSession sess, Candidate candidate, List<User> owners) From given candidate, creates a service user and assign given owners to him.createUser
(PerunSession sess, User user) Deprecated.void
deleteAlternativePassword
(PerunSession sess, User user, String loginNamespace, String passwordId) Deletes alternative password in external system.void
deletePassword
(PerunSession sess, User user, String loginNamespace) Deletes password in external system.void
deletePassword
(PerunSession sess, String userLogin, String loginNamespace) Deletes password in external system.void
deleteUser
(PerunSession sess, User user) Deletes user.void
deleteUser
(PerunSession sess, User user, boolean forceDelete) Deletes user.findRichUsers
(PerunSession sess, String searchString) Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributes
(PerunSession sess, String searchString, List<String> attrNames) Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithAttributesByExactMatch
(PerunSession sess, String searchString, List<String> attrNames) Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins.findRichUsersWithoutSpecificVoWithAttributes
(PerunSession sess, Vo vo, String searchString, List<String> attrsName) Return list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.findUsers
(PerunSession sess, String searchString) Returns list of users who matches the searchString, searching name, id, uuid, email, logins.findUsersByExactName
(PerunSession sess, String searchString) Returns list of users who exactly matches the searchStringfindUsersByName
(PerunSession sess, String searchString) Returns list of users who matches the searchStringfindUsersByName
(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) Returns list of users who matches the fields.generateAccount
(PerunSession sess, String namespace, Map<String, String> parameters) Generate user account in a backend system associated with login-namespace in Perun.Returns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)getAllowedResources
(PerunSession sess, Facility facility, User user) Get all resources from the facility which have the user access on.getAllowedResources
(PerunSession sess, User user) Get all resources which have the user access on.getAllRichUsers
(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes
(PerunSession sess, boolean includedSpecificUsers) Get All richUsers with or without specificUsers.getAllRichUsersWithAttributes
(PerunSession sess, boolean includedSpecificUsers, List<String> attrsNames) Get All richUsers with or without specificUsers.getAssignedRichResources
(PerunSession sess, User user) Get all rich resources which have the user assigned.getAssociatedResources
(PerunSession sess, Facility facility, User user) Return all resources of specified facility with which user is associated through all his members.getBlockedLoginsPage
(PerunSession sess, BlockedLoginsPageQuery query) Get page of blocked logins.getGroupsWhereUserIsActive
(PerunSession sess, Facility facility, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and facilitygetGroupsWhereUserIsActive
(PerunSession sess, Resource resource, User user) Return all groups where user is active (has VALID status in VO and Group together) for specified user and resourcegetGroupsWhereUserIsAdmin
(PerunSession sess, User user) Returns list of Groups in Perun, where the User is a direct Administrator or he is VALID a member of any group which is Administrator of some of these Groups.getGroupsWhereUserIsAdmin
(PerunSession sess, Vo vo, User user) Returns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.getPendingPreferredEmailChanges
(PerunSession sess, User user) Return list of email addresses of user, which are awaiting validation and are inside time window for validation.getRelatedUserIdByBlockedLoginInNamespace
(PerunSession sess, String login, String namespace) Get user id of the user who was related to the given login in the pastgetRichGroupsWhereUserIsActive
(PerunSession sess, Facility facility, User user, List<String> attrNames) Return all groups where user is active (has VALID status in VO and Group together) for specified user and resourcegetRichGroupsWhereUserIsActive
(PerunSession sess, Resource resource, User user, List<String> attrNames) Return all RichGroups where user is active (has VALID status in VO and Group together) for specified user and resource with specified group attributes by their names (URNs).getRichUser
(PerunSession sess, User user) Get User to RichUser without attributes.getRichUserExtSources
(PerunSession sess, User user) Gets list of all user's external sources with attributes.getRichUserExtSources
(PerunSession sess, User user, List<String> attrsNames) Gets list of all user's external sources with attributes.getRichUsersByIds
(PerunSession sess, List<Integer> ids) Returns rich users without attributes by their ids.getRichUsersWithAttributesByIds
(PerunSession sess, List<Integer> ids) Returns rich users with attributes by their ids.Returns all RichUsers with attributes who are not member of any VO.getRichUsersWithoutVoWithAttributes
(PerunSession sess, List<String> attrsName) Returns list of RichUsers which are not members of any VO and with selected attributesgetRichUserWithAttributes
(PerunSession sess, User user) Get User to RichUser with attributes.getSpecificUsers
(PerunSession sess) Return all specific Users (only specific users)getSpecificUsersByUser
(PerunSession sess, User user) Return all specificUsers who are owned by the usergetSponsors
(PerunSession sess, Member member, List<String> attrNames) Deprecated.getSponsorsForMember
(PerunSession sess, Member member, List<String> attrNames) Gets list of users that sponsor the member, with attributes.getUnanonymizedUsersBySpecificUser
(PerunSession sess, User specificUser) Return all users who owns the specific one and are not anonymizedgetUserAssignments
(PerunSession sess, User user) Returns all assignments of the user, assignments being Facilities and Resources they are assigned to.getUserByExtSourceNameAndExtLogin
(PerunSession sess, String extSourceName, String extLogin) Get user by extSourceName and extSourceLogingetUserById
(PerunSession sess, int id) Returns user by his/her id.getUserByMember
(PerunSession sess, Member member) Returns user by VO member.getUserByUserExtSource
(PerunSession sess, UserExtSource userExtSource) Returns user by his login in external source and external source.getUserByUserExtSources
(PerunSession sess, List<UserExtSource> userExtSources) Returns user based on one of the userExtSource.getUserExtSourceByExtLogin
(PerunSession sess, ExtSource source, String extLogin) Gets user's external source by the user's external login and external source.getUserExtSourceById
(PerunSession sess, int id) Get the user ext source by its id.getUserExtSourceByUniqueAttributeValue
(PerunSession sess, int attrId, String uniqueValue) Return userExtSource for specific attribute definition (specified by id) and unique value.getUserExtSourceByUniqueAttributeValue
(PerunSession sess, String attrName, String uniqueValue) Return userExtSource for specific attribute definition (specified by name) and unique value.getUserExtSources
(PerunSession sess, User user) Gets list of all user's external sources of the user.getUserExtSourcesByIds
(PerunSession sess, List<Integer> ids) Get the user ext sources by their ids.getUserRelations
(PerunSession sess, User user) Gets map with 2 items which are a list of all vos and a list of all groups where given user is member filtered by principal's privileges.getUsers
(PerunSession sess) Returns all users (included specific users).getUsersByAttribute
(PerunSession sess, Attribute attribute) Returns all users who have set the attribute with the value.getUsersByAttribute
(PerunSession sess, String attributeName, String attributeValue) Returns all users who have set the attribute with the value.getUsersByAttributeValue
(PerunSession sess, String attributeName, String attributeValue) Returns all users who have the attribute with the value. attributeValue is not converted to the attribute type, it is always type of String.getUsersByIds
(PerunSession sess, List<Integer> ids) Returns existing users by their ids.getUsersBySpecificUser
(PerunSession sess, User specificUser) Return all users who owns the specific oneint
getUsersCount
(PerunSession sess) Get count of all users.Gets the usersManagerBl for this instance.getUsersPage
(PerunSession sess, UsersPageQuery query, List<String> attrNames) Get page of users with the given attributes.getUsersWithoutSpecificVo
(PerunSession sess, Vo vo, String searchString) Return list of users who matches the searchString, searching name, email and logins and are not member in specific VO.Returns all users who are not member of any VO.getVosWhereUserIsAdmin
(PerunSession sess, User user) Returns list of VOs, where the user is an Administrator.getVosWhereUserIsMember
(PerunSession sess, User user) Returns list of VOs, where the user is a member.boolean
isLoginAvailable
(PerunSession sess, String loginNamespace, String login) Checks if the login is available in the namespace.boolean
isLoginBlocked
(PerunSession sess, String login, boolean ignoreCase) Return true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not.boolean
isLoginBlockedForNamespace
(PerunSession sess, String login, String namespace, boolean ignoreCase) Return true if login is blocked for given namespace, false if not.boolean
isLoginBlockedGlobally
(PerunSession sess, String login) Return true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not.boolean
isUserPerunAdmin
(PerunSession sess, User user) Deprecated.boolean
loginExist
(PerunSession sess, User user, String loginNamespace) Check, if login exists in given login-namespace.void
moveUserExtSource
(PerunSession sess, User sourceUser, User targetUser, UserExtSource userExtSource) Take UserExtSource from sourceUser and move it to the targetUser.void
removeSpecificUserOwner
(PerunSession sess, User user, User specificUser) Remove specificUser owner (the user) Only disable ownership of user and specificUservoid
removeUserExtSource
(PerunSession sess, User user, UserExtSource userExtSource) Removes user's external source.void
removeUserExtSource
(PerunSession sess, User user, UserExtSource userExtSource, boolean forceDelete) Removes user's external source.void
removeUserExtSources
(PerunSession sess, User user, List<UserExtSource> userExtSources, boolean forceDelete) Removes user's external sources.void
requestPreferredEmailChange
(PerunSession sess, String url, User user, String email, String lang, String path, String idp) Request change of user's preferred email address.void
reservePassword
(PerunSession sess, User user, String loginNamespace, String password) Reserves the password in external system.void
reservePassword
(PerunSession sess, String userLogin, String loginNamespace, String password) Reserves the password in external system.void
reserveRandomPassword
(PerunSession sess, User user, String loginNamespace) Reserves random password in external system.void
setLogin
(PerunSession sess, User user, String loginNamespace, String login) Allow users to manually add login in supported namespace if same login is not reserved.void
setPerunBl
(PerunBl perunBl) Sets the perunBl for this instance.setSpecificUser
(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) Set specific user type for specific user and set ownership of this user for the owner.void
setUsersManagerBl
(UsersManagerBl usersManagerBl) Sets the usersManagerBl for this instance.void
unblockLogins
(PerunSession sess, List<String> logins, String namespace) Unblock logins for given namespace or unblock logins globally (if no namespace is selected)void
unblockLoginsById
(PerunSession sess, List<Integer> loginIds) Unblock logins by id globally, or in the namespace they were initially blocked.unsetSpecificUser
(PerunSession sess, User specificUser, SpecificUserType specificUserType) Remove all ownerships of this specific user and unset this specific user type from this specific user.updateNameTitles
(PerunSession sess, User user) Updates titles before/after name of user.updateUser
(PerunSession sess, User user) Updates users data in DB.updateUserExtSource
(PerunSession sess, UserExtSource userExtSource) Updates user's userExtSource in DB.void
updateUserExtSourceLastAccess
(PerunSession sess, UserExtSource userExtSource) Updates user's userExtSource last access time in DB.void
validatePassword
(PerunSession sess, User user, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.void
validatePassword
(PerunSession sess, String userLogin, String loginNamespace) Validates the password in external system and sets user extSources and extSource related attributes.validatePreferredEmailChange
(PerunSession sess, User user, UUID token) Validate change of user's preferred email address.void
validateSSHKey
(PerunSession sess, String sshKey) Validate ssh public key, throws exception if validation fails
-
Constructor Details
-
UsersManagerEntry
-
UsersManagerEntry
public UsersManagerEntry()
-
-
Method Details
-
addSpecificUserOwner
public void addSpecificUserOwner(PerunSession sess, User user, User specificUser) throws UserNotExistsException, PrivilegeException, SpecificUserExpectedException, NotSpecificUserExpectedException, RelationExistsException Description copied from interface:UsersManager
Add specificUser owner (the user) If not exists, create new ownership. If exists, only enable ownership for user and specificUser- Specified by:
addSpecificUserOwner
in interfaceUsersManager
- Parameters:
sess
-user
- the userspecificUser
- the specificUser- Throws:
UserNotExistsException
PrivilegeException
SpecificUserExpectedException
- when the specificUser is not really specific user (is it normal user)NotSpecificUserExpectedException
- when the user is specific UserRelationExistsException
- If there is such user (the user) who try to add
-
addUserExtSource
public UserExtSource addUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) throws UserNotExistsException, PrivilegeException, UserExtSourceExistsException Description copied from interface:UsersManager
Adds user's external sources.- Specified by:
addUserExtSource
in interfaceUsersManager
- Parameters:
sess
-user
-userExtSource
-- Returns:
- user external auth object with newly generated ID
- Throws:
UserNotExistsException
PrivilegeException
UserExtSourceExistsException
-
addUserExtSourceWithAttributes
public RichUserExtSource addUserExtSourceWithAttributes(PerunSession sess, User user, UserExtSource userExtSource, List<Attribute> uesAttributes) throws UserNotExistsException, UserExtSourceExistsException, PrivilegeException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException, UserExtSourceNotExistsException, AttributeNotExistsException, WrongAttributeValueException Description copied from interface:UsersManager
Adds userExternalSource to the user along with the ues attributes.- Specified by:
addUserExtSourceWithAttributes
in interfaceUsersManager
- Parameters:
sess
-user
- user to assign the userExtSource touserExtSource
- the UserExtSource to be createduesAttributes
- the Attributes to be set to the userExtSource- Returns:
- the newly created ues along with its attributes as RichUserExtSource
- Throws:
UserNotExistsException
UserExtSourceExistsException
PrivilegeException
WrongAttributeAssignmentException
WrongReferenceAttributeValueException
UserExtSourceNotExistsException
AttributeNotExistsException
WrongAttributeValueException
-
anonymizeUser
public void anonymizeUser(PerunSession sess, User user, boolean force) throws UserNotExistsException, PrivilegeException, RelationExistsException, AnonymizationNotSupportedException Description copied from interface:UsersManager
Anonymizes user - according to configuration, each of user's attributes is either anonymized, kept untouched or deleted. Also deletes other user's related data, e.g. authorships of users publications, mail change and password reset requests, bans... If force is true then also removes associated members.- Specified by:
anonymizeUser
in interfaceUsersManager
- Parameters:
sess
-user
-force
-- Throws:
UserNotExistsException
- if the user doesn't existPrivilegeException
- if the method isn't called by perun adminRelationExistsException
- if the user has some members assignedAnonymizationNotSupportedException
- if an attribute should be anonymized but its module doesn't specify the anonymization process or if the anonymization is not supported at this instance
-
blockLogins
public void blockLogins(PerunSession sess, List<String> logins, String namespace) throws PrivilegeException, LoginIsAlreadyBlockedException, LoginExistsException Description copied from interface:UsersManager
Block logins for given namespace or block logins globally (if no namespace is selected)- Specified by:
blockLogins
in interfaceUsersManager
- Parameters:
sess
-logins
- list of logins to be blockednamespace
- namespace where the logins should be blocked (null means block the logins globally)- Throws:
LoginIsAlreadyBlockedException
LoginExistsException
PrivilegeException
-
changeNonAuthzPassword
public void changeNonAuthzPassword(PerunSession sess, UUID token, String password, String lang) throws UserNotExistsException, LoginNotExistsException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException, PasswordResetLinkExpiredException, PasswordResetLinkNotValidException Description copied from interface:UsersManager
Changes user password in defined login-namespace based on token parameter.- Specified by:
changeNonAuthzPassword
in interfaceUsersManager
- Parameters:
sess
-token
- token for the password reset requestpassword
- new passwordlang
- language to get notification in- Throws:
UserNotExistsException
- When the user who requested the password reset doesn't existLoginNotExistsException
- When user doesn't have login in specified namespacePasswordChangeFailedException
- When password change failedPasswordOperationTimeoutException
- When password change timed outInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordStrengthException
- When password doesn't match expected strength by namespace configurationPasswordResetLinkExpiredException
- When the password reset request expiredPasswordResetLinkNotValidException
- When the password reset request was already used or has never existedPasswordStrengthFailedException
-
changePassword
public void changePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws PrivilegeException, UserNotExistsException, LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManager
Changes user password in defined login-namespace. If checkOldPassword is true, then ask authentication system if old password is correct.- Specified by:
changePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User requesting password changeloginNamespace
- Login-namespace to change password inoldPassword
- Old passwordnewPassword
- New passwordcheckOldPassword
- If true, validates old password- Throws:
PrivilegeException
UserNotExistsException
- When the user doesn't existLoginNotExistsException
- When user doesn't have login in specified namespacePasswordDoesntMatchException
- When old password does not matchPasswordChangeFailedException
PasswordOperationTimeoutException
PasswordStrengthFailedException
InvalidLoginException
PasswordStrengthException
-
changePassword
public void changePassword(PerunSession sess, String login, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws PrivilegeException, LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManager
Changes user password in defined login-namespace. If checkOldPassword is true, then ask authentication system if old password is correct.- Specified by:
changePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionlogin
- String representation of the userLoginloginNamespace
- Login-namespace to change password inoldPassword
- Old passwordnewPassword
- New passwordcheckOldPassword
- If true, validates old password- Throws:
PrivilegeException
LoginNotExistsException
- When user doesn't have login in specified namespacePasswordDoesntMatchException
- When old password does not matchPasswordChangeFailedException
PasswordOperationTimeoutException
PasswordStrengthFailedException
InvalidLoginException
PasswordStrengthException
-
changePasswordRandom
public String changePasswordRandom(PerunSession sess, User user, String loginNamespace) throws PrivilegeException, PasswordOperationTimeoutException, LoginNotExistsException, PasswordChangeFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManager
Generates new random password for given user and returns String representing HTML where is the new password.The HTML template is taken from entityless attribute randomPwdResetTemplate and the loginNamespace is used as a key.
- Specified by:
changePasswordRandom
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- userloginNamespace
- login namespace- Returns:
- String representing HTML with data about new generated password
- Throws:
PrivilegeException
PasswordOperationTimeoutException
LoginNotExistsException
PasswordChangeFailedException
InvalidLoginException
PasswordStrengthException
-
checkPasswordResetRequestIsValid
public void checkPasswordResetRequestIsValid(PerunSession sess, UUID token) throws PasswordResetLinkExpiredException, PasswordResetLinkNotValidException Description copied from interface:UsersManager
Checks if the password reset request is valid. The request is valid, if it was created, never used and hasn't expired yet.- Specified by:
checkPasswordResetRequestIsValid
in interfaceUsersManager
- Parameters:
sess
-token
- token for the request to check- Throws:
PasswordResetLinkExpiredException
- when the reset link expiredPasswordResetLinkNotValidException
- when the reset link was already used or has never existed
-
checkPasswordStrength
public void checkPasswordStrength(PerunSession sess, String password, String namespace, String login) throws PasswordStrengthException Description copied from interface:UsersManager
Check password strength for the given namespace. If the password is too weak, the PasswordStrengthException is thrown- Specified by:
checkPasswordStrength
in interfaceUsersManager
- Parameters:
password
- password, that will be checkednamespace
- namespace, that will be used to check the strength of the passwordlogin
- login, which may be required for correct password strength check- Throws:
PasswordStrengthException
- When password doesn't match expected strength by namespace configuration
-
createAlternativePassword
public void createAlternativePassword(PerunSession sess, User user, String description, String loginNamespace, String password) throws PasswordCreationFailedException, PrivilegeException, UserNotExistsException, LoginNotExistsException, PasswordStrengthException Description copied from interface:UsersManager
Creates alternative password in external system.- Specified by:
createAlternativePassword
in interfaceUsersManager
- Parameters:
sess
-user
-description
- - description of a password (e.g. 'mobile phone', 'tablet', ...)loginNamespace
-password
- string representation of password- Throws:
PasswordCreationFailedException
PrivilegeException
UserNotExistsException
LoginNotExistsException
PasswordStrengthException
-
createServiceUser
public User createServiceUser(PerunSession sess, Candidate candidate, List<User> owners) throws PrivilegeException, WrongAttributeAssignmentException, UserExtSourceExistsException, WrongReferenceAttributeValueException, WrongAttributeValueException, AttributeNotExistsException, UserNotExistsException Description copied from interface:UsersManager
From given candidate, creates a service user and assign given owners to him. This method also checks if some of given userExtSources do exist. If so, this method throws a UserExtSourceExistsException. This method can also set only user-def and user-opt attributes for the given candidate.- Specified by:
createServiceUser
in interfaceUsersManager
- Parameters:
sess
- sessioncandidate
- candidateowners
- owners to be set for the new user- Returns:
- created service user
- Throws:
PrivilegeException
- insufficient permissionsWrongAttributeAssignmentException
- if some of the given attributes have unsupported namespaceUserExtSourceExistsException
- if some of the given UES already existWrongReferenceAttributeValueException
- if some of the given attribute value cannot be set because of some other attribute constraintWrongAttributeValueException
- if some of the given attribute value is invalidAttributeNotExistsException
- if some of the given attributes dont existUserNotExistsException
- if some of the given owners does not exist
-
createUser
Deprecated.Description copied from interface:UsersManager
Inserts user into DB.- Specified by:
createUser
in interfaceUsersManager
- Parameters:
sess
-user
-- Throws:
PrivilegeException
-
deleteAlternativePassword
public void deleteAlternativePassword(PerunSession sess, User user, String loginNamespace, String passwordId) throws UserNotExistsException, PasswordDeletionFailedException, PrivilegeException, LoginNotExistsException Description copied from interface:UsersManager
Deletes alternative password in external system.- Specified by:
deleteAlternativePassword
in interfaceUsersManager
- Parameters:
sess
-user
-loginNamespace
-passwordId
- passwords ID- Throws:
UserNotExistsException
PasswordDeletionFailedException
PrivilegeException
LoginNotExistsException
-
deletePassword
public void deletePassword(PerunSession sess, String userLogin, String loginNamespace) throws PrivilegeException, PasswordDeletionFailedException, LoginNotExistsException, PasswordOperationTimeoutException, InvalidLoginException Description copied from interface:UsersManager
Deletes password in external system. User must not exist.- Specified by:
deletePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuserLogin
- String representation of the userLoginloginNamespace
- Login-namespace to remove password in- Throws:
PrivilegeException
PasswordDeletionFailedException
LoginNotExistsException
- When user doesn't have login in specified namespacePasswordOperationTimeoutException
- When password change timed outInvalidLoginException
- When login of user has invalid syntax (is not allowed)
-
deletePassword
public void deletePassword(PerunSession sess, User user, String loginNamespace) throws PrivilegeException, UserNotExistsException, LoginNotExistsException, InvalidLoginException, PasswordOperationTimeoutException, PasswordDeletionFailedException Description copied from interface:UsersManager
Deletes password in external system. User must exist. User's login for specified namespace must exist in Perun.- Specified by:
deletePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User whose password is being removedloginNamespace
- Login-namespace to remove password in- Throws:
PrivilegeException
UserNotExistsException
- When the user doesn't existLoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
- When login of user has invalid syntax (is not allowed)PasswordOperationTimeoutException
- When password change timed outPasswordDeletionFailedException
-
deleteUser
public void deleteUser(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException, RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Description copied from interface:UsersManager
Deletes user.- Specified by:
deleteUser
in interfaceUsersManager
- Parameters:
sess
-user
-- Throws:
UserNotExistsException
PrivilegeException
RelationExistsException
- if user has some members assignedMemberAlreadyRemovedException
- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException
- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException
- if there are no rows affected by deleting specific user in DBDeletionNotSupportedException
- if the deletion of users is not supported
-
deleteUser
public void deleteUser(PerunSession sess, User user, boolean forceDelete) throws UserNotExistsException, PrivilegeException, RelationExistsException, MemberAlreadyRemovedException, UserAlreadyRemovedException, SpecificUserAlreadyRemovedException, DeletionNotSupportedException Description copied from interface:UsersManager
Deletes user. If forceDelete is true, then removes also associeted members.- Specified by:
deleteUser
in interfaceUsersManager
- Parameters:
sess
-user
-forceDelete
- if true, deletes also all members if they are assigned to the user- Throws:
UserNotExistsException
PrivilegeException
RelationExistsException
- if forceDelete is false and the user has some members assignedMemberAlreadyRemovedException
- if there is at least 1 member deleted but not affected by deleting from DBUserAlreadyRemovedException
- if there are no rows affected by deleting user in DBSpecificUserAlreadyRemovedException
- if there are no rows affected by deleting specific user in DBnDeletionNotSupportedException
- if the deletion of users is not supported
-
findRichUsers
public List<RichUser> findRichUsers(PerunSession sess, String searchString) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins.- Specified by:
findRichUsers
in interfaceUsersManager
- Parameters:
sess
-searchString
-- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
PrivilegeException
-
findRichUsersWithAttributes
public List<RichUser> findRichUsersWithAttributes(PerunSession sess, String searchString, List<String> attrNames) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins.- Specified by:
findRichUsersWithAttributes
in interfaceUsersManager
- Parameters:
sess
-searchString
-attrNames
-- Returns:
- list of RichUsers with selected attributes
- Throws:
UserNotExistsException
PrivilegeException
-
findRichUsersWithAttributesByExactMatch
public List<RichUser> findRichUsersWithAttributesByExactMatch(PerunSession sess, String searchString, List<String> attrNames) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of RichUsers with attributes who matches the searchString, searching name, id, uuid, email, logins. Name part is searched for exact match.- Specified by:
findRichUsersWithAttributesByExactMatch
in interfaceUsersManager
- Parameters:
sess
-searchString
-attrNames
-- Returns:
- list of RichUsers with selected attributes
- Throws:
UserNotExistsException
PrivilegeException
-
findRichUsersWithoutSpecificVoWithAttributes
public List<RichUser> findRichUsersWithoutSpecificVoWithAttributes(PerunSession sess, Vo vo, String searchString, List<String> attrsName) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Return list of RichUsers who matches the searchString, searching name, email and logins and are not member in specific VO and contain selected attributes.- Specified by:
findRichUsersWithoutSpecificVoWithAttributes
in interfaceUsersManager
- Parameters:
sess
-vo
-searchString
-attrsName
-- Returns:
- list of RichUsers
- Throws:
UserNotExistsException
PrivilegeException
-
findUsers
Description copied from interface:UsersManager
Returns list of users who matches the searchString, searching name, id, uuid, email, logins.- Specified by:
findUsers
in interfaceUsersManager
- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
PrivilegeException
-
findUsersByExactName
public List<User> findUsersByExactName(PerunSession sess, String searchString) throws PrivilegeException Description copied from interface:UsersManager
Returns list of users who exactly matches the searchString- Specified by:
findUsersByExactName
in interfaceUsersManager
- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
PrivilegeException
-
findUsersByName
Description copied from interface:UsersManager
Returns list of users who matches the searchString- Specified by:
findUsersByName
in interfaceUsersManager
- Parameters:
sess
-searchString
-- Returns:
- list of users
- Throws:
PrivilegeException
-
findUsersByName
public List<User> findUsersByName(PerunSession sess, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) throws PrivilegeException Description copied from interface:UsersManager
Returns list of users who matches the fields.- Specified by:
findUsersByName
in interfaceUsersManager
- Parameters:
sess
-titleBefore
-firstName
-middleName
-lastName
-titleAfter
-- Returns:
- list of users
- Throws:
PrivilegeException
-
generateAccount
public Map<String,String> generateAccount(PerunSession sess, String namespace, Map<String, String> parameters) throws PrivilegeException, PasswordStrengthExceptionDescription copied from interface:UsersManager
Generate user account in a backend system associated with login-namespace in Perun.This method consumes optional parameters map. Requirements are implementation-dependant for each login-namespace.
Returns map with 1: key=login-namespace attribute urn, value=generated login 2: rest of opt response attributes...
- Specified by:
generateAccount
in interfaceUsersManager
- Parameters:
sess
-namespace
- Namespace to generate account inparameters
- Optional parameters- Returns:
- Map of data from backed response
- Throws:
PrivilegeException
PasswordStrengthException
-
getAllBlockedLoginsInNamespaces
public List<BlockedLogin> getAllBlockedLoginsInNamespaces(PerunSession sess) throws PrivilegeException Description copied from interface:UsersManager
Returns all blocked logins in namespaces (if namespace is null, then this login is blocked globally)- Specified by:
getAllBlockedLoginsInNamespaces
in interfaceUsersManager
- Parameters:
sess
-- Returns:
- list of all blocked logins in namespaces
- Throws:
PrivilegeException
-
getAllRichUsers
public List<RichUser> getAllRichUsers(PerunSession sess, boolean includedSpecificUsers) throws PrivilegeException Description copied from interface:UsersManager
Get All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsers!!! This method get all RichUsers without Attributes !!!
- Specified by:
getAllRichUsers
in interfaceUsersManager
- Parameters:
sess
-includedSpecificUsers
- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
- Throws:
PrivilegeException
-
getAllRichUsersWithAttributes
public List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Get All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsersThis method get all RichUsers included Attributes.
- Specified by:
getAllRichUsersWithAttributes
in interfaceUsersManager
- Parameters:
sess
-includedSpecificUsers
- true or false if you want or dont want get specificUsers too- Returns:
- list of RichUsers
- Throws:
PrivilegeException
UserNotExistsException
-
getAllRichUsersWithAttributes
public List<RichUser> getAllRichUsersWithAttributes(PerunSession sess, boolean includedSpecificUsers, List<String> attrsNames) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Get All richUsers with or without specificUsers. If includedSpecificUsers is true, you got all Users included specificUsers If includedSpecificUsers is false, you get all Users without specificUsersThis method get all RichUsers included selected Attributes.
- Specified by:
getAllRichUsersWithAttributes
in interfaceUsersManager
- Parameters:
sess
-includedSpecificUsers
- true or false if you want or dont want get specificUsers tooattrsNames
-- Returns:
- list of RichUsers
- Throws:
PrivilegeException
UserNotExistsException
-
getAllowedResources
public List<Resource> getAllowedResources(PerunSession sess, Facility facility, User user) throws FacilityNotExistsException, UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Get all resources from the facility which have the user access on.- Specified by:
getAllowedResources
in interfaceUsersManager
- Parameters:
sess
-facility
-user
-- Returns:
- list of resources which have the user acess on
- Throws:
FacilityNotExistsException
UserNotExistsException
PrivilegeException
-
getAllowedResources
public List<Resource> getAllowedResources(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Get all resources which have the user access on.- Specified by:
getAllowedResources
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of resources which have the user acess on
- Throws:
UserNotExistsException
PrivilegeException
-
getUserAssignments
public Map<Facility,List<Resource>> getUserAssignments(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns all assignments of the user, assignments being Facilities and Resources they are assigned to.- Specified by:
getUserAssignments
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- user- Returns:
- the assignments
- Throws:
UserNotExistsException
- user does not existPrivilegeException
- insufficient rights
-
getAssignedRichResources
public List<RichResource> getAssignedRichResources(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Get all rich resources which have the user assigned.- Specified by:
getAssignedRichResources
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of rich resources which have the user assigned
- Throws:
UserNotExistsException
PrivilegeException
-
getAssociatedResources
public List<Resource> getAssociatedResources(PerunSession sess, Facility facility, User user) throws UserNotExistsException, FacilityNotExistsException, PrivilegeException Description copied from interface:UsersManager
Return all resources of specified facility with which user is associated through all his members. Does not require ACTIVE group-resource assignment.- Specified by:
getAssociatedResources
in interfaceUsersManager
- Parameters:
sess
-facility
-user
-- Returns:
- All resources with which user is associated
- Throws:
UserNotExistsException
FacilityNotExistsException
PrivilegeException
-
getBlockedLoginsPage
public Paginated<BlockedLogin> getBlockedLoginsPage(PerunSession sess, BlockedLoginsPageQuery query) throws PrivilegeException Description copied from interface:UsersManager
Get page of blocked logins.- Specified by:
getBlockedLoginsPage
in interfaceUsersManager
- Parameters:
sess
- sessionquery
- query with page information- Returns:
- page of requested blocked logins
- Throws:
PrivilegeException
-
getGroupsWhereUserIsActive
public List<Group> getGroupsWhereUserIsActive(PerunSession sess, Resource resource, User user) throws PrivilegeException Description copied from interface:UsersManager
Return all groups where user is active (has VALID status in VO and Group together) for specified user and resource- Specified by:
getGroupsWhereUserIsActive
in interfaceUsersManager
- Parameters:
sess
- PerunSessionresource
- Only groups assigned to this resource might be returneduser
- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified resource
- Throws:
PrivilegeException
-
getGroupsWhereUserIsActive
public List<Group> getGroupsWhereUserIsActive(PerunSession sess, Facility facility, User user) throws PrivilegeException Description copied from interface:UsersManager
Return all groups where user is active (has VALID status in VO and Group together) for specified user and facility- Specified by:
getGroupsWhereUserIsActive
in interfaceUsersManager
- Parameters:
sess
- PerunSessionfacility
- Only groups assigned to this facility (all its resources) might be returneduser
- Only groups where this user is VALID member might be returned- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified facility
- Throws:
PrivilegeException
-
getGroupsWhereUserIsAdmin
public List<Group> getGroupsWhereUserIsAdmin(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of Groups in Perun, where the User is a direct Administrator or he is VALID a member of any group which is Administrator of some of these Groups.- Specified by:
getGroupsWhereUserIsAdmin
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of Groups, where user or some of his groups is an Administrator
- Throws:
UserNotExistsException
PrivilegeException
-
getGroupsWhereUserIsAdmin
public List<Group> getGroupsWhereUserIsAdmin(PerunSession sess, Vo vo, User user) throws PrivilegeException, UserNotExistsException, VoNotExistsException Description copied from interface:UsersManager
Returns list of Groups in selected Vo, where the User is a direct Administrator or he is a VALID member of any group which is Administrator of some of these Groups.- Specified by:
getGroupsWhereUserIsAdmin
in interfaceUsersManager
- Parameters:
sess
-vo
- selected Vo under which we are looking for groupsuser
- manager of groups we are looking for- Returns:
- list of Groups, where user or some of his groups (in the Vo) is an Administrator
- Throws:
PrivilegeException
- user has no privileges to call this methodUserNotExistsException
- the user not exists in PerunVoNotExistsException
- the vo not exists in Perun
-
getPendingPreferredEmailChanges
public List<String> getPendingPreferredEmailChanges(PerunSession sess, User user) throws PrivilegeException, UserNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException Description copied from interface:UsersManager
Return list of email addresses of user, which are awaiting validation and are inside time window for validation.If there is no preferred email change request pending or requests are outside time window for validation, returns empty list.
- Specified by:
getPendingPreferredEmailChanges
in interfaceUsersManager
- Parameters:
sess
- PerunSessionuser
- User to check pending request for- Returns:
- List
user's email addresses pending validation - Throws:
PrivilegeException
UserNotExistsException
WrongAttributeAssignmentException
AttributeNotExistsException
-
getPerunBl
-
getRelatedUserIdByBlockedLoginInNamespace
public Integer getRelatedUserIdByBlockedLoginInNamespace(PerunSession sess, String login, String namespace) throws LoginIsNotBlockedException Description copied from interface:UsersManager
Get user id of the user who was related to the given login in the past- Specified by:
getRelatedUserIdByBlockedLoginInNamespace
in interfaceUsersManager
- Parameters:
sess
- sessionlogin
- blocked loginnamespace
- namespace where the login is blocked- Returns:
- user id or null if there is no related user id
- Throws:
LoginIsNotBlockedException
-
getRichGroupsWhereUserIsActive
public List<RichGroup> getRichGroupsWhereUserIsActive(PerunSession sess, Resource resource, User user, List<String> attrNames) throws PrivilegeException Description copied from interface:UsersManager
Return all RichGroups where user is active (has VALID status in VO and Group together) for specified user and resource with specified group attributes by their names (URNs).- Specified by:
getRichGroupsWhereUserIsActive
in interfaceUsersManager
- Parameters:
sess
- PerunSessionresource
- Only groups assigned to this resource might be returneduser
- Only groups where this user is VALID member might be returnedattrNames
- Names (URNs) of group attributes to get with each returned group- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified resource
- Throws:
PrivilegeException
-
getRichGroupsWhereUserIsActive
public List<RichGroup> getRichGroupsWhereUserIsActive(PerunSession sess, Facility facility, User user, List<String> attrNames) throws PrivilegeException Description copied from interface:UsersManager
Return all groups where user is active (has VALID status in VO and Group together) for specified user and resource- Specified by:
getRichGroupsWhereUserIsActive
in interfaceUsersManager
- Parameters:
sess
- PerunSessionfacility
- Only groups assigned to this facility (all its resources) might be returneduser
- Only groups where this user is VALID member might be returnedattrNames
- Names (URNs) of group attributes to get with each returned group- Returns:
- List of groups where user is active (is a VALID vo and group member) on specified facility
- Throws:
PrivilegeException
-
getRichUser
public RichUser getRichUser(PerunSession sess, User user) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Get User to RichUser without attributes.- Specified by:
getRichUser
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- RichUser
- Throws:
PrivilegeException
UserNotExistsException
-
getRichUserExtSources
public List<RichUserExtSource> getRichUserExtSources(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Gets list of all user's external sources with attributes.- Specified by:
getRichUserExtSources
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- user for which should be returned rich ext sources- Returns:
- list of user's external sources with attributes
- Throws:
UserNotExistsException
- if given user doesn't existPrivilegeException
- insufficient permissions
-
getRichUserExtSources
public List<RichUserExtSource> getRichUserExtSources(PerunSession sess, User user, List<String> attrsNames) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Gets list of all user's external sources with attributes. If any of the attribute names is incorrect then the value is silently skipped. If the attrsNames is null, then this method returns all ues attributes.- Specified by:
getRichUserExtSources
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- user for which should be returned rich ext sourcesattrsNames
- list of attribute names that should be found- Returns:
- list of user's external sources with attributes
- Throws:
UserNotExistsException
- if given user doesn't existPrivilegeException
- insufficient permissions
-
getRichUserWithAttributes
public RichUser getRichUserWithAttributes(PerunSession sess, User user) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Get User to RichUser with attributes.- Specified by:
getRichUserWithAttributes
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- RichUser
- Throws:
PrivilegeException
UserNotExistsException
-
getRichUsersByIds
public List<RichUser> getRichUsersByIds(PerunSession sess, List<Integer> ids) throws PrivilegeException Description copied from interface:UsersManager
Returns rich users without attributes by their ids.- Specified by:
getRichUsersByIds
in interfaceUsersManager
- Parameters:
sess
-ids
-- Returns:
- list of rich users with specified ids
- Throws:
PrivilegeException
-
getRichUsersWithAttributesByIds
public List<RichUser> getRichUsersWithAttributesByIds(PerunSession sess, List<Integer> ids) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Returns rich users with attributes by their ids.- Specified by:
getRichUsersWithAttributesByIds
in interfaceUsersManager
- Parameters:
sess
-ids
-- Returns:
- list of rich users with specified ids
- Throws:
PrivilegeException
UserNotExistsException
-
getRichUsersWithoutVoAssigned
public List<RichUser> getRichUsersWithoutVoAssigned(PerunSession sess) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns all RichUsers with attributes who are not member of any VO.- Specified by:
getRichUsersWithoutVoAssigned
in interfaceUsersManager
- Parameters:
sess
-- Returns:
- list of richUsers who are not member of any VO
- Throws:
UserNotExistsException
PrivilegeException
-
getRichUsersWithoutVoWithAttributes
public List<RichUser> getRichUsersWithoutVoWithAttributes(PerunSession sess, List<String> attrsName) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of RichUsers which are not members of any VO and with selected attributes- Specified by:
getRichUsersWithoutVoWithAttributes
in interfaceUsersManager
- Parameters:
sess
-attrsName
-- Returns:
- list of RichUsers with selected attributes
- Throws:
UserNotExistsException
PrivilegeException
-
getSpecificUsers
Description copied from interface:UsersManager
Return all specific Users (only specific users)- Specified by:
getSpecificUsers
in interfaceUsersManager
- Parameters:
sess
-- Returns:
- list of all specific users in perun
- Throws:
PrivilegeException
-
getSpecificUsersByUser
public List<User> getSpecificUsersByUser(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException, NotSpecificUserExpectedException Description copied from interface:UsersManager
Return all specificUsers who are owned by the user- Specified by:
getSpecificUsersByUser
in interfaceUsersManager
- Parameters:
sess
-user
- the user- Returns:
- list of specific users who are owned by the user
- Throws:
UserNotExistsException
PrivilegeException
NotSpecificUserExpectedException
- when the user is service User
-
getSponsors
@Deprecated public List<RichUser> getSponsors(PerunSession sess, Member member, List<String> attrNames) throws PrivilegeException, UserNotExistsException Deprecated.Description copied from interface:UsersManager
Gets list of users that sponsor the member, with attributes.- Specified by:
getSponsors
in interfaceUsersManager
- Parameters:
sess
- Perun sessionmember
- member which is sponsoredattrNames
- list of attributes. if null or empty, returns all attributes- Returns:
- list of users which sponsor the member
- Throws:
PrivilegeException
UserNotExistsException
-
getSponsorsForMember
public List<Sponsor> getSponsorsForMember(PerunSession sess, Member member, List<String> attrNames) throws PrivilegeException Description copied from interface:UsersManager
Gets list of users that sponsor the member, with attributes.- Specified by:
getSponsorsForMember
in interfaceUsersManager
- Parameters:
sess
- Perun sessionmember
- member which is sponsoredattrNames
- list of attributes. if null or empty, returns all attributes- Returns:
- list of users which sponsor the member
- Throws:
PrivilegeException
- insufficient permissions
-
getUserByExtSourceNameAndExtLogin
public User getUserByExtSourceNameAndExtLogin(PerunSession sess, String extSourceName, String extLogin) throws ExtSourceNotExistsException, UserExtSourceNotExistsException, UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Get user by extSourceName and extSourceLogin- Specified by:
getUserByExtSourceNameAndExtLogin
in interfaceUsersManager
- Parameters:
sess
-extSourceName
-extLogin
-- Returns:
- user
- Throws:
ExtSourceNotExistsException
UserExtSourceNotExistsException
UserNotExistsException
PrivilegeException
-
getUserById
public User getUserById(PerunSession sess, int id) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns user by his/her id.- Specified by:
getUserById
in interfaceUsersManager
- Parameters:
sess
-id
-- Returns:
- user
- Throws:
UserNotExistsException
PrivilegeException
-
getUserByMember
public User getUserByMember(PerunSession sess, Member member) throws MemberNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns user by VO member.- Specified by:
getUserByMember
in interfaceUsersManager
- Parameters:
sess
-member
-- Returns:
- user
- Throws:
MemberNotExistsException
PrivilegeException
-
getUserByUserExtSource
public User getUserByUserExtSource(PerunSession sess, UserExtSource userExtSource) throws UserNotExistsException, UserExtSourceNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns user by his login in external source and external source.- Specified by:
getUserByUserExtSource
in interfaceUsersManager
- Parameters:
sess
-userExtSource
-- Returns:
- selected user or throws UserNotExistsException in case the user doesn't exists
- Throws:
UserNotExistsException
UserExtSourceNotExistsException
PrivilegeException
-
getUserByUserExtSources
public User getUserByUserExtSources(PerunSession sess, List<UserExtSource> userExtSources) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns user based on one of the userExtSource.- Specified by:
getUserByUserExtSources
in interfaceUsersManager
- Parameters:
sess
-userExtSources
-- Returns:
- user
- Throws:
UserNotExistsException
PrivilegeException
-
getUserExtSourceByExtLogin
public UserExtSource getUserExtSourceByExtLogin(PerunSession sess, ExtSource source, String extLogin) throws PrivilegeException, ExtSourceNotExistsException, UserExtSourceNotExistsException Description copied from interface:UsersManager
Gets user's external source by the user's external login and external source.- Specified by:
getUserExtSourceByExtLogin
in interfaceUsersManager
- Parameters:
sess
-source
-extLogin
-- Returns:
- user external source object
- Throws:
PrivilegeException
ExtSourceNotExistsException
UserExtSourceNotExistsException
-
getUserExtSourceById
public UserExtSource getUserExtSourceById(PerunSession sess, int id) throws UserExtSourceNotExistsException, PrivilegeException Description copied from interface:UsersManager
Get the user ext source by its id.- Specified by:
getUserExtSourceById
in interfaceUsersManager
- Parameters:
sess
-id
-- Returns:
- user external source for the id
- Throws:
UserExtSourceNotExistsException
PrivilegeException
-
getUserExtSourceByUniqueAttributeValue
public UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, int attrId, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException, PrivilegeException Description copied from interface:UsersManager
Return userExtSource for specific attribute definition (specified by id) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Specified by:
getUserExtSourceByUniqueAttributeValue
in interfaceUsersManager
- Parameters:
sess
- Perun sessionattrId
- attribute id used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue
- value used for searching- Returns:
- userExtSource found by attribute id and it's unique value
- Throws:
AttributeNotExistsException
- if attribute can't be found by it's idUserExtSourceNotExistsException
- if userExtSource can't be foundPrivilegeException
- if the principal does not have sufficient rights to call this method
-
getUserExtSourceByUniqueAttributeValue
public UserExtSource getUserExtSourceByUniqueAttributeValue(PerunSession sess, String attrName, String uniqueValue) throws AttributeNotExistsException, UserExtSourceNotExistsException, PrivilegeException Description copied from interface:UsersManager
Return userExtSource for specific attribute definition (specified by name) and unique value. If not found, throw and exception.It looks for exactly one value of the specific attribute type: - Integer -> exactly match - String -> exactly match - Map -> exactly match of "key=value" - ArrayList -> exactly match of one of the value
- Specified by:
getUserExtSourceByUniqueAttributeValue
in interfaceUsersManager
- Parameters:
sess
- Perun sessionattrName
- attribute name used for founding attribute definition which has to exists, be unique and in userExtSource namespaceuniqueValue
- value used for searching- Returns:
- userExtSource found by attribute name and it's unique value
- Throws:
AttributeNotExistsException
- if attribute can't be found by it's nameUserExtSourceNotExistsException
- if userExtSource can't be foundPrivilegeException
- if the principal does not have sufficient rights to call this method
-
getUserExtSources
public List<UserExtSource> getUserExtSources(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Gets list of all user's external sources of the user.- Specified by:
getUserExtSources
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of user's external sources
- Throws:
UserNotExistsException
PrivilegeException
-
getUserExtSourcesByIds
public List<UserExtSource> getUserExtSourcesByIds(PerunSession sess, List<Integer> ids) throws PrivilegeException Description copied from interface:UsersManager
Get the user ext sources by their ids.- Specified by:
getUserExtSourcesByIds
in interfaceUsersManager
- Parameters:
sess
-ids
-- Returns:
- list of user external sources with specified ids
- Throws:
PrivilegeException
-
getUsers
Description copied from interface:UsersManager
Returns all users (included specific users).- Specified by:
getUsers
in interfaceUsersManager
- Parameters:
sess
-- Returns:
- list of all users
- Throws:
PrivilegeException
-
getUsersByAttribute
public List<User> getUsersByAttribute(PerunSession sess, Attribute attribute) throws PrivilegeException Description copied from interface:UsersManager
Returns all users who have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getUsersByAttribute
in interfaceUsersManager
- Parameters:
sess
-attribute
-- Returns:
- list of users
- Throws:
PrivilegeException
-
getUsersByAttribute
public List<User> getUsersByAttribute(PerunSession sess, String attributeName, String attributeValue) throws PrivilegeException, AttributeNotExistsException Description copied from interface:UsersManager
Returns all users who have set the attribute with the value. Searching by attributeName. Searching only def and opt attributes. Can find only attributes with String Value by this way! (not Integer, Map or List)- Specified by:
getUsersByAttribute
in interfaceUsersManager
- Parameters:
sess
-attributeName
-attributeValue
-- Returns:
- list of users
- Throws:
PrivilegeException
AttributeNotExistsException
-
getUsersByAttributeValue
public List<User> getUsersByAttributeValue(PerunSession sess, String attributeName, String attributeValue) throws PrivilegeException, AttributeNotExistsException Description copied from interface:UsersManager
Returns all users who have the attribute with the value. attributeValue is not converted to the attribute type, it is always type of String.- Specified by:
getUsersByAttributeValue
in interfaceUsersManager
- Parameters:
sess
-attributeName
-attributeValue
-- Returns:
- list of users
- Throws:
PrivilegeException
AttributeNotExistsException
-
getUsersByIds
Description copied from interface:UsersManager
Returns existing users by their ids.- Specified by:
getUsersByIds
in interfaceUsersManager
- Parameters:
sess
-ids
-- Returns:
- list of users with specified ids
- Throws:
PrivilegeException
-
getUsersBySpecificUser
public List<User> getUsersBySpecificUser(PerunSession sess, User specificUser) throws UserNotExistsException, PrivilegeException, SpecificUserExpectedException Description copied from interface:UsersManager
Return all users who owns the specific one- Specified by:
getUsersBySpecificUser
in interfaceUsersManager
- Parameters:
sess
-specificUser
- the specific user- Returns:
- list of user who owns the specificUser
- Throws:
UserNotExistsException
PrivilegeException
SpecificUserExpectedException
- when the serviceUser is not really service user (is it normal user)
-
getUnanonymizedUsersBySpecificUser
public List<User> getUnanonymizedUsersBySpecificUser(PerunSession sess, User specificUser) throws UserNotExistsException, PrivilegeException, SpecificUserExpectedException Description copied from interface:UsersManager
Return all users who owns the specific one and are not anonymized- Specified by:
getUnanonymizedUsersBySpecificUser
in interfaceUsersManager
- Parameters:
sess
-specificUser
- the specific user- Returns:
- list of user who owns the specificUser
- Throws:
UserNotExistsException
PrivilegeException
SpecificUserExpectedException
- when the serviceUser is not really service user (is it normal user)
-
getUsersCount
Description copied from interface:UsersManager
Get count of all users.- Specified by:
getUsersCount
in interfaceUsersManager
- Parameters:
sess
- PerunSession- Returns:
- count of all users
-
getUsersManagerBl
Gets the usersManagerBl for this instance.- Returns:
- The usersManagerBl.
-
getUsersManagerImpl
-
getUsersPage
public Paginated<RichUser> getUsersPage(PerunSession sess, UsersPageQuery query, List<String> attrNames) throws PrivilegeException, ResourceNotExistsException, VoNotExistsException, FacilityNotExistsException, ServiceNotExistsException Description copied from interface:UsersManager
Get page of users with the given attributes.- Specified by:
getUsersPage
in interfaceUsersManager
- Parameters:
sess
- sessionquery
- query with page informationattrNames
- list of attribute names- Returns:
- page of requested rich users
- Throws:
ResourceNotExistsException
- if resource with id from query does not existVoNotExistsException
- if vo with id from query does not existFacilityNotExistsException
- if facility with id from query does not existServiceNotExistsException
- if service with id from query does not existPrivilegeException
-
getUsersWithoutSpecificVo
public List<User> getUsersWithoutSpecificVo(PerunSession sess, Vo vo, String searchString) throws VoNotExistsException, PrivilegeException Description copied from interface:UsersManager
Return list of users who matches the searchString, searching name, email and logins and are not member in specific VO.- Specified by:
getUsersWithoutSpecificVo
in interfaceUsersManager
- Parameters:
sess
-vo
-searchString
-- Returns:
- Throws:
VoNotExistsException
PrivilegeException
-
getUsersWithoutVoAssigned
Description copied from interface:UsersManager
Returns all users who are not member of any VO.- Specified by:
getUsersWithoutVoAssigned
in interfaceUsersManager
- Parameters:
sess
-- Returns:
- list of users who are not member of any VO
- Throws:
PrivilegeException
-
getVosWhereUserIsAdmin
public List<Vo> getVosWhereUserIsAdmin(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of VOs, where the user is an Administrator. Including VOs, where the user is a VALID member of authorized group.- Specified by:
getVosWhereUserIsAdmin
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of VOs, where the user is an Administrator.
- Throws:
UserNotExistsException
PrivilegeException
-
getVosWhereUserIsMember
public List<Vo> getVosWhereUserIsMember(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Returns list of VOs, where the user is a member.- Specified by:
getVosWhereUserIsMember
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- list of VOs, where the user is a member.
- Throws:
UserNotExistsException
PrivilegeException
-
isLoginAvailable
public boolean isLoginAvailable(PerunSession sess, String loginNamespace, String login) throws InvalidLoginException Description copied from interface:UsersManager
Checks if the login is available in the namespace. Returns FALSE is is already occupied, throws exception if value is not allowed.- Specified by:
isLoginAvailable
in interfaceUsersManager
- Parameters:
sess
-loginNamespace
- in which the login will be checked (provide only the name of the namespace, not the whole attribute name)login
- to be checked- Returns:
- true if login is available, false otherwise
- Throws:
InvalidLoginException
- When login to check has invalid syntax.
-
isLoginBlocked
public boolean isLoginBlocked(PerunSession sess, String login, boolean ignoreCase) throws PrivilegeException Description copied from interface:UsersManager
Return true if login is blocked (globally - for all namespaces per instance OR for some namespace), false if not. Globally banned logins are ALWAYS case-insensitive (ignoreCase value is not taken into account for them).- Specified by:
isLoginBlocked
in interfaceUsersManager
- Parameters:
sess
- sessionlogin
- login to checkignoreCase
- ignore case- Returns:
- true if login is blocked
- Throws:
PrivilegeException
-
isLoginBlockedForNamespace
public boolean isLoginBlockedForNamespace(PerunSession sess, String login, String namespace, boolean ignoreCase) throws PrivilegeException Description copied from interface:UsersManager
Return true if login is blocked for given namespace, false if not. When the namespace is null, then the method behaves like isLoginBlockedGlobally(), so it checks if the login is blocked globally. Globally banned logins are ALWAYS case-insensitive.- Specified by:
isLoginBlockedForNamespace
in interfaceUsersManager
- Parameters:
sess
- sessionlogin
- login to checknamespace
- namespace for loginignoreCase
- ignore case- Returns:
- true if login is blocked for given namespace (or globally for null namespace)
- Throws:
PrivilegeException
-
isLoginBlockedGlobally
Description copied from interface:UsersManager
Return true if login is blocked globally (for all namespaces per instance - represented by namespace = null), false if not. Globally banned logins are ALWAYS case-insensitive.- Specified by:
isLoginBlockedGlobally
in interfaceUsersManager
- Parameters:
sess
- sessionlogin
- login to check- Returns:
- true if login is blocked globally
- Throws:
PrivilegeException
-
isUserPerunAdmin
@Deprecated public boolean isUserPerunAdmin(PerunSession sess, User user) throws PrivilegeException, UserNotExistsException Deprecated.Description copied from interface:UsersManager
Returns true if the user is PERUNADMIN.- Specified by:
isUserPerunAdmin
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- true if the user is PERUNADMIN, false otherwise.
- Throws:
PrivilegeException
UserNotExistsException
-
loginExist
public boolean loginExist(PerunSession sess, User user, String loginNamespace) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Check, if login exists in given login-namespace. Not implemented for all namespaces.- Specified by:
loginExist
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User to check existence of login forloginNamespace
- Login-namespace to check it for- Returns:
- True if login exists, false otherwise
- Throws:
PrivilegeException
UserNotExistsException
- When the user doesn't exist
-
moveUserExtSource
public void moveUserExtSource(PerunSession sess, User sourceUser, User targetUser, UserExtSource userExtSource) throws UserExtSourceNotExistsException, UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Take UserExtSource from sourceUser and move it to the targetUser.It removes old UserExtSource with all it's attributes from sourceUser and creates and assigns the new one with the same settings to target user.
- Specified by:
moveUserExtSource
in interfaceUsersManager
- Parameters:
sess
-sourceUser
- user with UserExtSource to movetargetUser
- user for who will be UserExtSource moveduserExtSource
- the UserExtSource which will be moved from sourceUser to targetUser- Throws:
UserExtSourceNotExistsException
- UserExtSourceNotExists or is not assigned to sourceUserUserNotExistsException
- one of the users not existsPrivilegeException
-
removeSpecificUserOwner
public void removeSpecificUserOwner(PerunSession sess, User user, User specificUser) throws UserNotExistsException, PrivilegeException, SpecificUserExpectedException, NotSpecificUserExpectedException, RelationNotExistsException, SpecificUserOwnerAlreadyRemovedException Description copied from interface:UsersManager
Remove specificUser owner (the user) Only disable ownership of user and specificUser- Specified by:
removeSpecificUserOwner
in interfaceUsersManager
- Parameters:
sess
-user
- the userspecificUser
- the specificUser- Throws:
UserNotExistsException
PrivilegeException
SpecificUserExpectedException
- when the specific user is not really specific user (is it normal user)NotSpecificUserExpectedException
- when the user is specific UserRelationNotExistsException
- if there is no such user (the user) to removeSpecificUserOwnerAlreadyRemovedException
- if there are 0 rows affected by removing from DB
-
removeUserExtSource
public void removeUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) throws UserNotExistsException, UserExtSourceNotExistsException, PrivilegeException, UserExtSourceAlreadyRemovedException Description copied from interface:UsersManager
Removes user's external source.- Specified by:
removeUserExtSource
in interfaceUsersManager
- Parameters:
sess
-user
-userExtSource
-- Throws:
UserNotExistsException
UserExtSourceNotExistsException
PrivilegeException
UserExtSourceAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
removeUserExtSource
public void removeUserExtSource(PerunSession sess, User user, UserExtSource userExtSource, boolean forceDelete) throws UserNotExistsException, UserExtSourceNotExistsException, PrivilegeException, UserExtSourceAlreadyRemovedException Description copied from interface:UsersManager
Removes user's external source.- Specified by:
removeUserExtSource
in interfaceUsersManager
- Parameters:
sess
-user
-userExtSource
-forceDelete
- if true, persistent ExtSource is deleted too- Throws:
UserNotExistsException
UserExtSourceNotExistsException
PrivilegeException
UserExtSourceAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
removeUserExtSources
public void removeUserExtSources(PerunSession sess, User user, List<UserExtSource> userExtSources, boolean forceDelete) throws UserNotExistsException, UserExtSourceNotExistsException, PrivilegeException, UserExtSourceAlreadyRemovedException Description copied from interface:UsersManager
Removes user's external sources.- Specified by:
removeUserExtSources
in interfaceUsersManager
- Parameters:
sess
-user
-userExtSources
-forceDelete
- if true, persistent ExtSource is deleted too- Throws:
UserNotExistsException
UserExtSourceNotExistsException
PrivilegeException
UserExtSourceAlreadyRemovedException
- if there are 0 rows affected by deleting from DB
-
requestPreferredEmailChange
public void requestPreferredEmailChange(PerunSession sess, String url, User user, String email, String lang, String path, String idp) throws PrivilegeException, UserNotExistsException Description copied from interface:UsersManager
Request change of user's preferred email address. Change in attribute value is not done, until email address is verified by link in email notice. (urn:perun:user:attribute-def:def:preferredMail)- Specified by:
requestPreferredEmailChange
in interfaceUsersManager
- Parameters:
sess
- PerunSessionurl
- base URL of running perun instance passed from RPC.user
- User to request preferred email change foremail
- new email addresslang
- Language to get confirmation mail in (optional)path
- path that is appended to the url of the verification link (optional)idp
- authentication method appended to query parameters of verification link (optional)- Throws:
PrivilegeException
UserNotExistsException
-
reservePassword
public void reservePassword(PerunSession sess, String userLogin, String loginNamespace, String password) throws PrivilegeException, PasswordCreationFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManager
Reserves the password in external system. User must not exist.- Specified by:
reservePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuserLogin
- String representation of the userLoginloginNamespace
- Login-namespace to reserve password inpassword
- Password to be reserved- Throws:
PasswordCreationFailedException
InvalidLoginException
- When login of user has invalid syntax (is not allowed)PrivilegeException
PasswordOperationTimeoutException
PasswordStrengthFailedException
PasswordStrengthException
-
reservePassword
public void reservePassword(PerunSession sess, User user, String loginNamespace, String password) throws PrivilegeException, PasswordCreationFailedException, UserNotExistsException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException Description copied from interface:UsersManager
Reserves the password in external system. User must exist. User's login for specified namespace must exist in Perun.- Specified by:
reservePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User to reserve password forloginNamespace
- Login-namespace to reserve password inpassword
- Password to be reserved- Throws:
PrivilegeException
PasswordCreationFailedException
UserNotExistsException
- When the user doesn't existLoginNotExistsException
- When user doesn't have login in specified namespacePasswordOperationTimeoutException
PasswordStrengthFailedException
InvalidLoginException
PasswordStrengthException
-
reserveRandomPassword
public void reserveRandomPassword(PerunSession sess, User user, String loginNamespace) throws PasswordCreationFailedException, PrivilegeException, UserNotExistsException, LoginNotExistsException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException Description copied from interface:UsersManager
Reserves random password in external system. User must exist. User's login for specified namespace must exist in Perun.- Specified by:
reserveRandomPassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User to reserve password forloginNamespace
- Login-namespace to reserve password in- Throws:
PasswordCreationFailedException
UserNotExistsException
- When the user doesn't existLoginNotExistsException
- When user doesn't have login in specified namespacePrivilegeException
PasswordOperationTimeoutException
PasswordStrengthFailedException
InvalidLoginException
-
setLogin
public void setLogin(PerunSession sess, User user, String loginNamespace, String login) throws PrivilegeException, UserNotExistsException, LoginExistsException, InvalidLoginException Description copied from interface:UsersManager
Allow users to manually add login in supported namespace if same login is not reserved. Can be set only to own service or guest users => specific users.- Specified by:
setLogin
in interfaceUsersManager
- Parameters:
sess
-user
-loginNamespace
-login
-- Throws:
PrivilegeException
UserNotExistsException
LoginExistsException
InvalidLoginException
-
setPerunBl
Sets the perunBl for this instance.- Parameters:
perunBl
- The perunBl.
-
setSpecificUser
public User setSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType, User owner) throws RelationExistsException, UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Set specific user type for specific user and set ownership of this user for the owner.- Specified by:
setSpecificUser
in interfaceUsersManager
- Parameters:
sess
- perun sessionspecificUser
- specific userspecificUserType
- specific type of userowner
- user, who will be owner of the specific user- Returns:
- specific user with specific user type set
- Throws:
RelationExistsException
UserNotExistsException
PrivilegeException
-
setUsersManagerBl
Sets the usersManagerBl for this instance.- Parameters:
usersManagerBl
- The usersManagerBl.
-
unblockLogins
public void unblockLogins(PerunSession sess, List<String> logins, String namespace) throws PrivilegeException, LoginIsNotBlockedException Description copied from interface:UsersManager
Unblock logins for given namespace or unblock logins globally (if no namespace is selected)- Specified by:
unblockLogins
in interfaceUsersManager
- Parameters:
sess
-logins
- list of logins to be unblockednamespace
- namespace where the logins should be unblocked (null means unblock the logins globally)- Throws:
LoginIsNotBlockedException
PrivilegeException
-
unblockLoginsById
public void unblockLoginsById(PerunSession sess, List<Integer> loginIds) throws PrivilegeException, LoginIsNotBlockedException Description copied from interface:UsersManager
Unblock logins by id globally, or in the namespace they were initially blocked.- Specified by:
unblockLoginsById
in interfaceUsersManager
- Parameters:
sess
- sessionloginIds
- list of login ids- Throws:
PrivilegeException
- insufficient permissionsLoginIsNotBlockedException
- when login is not blocked
-
unsetSpecificUser
public User unsetSpecificUser(PerunSession sess, User specificUser, SpecificUserType specificUserType) throws UserNotExistsException, PrivilegeException, ServiceOnlyRoleAssignedException Description copied from interface:UsersManager
Remove all ownerships of this specific user and unset this specific user type from this specific user.- Specified by:
unsetSpecificUser
in interfaceUsersManager
- Parameters:
sess
- perun sessionspecificUser
- specific userspecificUserType
- specific type of user- Returns:
- user who is no more specific
- Throws:
UserNotExistsException
PrivilegeException
ServiceOnlyRoleAssignedException
- when trying to unset service flag from a user with service only role
-
updateNameTitles
public User updateNameTitles(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Updates titles before/after name of user.New titles must be set inside User object. Setting any title to null will remove title from name. Other user's properties are ignored.
- Specified by:
updateNameTitles
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- updated user with new titles before/after name
- Throws:
UserNotExistsException
PrivilegeException
-
updateUser
public User updateUser(PerunSession sess, User user) throws UserNotExistsException, PrivilegeException Description copied from interface:UsersManager
Updates users data in DB.- Specified by:
updateUser
in interfaceUsersManager
- Parameters:
sess
-user
-- Returns:
- updated user
- Throws:
UserNotExistsException
PrivilegeException
-
updateUserExtSource
public UserExtSource updateUserExtSource(PerunSession sess, UserExtSource userExtSource) throws UserExtSourceNotExistsException, UserExtSourceExistsException, PrivilegeException Description copied from interface:UsersManager
Updates user's userExtSource in DB. Login and LoA can be updated this way.- Specified by:
updateUserExtSource
in interfaceUsersManager
- Parameters:
sess
-userExtSource
-- Returns:
- updated userExtSource
- Throws:
UserExtSourceNotExistsException
- When UES by its ID doesn't existsUserExtSourceExistsException
- When UES with same login/extSource already exists.PrivilegeException
-
updateUserExtSourceLastAccess
public void updateUserExtSourceLastAccess(PerunSession sess, UserExtSource userExtSource) throws PrivilegeException, UserExtSourceNotExistsException Description copied from interface:UsersManager
Updates user's userExtSource last access time in DB. We can get information which userExtSource has been used as a last one.- Specified by:
updateUserExtSourceLastAccess
in interfaceUsersManager
- Parameters:
sess
-userExtSource
-- Throws:
PrivilegeException
UserExtSourceNotExistsException
-
validatePassword
public void validatePassword(PerunSession sess, String userLogin, String loginNamespace) throws PrivilegeException, PasswordCreationFailedException, InvalidLoginException Description copied from interface:UsersManager
Validates the password in external system and sets user extSources and extSource related attributes. User must not exist.- Specified by:
validatePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuserLogin
- String representation of the userLoginloginNamespace
- Login-namespace to validate password in- Throws:
PasswordCreationFailedException
InvalidLoginException
- When login of user has invalid syntax (is not allowed)PrivilegeException
-
validatePassword
public void validatePassword(PerunSession sess, User user, String loginNamespace) throws PrivilegeException, PasswordCreationFailedException, UserNotExistsException, LoginNotExistsException, InvalidLoginException Description copied from interface:UsersManager
Validates the password in external system and sets user extSources and extSource related attributes. User must exist. User's login for specified namespace must exist in Perun.- Specified by:
validatePassword
in interfaceUsersManager
- Parameters:
sess
- Perun sessionuser
- User whose password should being validatedloginNamespace
- Login-namespace to validate password in- Throws:
PrivilegeException
PasswordCreationFailedException
UserNotExistsException
- When the user doesn't existLoginNotExistsException
- When user doesn't have login in specified namespaceInvalidLoginException
-
validatePreferredEmailChange
public String validatePreferredEmailChange(PerunSession sess, User user, UUID token) throws PrivilegeException, UserNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeValueException Description copied from interface:UsersManager
Validate change of user's preferred email address. New email address is set as value of urn:perun:user:attribute-def:def:preferredMail attribute.- Specified by:
validatePreferredEmailChange
in interfaceUsersManager
- Parameters:
sess
- PerunSessionuser
- User to validate email address fortoken
- token for the email change request to validate- Returns:
- String return new preferred email
- Throws:
PrivilegeException
UserNotExistsException
WrongAttributeAssignmentException
AttributeNotExistsException
WrongReferenceAttributeValueException
WrongAttributeValueException
-
validateSSHKey
Description copied from interface:UsersManager
Validate ssh public key, throws exception if validation fails- Specified by:
validateSSHKey
in interfaceUsersManager
- Parameters:
sess
- sesssshKey
- ssh public key to verify- Throws:
SSHKeyNotValidException
- when validation fails
-
getUserRelations
public Map<String,List<PerunBean>> getUserRelations(PerunSession sess, User user) throws UserNotExistsException Description copied from interface:UsersManager
Gets map with 2 items which are a list of all vos and a list of all groups where given user is member filtered by principal's privileges.- Specified by:
getUserRelations
in interfaceUsersManager
- Parameters:
sess
- perun sessionuser
- user- Returns:
- Result map with lists of vos and groups where given user is member
- Throws:
UserNotExistsException
- If user does not exist.
-
changeOrganization
public void changeOrganization(PerunSession sess, User user, String newOrganizationName) throws UserNotExistsException, PrivilegeException, UserExtSourceNotExistsException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change organization from which user came to organization from user ext source.- Specified by:
changeOrganization
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usernewOrganizationName
- new organization name- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.UserExtSourceNotExistsException
- If user ext source with given organization name and required loa does not exist.PersonalDataChangeNotEnabledException
- If change of organization to organization from ues is not enabled.
-
changeOrganizationCustom
public void changeOrganizationCustom(PerunSession sess, User user, String newOrganizationName) throws UserNotExistsException, PrivilegeException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change organization from which user came to custom organization. If check from admin is required, then UserOrganizationChangeRequested audit log will be created. Otherwise, it will be set immediately.- Specified by:
changeOrganizationCustom
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usernewOrganizationName
- new organization name- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.PersonalDataChangeNotEnabledException
- If change of organization to custom organization is not enabled.
-
changeName
public void changeName(PerunSession sess, User user, String newUserName) throws UserNotExistsException, PrivilegeException, UserExtSourceNotExistsException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change user's name to user's name from user ext source.- Specified by:
changeName
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usernewUserName
- new user's name- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.UserExtSourceNotExistsException
- If user ext source with given user's name and required loa does not exist.PersonalDataChangeNotEnabledException
- If change of user's name to user's name from ues is not enabled.
-
changeNameCustom
public void changeNameCustom(PerunSession sess, User user, String titleBefore, String firstName, String middleName, String lastName, String titleAfter) throws UserNotExistsException, PrivilegeException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change user's name to custom name. If check from admin is required, then UserNameChangeRequest audit log will be created. Otherwise, it will be set immediately.- Specified by:
changeNameCustom
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usertitleBefore
- new title beforefirstName
- new first namemiddleName
- new middle namelastName
- new last nametitleAfter
- new title after- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.PersonalDataChangeNotEnabledException
- If change of user's name to custom name is not enabled.
-
changeEmail
public void changeEmail(PerunSession sess, User user, String newEmail) throws UserNotExistsException, PrivilegeException, UserExtSourceNotExistsException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change user's email to email from user ext source.- Specified by:
changeEmail
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usernewEmail
- new email- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.UserExtSourceNotExistsException
- If user ext source with given email and required loa does not exist.PersonalDataChangeNotEnabledException
- If change of user's email to email from ues is not enabled.
-
changeEmailCustom
public void changeEmailCustom(PerunSession sess, User user, String newEmail, String url, String lang, String path, String idp) throws UserNotExistsException, PrivilegeException, PersonalDataChangeNotEnabledException Description copied from interface:UsersManager
Change user's email to custom email. If verification is required, then verification email will be sent. Otherwise, it will be set immediately.- Specified by:
changeEmailCustom
in interfaceUsersManager
- Parameters:
sess
- sessionuser
- usernewEmail
- new emailurl
- base URL of running perun instance passed from RPC.lang
- Language to get confirmation mail in (optional)path
- path that is appended to the url of the verification link (optional)idp
- authentication method appended to query parameters of verification link (optional)- Throws:
UserNotExistsException
- If user does not exist.PrivilegeException
- if privileges are not given.PersonalDataChangeNotEnabledException
- If change of user's email to custom email is not enabled.
-