Package cz.metacentrum.perun.core.blImpl
Class GroupsManagerBlImpl
java.lang.Object
cz.metacentrum.perun.core.blImpl.GroupsManagerBlImpl
- All Implemented Interfaces:
GroupsManagerBl
GroupsManager business logic
- Author:
- Michal Prochazka michalp@ics.muni.cz, Slavek Licehammer glory@ics.muni.cz
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionGroupsManagerBlImpl(GroupsManagerImplApi groupsManagerImpl) Create new instance of this class. -
Method Summary
Modifier and TypeMethodDescriptionprotected voidaddDirectMember(PerunSession sess, Group group, Member member) Add a record of the member with a DIRECT membership type to the group.voidaddGroupsToAutoRegistration(PerunSession sess, List<Group> groups) Adds groups to a list of groups which can be registered into during vo registration.voidaddGroupsToAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Adds groups to a list of groups which can be registered into during vo or group registration.addIndirectMembers(PerunSession sess, Group group, List<Member> members, int sourceGroupId) Add records of the members with an INDIRECT membership type to the group.voidaddMember(PerunSession sess, Group group, Member member) Adds member of the VO to the group in the same VO.voidaddMember(PerunSession sess, List<Group> groups, Member member) Adds member of the VO to the groups in the same VO.voidaddMembers(PerunSession sess, Group group, List<Member> members) Adds members of the VO to the group in the same VO.voidaddMemberToMembersGroup(PerunSession sess, Group group, Member member) Special addMember which is able to add members into the members and administrators group.voidaddMissingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<String> skippedMembers) Get new candidate and add him to the Group.voidaddRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.voidallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Sets flag required for including group to parent vo in a vo hierarchy.booleancanExtendMembershipInGroup(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or if no rules were set for the membershipExpirationbooleancanExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) Returns true if member in given group can extend membership or throws exception with reason why use can't extends membershipvoidcheckGroupExists(PerunSession sess, Group group) convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning).convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups) This method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributesconvertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) This method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups) This method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributesconvertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) This method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped).convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups) This method takes list of groups and creates list of RichGroups containing all attributesconvertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups, List<String> attrNames) This method takes list of groups and creates list of RichGroups containing selected attributesconvertGroupToRichGroupWithAttributes(PerunSession sess, Group group) This method takes group and creates RichGroup containing all attributesconvertGroupToRichGroupWithAttributesByName(PerunSession sess, Group group, List<String> attrNames) This method takes group and creates RichGroup containing selected attributesconvertToEnrichedGroup(PerunSession sess, Group group, List<String> attrNames) Creates enrichedGroup from given group and load attributes with given names.voidcopyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) Copies direct members from one group to other groups in the same VO.createGroup(PerunSession sess, Group parentGroup, Group group) Creates a new subgroup of the existing group.createGroup(PerunSession sess, Vo vo, Group group) Creates a new top-level group and associates it with the VO from parameter.createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Performs union operation on two groups.voiddeleteAllGroups(PerunSession sess, Vo vo) Deletes all groups under the VO except built-in groups (members, admins groups).voiddeleteGroup(PerunSession sess, Group group, boolean forceDelete) If forceDelete is false, delete only group and if this group has members or subgroups, throw an exception.voiddeleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) Delete all groups in list from perun.voiddeleteGroupsFromAutoRegistration(PerunSession sess, List<Group> groups) Deletes groups from a list of groups which can be registered into during vo registration.voiddeleteGroupsFromAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) Deletes groups from a list of groups which can be registered into during vo or group registration.voiddeleteMembersGroup(PerunSession sess, Vo vo) Deletes built-in members group.voiddisallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Unsets flag required for including group to parent vo in a vo hierarchyvoidexpireMemberInGroup(PerunSession sess, Member member, Group group) Set member's status in given group to EXPIREDvoidextendMembershipInGroup(PerunSession sess, Member member, Group group) Extend member membership in given group using membershipExpirationRules attribute defined in Group.filterMembersByMembershipTypeInGroup(List<Member> members) This method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target listfilterOnlyAllowedAttributes(PerunSession sess, EnrichedGroup enrichedGroup) For enrichedGroup filter all its group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes(PerunSession sess, RichGroup richGroup) For richGroup filter all his group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) For list of richGroups filter all their group attributes and remove all which principal has no access to.voidforceAllSubGroupsSynchronization(PerunSession sess, Group group) Force synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)voidforceGroupStructureSynchronization(PerunSession sess, Group group) Synchronize the group structure with an external group structure.voidforceGroupSynchronization(PerunSession sess, Group group) Synchronize the group with external group.getActiveGroupMembers(PerunSession sess, Group group) Return all members of the group who are active (valid) in the group.getActiveGroupMembers(PerunSession sess, Group group, Status status) Return all members of the group who are active (valid) in the group and have specific status in the Vo.getAdminGroups(PerunSession sess, Group group) Gets list of all group administrators of this group.getAdmins(PerunSession sess, Group group) Deprecated.getAdmins(PerunSession perunSession, Group group, boolean onlyDirectAdmins) Gets list of all administrators of this group.Returns all groups which can be included to VO.getAllAllowedGroupsToHierarchicalVo(PerunSession sess, Vo vo, Vo memberVo) Returns groups which can be included to VO from specific member VO.getAllGroups(PerunSession sess) Get all groups from all vos.getAllGroups(PerunSession sess, Vo vo) Get all groups of the VO.Returns all groups which can be registered into during any vo registration.getAllGroupsWhereMemberIsActive(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Included members group.getAllGroupsWithHierarchy(PerunSession sess, Vo vo) Get all groups of the VO stored in the map reflecting the hierarchy.getAllMemberGroups(PerunSession sess, Member member) Return all member's groups.getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichGroups containing selected attributes filtered by role and its typegetAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Returns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)getAllSubGroups(PerunSession sess, Group parentGroup) Get all subgroups of the parentGroup recursively.getAssignedGroupsToFacility(PerunSession sess, Facility facility) Return list of assigned groups on all facility resources (without subgroups unless they are assigned too)getAssignedGroupsToResource(PerunSession sess, Resource resource) Return list of assigned groups on the resource (without subgroups unless they are assigned too)getAssignedGroupsToResource(PerunSession sess, Resource resource, boolean withSubGroups) Return list of assigned groups on the resource.getAssignedGroupsToResource(PerunSession sess, Resource resource, Member member) Return list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific membergetAssociatedGroupsToFacility(PerunSession sess, Facility facility) Return list of all associated groups from all facility resources (does not require ACTIVE group-resource status)getAssociatedGroupsToResource(PerunSession sess, Resource resource) Return list of assigned groups on the resource.getAssociatedGroupsToResource(PerunSession sess, Resource resource, Member member) Return list of groups associated with the resource with specified member.getDirectAdmins(PerunSession sess, Group group) Deprecated.getDirectMemberGroupStatus(PerunSession session, Member member, Group group) Returns members direct status in given group.getDirectRichAdmins(PerunSession perunSession, Group group) Deprecated.getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getFacilitiesWhereGroupIsAdmin(PerunSession perunSession, Group group) Get list of facilities where the given group is given the admin role.getGroupById(PerunSession sess, int id) Search for the group with specified id in all VOs.getGroupByName(PerunSession sess, Vo vo, String name) Search for the group with specified name in specified VO.getGroupDirectMembers(PerunSession sess, Group group) Return all direct group members.intgetGroupDirectMembersCount(PerunSession sess, Group group) Returns count of direct members in the groupgetGroupDirectRichMembers(PerunSession sess, Group group) Returns direct group members in the RichMember object, which contains Member+User data.getGroupMemberById(PerunSession sess, Group group, int memberId) Get group member by member ID.getGroupMembers(PerunSession sess, Group group) Return all group members.getGroupMembers(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Return all members of the group who has specific status in the group and also specific status in the Vo.getGroupMembers(PerunSession sess, Group group, Status status) Return group members.intgetGroupMembersCount(PerunSession sess, Group group) getGroupMembersCountsByGroupStatus(PerunSession sess, Group group) Returns counts of group members by their group status.getGroupMembersCountsByVoStatus(PerunSession sess, Group group) Returns counts of group members by their status in VO.getGroupMembersExceptInvalid(PerunSession sess, Group group) Return only valid, suspended, expired and disabled group members.getGroupMembersExceptInvalidAndDisabled(PerunSession sess, Group group) Return only valid, suspended and expired group members.getGroupResourcePairsByAttribute(PerunSession sess, Attribute attribute) Returns all group-resource which have set the attribute with the value.getGroupRichMembers(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembers(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersExceptInvalid(PerunSession sess, Group group) Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes(PerunSession sess, Group group) Returns group members in the RichMember object, which contains Member+User data.getGroupRichMembersWithAttributes(PerunSession sess, Group group, Status status) Returns group members in the RichMember object, which contains Member+User data.Returns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.getGroups(PerunSession sess, Vo vo) Get all groups of users under the VO.getGroupsByAttribute(PerunSession sess, Attribute attribute) Returns all groups which have set the attribute with the value.getGroupsByIds(PerunSession sess, List<Integer> ids) Search for the groups with specified ids in all VOs.getGroupsByPerunBean(PerunSession sess, Facility facility) Returns list of groups connected with a facilitygetGroupsByPerunBean(PerunSession sess, Host host) Returns list of groups connected with a hostgetGroupsByPerunBean(PerunSession sess, Member member) Returns list of groups connected with a membergetGroupsByPerunBean(PerunSession sess, Resource resource) Returns list of groups connected with a resourcegetGroupsByPerunBean(PerunSession sess, User user) Returns list of groups connected with a usergetGroupsByPerunBean(PerunSession sess, Vo vo) Returns list of groups connected with a vointgetGroupsCount(PerunSession sess) Get count of all groups.intgetGroupsCount(PerunSession sess, Vo vo) getGroupsForAutoRegistration(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Returns all groups which can be registered into during group registration.getGroupsForAutoRegistration(PerunSession sess, Vo vo) Returns all groups which can be registered into during vo registration.getGroupsForAutoRegistration(PerunSession sess, Vo vo, ApplicationFormItem formItem) Returns all groups which can be registered into during vo registration.Gets the groupsManagerImpl for this instance.getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) Get page of groups from the given vo.Gets all groups which have enabled synchronization.getGroupsWhereGroupIsAdmin(PerunSession perunSession, Group group) Get list of groups where the given group is given the admin role.getGroupsWhereMemberIsActive(PerunSession sess, Member member) Returns all member's groups where member is in active state (is valid there) Excluded members group.getGroupsWhereMemberIsInactive(PerunSession sess, Member member) Returns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.getGroupsWhereUserIsActiveMember(PerunSession sess, User user, Vo vo) Returns groups in which the user is active member.getGroupsWithAssignedExtSourceInVo(PerunSession sess, ExtSource source, Vo vo) Get all groups in specific vo with assigned extSourcegetGroupUnions(PerunSession session, Group group, boolean reverseDirection) Get list of group unions for specified group.getGroupUsers(PerunSession perunSession, Group group) Return group users sorted by name.getInactiveGroupMembers(PerunSession sess, Group group) Return all members of the group who are inactive (expired) in the group.getInactiveGroupMembers(PerunSession sess, Group group, Status status) Return all members of the group who are inactive (expired) in the group and have specific status in the Vo.getIndirectMembershipPaths(PerunSession sess, Member member, Group group) Get unique paths of groups via which member is indirectly included to the group.getMemberDirectGroups(PerunSession sess, Member member) Get all groups (except member groups) where member has direct membership.getMemberGroups(PerunSession sess, Member member) Returns all members groups.getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) Method return list of groups for selected member which (groups) has set specific attribute.getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) Deprecated.getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Return all RichGroups for specified member, containing selected attributes filtered by role and its type.getParentGroup(PerunSession sess, Group group) Get parent group.getParentGroupMembers(PerunSession sess, Group group) Get members from parent group.getParentGroupRichMembers(PerunSession sess, Group group) Get members form the parent group in RichMember format.getParentGroupRichMembersWithAttributes(PerunSession sess, Group group) Get members form the parent group in RichMember format including user/member attributes.Gets the perunBl.getRichAdmins(PerunSession perunSession, Group group) Deprecated.getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) Gets list of all richUser administrators of this group.getRichAdminsWithAttributes(PerunSession perunSession, Group group) Deprecated.getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) Returns RichGroup selected by id containing selected attributesgetRichGroupsWithAttributesAssignedToResource(PerunSession sess, Member member, Resource resource, List<String> attrNames) Get list of all richGroups with selected attributes assigned to the resource filtered by specific member.getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Resource resource, List<String> attrNames) Get all RichGroups with selected attributes assigned to the resource.getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Returns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)getServiceGroupMembers(PerunSession sess, Group group) Return a list of all group members, who are service usersgetSubGroups(PerunSession sess, Group parentGroup) Get all subgroups of the parent group under the VO.intgetSubGroupsCount(PerunSession sess, Group parentGroup) Returns number of immediate subgroups of the parent group.getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Get page of subgroups from the given parent group.getTotalGroupStatusForMembers(PerunSession session, Group group, List<Member> members) Returns total member's status of given members in given group.getTotalMemberGroupStatus(PerunSession session, Member member, Group group) Returns total member's status in given group.getUserGroups(PerunSession perunSession, User user) Return groups where user is member.getUserGroups(PerunSession perunSession, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Return groups where user is member with allowed statuses in vo and group.getVo(PerunSession sess, Group group) Gets the Vo which is owner of the group.getVosWhereGroupIsAdmin(PerunSession perunSession, Group group) Get list of VOs where the given group is given the admin role.protected booleanhasCandidateExistingMember(Candidate candidate, RichMember richMember) Compare richMember userExtSources with Candidate's userExtSources, if some of the useExtSource fits.booleanhasGroupSynchronizedChild(PerunSession session, Group group) Check if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.voidinactivateMember(PerunSession sess, Member member, Group group) Inactivates member in group and sets its status to EXPIRED.booleanisAllowedGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) Returns flag representing if the group can be included in the (parent) vo's groupsbooleanisDirectGroupMember(PerunSession sess, Group group, Member member) Return true if Member is direct member of the GroupbooleanisGroupForAnyAutoRegistration(PerunSession sess, Group group) Check if group has automatic registration enabled in any form item.booleanisGroupForAutoRegistration(PerunSession sess, Group group, List<Integer> formItems) Check if group has automatic registration enabled in the given form item.booleanisGroupInStructureSynchronizationTree(PerunSession session, Group group) Check if the group or its subgroups are defined as synchronized from an external source at this moment.isGroupLastAdminInSomeFacility(PerunSession sess, Group group) Check whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does.isGroupLastAdminInSomeFacility(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do.isGroupLastAdminInSomeVo(PerunSession sess, Group group) Check whether the group supplies the last VOADMIN in some vo, return those vos in which it does.isGroupLastAdminInSomeVo(PerunSession sess, List<Group> groups) Check whether some of the groups supply the last VOADMIN in some vo, return the groups that do.booleanisGroupMember(PerunSession sess, Group group, Member member) Return true if Member is member of the GroupbooleanisGroupSynchronizedFromExternallSource(PerunSession session, Group group) Check if the group is defined as synchronized from an external source at this moment.booleanCheck if synchronizing groups is suspended.booleanisUserMemberOfGroup(PerunSession sess, User user, Group group) Checks whether the user is member of the group.voidmoveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) Move one group structure under another group in same vo or as top level groupvoidreactivateMember(PerunSession sess, Member member, Group group) Reactivates member in group and sets its status to VALID.voidrecalculateMemberGroupStatusRecursively(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatus) Calculates the state of given member in given group and if it differs from given 'previousState' calls this method recursively for all parent groups.voidremoveFormerMemberWhileSynchronization(PerunSession sess, Group group, RichMember memberToRemove, boolean isAuthoritative) Remove former member from group (if he is not listed in ExtSource).voidremoveGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) Removes a union relation between two groups.voidremoveMember(PerunSession sess, Group group, Member member) Removes member form the group.voidremoveMember(PerunSession sess, List<Group> groups, Member member) Removes member from groups.voidremoveMemberFromMembersOrAdministratorsGroup(PerunSession sess, Group group, Member member) Removes member from members or administrators group only.voidremoveMembers(PerunSession sess, Group group, List<Member> members) Removes members from the group.voidremoveRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) Method recalculates all relations between groups.voidsaveInformationAboutGroupStructureSynchronizationInNestedTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.voidsaveInformationAboutGroupStructureSynchronizationInNewTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) This method will set timestamp, state and exceptionMessage to group attributes for the group structure.voidsaveInformationAboutGroupSynchronizationInNestedTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.voidsaveInformationAboutGroupSynchronizationInNewTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) This method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group.searchForGroups(PerunSession sess, String searchString, boolean includeIDs) Similarity substring search in all groups based on name, shortname, description and optionally IDsearchForGroups(PerunSession sess, String searchString, Set<Integer> groupIds, Set<Integer> voIds, boolean includeIDs) Similarity substring search in provided groups based on name, shortname, description and optionally ID.voidsetPerunBl(PerunBl perunBl) voidsuspendGroupSynchronization(PerunSession sess, boolean suspend) Suspend synchronizing groups and their structures.synchronizeGroup(PerunSession sess, Group group) Synchronizes the group with the external group without checking if the synchronization is already in progress.voidStart and check threads with synchronization of groups.voidSynchronize all groups structures which have enabled group structure synchronization.synchronizeGroupStructure(PerunSession sess, Group baseGroup) Synchronize a group structure with an external source group structure under the group.voidupdateExistingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, RichMember memberToUpdate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<AttributeDefinition> attrDefs) Get candidate and corresponding memberToUpdate and update his attributes, extSources, expiration and status.updateGroup(PerunSession sess, Group group) Updates group by ID.updateParentGroupId(PerunSession sess, Group group) Updates parentGroupId.voidvalidateMemberInGroup(PerunSession sess, Member member, Group group) Set member's status in given group to VALID
-
Field Details
-
GROUP_LOGIN
- See Also:
-
PARENT_GROUP_LOGIN
- See Also:
-
GROUP_NAME
- See Also:
-
GROUP_DESCRIPTION
- See Also:
-
OVERWRITE_USER_ATTRIBUTES
- See Also:
-
MERGE_MEMBER_ATTRIBUTES
- See Also:
-
MERGE_GROUP_ATTRIBUTES
- See Also:
-
GROUP_SYNC_DEFAULT_DATA
-
-
Constructor Details
-
GroupsManagerBlImpl
Create new instance of this class.
-
-
Method Details
-
addDirectMember
protected void addDirectMember(PerunSession sess, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Add a record of the member with a DIRECT membership type to the group.- Parameters:
sess- perun sessiongroup- group to add member tomember- member to be added as DIRECT- Throws:
InternalErrorExceptionAlreadyMemberExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueExceptionGroupNotExistsException
-
addGroupsToAutoRegistration
public void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups) throws GroupNotAllowedToAutoRegistrationException Description copied from interface:GroupsManagerBlAdds groups to a list of groups which can be registered into during vo registration. This will NOT create empty application form for groups and will throw exception if none exists.- Specified by:
addGroupsToAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- list of groups- Throws:
GroupNotAllowedToAutoRegistrationException- if given group cannot be added to auto registration
-
addGroupsToAutoRegistration
public void addGroupsToAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws GroupNotAllowedToAutoRegistrationException, FormItemNotExistsException Description copied from interface:GroupsManagerBlAdds groups to a list of groups which can be registered into during vo or group registration. This will NOT create empty application form for groups and will throw exception if none exists.- Specified by:
addGroupsToAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- list of groupsformItem- application form item- Throws:
GroupNotAllowedToAutoRegistrationException- if given group cannot be added to auto registrationFormItemNotExistsException
-
addIndirectMembers
protected List<Member> addIndirectMembers(PerunSession sess, Group group, List<Member> members, int sourceGroupId) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException Add records of the members with an INDIRECT membership type to the group.- Parameters:
sess- perun sessiongroup- group to add members tomembers- list of members to add as INDIRECTsourceGroupId- id of a group from which members originate- Returns:
- list of members that were not members already
- Throws:
InternalErrorExceptionAlreadyMemberExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueException
-
addMember
public void addMember(PerunSession sess, Group group, Member member) throws WrongReferenceAttributeValueException, AlreadyMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlAdds member of the VO to the group in the same VO. But not to administrators and members group.- Specified by:
addMemberin interfaceGroupsManagerBl- Parameters:
sess-group-member-- Throws:
WrongReferenceAttributeValueExceptionAlreadyMemberExceptionWrongAttributeValueExceptionGroupNotExistsException
-
addMember
public void addMember(PerunSession sess, List<Group> groups, Member member) throws WrongReferenceAttributeValueException, AlreadyMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlAdds member of the VO to the groups in the same VO. But not to administrators and members group.- Specified by:
addMemberin interfaceGroupsManagerBl- Parameters:
sess-groups-member-- Throws:
WrongReferenceAttributeValueExceptionAlreadyMemberExceptionWrongAttributeValueExceptionGroupNotExistsException
-
addMemberToMembersGroup
public void addMemberToMembersGroup(PerunSession sess, Group group, Member member) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlSpecial addMember which is able to add members into the members and administrators group.- Specified by:
addMemberToMembersGroupin interfaceGroupsManagerBl- Parameters:
sess-group-member-- Throws:
AlreadyMemberExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueExceptionGroupNotExistsException
-
addMembers
public void addMembers(PerunSession sess, Group group, List<Member> members) throws AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlAdds members of the VO to the group in the same VO. But not to administrators and members group.- Specified by:
addMembersin interfaceGroupsManagerBl- Parameters:
sess-group-members-- Throws:
AlreadyMemberExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueExceptionGroupNotExistsException
-
addMissingMemberWhileSynchronization
public void addMissingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<String> skippedMembers) Description copied from interface:GroupsManagerBlGet new candidate and add him to the Group.If Candidate can't be added to Group, skip him and add this information to skippedMembers list.
When creating new member from Candidate, if user already exists, merge his attributes, if attribute exists in list of overwriteUserAttributesList, update it instead of merging.
This method runs in separate transaction.
- Specified by:
addMissingMemberWhileSynchronizationin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to be synchronizedcandidate- new member (candidate)overwriteUserAttributesList- list of attributes to be updated for user if foundmergeMemberAttributesList- list of attributes to be merged for member if foundskippedMembers- list of not successfully synchronized members
-
addRelationMembers
public void addRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws AlreadyMemberException, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlMethod recalculates all relations between groups. Method recursively adds members from groups and all their relations. The method is called in case of: 1) added relation 2) added member 3) group creation 4) group movement- Specified by:
addRelationMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessionresultGroup- group to which members are added or removed fromchangedMembers- list of changed members which is passed as argument to add indirect members method. List contains records of added indirect members from operand group.sourceGroupId- id of a group from which members originate- Throws:
AlreadyMemberExceptionWrongReferenceAttributeValueExceptionWrongAttributeValueExceptionGroupNotExistsException
-
allowGroupToHierarchicalVo
public void allowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException, RelationExistsException Description copied from interface:GroupsManagerBlSets flag required for including group to parent vo in a vo hierarchy.- Specified by:
allowGroupToHierarchicalVoin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Throws:
RelationNotExistsException- if group is not from parent vo's member vosRelationExistsException- if group is already allowed to be included to parent vo
-
canExtendMembershipInGroup
Description copied from interface:GroupsManagerBlReturns true if member in given group can extend membership or if no rules were set for the membershipExpiration- Specified by:
canExtendMembershipInGroupin interfaceGroupsManagerBl- Parameters:
sess- sessionmember- membergroup- group- Returns:
- true if given member can extend membership in given group or if no rules were set for the membership expiration, false otherwise
-
canExtendMembershipInGroupWithReason
public boolean canExtendMembershipInGroupWithReason(PerunSession sess, Member member, Group group) throws ExtendMembershipException Description copied from interface:GroupsManagerBlReturns true if member in given group can extend membership or throws exception with reason why use can't extends membership- Specified by:
canExtendMembershipInGroupWithReasonin interfaceGroupsManagerBl- Parameters:
sess- sessionmember- membergroup- group- Returns:
- true if given member can extend membership in given group or throws exception with reason why not
- Throws:
ExtendMembershipException- reason why user can't extend membership
-
checkGroupExists
- Specified by:
checkGroupExistsin interfaceGroupsManagerBl- Throws:
GroupNotExistsException
-
convertGroupToRichGroupWithAttributes
Description copied from interface:GroupsManagerBlThis method takes group and creates RichGroup containing all attributes- Specified by:
convertGroupToRichGroupWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- RichGroup
-
convertGroupToRichGroupWithAttributesByName
public RichGroup convertGroupToRichGroupWithAttributesByName(PerunSession sess, Group group, List<String> attrNames) Description copied from interface:GroupsManagerBlThis method takes group and creates RichGroup containing selected attributes- Specified by:
convertGroupToRichGroupWithAttributesByNamein interfaceGroupsManagerBl- Parameters:
sess-group-attrNames- list of selected attributes- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups) Description copied from interface:GroupsManagerBlThis method takes list of groups and creates list of RichGroups containing all attributes- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-groups- list of groups- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups) throws MemberGroupMismatchException Description copied from interface:GroupsManagerBlThis method takes list of groups and member and then creates list of RichGroups containing all group and member-group attributes- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-member- specified member which is assigned to groupsgroups- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
MemberGroupMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups) throws GroupResourceMismatchException Description copied from interface:GroupsManagerBlThis method takes list of groups and resource and then creates list of RichGroups containing all group and group-resource attributes- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-resource- specified resource to which are groups assignedgroups- list of groups- Returns:
- list of RichGroups with attributes
- Throws:
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, List<Group> groups, List<String> attrNames) Description copied from interface:GroupsManagerBlThis method takes list of groups and creates list of RichGroups containing selected attributes- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-groups- list of groupsattrNames- list of selected attributes- Returns:
- RichGroup
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException Description copied from interface:GroupsManagerBlThis method takes list of groups, resource and list of attrNames and then creates list of RichGroups containing all selected group and group-resource attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-resource-groups-attrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
GroupResourceMismatchException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, List<Group> groups, List<String> attrNames) throws MemberGroupMismatchException, MemberNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBlThis method takes list of groups, member and list of attrNames and then creates list of RichGroups containing all selected group and member-group attributes by list (attributes from other namespaces are skipped). If attribute is in the list, it can be return with empty value if it is not set.- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-member-groups-attrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
MemberGroupMismatchExceptionMemberNotExistsExceptionGroupNotExistsException
-
convertGroupsToRichGroupsWithAttributes
public List<RichGroup> convertGroupsToRichGroupsWithAttributes(PerunSession sess, Member member, Resource resource, List<Group> groups, List<String> attrNames) throws GroupResourceMismatchException, MemberGroupMismatchException Description copied from interface:GroupsManagerBlThis method takes list of groups, resource, member and list of attrNames and then creates list of RichGroups containing all selected group, group-resource and member-group attributes filtered by list (attributes from other namespaces are skipped without any warning). If attribute with correct namespace is in the list, it will be return even with empty value (if no value exists).- Specified by:
convertGroupsToRichGroupsWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-member- member to get member-resource and member-group attributes forresource- resource to get group-resource and member-resource attributes forgroups- to convert to richGroups and get group-resource and member-group attributes forattrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes
- Throws:
GroupResourceMismatchException- if group is not assigned to resourceMemberGroupMismatchException- if member is not in the same vo as group
-
convertToEnrichedGroup
Description copied from interface:GroupsManagerBlCreates enrichedGroup from given group and load attributes with given names. If the attrNames are null, all group attributes are added.- Specified by:
convertToEnrichedGroupin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- groupattrNames- names of attributes to return- Returns:
- EnrichedGroup for given group with desired attributes
-
copyMembers
public void copyMembers(PerunSession sess, Group sourceGroup, List<Group> destinationGroups, List<Member> members) throws WrongReferenceAttributeValueException, WrongAttributeValueException, MemberGroupMismatchException Description copied from interface:GroupsManagerBlCopies direct members from one group to other groups in the same VO. The members are copied without their member-group attributes. Copies all direct members if members list is empty or null.- Specified by:
copyMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessionsourceGroup- group to copy members fromdestinationGroups- groups to copy members tomembers- members to be copies- Throws:
WrongReferenceAttributeValueExceptionWrongAttributeValueExceptionMemberGroupMismatchException
-
createGroup
Description copied from interface:GroupsManagerBlCreates a new top-level group and associates it with the VO from parameter.For this method the new group has always same shortName like Name. Important: voId in object group is ignored
- Specified by:
createGroupin interfaceGroupsManagerBl- Parameters:
sess-vo- to associates group withgroup- new group with name without ":"- Returns:
- newly created top-level group
- Throws:
GroupExistsException
-
createGroup
public Group createGroup(PerunSession sess, Group parentGroup, Group group) throws GroupExistsException, GroupRelationNotAllowed, GroupRelationAlreadyExists Description copied from interface:GroupsManagerBlCreates a new subgroup of the existing group.- Specified by:
createGroupin interfaceGroupsManagerBl- Parameters:
sess-parentGroup-group- group.name must contain only shortName (without ":"). Hierarchy is defined by parentGroup parameter.- Returns:
- newly created sub group with full group.Name with ":"
- Throws:
GroupExistsExceptionGroupRelationNotAllowedGroupRelationAlreadyExists
-
createGroupUnion
public Group createGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotExistsException, GroupRelationAlreadyExists, GroupRelationNotAllowed, VoNotExistsException Description copied from interface:GroupsManagerBlPerforms union operation on two groups. Members from operand group are added to result group as indirect.- Specified by:
createGroupUnionin interfaceGroupsManagerBl- Parameters:
sess- perun sessionresultGroup- group to which members are addedoperandGroup- group from which members are takenparentFlag- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Returns:
- result group
- Throws:
WrongReferenceAttributeValueExceptionWrongAttributeValueExceptionGroupNotExistsExceptionGroupRelationAlreadyExistsGroupRelationNotAllowedVoNotExistsException
-
deleteAllGroups
public void deleteAllGroups(PerunSession sess, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBlDeletes all groups under the VO except built-in groups (members, admins groups).- Specified by:
deleteAllGroupsin interfaceGroupsManagerBl- Parameters:
sess-vo- VO- Throws:
GroupAlreadyRemovedExceptionGroupAlreadyRemovedFromResourceExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemoved
-
deleteGroup
public void deleteGroup(PerunSession sess, Group group, boolean forceDelete) throws RelationExistsException, GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBlIf forceDelete is false, delete only group and if this group has members or subgroups, throw an exception. If forceDelete is true, delete group with all subgroups, members and administrators, then delete this group.- Specified by:
deleteGroupin interfaceGroupsManagerBl- Parameters:
sess-group- group to deleteforceDelete- if forceDelete is false, delete group only if is empty and has no subgroups, if is true, delete anyway with all connections- Throws:
RelationExistsExceptionGroupAlreadyRemovedExceptionGroupAlreadyRemovedFromResourceExceptionGroupNotExistsExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemoved
-
deleteGroups
public void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBlDelete all groups in list from perun. (Except members group)If forceDelete is false, delete groups only if none of them (IN MOMENT OF DELETING) has subgroups and members, in other case throw exception. if forceDelete is true, delete groups with all subgroups and members.
Groups are deleted in order: from longest name to the shortest - ex: Group A:b:c will be deleted sooner than Group A:b etc. - reason for this: with group are deleted its subgroups too
Important: Groups can be from different VOs.
- Specified by:
deleteGroupsin interfaceGroupsManagerBl- Parameters:
perunSession-groups- list of groups to deletedforceDelete- if forceDelete is false, delete groups only if all of them have no subgroups and no members, if is true, delete anyway with all connections- Throws:
GroupAlreadyRemovedExceptionRelationExistsExceptionGroupAlreadyRemovedFromResourceExceptionGroupNotExistsExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemoved
-
deleteGroupsFromAutoRegistration
Description copied from interface:GroupsManagerBlDeletes groups from a list of groups which can be registered into during vo registration.- Specified by:
deleteGroupsFromAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- list of groups
-
deleteGroupsFromAutoRegistration
public void deleteGroupsFromAutoRegistration(PerunSession sess, List<Group> groups, ApplicationFormItem formItem) throws FormItemNotExistsException Description copied from interface:GroupsManagerBlDeletes groups from a list of groups which can be registered into during vo or group registration.- Specified by:
deleteGroupsFromAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- list of groupsformItem- application form item- Throws:
FormItemNotExistsException
-
deleteMembersGroup
public void deleteMembersGroup(PerunSession sess, Vo vo) throws GroupAlreadyRemovedException, GroupAlreadyRemovedFromResourceException, GroupNotExistsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved Description copied from interface:GroupsManagerBlDeletes built-in members group.- Specified by:
deleteMembersGroupin interfaceGroupsManagerBl- Parameters:
sess-vo-- Throws:
GroupAlreadyRemovedExceptionGroupAlreadyRemovedFromResourceExceptionGroupNotExistsExceptionGroupRelationDoesNotExistGroupRelationCannotBeRemoved
-
disallowGroupToHierarchicalVo
public void disallowGroupToHierarchicalVo(PerunSession sess, Group group, Vo vo) throws RelationNotExistsException Description copied from interface:GroupsManagerBlUnsets flag required for including group to parent vo in a vo hierarchy- Specified by:
disallowGroupToHierarchicalVoin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Throws:
RelationNotExistsException- if group is not allowed to be included in parent vo
-
expireMemberInGroup
Description copied from interface:GroupsManagerBlSet member's status in given group to EXPIRED- Specified by:
expireMemberInGroupin interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- member whose status will be changedgroup- group in which given member will be expired
-
extendMembershipInGroup
public void extendMembershipInGroup(PerunSession sess, Member member, Group group) throws ExtendMembershipException Description copied from interface:GroupsManagerBlExtend member membership in given group using membershipExpirationRules attribute defined in Group.- Specified by:
extendMembershipInGroupin interfaceGroupsManagerBl- Parameters:
sess- sessionmember- membergroup- group- Throws:
ExtendMembershipException- extend membership exception
-
filterMembersByMembershipTypeInGroup
Description copied from interface:GroupsManagerBlThis method take list of members (also with duplicit) and: 1] add all members with direct membership to target list 2] add all members with indirect membership who are not already in target list to the target list- Specified by:
filterMembersByMembershipTypeInGroupin interfaceGroupsManagerBl- Parameters:
members- list of members to filtering- Returns:
- filteredMembers list of members without duplicit after filtering
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBlFor richGroup filter all his group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributesin interfaceGroupsManagerBl- Parameters:
sess-richGroup-- Returns:
- richGroup with only allowed attributes
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBlFor list of richGroups filter all their group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributesin interfaceGroupsManagerBl- Parameters:
sess-richGroups-- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
public List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Resource resource, boolean useContext) Description copied from interface:GroupsManagerBlFor list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Specified by:
filterOnlyAllowedAttributesin interfaceGroupsManagerBl- Parameters:
sess-richGroups-resource- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
public List<RichGroup> filterOnlyAllowedAttributes(PerunSession sess, List<RichGroup> richGroups, Member member, Resource resource, boolean useContext) Description copied from interface:GroupsManagerBlFor list of richGroups filter all their group attributes and remove all which principal has no access to. Context usage is safe even for groups from different VOs.Context means same "combination of authz role for a group"+"attribute_urn (name)". Since privileges are resolved by roles on group and attribute type.
if useContext is true: every attribute is unique in a context of authz roles combination and its URN. So for each combination of users authz roles granted for the group, attributes with same URN has same privilege.
if useContext is false: every attribute is unique in context of group, which means every attribute for more groups need to be check separately, because for example groups can be from different vos where user has different authz (better authorization check, worse performance)
- Specified by:
filterOnlyAllowedAttributesin interfaceGroupsManagerBl- Parameters:
sess-richGroups-member- optional member param used for contextresource- optional resource param used for context- Returns:
- list of RichGroups with only allowed attributes
-
filterOnlyAllowedAttributes
Description copied from interface:GroupsManagerBlFor enrichedGroup filter all its group attributes and remove all which principal has no access to.- Specified by:
filterOnlyAllowedAttributesin interfaceGroupsManagerBl- Parameters:
sess-enrichedGroup-- Returns:
- enrichedGroup with only allowed attributes
-
forceAllSubGroupsSynchronization
Description copied from interface:GroupsManagerBlForce synchronization for all subgroups (recursively - whole tree) of the group (useful for group structure)- Specified by:
forceAllSubGroupsSynchronizationin interfaceGroupsManagerBl- Parameters:
sess-group- the group where all its subgroups will be forced to synchronize
-
forceGroupStructureSynchronization
public void forceGroupStructureSynchronization(PerunSession sess, Group group) throws GroupStructureSynchronizationAlreadyRunningException Description copied from interface:GroupsManagerBlSynchronize the group structure with an external group structure. It checks if the synchronization of the same group is already in progress.- Specified by:
forceGroupStructureSynchronizationin interfaceGroupsManagerBl- Parameters:
group- the group to be forced this way- Throws:
GroupStructureSynchronizationAlreadyRunningException
-
forceGroupSynchronization
public void forceGroupSynchronization(PerunSession sess, Group group) throws GroupSynchronizationAlreadyRunningException, GroupSynchronizationNotEnabledException Description copied from interface:GroupsManagerBlSynchronize the group with external group. It checks if the synchronization of the same group is already in progress.- Specified by:
forceGroupSynchronizationin interfaceGroupsManagerBl- Parameters:
sess-group-- Throws:
GroupSynchronizationAlreadyRunningException- when synchronization for the group is already runningGroupSynchronizationNotEnabledException- when group doesn't have synchronization enabled
-
getActiveGroupMembers
Description copied from interface:GroupsManagerBlReturn all members of the group who are active (valid) in the group.Do not return expired members of the group.
- Specified by:
getActiveGroupMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to get members from- Returns:
- list of active (valid) members
-
getActiveGroupMembers
Description copied from interface:GroupsManagerBlReturn all members of the group who are active (valid) in the group and have specific status in the Vo.Do not return expired members of the group.
- Specified by:
getActiveGroupMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to get members fromstatus- to get only members with this specific status in the Vo- Returns:
- list of active (valid) members with specific status in the Vo
-
getAdminGroups
Description copied from interface:GroupsManagerBlGets list of all group administrators of this group.- Specified by:
getAdminGroupsin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of group administrators
-
getAdmins
Description copied from interface:GroupsManagerBlGets list of all administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.If onlyDirectAdmins is true, return only direct users of the group for supported role.
Supported roles: GroupAdmin
- Specified by:
getAdminsin interfaceGroupsManagerBl- Parameters:
perunSession-group-onlyDirectAdmins- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of all user administrators of the given group for supported role
-
getAdmins
Deprecated.Description copied from interface:GroupsManagerBlGets list of all user administrators of this group. If some group is administrator of the given group, all members are included in the list.- Specified by:
getAdminsin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of administrators
-
getAllAllowedGroupsToHierarchicalVo
Description copied from interface:GroupsManagerBlReturns all groups which can be included to VO.- Specified by:
getAllAllowedGroupsToHierarchicalVoin interfaceGroupsManagerBl- Parameters:
sess- sessionvo- VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllAllowedGroupsToHierarchicalVo
Description copied from interface:GroupsManagerBlReturns groups which can be included to VO from specific member VO.- Specified by:
getAllAllowedGroupsToHierarchicalVoin interfaceGroupsManagerBl- Parameters:
sess- sessionvo- parent VOmemberVo- member VO- Returns:
- list of allowed groups to hierarchical VO
-
getAllGroups
Description copied from interface:GroupsManagerBlGet all groups from all vos.- Specified by:
getAllGroupsin interfaceGroupsManagerBl- Parameters:
sess- session- Returns:
- list of all groups
-
getAllGroups
Description copied from interface:GroupsManagerBlGet all groups of the VO.- Specified by:
getAllGroupsin interfaceGroupsManagerBl- Parameters:
sess-vo-- Returns:
- list of groups
-
getAllGroupsForAutoRegistration
Description copied from interface:GroupsManagerBlReturns all groups which can be registered into during any vo registration. This method serves only for migration to new functionality related to the new table.- Specified by:
getAllGroupsForAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- session- Returns:
- list of groups
-
getAllGroupsWhereMemberIsActive
Description copied from interface:GroupsManagerBlReturns all member's groups where member is in active state (is valid there) Included members group.- Specified by:
getAllGroupsWhereMemberIsActivein interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in active state (valid)
-
getAllGroupsWithHierarchy
Description copied from interface:GroupsManagerBlGet all groups of the VO stored in the map reflecting the hierarchy.- Specified by:
getAllGroupsWithHierarchyin interfaceGroupsManagerBl- Parameters:
sess-vo-- Returns:
- map of the groups hierarchically organized
-
getAllMemberGroups
Description copied from interface:GroupsManagerBlReturn all member's groups. Included members and administrators groups.- Specified by:
getAllMemberGroupsin interfaceGroupsManagerBl- Parameters:
sess-member-- Returns:
-
getAllRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBlReturns all RichGroups containing selected attributes- Specified by:
getAllRichGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess-vo-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getAllRichGroupsWithAttributesByNames
public List<RichGroup> getAllRichGroupsWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBlReturns all RichGroups containing selected attributes filtered by role and its type- Specified by:
getAllRichGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess- perun sessionvo- voattrNames- if attrNames is null method will return RichGroups containing all attributesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
-
getAllRichSubGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBlReturns all RichSubGroups from parentGroup containing selected attributes (all levels subgroups)- Specified by:
getAllRichSubGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess-parentGroup-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getAllRichSubGroupsWithAttributesByNames
public List<RichGroup> getAllRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBlReturns all RichSubGroups from parentGroup containing selected attributes filtered by role and its type (all levels subgroups)- Specified by:
getAllRichSubGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess-parentGroup-attrNames- if attrNames is null method will return RichGroups containing all attributesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- List of RichGroups
-
getAllSubGroups
Description copied from interface:GroupsManagerBlGet all subgroups of the parentGroup recursively. (parentGroup subgroups, their subgroups etc...)- Specified by:
getAllSubGroupsin interfaceGroupsManagerBl- Parameters:
sess-parentGroup- parent group- Returns:
- list of groups
-
getAssignedGroupsToFacility
Description copied from interface:GroupsManagerBlReturn list of assigned groups on all facility resources (without subgroups unless they are assigned too)- Specified by:
getAssignedGroupsToFacilityin interfaceGroupsManagerBl- Parameters:
sess-facility-- Returns:
- list of groups, which are assigned on all facility resources
-
getAssignedGroupsToResource
Description copied from interface:GroupsManagerBlReturn list of assigned groups on the resource (without subgroups unless they are assigned too)- Specified by:
getAssignedGroupsToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource-- Returns:
- list of groups, which are assigned on the resource
-
getAssignedGroupsToResource
Description copied from interface:GroupsManagerBlReturn list of assigned groups on the resource (without subgroups unless they are assigned too), which contain specific member- Specified by:
getAssignedGroupsToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource-member-- Returns:
- list of groups, which are assigned on the resource and contain specific member
-
getAssignedGroupsToResource
public List<Group> getAssignedGroupsToResource(PerunSession sess, Resource resource, boolean withSubGroups) Description copied from interface:GroupsManagerBlReturn list of assigned groups on the resource.- Specified by:
getAssignedGroupsToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource-withSubGroups- if true returns also all subgroups of assigned groups- Returns:
- list of groups, which are assigned on the resource
-
getAssociatedGroupsToFacility
Description copied from interface:GroupsManagerBlReturn list of all associated groups from all facility resources (does not require ACTIVE group-resource status)- Specified by:
getAssociatedGroupsToFacilityin interfaceGroupsManagerBl- Parameters:
sess-facility-- Returns:
- list of groups, which are associated with all facility resources
-
getAssociatedGroupsToResource
public List<Group> getAssociatedGroupsToResource(PerunSession sess, Resource resource, Member member) Description copied from interface:GroupsManagerBlReturn list of groups associated with the resource with specified member. Does not require ACTIVE group-resource status.- Specified by:
getAssociatedGroupsToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource-member-- Returns:
- list of groups, which are associated with the resource with specified member
-
getAssociatedGroupsToResource
Description copied from interface:GroupsManagerBlReturn list of assigned groups on the resource. Similar to assigned groups, but does not require ACTIVE group-resource status.- Specified by:
getAssociatedGroupsToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource-- Returns:
- list of groups, which are associated with the resource
-
getDirectAdmins
Deprecated.Description copied from interface:GroupsManagerBlGets list of direct user administrators of this group. 'Direct' means, there aren't included users, who are members of group administrators, in the returned list.- Specified by:
getDirectAdminsin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of direct administrators
-
getDirectMemberGroupStatus
public MemberGroupStatus getDirectMemberGroupStatus(PerunSession session, Member member, Group group) Description copied from interface:GroupsManagerBlReturns members direct status in given group. This method doesn't calculate status from subgroups! If there is no relation, null is returned.- Specified by:
getDirectMemberGroupStatusin interfaceGroupsManagerBl- Parameters:
session- sessionmember- membergroup- group- Returns:
- status of member in given group
-
getDirectRichAdmins
Deprecated.Description copied from interface:GroupsManagerBlGets list of all administrators of this group, which are assigned directly, like RichUsers without attributes.- Specified by:
getDirectRichAdminsin interfaceGroupsManagerBl- Parameters:
perunSession-group-
-
getDirectRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getDirectRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Description copied from interface:GroupsManagerBlGet list of Group administrators, which are directly assigned (not by group membership) with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getDirectRichAdminsWithSpecificAttributesin interfaceGroupsManagerBl- Parameters:
perunSession-group-specificAttributes-- Returns:
- list of RichUsers with specific attributes.
-
getFacilitiesWhereGroupIsAdmin
Description copied from interface:GroupsManagerBlGet list of facilities where the given group is given the admin role.- Specified by:
getFacilitiesWhereGroupIsAdminin interfaceGroupsManagerBl- Parameters:
perunSession-group- with the admin role.- Returns:
- List of administered facilities.
-
getGroupById
Description copied from interface:GroupsManagerBlSearch for the group with specified id in all VOs.- Specified by:
getGroupByIdin interfaceGroupsManagerBl- Parameters:
sess-id-- Returns:
- group with specified id or throws
- Throws:
GroupNotExistsException
-
getGroupByName
Description copied from interface:GroupsManagerBlSearch for the group with specified name in specified VO.IMPORTANT: need to use full name of group (ex. 'toplevel:a:b', not the shortname which is in this example 'b')
- Specified by:
getGroupByNamein interfaceGroupsManagerBl- Parameters:
sess-vo-name-- Returns:
- group with specified name or throws in specified VO
- Throws:
GroupNotExistsException
-
getGroupDirectMembers
Description copied from interface:GroupsManagerBlReturn all direct group members.- Specified by:
getGroupDirectMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- group- Returns:
- list of direct members
-
getGroupDirectMembersCount
Description copied from interface:GroupsManagerBlReturns count of direct members in the group- Specified by:
getGroupDirectMembersCountin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- count
-
getGroupDirectRichMembers
Description copied from interface:GroupsManagerBlReturns direct group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupDirectRichMembersin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group- Returns:
- list of direct RichMembers
-
getGroupMemberById
public Member getGroupMemberById(PerunSession sess, Group group, int memberId) throws NotGroupMemberException Description copied from interface:GroupsManagerBlGet group member by member ID.- Specified by:
getGroupMemberByIdin interfaceGroupsManagerBl- Parameters:
sess-group-memberId-- Returns:
- Member
- Throws:
NotGroupMemberException
-
getGroupMembers
Description copied from interface:GroupsManagerBlReturn all group members.- Specified by:
getGroupMembersin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of users or empty list if the group is empty
-
getGroupMembers
public List<Member> getGroupMembers(PerunSession sess, Group group, MemberGroupStatus statusInGroup, Status status) Description copied from interface:GroupsManagerBlReturn all members of the group who has specific status in the group and also specific status in the Vo.For example: All members with valid status in the Vo and also valid status in the group.
- Specified by:
getGroupMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to get members fromstatusInGroup- to get only members with this specific status in the groupstatus- to get only members with this specific status in the Vo- Returns:
- list of members with specific status in group and specific status in the Vo
-
getGroupMembers
Description copied from interface:GroupsManagerBlReturn group members.- Specified by:
getGroupMembersin interfaceGroupsManagerBl- Parameters:
sess-group-status-- Returns:
- list users or empty list if there are no users on specified page
-
getGroupMembersCount
- Specified by:
getGroupMembersCountin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- count of members of specified group
-
getGroupMembersCountsByGroupStatus
public Map<MemberGroupStatus,Integer> getGroupMembersCountsByGroupStatus(PerunSession sess, Group group) Description copied from interface:GroupsManagerBlReturns counts of group members by their group status.- Specified by:
getGroupMembersCountsByGroupStatusin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- map of member status in group to count of group members with the status
-
getGroupMembersCountsByVoStatus
Description copied from interface:GroupsManagerBlReturns counts of group members by their status in VO.- Specified by:
getGroupMembersCountsByVoStatusin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- map of member status in VO to count of group members with the status
-
getGroupMembersExceptInvalid
Description copied from interface:GroupsManagerBlReturn only valid, suspended, expired and disabled group members.- Specified by:
getGroupMembersExceptInvalidin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list members or empty list if there are no such members
-
getGroupMembersExceptInvalidAndDisabled
Description copied from interface:GroupsManagerBlReturn only valid, suspended and expired group members.- Specified by:
getGroupMembersExceptInvalidAndDisabledin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list members or empty list if there are no such members
-
getGroupResourcePairsByAttribute
public List<Pair<Group,Resource>> getGroupResourcePairsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBlReturns all group-resource which have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getGroupResourcePairsByAttributein interfaceGroupsManagerBl- Parameters:
sess-attribute-- Returns:
- Throws:
WrongAttributeAssignmentException
-
getGroupRichMembers
Description copied from interface:GroupsManagerBlReturns group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of RichMembers
-
getGroupRichMembers
Description copied from interface:GroupsManagerBlReturns group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersin interfaceGroupsManagerBl- Parameters:
sess-group-status-- Returns:
- list of RichMembers
-
getGroupRichMembersExceptInvalid
Description copied from interface:GroupsManagerBlReturns only valid, suspended and expired group members in the RichMember object, which contains Member+User data.- Specified by:
getGroupRichMembersExceptInvalidin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributes
Description copied from interface:GroupsManagerBlReturns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributes
public List<RichMember> getGroupRichMembersWithAttributes(PerunSession sess, Group group, Status status) Description copied from interface:GroupsManagerBlReturns group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-group-status-- Returns:
- list of RichMembers
-
getGroupRichMembersWithAttributesExceptInvalid
public List<RichMember> getGroupRichMembersWithAttributesExceptInvalid(PerunSession sess, Group group) Description copied from interface:GroupsManagerBlReturns only valid, suspended and expired group members in the RichMember object, which contains Member+User data. Also contains user and member attributes.- Specified by:
getGroupRichMembersWithAttributesExceptInvalidin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of RichMembers
-
getGroupUnions
Description copied from interface:GroupsManagerBlGet list of group unions for specified group.- Specified by:
getGroupUnionsin interfaceGroupsManagerBl- Parameters:
session- perun sessiongroup- groupreverseDirection- if false get all operand groups of requested result group if true get all result groups of requested operand group- Returns:
- list of groups.
-
getGroupUsers
Description copied from interface:GroupsManagerBlReturn group users sorted by name.- Specified by:
getGroupUsersin interfaceGroupsManagerBl- Parameters:
perunSession-group-- Returns:
- list users sorted or empty list if there are no users on specified page
-
getGroups
Description copied from interface:GroupsManagerBlGet all groups of users under the VO.- Specified by:
getGroupsin interfaceGroupsManagerBl- Parameters:
sess-vo- vo- Returns:
- list of groups
-
getGroupsByAttribute
public List<Group> getGroupsByAttribute(PerunSession sess, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBlReturns all groups which have set the attribute with the value. Searching only def and opt attributes.- Specified by:
getGroupsByAttributein interfaceGroupsManagerBl- Parameters:
sess-attribute-- Returns:
- list of groups
- Throws:
WrongAttributeAssignmentException
-
getGroupsByIds
Description copied from interface:GroupsManagerBlSearch for the groups with specified ids in all VOs.- Specified by:
getGroupsByIdsin interfaceGroupsManagerBl- Parameters:
sess-ids-- Returns:
- groups with specified ids
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a member- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-member-- Returns:
- list of groups connected with member
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a resource- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-resource-- Returns:
- list of groups connected with resource
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a user- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-user-- Returns:
- list of groups connected with user
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a host- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-host-- Returns:
- list of groups connected with host
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a facility- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-facility-- Returns:
- list of groups connected with facility
-
getGroupsByPerunBean
Description copied from interface:GroupsManagerBlReturns list of groups connected with a vo- Specified by:
getGroupsByPerunBeanin interfaceGroupsManagerBl- Parameters:
sess-vo-- Returns:
- list of groups connected with vo
-
getGroupsCount
- Specified by:
getGroupsCountin interfaceGroupsManagerBl- Parameters:
sess-vo-- Returns:
- count of VO's groups
-
getGroupsCount
Description copied from interface:GroupsManagerBlGet count of all groups.- Specified by:
getGroupsCountin interfaceGroupsManagerBl- Parameters:
sess-- Returns:
- count of all groups
-
getGroupsForAutoRegistration
Description copied from interface:GroupsManagerBlReturns all groups which can be registered into during vo registration.- Specified by:
getGroupsForAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessionvo- vo- Returns:
- list of groups
-
getGroupsForAutoRegistration
public List<Group> getGroupsForAutoRegistration(PerunSession sess, Vo vo, ApplicationFormItem formItem) Description copied from interface:GroupsManagerBlReturns all groups which can be registered into during vo registration.- Specified by:
getGroupsForAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessionvo- voformItem- application form item- Returns:
- list of groups
-
getGroupsForAutoRegistration
public List<Group> getGroupsForAutoRegistration(PerunSession sess, Group registrationGroup, ApplicationFormItem formItem) Description copied from interface:GroupsManagerBlReturns all groups which can be registered into during group registration.- Specified by:
getGroupsForAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessionregistrationGroup- groupformItem- application form item- Returns:
- list of groups
-
getGroupsManagerImpl
Gets the groupsManagerImpl for this instance.- Returns:
- The groupsManagerImpl.
-
getGroupsPage
public Paginated<RichGroup> getGroupsPage(PerunSession sess, Vo vo, GroupsPageQuery query, List<String> attrNames) throws GroupNotExistsException, MemberNotExistsException, MemberGroupMismatchException Description copied from interface:GroupsManagerBlGet page of groups from the given vo.- Specified by:
getGroupsPagein interfaceGroupsManagerBl- Parameters:
sess- sessionvo- voquery- query with page informationattrNames- attribute names- Returns:
- page of requested rich groups
- Throws:
GroupNotExistsExceptionMemberNotExistsExceptionMemberGroupMismatchException
-
getGroupsToSynchronize
Description copied from interface:GroupsManagerBlGets all groups which have enabled synchronization.- Specified by:
getGroupsToSynchronizein interfaceGroupsManagerBl- Parameters:
sess-- Returns:
- list of groups to synchronize
-
getGroupsWhereGroupIsAdmin
Description copied from interface:GroupsManagerBlGet list of groups where the given group is given the admin role.- Specified by:
getGroupsWhereGroupIsAdminin interfaceGroupsManagerBl- Parameters:
perunSession-group- with the admin role.- Returns:
- List of administered groups.
-
getGroupsWhereMemberIsActive
Description copied from interface:GroupsManagerBlReturns all member's groups where member is in active state (is valid there) Excluded members group.- Specified by:
getGroupsWhereMemberIsActivein interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in active state (valid)
-
getGroupsWhereMemberIsInactive
Description copied from interface:GroupsManagerBlReturns all member's groups where member is in inactive state (it is not valid and it is expired there) Excluded members group.- Specified by:
getGroupsWhereMemberIsInactivein interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- member to get groups for- Returns:
- list of groups where member is in inactive state (expired)
-
getGroupsWhereUserIsActiveMember
Description copied from interface:GroupsManagerBlReturns groups in which the user is active member. Groups are looked up only for the specified VO.- Specified by:
getGroupsWhereUserIsActiveMemberin interfaceGroupsManagerBl- Parameters:
sess- sessionuser- user objectvo- VO object- Returns:
- List of groups
-
getGroupsWithAssignedExtSourceInVo
Description copied from interface:GroupsManagerBlGet all groups in specific vo with assigned extSource- Specified by:
getGroupsWithAssignedExtSourceInVoin interfaceGroupsManagerBl- Parameters:
sess-source-vo-- Returns:
- l
-
getInactiveGroupMembers
Description copied from interface:GroupsManagerBlReturn all members of the group who are inactive (expired) in the group.Do not return active members of the group.
- Specified by:
getInactiveGroupMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to get members from- Returns:
- list of inactive (expired) members
-
getInactiveGroupMembers
Description copied from interface:GroupsManagerBlReturn all members of the group who are inactive (expired) in the group and have specific status in the Vo.Do not return active members of the group.
- Specified by:
getInactiveGroupMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to get members fromstatus- to get only members with this specific status in the Vo- Returns:
- list of inactive (expired) members with specific status in the Vo
-
getIndirectMembershipPaths
public List<List<Group>> getIndirectMembershipPaths(PerunSession sess, Member member, Group group) throws MemberNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBlGet unique paths of groups via which member is indirectly included to the group. Cuts off after first included group.- Specified by:
getIndirectMembershipPathsin interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- membergroup- group in which the member is indirectly included- Returns:
- lists of groups [CURRENT GROUP -> SUBGROUP -> ... -> MEMBER'S SOURCE GROUP]
- Throws:
MemberNotExistsExceptionGroupNotExistsException
-
getMemberDirectGroups
Description copied from interface:GroupsManagerBlGet all groups (except member groups) where member has direct membership.- Specified by:
getMemberDirectGroupsin interfaceGroupsManagerBl- Parameters:
sess-member- to get information about- Returns:
- list of groups where member is direct member (not members group), empty list if there is no such group
-
getMemberGroups
Description copied from interface:GroupsManagerBlReturns all members groups. Except 'members' group.- Specified by:
getMemberGroupsin interfaceGroupsManagerBl- Parameters:
sess-member-- Returns:
-
getMemberGroupsByAttribute
public List<Group> getMemberGroupsByAttribute(PerunSession sess, Member member, Attribute attribute) throws WrongAttributeAssignmentException Description copied from interface:GroupsManagerBlMethod return list of groups for selected member which (groups) has set specific attribute. Attribute can be only from namespace "GROUP"- Specified by:
getMemberGroupsByAttributein interfaceGroupsManagerBl- Parameters:
sess- sessmember- memberattribute- attribute from "GROUP" namespace- Returns:
- list of groups which contain member and have attribute with same value
- Throws:
WrongAttributeAssignmentException
-
getMemberRichGroupsWithAttributesByNames
@Deprecated public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames) Deprecated.Description copied from interface:GroupsManagerBlReturn all RichGroups for specified member, containing selected attributes. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess- internal sessionmember- the member to get the rich groups forattrNames- list of selected attributes- Returns:
- list of rich groups with selected attributes
-
getMemberRichGroupsWithAttributesByNames
public List<RichGroup> getMemberRichGroupsWithAttributesByNames(PerunSession sess, Member member, List<String> attrNames, List<String> roles, List<RoleAssignmentType> types) Description copied from interface:GroupsManagerBlReturn all RichGroups for specified member, containing selected attributes filtered by role and its type. "members" group is not included.Supported are attributes from these namespaces: - group - member-group
- Specified by:
getMemberRichGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess- internal sessionmember- the member to get the rich groups forattrNames- list of selected attributesroles- list of selected roles (if empty, then return groups by all roles)types- list of selected types of roles (if empty, then return by roles of all types)- Returns:
- list of rich groups with selected attributes
-
getParentGroup
Description copied from interface:GroupsManagerBlGet parent group. If group is topLevel group or Members group, return Members group.- Specified by:
getParentGroupin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- parent group
- Throws:
ParentGroupNotExistsException
-
getParentGroupMembers
Description copied from interface:GroupsManagerBlGet members from parent group. If the parent group doesn't exist (this is top level group) return all VO (from which the group is) members instead.- Specified by:
getParentGroupMembersin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
-
getParentGroupRichMembers
Description copied from interface:GroupsManagerBlGet members form the parent group in RichMember format.- Specified by:
getParentGroupRichMembersin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of parent group rich members
-
getParentGroupRichMembersWithAttributes
Description copied from interface:GroupsManagerBlGet members form the parent group in RichMember format including user/member attributes.- Specified by:
getParentGroupRichMembersWithAttributesin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of parent group rich members
-
getPerunBl
Gets the perunBl.- Returns:
- The perunBl.
-
getRichAdmins
public List<RichUser> getRichAdmins(PerunSession perunSession, Group group, List<String> specificAttributes, boolean allUserAttributes, boolean onlyDirectAdmins) throws UserNotExistsException Description copied from interface:GroupsManagerBlGets list of all richUser administrators of this group. If some group is administrator of the given group, all VALID members are included in the list.Supported roles: GroupAdmin
If "onlyDirectAdmins" is "true", return only direct users of the group for supported role with specific attributes. If "allUserAttributes" is "true", do not specify attributes through list and return them all in objects richUser . Ignoring list of specific attributes.
- Specified by:
getRichAdminsin interfaceGroupsManagerBl- Parameters:
perunSession-group-specificAttributes- list of specified attributes which are needed in object richUserallUserAttributes- if true, get all possible user attributes and ignore list of specificAttributes (if false, get only specific attributes)onlyDirectAdmins- if true, get only direct user administrators (if false, get both direct and indirect)- Returns:
- list of RichUser administrators for the group and supported role with attributes
- Throws:
UserNotExistsException
-
getRichAdmins
Deprecated.Description copied from interface:GroupsManagerBlGets list of all administrators of this group like RichUsers without attributes.- Specified by:
getRichAdminsin interfaceGroupsManagerBl- Parameters:
perunSession-group-
-
getRichAdminsWithAttributes
@Deprecated public List<RichUser> getRichAdminsWithAttributes(PerunSession perunSession, Group group) throws UserNotExistsException Deprecated.Description copied from interface:GroupsManagerBlGets list of all administrators of this group like RichUsers with attributes.- Specified by:
getRichAdminsWithAttributesin interfaceGroupsManagerBl- Parameters:
perunSession-group-- Throws:
UserNotExistsException
-
getRichAdminsWithSpecificAttributes
@Deprecated public List<RichUser> getRichAdminsWithSpecificAttributes(PerunSession perunSession, Group group, List<String> specificAttributes) Deprecated.Description copied from interface:GroupsManagerBlGet list of Group administrators with specific attributes. From list of specificAttributes get all Users Attributes and find those for every RichAdmin (only, other attributes are not searched)- Specified by:
getRichAdminsWithSpecificAttributesin interfaceGroupsManagerBl- Parameters:
perunSession-group-specificAttributes-- Returns:
- list of RichUsers with specific attributes.
-
getRichGroupByIdWithAttributesByNames
public RichGroup getRichGroupByIdWithAttributesByNames(PerunSession sess, int groupId, List<String> attrNames) throws GroupNotExistsException Description copied from interface:GroupsManagerBlReturns RichGroup selected by id containing selected attributes- Specified by:
getRichGroupByIdWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess-groupId-attrNames- if attrNames is null method will return RichGroup containing all attributes- Returns:
- RichGroup
- Throws:
GroupNotExistsException
-
getRichGroupsWithAttributesAssignedToResource
public List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Resource resource, List<String> attrNames) Description copied from interface:GroupsManagerBlGet all RichGroups with selected attributes assigned to the resource.- Specified by:
getRichGroupsWithAttributesAssignedToResourcein interfaceGroupsManagerBl- Parameters:
sess-resource- the resource to get assigned groups from itattrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroups with selected attributes assigned to the resource
-
getRichGroupsWithAttributesAssignedToResource
public List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Member member, Resource resource, List<String> attrNames) Description copied from interface:GroupsManagerBlGet list of all richGroups with selected attributes assigned to the resource filtered by specific member. Allowed namespaces of attributes are group, group-resource, member-group and member-resource.Last step is filtration of attributes: Attributes are filtered by rights of user in session. User get only those selected attributes he has rights to read.
- Specified by:
getRichGroupsWithAttributesAssignedToResourcein interfaceGroupsManagerBl- Parameters:
sess-member- member used for filtering returned groups (groups have to contain this member to be returned)resource- resource to get assigned groups forattrNames- list of selected attribute names, if it is null, return all possible non-empty attributes, empty list in attrNames means - no attributes needed- Returns:
- list of RichGroup objects with specific attributes specified by object Resource and object Member
-
getRichSubGroupsWithAttributesByNames
public List<RichGroup> getRichSubGroupsWithAttributesByNames(PerunSession sess, Group parentGroup, List<String> attrNames) Description copied from interface:GroupsManagerBlReturns RichSubGroups from parentGroup containing selected attributes (only 1 level subgroups)- Specified by:
getRichSubGroupsWithAttributesByNamesin interfaceGroupsManagerBl- Parameters:
sess-parentGroup-attrNames- if attrNames is null method will return RichGroups containing all attributes- Returns:
- List of RichGroups
-
getServiceGroupMembers
Description copied from interface:GroupsManagerBlReturn a list of all group members, who are service users- Specified by:
getServiceGroupMembersin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- list of Members from given group who are service users
-
getSubGroups
Description copied from interface:GroupsManagerBlGet all subgroups of the parent group under the VO.- Specified by:
getSubGroupsin interfaceGroupsManagerBl- Parameters:
sess-parentGroup- parent group- Returns:
- list of groups
-
getSubGroupsCount
Description copied from interface:GroupsManagerBlReturns number of immediate subgroups of the parent group.- Specified by:
getSubGroupsCountin interfaceGroupsManagerBl- Parameters:
sess-parentGroup-- Returns:
- count of parent group immediate subgroups
-
getSubgroupsPage
public Paginated<RichGroup> getSubgroupsPage(PerunSession sess, Group group, GroupsPageQuery query, List<String> attrNames) Description copied from interface:GroupsManagerBlGet page of subgroups from the given parent group.- Specified by:
getSubgroupsPagein interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- parent groupquery- query with page informationattrNames- attribute names- Returns:
- page of requested rich groups
-
getTotalGroupStatusForMembers
public Map<Integer,MemberGroupStatus> getTotalGroupStatusForMembers(PerunSession session, Group group, List<Member> members) Description copied from interface:GroupsManagerBlReturns total member's status of given members in given group.- Specified by:
getTotalGroupStatusForMembersin interfaceGroupsManagerBl- Parameters:
session- sessiongroup- groupmembers- members- Returns:
- total status of members in given group
-
getTotalMemberGroupStatus
public MemberGroupStatus getTotalMemberGroupStatus(PerunSession session, Member member, Group group) Description copied from interface:GroupsManagerBlReturns total member's status in given group. If there is no relation, null is returned.- Specified by:
getTotalMemberGroupStatusin interfaceGroupsManagerBl- Parameters:
session- sessionmember- membergroup- group- Returns:
- total status of member in given group
-
getUserGroups
Description copied from interface:GroupsManagerBlReturn groups where user is member.- Specified by:
getUserGroupsin interfaceGroupsManagerBl- Parameters:
perunSession-user-- Returns:
- list of groups
-
getUserGroups
public List<Group> getUserGroups(PerunSession perunSession, User user, List<Status> memberStatuses, List<MemberGroupStatus> memberGroupStatuses) Description copied from interface:GroupsManagerBlReturn groups where user is member with allowed statuses in vo and group. If statuses are empty or null, all statuses are used.- Specified by:
getUserGroupsin interfaceGroupsManagerBl- Parameters:
perunSession-user-memberStatuses- allowed statuses of member in VOmemberGroupStatuses- allowed statuses of member in group- Returns:
- list of groups
-
getVo
Description copied from interface:GroupsManagerBlGets the Vo which is owner of the group.- Specified by:
getVoin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- Vo which is owner of the group.
-
getVosWhereGroupIsAdmin
Description copied from interface:GroupsManagerBlGet list of VOs where the given group is given the admin role.- Specified by:
getVosWhereGroupIsAdminin interfaceGroupsManagerBl- Parameters:
perunSession-group- with the admin role.- Returns:
- List of administered VOs.
-
hasCandidateExistingMember
Compare richMember userExtSources with Candidate's userExtSources, if some of the useExtSource fits.- Parameters:
candidate-richMember-- Returns:
- true if richMember.userExtSources contains some of the candidate.useExtSource
-
hasGroupSynchronizedChild
Description copied from interface:GroupsManagerBlCheck if there is a subgroup of the group, which is defined as synchronized from an external source at this moment.- Specified by:
hasGroupSynchronizedChildin interfaceGroupsManagerBl- Parameters:
session-group-- Returns:
-
inactivateMember
public void inactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Description copied from interface:GroupsManagerBlInactivates member in group and sets its status to EXPIRED.- Specified by:
inactivateMemberin interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- membergroup- group- Throws:
MemberNotExistsException- if given member is not direct member of given group
-
isAllowedGroupToHierarchicalVo
Description copied from interface:GroupsManagerBlReturns flag representing if the group can be included in the (parent) vo's groups- Specified by:
isAllowedGroupToHierarchicalVoin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- groupvo- parent vo- Returns:
- true if group can be included in vo's groups, false otherwise
-
isDirectGroupMember
Description copied from interface:GroupsManagerBlReturn true if Member is direct member of the Group- Specified by:
isDirectGroupMemberin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group where the membership is to be checkedmember- member whose membership is to be checked- Returns:
- true if Member is direct member of the Group
-
isGroupForAnyAutoRegistration
Description copied from interface:GroupsManagerBlCheck if group has automatic registration enabled in any form item.- Specified by:
isGroupForAnyAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group to check
-
isGroupForAutoRegistration
Description copied from interface:GroupsManagerBlCheck if group has automatic registration enabled in the given form item.- Specified by:
isGroupForAutoRegistrationin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group to checkformItems- form items for which the group can be configured
-
isGroupInStructureSynchronizationTree
Description copied from interface:GroupsManagerBlCheck if the group or its subgroups are defined as synchronized from an external source at this moment.- Specified by:
isGroupInStructureSynchronizationTreein interfaceGroupsManagerBl- Parameters:
session-group-- Returns:
-
isGroupLastAdminInSomeFacility
Description copied from interface:GroupsManagerBlCheck whether the group supplies the last FACILITYADMIN in some facility, return those facilities in which it does. Such facilities could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeFacilityin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group- Returns:
- list of facilities which the group supplies last FACILITYADMIN to
-
isGroupLastAdminInSomeFacility
Description copied from interface:GroupsManagerBlCheck whether some of the groups supply the last FACILITYADMIN in some facility, return the groups that do. Such facilities could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeFacilityin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- groups to check- Returns:
- list of groups which supply last FACILITYADMIN in some facility
-
isGroupLastAdminInSomeVo
Description copied from interface:GroupsManagerBlCheck whether the group supplies the last VOADMIN in some vo, return those vos in which it does. Such vos could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeVoin interfaceGroupsManagerBl- Parameters:
sess- sessiongroup- group- Returns:
- list of vos which the group supplies last VOADMIN to
-
isGroupLastAdminInSomeVo
Description copied from interface:GroupsManagerBlCheck whether some of the groups supply the last VOADMIN in some vo, return the groups that do. Such vos could upon removal of the group be left without a person to manage them.- Specified by:
isGroupLastAdminInSomeVoin interfaceGroupsManagerBl- Parameters:
sess- sessiongroups- groups to check- Returns:
- list of groups which supply last VOADMIN in some facility
-
isGroupMember
Description copied from interface:GroupsManagerBlReturn true if Member is member of the Group- Specified by:
isGroupMemberin interfaceGroupsManagerBl- Parameters:
sess-group-member-- Returns:
- true if Member is member of the Group
-
isGroupSynchronizedFromExternallSource
Description copied from interface:GroupsManagerBlCheck if the group is defined as synchronized from an external source at this moment.- Specified by:
isGroupSynchronizedFromExternallSourcein interfaceGroupsManagerBl- Parameters:
session-group-- Returns:
-
isUserMemberOfGroup
Description copied from interface:GroupsManagerBlChecks whether the user is member of the group.- Specified by:
isUserMemberOfGroupin interfaceGroupsManagerBl- Parameters:
sess-user-group-- Returns:
- true if the user is member of the group
-
moveGroup
public void moveGroup(PerunSession sess, Group destinationGroup, Group movingGroup) throws GroupMoveNotAllowedException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBlMove one group structure under another group in same vo or as top level group- Specified by:
moveGroupin interfaceGroupsManagerBl- Parameters:
sess- perun sessiondestinationGroup- group to which is moving group moved, if it's null group will be moved as top level groupmovingGroup- group which is moved to destination group- Throws:
GroupMoveNotAllowedExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueException
-
reactivateMember
public void reactivateMember(PerunSession sess, Member member, Group group) throws MemberNotExistsException Description copied from interface:GroupsManagerBlReactivates member in group and sets its status to VALID.- Specified by:
reactivateMemberin interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- membergroup- group- Throws:
MemberNotExistsException- if given member is not member of given group
-
recalculateMemberGroupStatusRecursively
public void recalculateMemberGroupStatusRecursively(PerunSession sess, Member member, Group group, Map<Integer, Map<Integer, MemberGroupStatus>> previousStatus) Calculates the state of given member in given group and if it differs from given 'previousState' calls this method recursively for all parent groups.- Specified by:
recalculateMemberGroupStatusRecursivelyin interfaceGroupsManagerBl- Parameters:
member- membergroup- grouppreviousStatus- previousStatus- Throws:
InternalErrorException- internal error
-
removeFormerMemberWhileSynchronization
public void removeFormerMemberWhileSynchronization(PerunSession sess, Group group, RichMember memberToRemove, boolean isAuthoritative) throws GroupNotExistsException Description copied from interface:GroupsManagerBlRemove former member from group (if he is not listed in ExtSource).If this is membersGroup (of some Vo) try to disableMember, if not possible then delete him. If this is regular group (of some Vo) remove him and if this group is also his last authoritative group, disable or delete him also in the Vo.
This method runs in separate transaction.
- Specified by:
removeFormerMemberWhileSynchronizationin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to be synchronizedmemberToRemove- member to be removed from Group- Throws:
GroupNotExistsException- if group does not exist
-
removeGroupUnion
public void removeGroupUnion(PerunSession sess, Group resultGroup, Group operandGroup, boolean parentFlag) throws GroupRelationDoesNotExist, GroupRelationCannotBeRemoved, GroupNotExistsException Description copied from interface:GroupsManagerBlRemoves a union relation between two groups. All indirect members that originate from operand group are removed from result group.- Specified by:
removeGroupUnionin interfaceGroupsManagerBl- Parameters:
sess- perun sessionresultGroup- group from which members are removedoperandGroup- group which members are removed from result groupparentFlag- if true union cannot be deleted; false otherwise (it flags relations created by hierarchical structure)- Throws:
GroupRelationDoesNotExistGroupRelationCannotBeRemovedGroupNotExistsException
-
removeMember
public void removeMember(PerunSession sess, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBlRemoves member form the group. But not from members or administrators group.- Specified by:
removeMemberin interfaceGroupsManagerBl- Parameters:
sess-group-member-- Throws:
NotGroupMemberExceptionGroupNotExistsException
-
removeMember
public void removeMember(PerunSession sess, List<Group> groups, Member member) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBlRemoves member from groups. But not from members or administrators group.- Specified by:
removeMemberin interfaceGroupsManagerBl- Parameters:
sess-groups-member-- Throws:
NotGroupMemberExceptionGroupNotExistsException
-
removeMemberFromMembersOrAdministratorsGroup
public void removeMemberFromMembersOrAdministratorsGroup(PerunSession sess, Group group, Member member) throws NotGroupMemberException, GroupNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBlRemoves member from members or administrators group only.- Specified by:
removeMemberFromMembersOrAdministratorsGroupin interfaceGroupsManagerBl- Parameters:
sess-group-member-- Throws:
NotGroupMemberExceptionGroupNotExistsExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueException
-
removeMembers
public void removeMembers(PerunSession sess, Group group, List<Member> members) throws NotGroupMemberException, GroupNotExistsException Description copied from interface:GroupsManagerBlRemoves members from the group. But not from members or administrators group.- Specified by:
removeMembersin interfaceGroupsManagerBl- Parameters:
sess-group-members-- Throws:
NotGroupMemberExceptionGroupNotExistsException
-
removeRelationMembers
public void removeRelationMembers(PerunSession sess, Group resultGroup, List<Member> changedMembers, int sourceGroupId) throws WrongReferenceAttributeValueException, NotGroupMemberException, WrongAttributeValueException, GroupNotExistsException Description copied from interface:GroupsManagerBlMethod recalculates all relations between groups. Method recursively removes members from groups and all their relations. The method is called in case of: 1) removed relation 2) removed member 3) group removal 4) group movement- Specified by:
removeRelationMembersin interfaceGroupsManagerBl- Parameters:
sess- perun sessionresultGroup- group to which members are added or removed fromchangedMembers- list of changed members which is passed as argument to add indirect members method. List contains records of removed indirect members from operand group.sourceGroupId- id of a group from which members originate- Throws:
WrongReferenceAttributeValueExceptionNotGroupMemberExceptionWrongAttributeValueExceptionGroupNotExistsException
-
saveInformationAboutGroupStructureSynchronizationInNestedTransaction
public void saveInformationAboutGroupStructureSynchronizationInNestedTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBlThis method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in nested transaction. With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Specified by:
saveInformationAboutGroupStructureSynchronizationInNestedTransactionin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- the group structure for synchronizationfailedDueToException- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsExceptionWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionWrongAttributeValueException
-
saveInformationAboutGroupStructureSynchronizationInNewTransaction
public void saveInformationAboutGroupStructureSynchronizationInNewTransaction(PerunSession sess, Group group, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBlThis method will set timestamp, state and exceptionMessage to group attributes for the group structure. Also log information about failed group structure synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of it being used in synchronization of groups structures) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastGroupStructureSynchronizationTimestamp" Set exception message to attribute "group_def_lastGroupStructureSynchronizationState"
FailedDueToException is true means group structure synchronization failed completely. FailedDueToException is false means group structure synchronization is ok or finished with some errors (some groups were not synchronized)
- Specified by:
saveInformationAboutGroupStructureSynchronizationInNewTransactionin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- the group structure for synchronizationfailedDueToException- if exception means fail of whole synchronization of this group structure or only problem with some dataexceptionMessage- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsExceptionWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionWrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNestedTransaction
public void saveInformationAboutGroupSynchronizationInNestedTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBlThis method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in nested transaction so it can be used in another transaction With a nested transaction, this method can be used in method running in the nested transaction, where the group was changed in the database. However, rollback on the outer transaction, where this method is used, will revert saving of given information.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Specified by:
saveInformationAboutGroupSynchronizationInNestedTransactionin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- the group for synchronizationstartTime- of the synchronizationfailedDueToException- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsExceptionWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionWrongAttributeValueException
-
saveInformationAboutGroupSynchronizationInNewTransaction
public void saveInformationAboutGroupSynchronizationInNewTransaction(PerunSession sess, Group group, long startTime, boolean failedDueToException, String exceptionMessage) throws AttributeNotExistsException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException, WrongAttributeValueException Description copied from interface:GroupsManagerBlThis method will set timestamp, synchronization start time and exceptionMessage to group attributes for the group. Also log information about failed synchronization to auditer_log.IMPORTANT: This method runs in new transaction (because of using in synchronization of groups) This method is run in a new transaction to ensure successful saving of given information, in case of a rollback in previous transaction. However, this method cannot be used in method running in the nested transaction, where the group was changed in the database.
Set timestamp to attribute "group_def_lastSynchronizationTimestamp" Set exception message to attribute "group_def_lastSynchronizationState" Set start time to attribute "group_def_startOfLastSuccessSynchronizationTimestamp"
FailedDueToException is true means group synchronization failed completely. FailedDueToException is false means group synchronization is ok or finished with some errors (some members were not synchronized)
- Specified by:
saveInformationAboutGroupSynchronizationInNewTransactionin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- the group for synchronizationstartTime- of the synchronizationfailedDueToException- if exception means fail of whole synchronization of this group or only problem with some dataexceptionMessage- message of an exception, ok if everything is ok- Throws:
AttributeNotExistsExceptionWrongReferenceAttributeValueExceptionWrongAttributeAssignmentExceptionWrongAttributeValueException
-
setPerunBl
-
synchronizeGroup
public List<String> synchronizeGroup(PerunSession sess, Group group) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, GroupNotExistsException Description copied from interface:GroupsManagerBlSynchronizes the group with the external group without checking if the synchronization is already in progress. If some members from extSource of this group were skipped, return info about them. if not, return empty string instead, which means all members was successfully load from extSource.- Specified by:
synchronizeGroupin interfaceGroupsManagerBl- Parameters:
sess-group-- Returns:
- List of strings with skipped users with reasons why were skipped
- Throws:
AttributeNotExistsExceptionWrongAttributeAssignmentExceptionExtSourceNotExistsExceptionGroupNotExistsException
-
synchronizeGroupStructure
public List<String> synchronizeGroupStructure(PerunSession sess, Group baseGroup) throws AttributeNotExistsException, WrongAttributeAssignmentException, ExtSourceNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException Description copied from interface:GroupsManagerBlSynchronize a group structure with an external source group structure under the group.- Specified by:
synchronizeGroupStructurein interfaceGroupsManagerBl- Parameters:
sess-baseGroup- base group under which will be synchronized structure of groups- Returns:
- List of strings with skipped groups with reasons why were skipped
- Throws:
AttributeNotExistsExceptionWrongAttributeAssignmentExceptionExtSourceNotExistsExceptionWrongAttributeValueExceptionWrongReferenceAttributeValueException
-
synchronizeGroups
Start and check threads with synchronization of groups. (max threads is defined by constant) It also add new groups to the queue. This method is run by the scheduler every 5 minutes.Note: this method is synchronized
- Specified by:
synchronizeGroupsin interfaceGroupsManagerBl- Throws:
InternalErrorException
-
synchronizeGroupsStructures
Description copied from interface:GroupsManagerBlSynchronize all groups structures which have enabled group structure synchronization. This method is run by the scheduler every 5 minutes.- Specified by:
synchronizeGroupsStructuresin interfaceGroupsManagerBl
-
updateExistingMemberWhileSynchronization
public void updateExistingMemberWhileSynchronization(PerunSession sess, Group group, Candidate candidate, RichMember memberToUpdate, List<String> overwriteUserAttributesList, List<String> mergeMemberAttributesList, List<AttributeDefinition> attrDefs) Description copied from interface:GroupsManagerBlGet candidate and corresponding memberToUpdate and update his attributes, extSources, expiration and status.For Member - updateAttributes For User - updateAttributes if exists in list of overwriteUserAttributesList, in other case just mergeAttributes.
updateAttributes = store new values mergeAttributes = for List and Map add new values, do not remove old one, for other cases store new values (like String, Integer etc.)
This method runs in separate transaction.
- Specified by:
updateExistingMemberWhileSynchronizationin interfaceGroupsManagerBl- Parameters:
sess- perun sessiongroup- to be synchronizedcandidate- candidate to update bymemberToUpdate- richMember for updating in Perun by information from extSourceoverwriteUserAttributesList- list of user attributes to be updated instead of mergedmergeMemberAttributesList- list of member attributes to be merged instead of updatedattrDefs- list of attribute definitions to update from candidate, if null the list is filled in process
-
updateGroup
Description copied from interface:GroupsManagerBlUpdates group by ID.Update shortName (use shortName) and description. Group.name is ignored. Return Group with correctly set parameters (including group.name)
- Specified by:
updateGroupin interfaceGroupsManagerBl- Parameters:
sess-group- to update (use only ID, shortName and description)- Returns:
- updated group with correctly set parameters (including group.name)
- Throws:
GroupExistsException- if group with same name already exists in the same VO
-
updateParentGroupId
Description copied from interface:GroupsManagerBlUpdates parentGroupId.!! IMPORTANT This method allows to change parentGroupId, but it doesn't update group and subGroup names !!
- Specified by:
updateParentGroupIdin interfaceGroupsManagerBl- Parameters:
sess-group- to update- Returns:
- group with updated parentGroupId
-
searchForGroups
Description copied from interface:GroupsManagerBlSimilarity substring search in all groups based on name, shortname, description and optionally ID- Specified by:
searchForGroupsin interfaceGroupsManagerBl- Parameters:
sess- sessionsearchString- string to search forincludeIDs- whether to search in IDs as well, used for PERUNADMINs- Returns:
- list of matched groups
-
searchForGroups
public List<Group> searchForGroups(PerunSession sess, String searchString, Set<Integer> groupIds, Set<Integer> voIds, boolean includeIDs) Description copied from interface:GroupsManagerBlSimilarity substring search in provided groups based on name, shortname, description and optionally ID. Performs the search also in all groups of the provided VOs. Returns an empty list if both groups/vo IDs are null or empty.- Specified by:
searchForGroupsin interfaceGroupsManagerBl- Parameters:
sess- sessionsearchString- string to search forgroupIds- IDs of groups to perform the search in. Ignore if emptyvoIds- IDs of VOs to perform the search in. Ignore if emptyincludeIDs- whether to search in IDs as well, used for PERUNADMINs- Returns:
- list of matched groups
-
suspendGroupSynchronization
Description copied from interface:GroupsManagerBlSuspend synchronizing groups and their structures.- Specified by:
suspendGroupSynchronizationin interfaceGroupsManagerBl- Parameters:
sess- sessionsuspend- whether to suspend or unsuspend
-
isSuspendedGroupSynchronization
public boolean isSuspendedGroupSynchronization()Description copied from interface:GroupsManagerBlCheck if synchronizing groups is suspended.- Specified by:
isSuspendedGroupSynchronizationin interfaceGroupsManagerBl- Returns:
- True if suspended, false if synchronizing
-
validateMemberInGroup
Description copied from interface:GroupsManagerBlSet member's status in given group to VALID- Specified by:
validateMemberInGroupin interfaceGroupsManagerBl- Parameters:
sess- perun sessionmember- member whose status will be changedgroup- group in which given member will be validated
-