com.waveset.provision
Class WorkflowServices

java.lang.Object
  extended bycom.waveset.provision.WorkflowServices
All Implemented Interfaces:
UserViewConstants, ViewConstants, WorkflowApplication

public class WorkflowServices
extends java.lang.Object
implements WorkflowApplication, UserViewConstants

A WorkflowApplication that can perform various operations related to provisioning accounts and accessing resource objects.


Field Summary
static java.lang.String APPROVAL_APPROVERS
           
static java.lang.String APPROVAL_AUTH_TYPE
           
static java.lang.String APPROVAL_DELEGATORS
           
static java.lang.String APPROVAL_ESCALATORS
           
static java.lang.String APPROVAL_LISTENERS
           
static java.lang.String APPROVAL_NAME
           
static java.lang.String APPROVAL_OBJECT_NAME
           
static java.lang.String APPROVAL_OBJECT_TYPE
           
static java.lang.String APPROVAL_TIMEOUT
           
static java.lang.String APPROVAL_TIMEOUT_TASK
           
static java.lang.String ARG_ACCOUNT_GUID
           
static java.lang.String ARG_ACCOUNT_ID
           
static java.lang.String ARG_ACCOUNT_ID_LIST
           
static java.lang.String ARG_ACCOUNT_PASSWORD
           
static java.lang.String ARG_ADDITIONAL_APPROVERS
          Deprecated. - this should be removed when 'query' is supported in #deriveUsers(com.waveset.object.GenericObject, com.waveset.workflow.WorkflowContext) Optional recognized by getAdditionalApprovers to indicate any additional approvers to be included in the set of approvers. If not specified, no 'additional' approvals will be generated.
static java.lang.String ARG_ADDITIONAL_ESCALATORS
          Deprecated. - this should be removed when 'query' is supported in #deriveUsers(com.waveset.object.GenericObject, com.waveset.workflow.WorkflowContext) Optional recognized by getAdditionalApprovers to indicate any admins to which the approval will be escalated after a timeout.
static java.lang.String ARG_ALL_APPROVALS
          Option recognized by getApprovers to indiciate that an entire approver set should be calcuated even if the user already exists, and presumably has gone through an approval process once.
static java.lang.String ARG_ALLOW_PASSWORD_GENERATION
           
static java.lang.String ARG_APPROVAL_PENDING
           
static java.lang.String ARG_ATTRIBUTE_CHANGES
           
static java.lang.String ARG_CACHE
           
static java.lang.String ARG_CACHE_TIMEOUT
           
static java.lang.String ARG_CATCH
           
static java.lang.String ARG_CLEAR_CACHE
           
static java.lang.String ARG_CONDITIONS
           
static java.lang.String ARG_DEASSIGN
           
static java.lang.String ARG_DO_RESOURCES
           
static java.lang.String ARG_FORCE
           
static java.lang.String ARG_FORMATTED_CHANGES
           
static java.lang.String ARG_MAX_ERRORS
           
static java.lang.String ARG_NEW_ATTRIBUTES
           
static java.lang.String ARG_NEW_VALIDATOR
           
static java.lang.String ARG_NOTIFICATIONS
           
static java.lang.String ARG_OBJECT
           
static java.lang.String ARG_OBJECT_ID
           
static java.lang.String ARG_OBJECT_TYPE
           
static java.lang.String ARG_OP
           
static java.lang.String ARG_ORGANIZATION
           
static java.lang.String ARG_ORGANIZATIONS
           
static java.lang.String ARG_PREV_ATTRIBUTES
           
static java.lang.String ARG_REJECTOR
           
static java.lang.String ARG_RESOURCE
           
static java.lang.String ARG_RESOURCE_ID
           
static java.lang.String ARG_RESOURCE_IDS_LIST
           
static java.lang.String ARG_RESOURCE_NAME
           
static java.lang.String ARG_RESOURCES
           
static java.lang.String ARG_RESOURCES_TO_UNLINK
           
static java.lang.String ARG_RETRY_ENABLE
          Set to "true" if processing should be done for retries.
static java.lang.String ARG_ROLE
           
static java.lang.String ARG_ROLES
           
static java.lang.String ARG_RUN_AS_PASSWORD
           
static java.lang.String ARG_RUN_AS_USER
           
static java.lang.String ARG_SAVE_RESULTS
           
static java.lang.String ARG_SEARCH_ATTRS
           
static java.lang.String ARG_SEARCH_CONTEXT
           
static java.lang.String ARG_SEARCH_FILTER
           
static java.lang.String ARG_SEARCH_SCOPE
           
static java.lang.String ARG_SEARCH_TIME_LIMIT
           
static java.lang.String ARG_SERVICES
           
static java.lang.String ARG_SUBJECT
          Argument that may be passed into most methods to specify an alternate subject.
static java.lang.String ARG_SUBJECT_INTERNAL
          Special value for the ARG_SUBJECT argument that indicates that this is a request by the Idm system internals (e.g.
static java.lang.String ARG_SUBJECT_NONE
          Special value for the ARG_SUBJECT argument that indicates that no authorization is to be performed.
static java.lang.String ARG_TARGETS
           
static java.lang.String ARG_UNLINK_TARGETS
           
static java.lang.String ARG_USER
           
static java.lang.String AUTHZ_BYPASS_AUDITED
           
static java.lang.String code_id
           
static java.lang.String OP_APPROVE
           
static java.lang.String OP_AUDIT_RESOURCE_ACCOUNT
           
static java.lang.String OP_AUTHENTICATE_USER_CREDENTIALS
           
static java.lang.String OP_BULKREPROVISION
           
static java.lang.String OP_CHANGE_RESOURCE_ACCOUNT_PASSWORD
           
static java.lang.String OP_CHECK_DEPROVISION
           
static java.lang.String OP_CLEANUP_RESULT
           
static java.lang.String OP_CREATE_RESOURCE_OBJECT
           
static java.lang.String OP_DELETE_RESOURCE_ACCOUNT
           
static java.lang.String OP_DELETE_RESOURCE_OBJECT
           
static java.lang.String OP_DELETE_USER
           
static java.lang.String OP_DEPROVISION
           
static java.lang.String OP_DISABLE
           
static java.lang.String OP_ENABLE
           
static java.lang.String OP_GET_APPROVALS
           
static java.lang.String OP_GET_APPROVERS
           
static java.lang.String OP_GET_DELEGATES
           
static java.lang.String OP_GET_NOTIFICATIONS
           
static java.lang.String OP_GET_RESOURCE_OBJECT
           
static java.lang.String OP_LIST_RESOURCE_OBJECTS
           
static java.lang.String OP_LOCK
           
static java.lang.String OP_NOTIFY
           
static java.lang.String OP_PROVISION
           
static java.lang.String OP_QUESTION_LOCK
           
static java.lang.String OP_REJECT
           
static java.lang.String OP_REPROVISION
           
static java.lang.String OP_RUN_RESOURCE_ACTION
           
static java.lang.String OP_UNLINK_RESOURCE_ACCOUNTS_FROM_USER
           
static java.lang.String OP_UNLOCK
           
static java.lang.String OP_UPDATE_RESOURCE_OBJECT
           
static java.lang.String OP_VALIDATE
           
static java.lang.String RET_ACCOUNT_CREATED
          Variable we set set to indicate that the Waveset user was created.
static java.lang.String RET_APPROVALS
          Variable set by getApprovals that holds an object describing a set of approvals to perform.
static java.lang.String RET_DELEGATES
          Variable set by getDelegatees that holds a List containing the set of delegatees registered for a user.
static java.lang.String RET_FAILURES
           
static java.lang.String RET_NOTIFICATIONS
          Variable set by getApprovals that holds an object describing a set of approvals to perform.
static java.lang.String RET_PASSWORD_IS_VALID
           
static java.lang.String RET_RESOURCE_OBJECT
           
static java.lang.String RET_RESOURCE_OBJECTS
           
static java.lang.String RET_SUCCESSES
           
protected static Trace trace
           
static java.lang.String VAR_ACCOUNT_ID
          Variables we set as a side effect of validation.
static java.lang.String VAR_EMAIL
           
static java.lang.String VAR_FULLNAME
           
static java.lang.String VAR_NEXT_RETRY_COUNT
           
static java.lang.String VAR_NEXT_RETRY_TIME
           
static java.lang.String VAR_NOTIFICATION_LISTENERS
          Variable where we store the list of admins that want to be notified after provisioning.
static java.lang.String VAR_ORGANIZATION
           
static java.lang.String VAR_ORGANIZATION_APPROVERS
          Variable where we store the list of org approvers.
static java.lang.String VAR_PRIVATE_RESOURCES
           
static java.lang.String VAR_RESOURCES
          Variable where we store the resource approver list.
static java.lang.String VAR_RETRY_ACCOUNTID
           
static java.lang.String VAR_RETRY_EMAIL
           
static java.lang.String VAR_RETRY_EMAIL_THRESHOLD
           
static java.lang.String VAR_RETRY_INFO
          Variable where we store information about retries for resources.
static java.lang.String VAR_RETRY_LAST_ERROR
           
static java.lang.String VAR_RETRY_OP
           
static java.lang.String VAR_RETRY_REFERENCED
           
static java.lang.String VAR_RETRY_RESOURCE
           
static java.lang.String VAR_RETRY_RESOURCES
           
static java.lang.String VAR_RETRY_TEMPID
           
static java.lang.String VAR_RETRY_TIMEOUT
           
static java.lang.String VAR_ROLE
           
static java.lang.String VAR_ROLE_APPROVERS
          Variable where we store the list of role approvers.
static java.lang.String VAR_ROLES
           
static java.lang.String VAR_USER
          Name of the variable holding the user view.
 
Fields inherited from interface com.waveset.session.UserViewConstants
ATT_ACCOUNTS_LIGHTHOUSE, ATT_ALT_FORM, ATT_ASSIGNED_RESOURCES, ATT_AUTHENTICATED_ID, ATT_AVAILABLE_RESOURCES, ATT_BACKGROUND_SAVE, ATT_EVENT_TYPE, ATT_FORM, ATT_NO_FETCH, ATT_PAGE, ATT_REGENERATE, ATT_RESOURCE_SPEC, ATT_SYSTEM, ATT_SYSTEM_GENERATE, ATT_SYSTEM_LINK, ATT_SYSTEM_REGENERATE, EVENT_TYPE_CREATE, EVENT_TYPE_UPDATE, FAKE_PASSWORD, OP_ALLOW_LOCAL_SOURCES, OP_ALLOW_PASSWORD_GENERATION, OP_APPLY_META_VIEW, OP_AUDIT_ACTION, OP_BUILD_APPROVER_LISTS, OP_BULK_LOAD, OP_CALL_VIEW_VALIDATORS, OP_CHECK_ADDITIONAL_RIGHTS, OP_CLONE, OP_CREDENTIALS, OP_FORWARDING_APPROVER_STYLE, OP_FULL_VIEW, OP_GET_NEW_QUESTIONS, OP_INCLUDE_AVAILABLE, OP_INCLUDE_DIFFERENCES, OP_INCLUDE_DISCOVERY, OP_INTERACTIVE_LINKING, OP_LOAD, OP_NO_AUTO_EXPIRE, OP_NO_LINKING, OP_NO_MISSING_FIELDS, OP_NO_REPROVISION, OP_NO_SYNC_WAVESET_PASSWORD, OP_OBFUSCATE_ANSWERS, OP_PARENT_CAPABILITY, OP_PARTIAL_META_VIEW, OP_REFRESH, OP_REQUIRES_CHALLENGE, OP_RESULT, OP_SELECT_RESOURCES, OP_SOURCE_RESOURCE, OP_TARGET_RESOURCES, OP_TARGETS, OP_TEST, PAGE_EDIT, PAGE_SELECT, VIEW_READ_ONLY, VIEW_TYPE
 
Fields inherited from interface com.waveset.object.ViewConstants
ATT_COMMAND, ATT_DERIVED_FORM, ATT_ERRORS, ATT_FORCE_VALIDATION, ATT_NO_VALIDATION, ATT_PROCESS_INPUTS, ATT_REQUEST_STATE, ATT_RETURNING_FROM_REDIRECT, ATT_SESSION, ATT_SPE_CONTEXT, IDM_RESOURCE, LIGHTHOUSE_RESOURCE, OP_ALLOWED_WORK_ITEM_TRANSITIONS, OP_BACKGROUND, OP_DEFER_COMMIT, OP_FORM, OP_INTERACTIVE, OP_NEED_SPE_CONTEXT, OP_NO_DISABLE_HINT, OP_NO_FETCH, OP_OBJECT_ID, OP_OBJECT_TYPE, OP_ORGANIZATION, OP_PROCESS, OP_RAW, OP_TASK_RESULT, RESULT_ALLOWED_WORK_ITEM_TRANSITIONS, RESULT_CONTINUE, RESULT_KEEP_VIEW, RESULT_REQUIRES_CHALLENGE, RESULT_TASK_STATUS, RESULT_USER, TASK_STATUS_ERROR
 
Constructor Summary
WorkflowServices()
           
 
Method Summary
 WavesetResult call(WorkflowContext context)
          Called by the workflow engine when it wants us to do something.
 WSUser checkForwarding(WorkflowContext context, PersistentObject obj, WSUser start, WavesetResult result, boolean checkApproverRights)
          Given an administator, check for forwarding.
 void destroy()
          Called by the workflow engine when it no longer needs us.
 WavesetResult getApprovers(WorkflowContext context)
          Given the account ID of an existing user, determine the approvers for objects associated with the user.
 java.util.Map getAuthenticationResources(WorkflowContext context, boolean includeLighthouse)
          This is a handy utility that exists in a few places.
static java.lang.String getCaseOwner(WorkflowContext context)
          Return the workflow case owner.
static java.lang.String getLoginAppName(WorkflowContext context)
          Determine the login app name for loging.
protected  ResourceResult getMatchingResourceResult(ResourceResult rrToMatch, WavesetResult wavesetResult)
          Find the ResourceResource result in wavesetResult that is for the resource resourceName.
protected  ResourceInfo getProvisioningTarget(java.lang.String resName, java.lang.String accountId, EncryptedData password, boolean isReset, WorkflowContext context)
          Utility to create a "provisioning target" object that corresponds to an account object in the view.
protected  GenericObject getRetryInfo(WorkflowContext context)
          Retrieve the retrry info from the context.
static Subject getSubject(WorkflowContext context)
          Get the effective subject to be used for this application call.
static com.waveset.server.ViewMaster getViewMaster(WorkflowContext context)
          Get a view master for use with this operation.
 void init()
          Initializes the object for use as a Workflow application.
 boolean isApprover(WorkflowContext context, PersistentObject obj, WSUser admin)
          Check to see if an administrator has approval rights without propagating an exception.
protected  void mergeResourceResults(ResourceResult masterResult, ResourceResult result)
          Add result to masterResult, but add it inside its own WavesetResult so the ResultItems associated with the added result are kept together.
 WavesetResult notify(WorkflowContext context)
          Send a notification.
protected  void processResultsForRetry(WorkflowContext context, WavesetResult result)
          If the operation just completed was a retry of a previous operation merge the results with the previous resource result and remove them from the result returned from this operation.
 WavesetResult validate(WorkflowContext context)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

trace

protected static final Trace trace

OP_VALIDATE

public static final java.lang.String OP_VALIDATE
See Also:
Constant Field Values

OP_GET_APPROVALS

public static final java.lang.String OP_GET_APPROVALS
See Also:
Constant Field Values

OP_GET_NOTIFICATIONS

public static final java.lang.String OP_GET_NOTIFICATIONS
See Also:
Constant Field Values

OP_PROVISION

public static final java.lang.String OP_PROVISION
See Also:
Constant Field Values

OP_REPROVISION

public static final java.lang.String OP_REPROVISION
See Also:
Constant Field Values

OP_BULKREPROVISION

public static final java.lang.String OP_BULKREPROVISION
See Also:
Constant Field Values

OP_DEPROVISION

public static final java.lang.String OP_DEPROVISION
See Also:
Constant Field Values

OP_APPROVE

public static final java.lang.String OP_APPROVE
See Also:
Constant Field Values

OP_REJECT

public static final java.lang.String OP_REJECT
See Also:
Constant Field Values

OP_CHECK_DEPROVISION

public static final java.lang.String OP_CHECK_DEPROVISION
See Also:
Constant Field Values

OP_DELETE_USER

public static final java.lang.String OP_DELETE_USER
See Also:
Constant Field Values

OP_GET_APPROVERS

public static final java.lang.String OP_GET_APPROVERS
See Also:
Constant Field Values

OP_GET_DELEGATES

public static final java.lang.String OP_GET_DELEGATES
See Also:
Constant Field Values

OP_AUDIT_RESOURCE_ACCOUNT

public static final java.lang.String OP_AUDIT_RESOURCE_ACCOUNT
See Also:
Constant Field Values

OP_DELETE_RESOURCE_ACCOUNT

public static final java.lang.String OP_DELETE_RESOURCE_ACCOUNT
See Also:
Constant Field Values

OP_UNLINK_RESOURCE_ACCOUNTS_FROM_USER

public static final java.lang.String OP_UNLINK_RESOURCE_ACCOUNTS_FROM_USER
See Also:
Constant Field Values

OP_DISABLE

public static final java.lang.String OP_DISABLE
See Also:
Constant Field Values

OP_ENABLE

public static final java.lang.String OP_ENABLE
See Also:
Constant Field Values

OP_LOCK

public static final java.lang.String OP_LOCK
See Also:
Constant Field Values

OP_UNLOCK

public static final java.lang.String OP_UNLOCK
See Also:
Constant Field Values

OP_QUESTION_LOCK

public static final java.lang.String OP_QUESTION_LOCK
See Also:
Constant Field Values

OP_CREATE_RESOURCE_OBJECT

public static final java.lang.String OP_CREATE_RESOURCE_OBJECT
See Also:
Constant Field Values

OP_UPDATE_RESOURCE_OBJECT

public static final java.lang.String OP_UPDATE_RESOURCE_OBJECT
See Also:
Constant Field Values

OP_DELETE_RESOURCE_OBJECT

public static final java.lang.String OP_DELETE_RESOURCE_OBJECT
See Also:
Constant Field Values

OP_CLEANUP_RESULT

public static final java.lang.String OP_CLEANUP_RESULT
See Also:
Constant Field Values

OP_NOTIFY

public static final java.lang.String OP_NOTIFY
See Also:
Constant Field Values

OP_CHANGE_RESOURCE_ACCOUNT_PASSWORD

public static final java.lang.String OP_CHANGE_RESOURCE_ACCOUNT_PASSWORD
See Also:
Constant Field Values

OP_AUTHENTICATE_USER_CREDENTIALS

public static final java.lang.String OP_AUTHENTICATE_USER_CREDENTIALS
See Also:
Constant Field Values

OP_GET_RESOURCE_OBJECT

public static final java.lang.String OP_GET_RESOURCE_OBJECT
See Also:
Constant Field Values

OP_LIST_RESOURCE_OBJECTS

public static final java.lang.String OP_LIST_RESOURCE_OBJECTS
See Also:
Constant Field Values

OP_RUN_RESOURCE_ACTION

public static final java.lang.String OP_RUN_RESOURCE_ACTION
See Also:
Constant Field Values

ARG_OP

public static final java.lang.String ARG_OP
See Also:
Constant Field Values

ARG_SUBJECT

public static final java.lang.String ARG_SUBJECT
Argument that may be passed into most methods to specify an alternate subject. If not specified, it defaults to the Subject that owns the workflow process.

See Also:
Constant Field Values

ARG_SUBJECT_NONE

public static final java.lang.String ARG_SUBJECT_NONE
Special value for the ARG_SUBJECT argument that indicates that no authorization is to be performed. Use with care.

See Also:
Constant Field Values

ARG_SUBJECT_INTERNAL

public static final java.lang.String ARG_SUBJECT_INTERNAL
Special value for the ARG_SUBJECT argument that indicates that this is a request by the Idm system internals (e.g. when a user exceeds the max number of failed logins and the user's account is locked by the system). Use with care.

See Also:
Constant Field Values

ARG_ALL_APPROVALS

public static final java.lang.String ARG_ALL_APPROVALS
Option recognized by getApprovers to indiciate that an entire approver set should be calcuated even if the user already exists, and presumably has gone through an approval process once.

See Also:
Constant Field Values

ARG_ADDITIONAL_APPROVERS

public static final java.lang.String ARG_ADDITIONAL_APPROVERS
Deprecated. - this should be removed when 'query' is supported in #deriveUsers(com.waveset.object.GenericObject, com.waveset.workflow.WorkflowContext) Optional recognized by getAdditionalApprovers to indicate any additional approvers to be included in the set of approvers. If not specified, no 'additional' approvals will be generated.

See Also:
Constant Field Values

ARG_ADDITIONAL_ESCALATORS

public static final java.lang.String ARG_ADDITIONAL_ESCALATORS
Deprecated. - this should be removed when 'query' is supported in #deriveUsers(com.waveset.object.GenericObject, com.waveset.workflow.WorkflowContext) Optional recognized by getAdditionalApprovers to indicate any admins to which the approval will be escalated after a timeout.

See Also:
Constant Field Values

ARG_DO_RESOURCES

public static final java.lang.String ARG_DO_RESOURCES
See Also:
Constant Field Values

ARG_APPROVAL_PENDING

public static final java.lang.String ARG_APPROVAL_PENDING
See Also:
Constant Field Values

ARG_ALLOW_PASSWORD_GENERATION

public static final java.lang.String ARG_ALLOW_PASSWORD_GENERATION
See Also:
Constant Field Values

ARG_TARGETS

public static final java.lang.String ARG_TARGETS
See Also:
Constant Field Values

ARG_UNLINK_TARGETS

public static final java.lang.String ARG_UNLINK_TARGETS
See Also:
Constant Field Values

ARG_SERVICES

public static final java.lang.String ARG_SERVICES
See Also:
Constant Field Values

ARG_DEASSIGN

public static final java.lang.String ARG_DEASSIGN
See Also:
Constant Field Values

ARG_RESOURCES_TO_UNLINK

public static final java.lang.String ARG_RESOURCES_TO_UNLINK
See Also:
Constant Field Values

ARG_RESOURCE

public static final java.lang.String ARG_RESOURCE
See Also:
Constant Field Values

ARG_RESOURCES

public static final java.lang.String ARG_RESOURCES
See Also:
Constant Field Values

ARG_RESOURCE_NAME

public static final java.lang.String ARG_RESOURCE_NAME
See Also:
Constant Field Values

ARG_PREV_ATTRIBUTES

public static final java.lang.String ARG_PREV_ATTRIBUTES
See Also:
Constant Field Values

ARG_NEW_ATTRIBUTES

public static final java.lang.String ARG_NEW_ATTRIBUTES
See Also:
Constant Field Values

ARG_ATTRIBUTE_CHANGES

public static final java.lang.String ARG_ATTRIBUTE_CHANGES
See Also:
Constant Field Values

ARG_FORMATTED_CHANGES

public static final java.lang.String ARG_FORMATTED_CHANGES
See Also:
Constant Field Values

ARG_REJECTOR

public static final java.lang.String ARG_REJECTOR
See Also:
Constant Field Values

ARG_FORCE

public static final java.lang.String ARG_FORCE
See Also:
Constant Field Values

ARG_ACCOUNT_ID

public static final java.lang.String ARG_ACCOUNT_ID
See Also:
Constant Field Values

ARG_ACCOUNT_ID_LIST

public static final java.lang.String ARG_ACCOUNT_ID_LIST
See Also:
Constant Field Values

ARG_ACCOUNT_GUID

public static final java.lang.String ARG_ACCOUNT_GUID
See Also:
Constant Field Values

ARG_USER

public static final java.lang.String ARG_USER
See Also:
Constant Field Values

ARG_NEW_VALIDATOR

public static final java.lang.String ARG_NEW_VALIDATOR
See Also:
Constant Field Values

ARG_CATCH

public static final java.lang.String ARG_CATCH
See Also:
Constant Field Values

ARG_ROLE

public static final java.lang.String ARG_ROLE
See Also:
Constant Field Values

ARG_ROLES

public static final java.lang.String ARG_ROLES
See Also:
Constant Field Values

ARG_ORGANIZATION

public static final java.lang.String ARG_ORGANIZATION
See Also:
Constant Field Values

ARG_ORGANIZATIONS

public static final java.lang.String ARG_ORGANIZATIONS
See Also:
Constant Field Values

ARG_CONDITIONS

public static final java.lang.String ARG_CONDITIONS
See Also:
Constant Field Values

ARG_MAX_ERRORS

public static final java.lang.String ARG_MAX_ERRORS
See Also:
Constant Field Values

ARG_SAVE_RESULTS

public static final java.lang.String ARG_SAVE_RESULTS
See Also:
Constant Field Values

RET_SUCCESSES

public static final java.lang.String RET_SUCCESSES
See Also:
Constant Field Values

RET_FAILURES

public static final java.lang.String RET_FAILURES
See Also:
Constant Field Values

ARG_NOTIFICATIONS

public static final java.lang.String ARG_NOTIFICATIONS
See Also:
Constant Field Values

AUTHZ_BYPASS_AUDITED

public static final java.lang.String AUTHZ_BYPASS_AUDITED
See Also:
Constant Field Values

ARG_ACCOUNT_PASSWORD

public static final java.lang.String ARG_ACCOUNT_PASSWORD
See Also:
Constant Field Values

RET_PASSWORD_IS_VALID

public static final java.lang.String RET_PASSWORD_IS_VALID
See Also:
Constant Field Values

ARG_RESOURCE_ID

public static final java.lang.String ARG_RESOURCE_ID
See Also:
Constant Field Values

ARG_OBJECT_ID

public static final java.lang.String ARG_OBJECT_ID
See Also:
Constant Field Values

ARG_SEARCH_ATTRS

public static final java.lang.String ARG_SEARCH_ATTRS
See Also:
Constant Field Values

RET_RESOURCE_OBJECT

public static final java.lang.String RET_RESOURCE_OBJECT
See Also:
Constant Field Values

ARG_RESOURCE_IDS_LIST

public static final java.lang.String ARG_RESOURCE_IDS_LIST
See Also:
Constant Field Values

RET_RESOURCE_OBJECTS

public static final java.lang.String RET_RESOURCE_OBJECTS
See Also:
Constant Field Values

ARG_SEARCH_CONTEXT

public static final java.lang.String ARG_SEARCH_CONTEXT
See Also:
Constant Field Values

ARG_SEARCH_FILTER

public static final java.lang.String ARG_SEARCH_FILTER
See Also:
Constant Field Values

ARG_SEARCH_SCOPE

public static final java.lang.String ARG_SEARCH_SCOPE
See Also:
Constant Field Values

ARG_SEARCH_TIME_LIMIT

public static final java.lang.String ARG_SEARCH_TIME_LIMIT
See Also:
Constant Field Values

ARG_RUN_AS_USER

public static final java.lang.String ARG_RUN_AS_USER
See Also:
Constant Field Values

ARG_RUN_AS_PASSWORD

public static final java.lang.String ARG_RUN_AS_PASSWORD
See Also:
Constant Field Values

ARG_CACHE

public static final java.lang.String ARG_CACHE
See Also:
Constant Field Values

ARG_CACHE_TIMEOUT

public static final java.lang.String ARG_CACHE_TIMEOUT
See Also:
Constant Field Values

ARG_CLEAR_CACHE

public static final java.lang.String ARG_CLEAR_CACHE
See Also:
Constant Field Values

VAR_USER

public static final java.lang.String VAR_USER
Name of the variable holding the user view.

See Also:
Constant Field Values

VAR_ACCOUNT_ID

public static final java.lang.String VAR_ACCOUNT_ID
Variables we set as a side effect of validation. This is only for backward compatibility with older workflows and Approval Form which expected to see these as top-level attributes.

See Also:
Constant Field Values

VAR_ROLE

public static final java.lang.String VAR_ROLE
See Also:
Constant Field Values

VAR_ROLES

public static final java.lang.String VAR_ROLES
See Also:
Constant Field Values

VAR_PRIVATE_RESOURCES

public static final java.lang.String VAR_PRIVATE_RESOURCES
See Also:
Constant Field Values

VAR_ORGANIZATION

public static final java.lang.String VAR_ORGANIZATION
See Also:
Constant Field Values

VAR_EMAIL

public static final java.lang.String VAR_EMAIL
See Also:
Constant Field Values

VAR_FULLNAME

public static final java.lang.String VAR_FULLNAME
See Also:
Constant Field Values

VAR_ROLE_APPROVERS

public static final java.lang.String VAR_ROLE_APPROVERS
Variable where we store the list of role approvers. Set by validate() and getApprovers()

See Also:
Constant Field Values

VAR_ORGANIZATION_APPROVERS

public static final java.lang.String VAR_ORGANIZATION_APPROVERS
Variable where we store the list of org approvers. Set by validate() and getApprovers()

See Also:
Constant Field Values

VAR_RESOURCES

public static final java.lang.String VAR_RESOURCES
Variable where we store the resource approver list. This is a list of objects with attributes "name" being the name of the resource and "approvers" a list of approver names.

In the older "NewValidator" class, this was a list of lists.

See Also:
Constant Field Values

VAR_NOTIFICATION_LISTENERS

public static final java.lang.String VAR_NOTIFICATION_LISTENERS
Variable where we store the list of admins that want to be notified after provisioning.

See Also:
Constant Field Values

VAR_RETRY_INFO

public static final java.lang.String VAR_RETRY_INFO
Variable where we store information about retries for resources. NOTE: to support multiple accounts per resource intriduced in 3.1, the resources list (below) is no longer indexed by resource name. Instead it is indexed by the ResourceInfo qualified name which is a combination of the resource name and account ID. Retries are currently supported for account provision, reProvision, deProvision, enable, and disable. The "Provision With Retries" subprocess should be used when retries will be supported for this operations. If retries are enabled (ARG_RETRY_ENABLE is set to true), then a the "retryInfo" generic object will be added to the workflow context variables to keep track of which resources need to be retried and which do not. The generic object looks like this: retryInfo - the generic object itself retryInfo.timeout - the number of seconds before the next resource should be retried. This is derived from the nextRetry for each resource (below). retryInfo.resources[*] - the set of resources for which retry info is being tracked, indexed by resource info qualified name retryInfo.resources[].nextRetry - a string representing the date/time for the next retry for that resource retryInfo.resources[].nextRetryCount - the count of the next retry (i.e. it's pre-incremented) retryInfo.resources[].email - email addresses to send notification retryInfo.resources[].emailThreshold - send email when try this many times retryInfo.resources[].lastError - the last provisioning error retryInfo.resources[].op - create,update,delete retryInfo.resources[].emailSent - whether notify has been set retryInfo.resources[].accountId - resource account id retryInfo.resources[].resource - resource name Retries are now also supported for resource object create, update, and delete. The retryInfo variable is still used to keep track of the retry state, but it no longer needs the "resources[]" since these are only operating on one resource object at a time. So the retryInfo generic object for resource object operations looks like this: retryInfo - the generic object itself retryInfo.timeout - the number of seconds before next retry retryInfo.nextRetryCount - the count of the next retry (pre-incremented) retryInfo.email - email to send retry notification to retryInfo.emailThreshold - count after which to send notification retryInfo.lastError - the error message from the last retry retryInfo.resource - the name of the resource

See Also:
Constant Field Values

VAR_RETRY_TIMEOUT

public static final java.lang.String VAR_RETRY_TIMEOUT
See Also:
Constant Field Values

VAR_RETRY_RESOURCES

public static final java.lang.String VAR_RETRY_RESOURCES
See Also:
Constant Field Values

VAR_NEXT_RETRY_TIME

public static final java.lang.String VAR_NEXT_RETRY_TIME
See Also:
Constant Field Values

VAR_NEXT_RETRY_COUNT

public static final java.lang.String VAR_NEXT_RETRY_COUNT
See Also:
Constant Field Values

VAR_RETRY_EMAIL

public static final java.lang.String VAR_RETRY_EMAIL
See Also:
Constant Field Values

VAR_RETRY_EMAIL_THRESHOLD

public static final java.lang.String VAR_RETRY_EMAIL_THRESHOLD
See Also:
Constant Field Values

VAR_RETRY_RESOURCE

public static final java.lang.String VAR_RETRY_RESOURCE
See Also:
Constant Field Values

VAR_RETRY_LAST_ERROR

public static final java.lang.String VAR_RETRY_LAST_ERROR
See Also:
Constant Field Values

VAR_RETRY_OP

public static final java.lang.String VAR_RETRY_OP
See Also:
Constant Field Values

VAR_RETRY_ACCOUNTID

public static final java.lang.String VAR_RETRY_ACCOUNTID
See Also:
Constant Field Values

VAR_RETRY_TEMPID

public static final java.lang.String VAR_RETRY_TEMPID
See Also:
Constant Field Values

VAR_RETRY_REFERENCED

public static final java.lang.String VAR_RETRY_REFERENCED
See Also:
Constant Field Values

ARG_RETRY_ENABLE

public static final java.lang.String ARG_RETRY_ENABLE
Set to "true" if processing should be done for retries.

See Also:
Constant Field Values

RET_ACCOUNT_CREATED

public static final java.lang.String RET_ACCOUNT_CREATED
Variable we set set to indicate that the Waveset user was created. Do we need this now that we can put things in the WavesetResult?

See Also:
Constant Field Values

RET_APPROVALS

public static final java.lang.String RET_APPROVALS
Variable set by getApprovals that holds an object describing a set of approvals to perform.

See Also:
Constant Field Values

RET_DELEGATES

public static final java.lang.String RET_DELEGATES
Variable set by getDelegatees that holds a List containing the set of delegatees registered for a user.

See Also:
Constant Field Values

RET_NOTIFICATIONS

public static final java.lang.String RET_NOTIFICATIONS
Variable set by getApprovals that holds an object describing a set of approvals to perform.

See Also:
Constant Field Values

APPROVAL_NAME

public static final java.lang.String APPROVAL_NAME
See Also:
Constant Field Values

APPROVAL_OBJECT_TYPE

public static final java.lang.String APPROVAL_OBJECT_TYPE
See Also:
Constant Field Values

APPROVAL_OBJECT_NAME

public static final java.lang.String APPROVAL_OBJECT_NAME
See Also:
Constant Field Values

APPROVAL_AUTH_TYPE

public static final java.lang.String APPROVAL_AUTH_TYPE
See Also:
Constant Field Values

APPROVAL_APPROVERS

public static final java.lang.String APPROVAL_APPROVERS
See Also:
Constant Field Values

APPROVAL_DELEGATORS

public static final java.lang.String APPROVAL_DELEGATORS
See Also:
Constant Field Values

APPROVAL_LISTENERS

public static final java.lang.String APPROVAL_LISTENERS
See Also:
Constant Field Values

APPROVAL_ESCALATORS

public static final java.lang.String APPROVAL_ESCALATORS
See Also:
Constant Field Values

APPROVAL_TIMEOUT

public static final java.lang.String APPROVAL_TIMEOUT
See Also:
Constant Field Values

APPROVAL_TIMEOUT_TASK

public static final java.lang.String APPROVAL_TIMEOUT_TASK
See Also:
Constant Field Values

ARG_OBJECT_TYPE

public static final java.lang.String ARG_OBJECT_TYPE
See Also:
Constant Field Values

ARG_OBJECT

public static final java.lang.String ARG_OBJECT
See Also:
Constant Field Values
Constructor Detail

WorkflowServices

public WorkflowServices()
                 throws WavesetException
Method Detail

getCaseOwner

public static java.lang.String getCaseOwner(WorkflowContext context)
                                     throws WavesetException
Return the workflow case owner. Somewhere along the way, we started requesting the VAR_CASE_OWNER variable rather than calling context.getUser which returns the TaskInstance owner. I'm not sure why that was done since VAR_CASE_OWNER is always initialized to be the task instance owner. Referencing the variable does however allow it to be dynamically changed, so leave it that way. Other comments indicate that a task may not have an owner if it was launched anonymously, though I think the TaskInstance should still have a name?

Throws:
WavesetException

getLoginAppName

public static java.lang.String getLoginAppName(WorkflowContext context)
                                        throws WavesetException
Determine the login app name for loging. Eventually this will be buried in the Subject.

Throws:
WavesetException

getSubject

public static Subject getSubject(WorkflowContext context)
                          throws WavesetException
Get the effective subject to be used for this application call.

Throws:
WavesetException

getViewMaster

public static com.waveset.server.ViewMaster getViewMaster(WorkflowContext context)
                                                   throws WavesetException
Get a view master for use with this operation. The effective subject will default to the task owner or may be passed in.

NOTE: Now that we have to have access to a LocalSession to run form expressions, we may as well just create it here rather than deferring it to ViewMaster.prepareViewSession.

Throws:
WavesetException

init

public void init()
Initializes the object for use as a Workflow application.

Specified by:
init in interface WorkflowApplication

destroy

public void destroy()
Called by the workflow engine when it no longer needs us.

Specified by:
destroy in interface WorkflowApplication

call

public WavesetResult call(WorkflowContext context)
Called by the workflow engine when it wants us to do something.

We first look at the "op" argument and dispatch to a handler method.

Specified by:
call in interface WorkflowApplication

getRetryInfo

protected GenericObject getRetryInfo(WorkflowContext context)
                              throws WavesetException
Retrieve the retrry info from the context. If it's not there, then add it, so we can store info in it later.

Throws:
WavesetException

processResultsForRetry

protected void processResultsForRetry(WorkflowContext context,
                                      WavesetResult result)
                               throws WavesetException
If the operation just completed was a retry of a previous operation merge the results with the previous resource result and remove them from the result returned from this operation. If the result has an error before the merged results were removed, add a "null" error to the result so the WF_ACTION_ERROR variable will get set. You can use OP_CLEANUP_RESULT operation to clean up these "null" results.

Throws:
WavesetException

getMatchingResourceResult

protected ResourceResult getMatchingResourceResult(ResourceResult rrToMatch,
                                                   WavesetResult wavesetResult)
Find the ResourceResource result in wavesetResult that is for the resource resourceName.


mergeResourceResults

protected void mergeResourceResults(ResourceResult masterResult,
                                    ResourceResult result)
Add result to masterResult, but add it inside its own WavesetResult so the ResultItems associated with the added result are kept together. This will keep these messages together when they are displayed.


checkForwarding

public WSUser checkForwarding(WorkflowContext context,
                              PersistentObject obj,
                              WSUser start,
                              WavesetResult result,
                              boolean checkApproverRights)
                       throws WavesetException
Given an administator, check for forwarding. Also make sure the administrator we return has approval rights. Note that if we detect cycles, we always return the original user. In releases prior to v4 we would return the previous user in the cycle, but this would cause the owner to keep moving whenever CheckinVisitor was called.

Throws:
WavesetException

isApprover

public boolean isApprover(WorkflowContext context,
                          PersistentObject obj,
                          WSUser admin)
                   throws WavesetException
Check to see if an administrator has approval rights without propagating an exception. NOTE: This is the only place where AccessPolicy leaks out of the LighthouseContext interface. Since all this does is AdminGroup analysis, it could be moved to WSUser or some other "auth util" object. Alternately, LighthouseContext can grow a method for this, but I'm trying to avoid that.

Throws:
WavesetException

validate

public WavesetResult validate(WorkflowContext context)
                       throws WavesetException
Throws:
WavesetException

getApprovers

public WavesetResult getApprovers(WorkflowContext context)
                           throws WavesetException
Given the account ID of an existing user, determine the approvers for objects associated with the user.

Throws:
WavesetException

getAuthenticationResources

public java.util.Map getAuthenticationResources(WorkflowContext context,
                                                boolean includeLighthouse)
                                         throws WavesetException
This is a handy utility that exists in a few places. Consider moving it.

Return information about all the currently configured pass-through authentication resources. A map is returned whose keys are the resource names. The values in the map are the "control" flags defined for this resource, one of the constants: optional, required, requisite, or sufficient.

Throws:
WavesetException

getProvisioningTarget

protected ResourceInfo getProvisioningTarget(java.lang.String resName,
                                             java.lang.String accountId,
                                             EncryptedData password,
                                             boolean isReset,
                                             WorkflowContext context)
                                      throws WavesetException
Utility to create a "provisioning target" object that corresponds to an account object in the view.

Throws:
WavesetException

notify

public WavesetResult notify(WorkflowContext context)
Send a notification.