|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
The Session interface defines the API used by applications to make requests of the Lighthouse server.
A session object is normally created by calling a static method on the SessionFactory class.
Methods in the Session interface are divided into the following categories.
The Rights and Permissions methods may be used by an application that wishes to taylor its display of commands based upon the operations that the authenticated user is allowed to perform.
The Plugins methods are used to obtain information about the pluggable components of the system, including resource adapters, and validation policies.
The Objects methods are used to read, create, modify, and delete objects in the repository.
The Query methods are used to interrogate the repository and retieve collections of objects.
The Workflow methods are used to obtain lists of work items assigned to administrators, and approve or reject those items.
The Provisioning methods are used to perform modifications to end-user accounts. This includes account creation, password reset, and reprovisiong.
The End-user Operations methods are intended for use by applications that provide an interface to end-users rather than administrators. Supported operations include password changes, and editing of a subset of the user's account attributes.
The Bulk Load methods provide an interface for performing bulk loading of the repository.
The Test methods are provided to enable testability of the system. These methods are intended for use only by the tests, they should never be called by applications. They are not formally supported and can change without warning.
SessionFactory
Nested Class Summary | |
static class |
Session.Scope
|
Field Summary |
Fields inherited from interface com.waveset.object.LighthouseContext |
COMP_ACCESS_POLICY, COMP_AUTH_CACHE, COMP_LOGIN_CONFIG_INFO, COMP_PROVISIONER, COMP_RECONCILER, COMP_REPOSITORY, COMP_SUBJECT_AUTH_CACHE, COMP_TASK_MANAGER, COMP_WORKFLOW, OP_CACHE, OP_CACHE_TIMEOUT, OP_CLEAR_CACHE, OP_NO_RESULT |
Fields inherited from interface com.waveset.object.ObjectSource |
HIGH_VALUES, OP_ALLOW_NOT_FOUND, OP_ATTRIBUTES, OP_BLOCK_SIZE, OP_BUFFERED, OP_CONDITIONS, OP_END_BEFORE, OP_FAST, OP_FILTER, OP_FORCE, OP_KEEP_LOCK, OP_MAX_ROWS, OP_NO_CACHE, OP_NO_RULE_DRIVEN_MEMBERS, OP_ONLY_NAMES, OP_ORDER_BY, OP_START_AFTER, OP_SUBJECT, OP_SUBTYPES, OP_USER |
Fields inherited from interface com.waveset.object.RuleExecutor |
code_id |
Fields inherited from interface com.sun.idm.idmx.api.IDMXConstants |
code_id, COMP_AUTHENTICATOR, COMP_CHANGE_NOTIFIER, COMP_PERSISTENT_TRANSACTION_STORE, COMP_TRANSACTION_MANAGER, CONFIGURATION_ID, LOCAL_HOST, OP_ATTRS_TO_GET, OP_AUDIT, OP_NO_TRANSACTIONS, PRE_AUTHENTICATED_USER_LOGIN_TYPE, SPE_LOGIN_USER_INTERFACE, USER_LOGIN_TYPE |
Method Summary | |
void |
approveWorkItem(java.lang.String itemId)
Approves a workflow work item. |
void |
breakLock(Type type,
java.lang.String id)
Forcibly remove the lock on an object. |
java.lang.Object |
callRule(ExState state,
java.lang.String name,
java.util.Map args)
Evaluate a rule. |
void |
changeAdminPassword(java.lang.String name,
EncryptedData newPassword)
Change the password of an administrator. |
WavesetResult |
changePassword(EncryptedData newPassword)
Changes the password of the currently authenticated user or administrator. |
WavesetResult |
checkinObject(PersistentObject object)
Stores the modifications to an object, and releases the lock. |
PersistentObject |
checkoutObject(Type type,
java.lang.String id)
Lock and retrieve an object for editing. |
void |
clearCache()
Clears the cache managed by this session. |
void |
clearListCache(Type type,
java.lang.String ogNameOrId)
Initialize the list cache. |
void |
clearResourceObjectGetCache(java.util.Map options)
Clear specified resource object lists from the cache |
void |
clearResourceObjectGetCache(java.lang.String subjectName,
java.lang.String objectType,
java.lang.String resId)
Clear all resource object lists from the cache for all users including default |
void |
clearResourceObjectListCache(java.util.Map options)
Clear specified resource object lists from the cache |
void |
clearResourceObjectListCache(java.lang.String subjectName,
java.lang.String resourceObjectType,
java.lang.String resId)
Clear all resource object lists from the cache for all users including default |
void |
clearServerCache()
A test method that clears the server cache. |
void |
clearSubject()
Removes the subject from this session. |
void |
createObject(PersistentObject object)
Creates a new object in the repository. |
WavesetResult |
deleteAccount(java.lang.String userName,
boolean force)
Deletes a waveset user object. |
void |
deleteObject(Type type,
java.lang.String id)
Permanently remove an object from the repository. |
void |
deleteObject(Type type,
java.lang.String id,
boolean force)
Permanently remove an object from the repository. |
void |
deleteObjects(Type type,
java.lang.String objectGroupName,
Session.Scope scope)
Delete objects of the specified type which are members of the specified object group |
void |
deleteObjects(Type type,
java.lang.String objectGroupName,
Session.Scope scope,
boolean force)
|
void |
deleteTask(java.lang.String taskId)
Delete a finished task. |
WavesetResult |
deProvision(java.lang.String userName)
Deprovision accounts for an existing user. |
WavesetResult |
deProvision(java.lang.String objectGroupName,
Session.Scope scope)
DeProvision accounts for user's which are members of the specified object group |
void |
dump()
A test method that dumps information to the console. |
void |
exportObjects(java.lang.String typeSet,
java.io.OutputStream stream,
BulkMonitor monitor)
Export objects in a type set to a stream. |
void |
exportObjects(java.lang.String typeSet,
java.lang.String filename,
BulkMonitor monitor)
Generate an exchange file containing the XML representation for objects in the respository. |
void |
exportObjects(java.lang.String typeSet,
java.io.Writer wrt,
BulkMonitor monitor)
Export objects in a type set to a writer. |
void |
exportObjects(Type[] types,
java.io.OutputStream stream,
BulkMonitor monitor)
Export objects to a stream. |
void |
exportObjects(Type[] types,
java.lang.String filename,
BulkMonitor monitor)
Generate an exchange file containing the XML representation for objects in the respository. |
void |
exportObjects(Type[] types,
java.io.Writer wrt,
BulkMonitor monitor)
Export objects to a writer. |
java.lang.String |
getAdminApprovalForwardRef(java.lang.String adminName)
Get your own approval reference, or one of an administrator that you control. |
QueryResult |
getAdministrators(java.util.Map options)
Returns a list of Administrator objects that have the query options specified in the options map. |
java.util.List |
getAdmins()
Helper method that returns a filtered list of WSUsers that have one or more capabilities (are members of one or more AdminGroups) and control one or more Organizations (ObjectGroups) |
java.lang.String |
getAppName()
|
ObjectCache |
getCache()
Returns the cache being maintained for this session. |
java.util.ArrayList |
getDebugCommands()
return a collection of string arrays of debug commands & params. |
long |
getDeleteDestroyInterval(Type type)
Gets the minimum interval in milliseconds after which a deleted object of the specified time will be destroyed. |
Permission |
getEffectivePermission(Principal p,
PersistentObject o)
|
Permission |
getEffectivePermission(Subject s,
PersistentObject o)
|
Right[] |
getEffectiveTypeRights(Principal principal,
java.lang.String typeName)
|
Right[] |
getEffectiveTypeRights(Principal principal,
Type type)
|
Right[] |
getEffectiveTypeRights(Subject subject,
java.lang.String typeName)
|
Right[] |
getEffectiveTypeRights(Subject subject,
Type type)
|
Type[] |
getEffectiveTypes(Principal principal)
|
Type[] |
getEffectiveTypes(Subject subject)
|
java.util.Locale |
getLocale()
Get the locale |
LockInfo |
getLockInfo(Type type,
java.lang.String id)
Retrieve information about a lock held on the object. |
LoginConfig |
getLoginConfig()
|
java.lang.String[] |
getLoginExceptions()
|
LoginInfo |
getLoginInfo()
Get the loginInfo associated with the session |
int |
getLoginModuleIndex()
|
boolean[] |
getLoginPasswordExpired()
|
WavesetResult |
getLoginResult()
Returns the login result messages, if any. |
java.lang.String[] |
getLoginSucceeded()
|
long |
getModificationCounter(Type t)
Return the modification counter for a type. |
PersistentObject |
getObject(java.lang.Object type,
java.lang.String id)
Retrieve an object from the repository. |
java.lang.String |
getObjectGroupHandle(ObjectRef oref)
Assumed input is an object ref to an ObjectGroup. |
PersistentObject |
getObjectIfExists(java.lang.Object type,
java.lang.String id)
Retrieve an object from the repository if it exists. |
java.lang.String[] |
getObjectNamesInObjectGroup(java.lang.String objectGroupName,
Type type,
Session.Scope scope)
Return a list of objects of the given type which are members of the given object group. |
java.util.ArrayList |
getObjects(Type type)
Retrieves all of the objects of a certain type. |
java.util.ArrayList |
getObjects(Type type,
AttributeCondition[] attrConds)
Retrieves all objects of a certain type, that match certain attribute conditions. |
java.util.List |
getObjects(Type type,
java.util.List conditions)
Retrieves all of the objects of a certain type currently stored in the repository. |
java.util.ArrayList |
getObjects(Type type,
WSAttributes atts)
Retrieves objects of a certain type, that have certain attribute values. |
Policy[] |
getPolicyTypes()
Returns an array of prototype instances for the currently available id & password validation policies. |
java.lang.String |
getResourceIdentity(java.lang.String subjectName,
java.lang.String resId)
|
java.util.List |
getResourceObjects(java.lang.String objectType,
java.lang.String resId,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheInvalidAfter,
boolean clearCacheIfExists)
Returns a list of objects where each object contains a set of attributes including type, name, and id (fully qualified name - e.g. |
java.util.List |
getResourceTypeNames()
Return a list of resource types for which the authenticated subject has access to at least one resource of that type |
Resource[] |
getResourceTypes()
Returns an array of prototype instances for the currently available resources. |
java.lang.String |
getStatus()
A test method that return information about the operation of the server. |
Subject |
getSubject()
Returns the subject that is authenticated for this session. |
TaskDefinition |
getTaskDefinition(java.lang.String name)
Return a task definition object with the given name. |
java.util.List |
getTaskDefinitions()
Return a list of task definition objects. |
RepositoryResult |
getTaskExtendedResult(java.lang.String taskId,
java.util.Map options)
Get extended task results. |
RepositoryResult |
getTaskExtendedResult(java.lang.String taskId,
java.util.Map options,
int fromSequence,
int toSequence)
Get a subset of extended task results. |
RepositoryResult |
getTaskInstances(TaskState state,
java.lang.String owner,
java.lang.String definition)
Return a list of task instances for a given user and/or of a particular type. |
ObjectGroup[] |
getTopControlledObjectGroups(Principal p)
|
ObjectGroup[] |
getTopControlledObjectGroups(java.lang.String pname)
|
ObjectGroup[] |
getTopControlledObjectGroups(Subject subject)
Get Top Controlled Object Groups for a Subject |
java.lang.String |
getUser()
Get the name of the administrator or end-user that has authenticated to this session. |
Form |
getViewForm(GenericObject view,
java.lang.String formId,
java.util.Map options)
Get an alternate view form. |
WorkItem |
getWorkItem(java.lang.String id)
Retrieves a single workflow work item. |
WorkItem[] |
getWorkItems()
Retrieve the workflow work items assigned to the currently authenticated user. |
WorkItem[] |
getWorkItems(java.lang.String user)
Retrieve the workflow work items assigned to a specific user. |
void |
importObjects(java.io.InputStream input,
BulkMonitor monitor,
boolean force)
Import a collection of objects. |
void |
importObjects(java.lang.String file,
BulkMonitor monitor,
boolean force)
Import a collection of objects. |
void |
importXml(java.lang.String xml,
BulkMonitor monitor)
Import a collection of objects, defined in an XML string. |
RepositoryResult |
listAdmins(AttributeCondition[] conds)
Helper method that returns a filtered list of WSUser names that have one or more capabilities (are members of one or more AdminGroups) and control one or more Organizations (ObjectGroups) |
java.lang.String[] |
listApprovers()
Deprecated. - Use LighthouseContext.getAdministrators with the following values in the map: "type", "approver" |
java.lang.String[] |
listControlledApprovers()
Deprecated. - Use LighthouseContext.getAdministrators with the following values in the map: "scope", "current" "type", "approver" |
RepositoryResult |
listObjects(Type type)
Returns information about objects in the repository. |
RepositoryResult |
listObjects(Type type,
AttributeCondition[] attrConds)
Returns information about objects in the repository. |
RepositoryResult |
listObjects(Type type,
AttributeCondition[] attrConds,
Attribute[] orderBy)
Lists all of the objects of a certain type currently stored in the repository that meet the specified set of attribute conditions. |
RepositoryResult |
listObjects(Type type,
java.util.List conditions,
java.util.List orderBy,
boolean bufferResult)
Returns summary information about objects in the repository. |
RepositoryResult |
listObjects(Type type,
WSAttributes atts)
Returns information about objects in the repository. |
java.util.ArrayList |
listResourceObjects(java.lang.String resourceObjectType,
java.util.ArrayList resourceList,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheTimeout,
boolean clearCacheIfExists)
This method returns a list of resource object names of the specified resource object type from the specified list of resources (resourceList of Ids or names). |
java.util.ArrayList |
listResourceObjects(java.lang.String resourceObjectType,
java.lang.String resId,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheTimeout,
boolean clearCacheIfExists)
|
java.lang.String[] |
listSimilarApprovers(java.lang.String adminName)
Deprecated. - Use LighthouseContext.getAdministrators with the following values in the map: "similarTo", adminName "type", "approver" |
RepositoryResult |
listTaskExtendedResult(java.lang.String taskId,
java.util.Map options)
List extended task results. |
RepositoryResult |
listUsers(AttributeCondition[] conds)
Helper method that returns a filtered list of WSUser names that have no capabilities (are members of one or more AdminGroups) and control no Organizations (ObjectGroups) |
RepositoryResult |
listWorkItems(java.lang.String user)
|
WavesetResult |
load(LoadConfig config,
Monitor monitor)
Perform a bulk load. |
LockInfo |
lockObject(Type type,
java.lang.String id)
Lock an object to prevent another user from modifying it. |
void |
login()
Perform authentication of the subject (user or administrator) that was specified using the the LoginInfo object given to the Session constructor. |
void |
login(boolean tolerateExpiredPassword)
This method should NOT be called by any method other than the change password view handler used when a user's waveset password expires |
boolean |
loginConfigContainsAppLoginModule(java.lang.String appName,
java.lang.String loginModuleName)
Checks to determine if login config for the specified appName contains the specified login module name or not. |
void |
logout()
Remove authentication credentials from this session, and release resources held by the session. |
boolean |
obfuscateLoginErrors()
|
WavesetResult |
provision(WSUser user)
Create a Waveset user account, and provision the resource accounts. |
void |
rejectWorkItem(java.lang.String itemId)
Rejects a workflow work item. |
void |
renameObject(Type type,
java.lang.String id,
java.lang.String newName)
Changes the name of an existing object. |
WavesetResult |
reProvision(ProvisioningOptions ops)
Reprovision accounts for an existing user. |
WavesetResult |
reProvision(java.lang.String userName,
boolean getUserFromResources)
Reprovision accounts for an existing user. |
WavesetResult |
reProvision(java.lang.String objectGroupName,
Session.Scope scope,
boolean getUserFromResources)
ReProvision accounts for user's which are members of the specified object group |
void |
resetOptions()
A test method that resets runtime options to their default state. |
java.lang.String |
resolveName(Type type,
java.lang.String id)
Given the type and ID for an object, return the object name. |
void |
resourceAuthenticate(java.lang.String resourceName,
java.util.HashMap loginProps)
|
void |
resumeTask(java.lang.String taskId)
Resume a task that is suspended or waiting. |
void |
runScheduler()
Test method to request that the task scheduler begin a cycle rather than waiting for its next scheduled start time. |
TaskInstance |
runTask(java.lang.String templateName,
java.lang.String taskName,
java.lang.String description,
boolean templateSubject)
Run a background task, defined with a persistent TaskTemplate. |
TaskInstance |
runTask(TaskDefinition definition,
java.util.Map variables,
java.lang.String taskName,
java.lang.String description,
TaskDefinition.ExecMode execMode)
Run a background task. |
TaskInstance |
runTask(TaskTemplate template)
Run a background task, defined with a constructed TaskTemplate. |
void |
setCache(PersistentObject obj)
Connects an object to the session's object cache. |
void |
setCurrentTime(java.util.Date d)
A test method that sets what the system considers the current date and time to a fixed value. |
void |
setDeleteDestroyInterval(Type type,
long deleteDestroyInterval)
Sets the minimum interval in milliseconds after which a deleted object of the specified type will be destroyed. |
void |
setLocale(java.util.Locale locale)
Set the locale |
void |
setLoginExceptions(java.lang.String[] loginExceptions)
|
void |
setLoginInfo(LoginInfo loginInfo)
|
void |
setLoginInProgress(boolean loginInProgress)
|
void |
setLoginModuleIndex(int loginModuleIndex)
|
void |
setLoginPasswordExpired(boolean[] loginPasswordExpired)
|
void |
setLoginResult(WavesetResult loginResult)
|
void |
setLoginSucceeded(java.lang.String[] loginSucceeded)
|
void |
setObfuscateLoginErrors(boolean obfuscateLoginErrors)
|
void |
setOption(java.lang.String name,
java.lang.String value)
A test method that sets a runtime session option. |
void |
setSchedulerCycleTime(TaskState state,
int seconds)
Sets the scheduler cycle time. |
void |
setSubjectOptions(java.util.Map map)
Sets the subject. |
void |
startScheduler()
Test method to request that the task scheduler be started. |
void |
stopScheduler()
Test method to request that the task scheduler be suspended. |
boolean |
subjectControlsObjectGroup(java.util.List objectgroups)
This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false. |
boolean |
subjectHasRight(java.lang.String typeName,
Right right)
This method will return true if the subject has the specified right to the specified type. |
boolean |
subjectHasRight(Type type,
Right right)
|
boolean |
subjectHasRightToAnyAuthTypeSubType(java.lang.String type,
Right right)
This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes. |
boolean |
subjectIsAssignedAdminGroups(java.util.List admingroups)
This method will return true if the current subject has the specified capabilities; otherwise, returns false. |
void |
suspendTask(java.lang.String taskId)
Suspend a task. |
void |
terminateTask(java.lang.String taskId)
Terminate a task. |
void |
unlockObject(Type type,
java.lang.String id)
Release a lock held on an object by the current user. |
Methods inherited from interface com.waveset.object.ObjectSource |
breakLock, checkinObject, checkinView, checkoutObject, checkoutView, commitView, countObjects, createView, deleteObject, deleteObjects, deleteView, getForm, getLock, getObject, getObjectIfExists, getObjects, getSystemConfiguration, getView, listObjects, lockObject, refreshView, renameObject, unlockObject, unlockView |
Methods inherited from interface com.waveset.object.ObjectLoader |
countObjects, loadObject, loadObjects, nextBlock, previousBlock |
Methods inherited from interface com.waveset.object.CacheConsistencyNumberLoader |
getCacheConsistencyNumber |
Method Detail |
public LoginConfig getLoginConfig() throws WavesetException
WavesetException
public LoginInfo getLoginInfo()
public void setLoginInfo(LoginInfo loginInfo)
public void setLoginInProgress(boolean loginInProgress)
public java.lang.String[] getLoginSucceeded()
public void setLoginSucceeded(java.lang.String[] loginSucceeded)
public java.lang.String[] getLoginExceptions()
public void setLoginExceptions(java.lang.String[] loginExceptions)
public boolean obfuscateLoginErrors()
public void setObfuscateLoginErrors(boolean obfuscateLoginErrors)
public boolean[] getLoginPasswordExpired()
public void setLoginPasswordExpired(boolean[] loginPasswordExpired)
public int getLoginModuleIndex()
public void setLoginModuleIndex(int loginModuleIndex)
public java.lang.String getAppName()
public void login() throws WSLoginException, WavesetException
When using the SessionFactory, the login call happens automatically, there is no need for the application to explicitly call login.
WSLoginException
- The credentials specified in the LoginInfo were not correct.
WavesetException
- if an internal error was encountered.SessionFactory
public void login(boolean tolerateExpiredPassword) throws WSLoginException, WavesetException
WSLoginException
WavesetException
public void logout() throws WavesetException
After a logout
call, the session object may
no longer be used. It is important that an application call logout()
when they know that the user's session has completed. For web
applications, the servlet or JSP may call
SessionFactory.poolSession
to keep the authenticated
session alive for some period of time. But the application should
also support the concept of an explicit logout, and call the
logout
method.
WavesetException
- if an internal error was encountered.SessionFactory
public boolean loginConfigContainsAppLoginModule(java.lang.String appName, java.lang.String loginModuleName) throws WavesetException
WavesetException
public Subject getSubject()
This will be either an Administrator
or
a WSUser
object. Applications will have to use
the Java operator instanceof
to perform the
appropriate downcast.
If the goal is to obtain the name of the administrator or end-user
that has authenticated to this session, you may use the
convenience method getUser
instead.
getSubject
in interface LighthouseContext
getUser()
,
Subject
,
WSUser
,
Administrator
public java.lang.String getUser()
This can be used as an alternative to getSubject
if all you need is the name.
getUser
in interface LighthouseContext
getSubject()
public void clearSubject() throws WavesetException
This should be called only by the SessionFactory as part of the operation of session pooling.
jsl - Should this be protected?
WavesetException
- if an internal error was encountered.public java.util.List getAdmins() throws WavesetException
WavesetException
public RepositoryResult listUsers(AttributeCondition[] conds) throws WavesetException
WavesetException
public RepositoryResult listAdmins(AttributeCondition[] conds) throws WavesetException
WavesetException
public WavesetResult getLoginResult()
Null if no messages. Otherwise contains message (e.g. Password will expire in 'n' day(s).
public void setLoginResult(WavesetResult loginResult)
public Type[] getEffectiveTypes(Subject subject) throws WavesetException
WavesetException
public Type[] getEffectiveTypes(Principal principal) throws WavesetException
WavesetException
public Right[] getEffectiveTypeRights(Subject subject, Type type) throws WavesetException
WavesetException
public Right[] getEffectiveTypeRights(Subject subject, java.lang.String typeName) throws WavesetException
WavesetException
public Right[] getEffectiveTypeRights(Principal principal, Type type) throws WavesetException
WavesetException
public Right[] getEffectiveTypeRights(Principal principal, java.lang.String typeName) throws WavesetException
WavesetException
public boolean subjectHasRight(Type type, Right right) throws WavesetException
WavesetException
public boolean subjectHasRight(java.lang.String typeName, Right right) throws WavesetException
LighthouseContext
subjectHasRight
in interface LighthouseContext
WavesetException
public boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type, Right right) throws WavesetException
LighthouseContext
Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type or any of its authtype subtypes. For example, this method is called by the UI to determine if the current subject should be able to view a given page or not. If the subject has the specified right to the specified type or one of the type's authtype subtypes, then they can view the page.
subjectHasRightToAnyAuthTypeSubType
in interface LighthouseContext
WavesetException
public boolean subjectIsAssignedAdminGroups(java.util.List admingroups) throws WavesetException
LighthouseContext
subjectIsAssignedAdminGroups
in interface LighthouseContext
WavesetException
public boolean subjectControlsObjectGroup(java.util.List objectgroups) throws WavesetException
LighthouseContext
subjectControlsObjectGroup
in interface LighthouseContext
WavesetException
public Permission getEffectivePermission(Subject s, PersistentObject o) throws WavesetException
WavesetException
public Permission getEffectivePermission(Principal p, PersistentObject o) throws WavesetException
WavesetException
public ObjectGroup[] getTopControlledObjectGroups(Principal p) throws WavesetException
WavesetException
public ObjectGroup[] getTopControlledObjectGroups(java.lang.String pname) throws WavesetException
WavesetException
public ObjectGroup[] getTopControlledObjectGroups(Subject subject) throws WavesetException
LighthouseContext
Returns the set of 0 or more object groups controlled by the specified principal, each of which has no object group parent that is also controlled by the principal.
getTopControlledObjectGroups
in interface LighthouseContext
WavesetException
public Policy[] getPolicyTypes() throws WavesetException
The prototype instances are immutable objects created at runtime by their respective policy implementation classes. They are not stored in the repository and cannot be locked or checked in.
The prototype instances describe the "types" of policy
objects that may be created. Fresh repositories typically contain
no policy objects. To create a new policy object, an application
selects one of the prototype instances, clones it, adjusts the
name and attributes, then calls createObject
.
WavesetException
- if there is an internal error locating the policy objects.public Resource[] getResourceTypes() throws WavesetException
The prototype instances are immutable objects created at runtime by their respective ResourceAdapter classes. They are not stored in the repository and cannot be locked or checked in.
The prototype instances describe the "types" of resource
objects that may be created. Fresh repositories typically contain
no resource objects. To create a new resource object, an application
selects one of the prototype instances, clones it, adjusts the
name and attributes, then calls createObject
.
WavesetException
- if there is an internal error locating the policy objects.public java.util.List getResourceTypeNames() throws WavesetException
WavesetException
public PersistentObject getObject(java.lang.Object type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
For most types, caching is employed, and the returned object will be stored in this session's cache. For others types, notably Type.USER, and Type.WORK_ITEM, the object will not be cached. In either case, the object is considered to be owned by the application, the server will not maintain any references to the object. It is possible to modify the object, but it should normally be considered read-only, since there will be no write lock held in the repository.
getObject
in interface ObjectSource
type
- the type of the object.id
- the object id or name.
WSAuthorizationException
- if the user is not authorized to view this object.
ItemNotFound
- if the object did not exist in the repository.
WavesetException
- if an internal server error was encountered.checkoutObject(com.waveset.object.Type, java.lang.String)
public PersistentObject getObjectIfExists(java.lang.Object type, java.lang.String id) throws WSAuthorizationException, WavesetException
This is similar to the getObject
method, except
that it will not throw an exception if the object does
not exist.
This method is preferred over getObject
if
the application is prepared to handle non-existant objects.
Use this rather and test for a null return value rather
than catching the ItemNotFound
exception.
getObjectIfExists
in interface ObjectSource
type
- the type of the object.id
- the object id or name.
WSAuthorizationException
- if the user is not authorized to view this object.
WavesetException
- if an internal server error was encountered.getObject(java.lang.Object, java.lang.String)
public java.lang.String[] getObjectNamesInObjectGroup(java.lang.String objectGroupName, Type type, Session.Scope scope) throws WavesetException
The scope specifies how far down the object group hierarchy to search for object's of the specified type. Valid values are Scope.IMMEDIATE and Scope.ALL. Scope.IMMEDIATE limits the query to just the immeadiate or direct members of the specified object group. Scope.ALL will cause the query to be executed on the specified object group as well as all contained object groups.
The common method for authorization checking is in the local session listObjects method.
The list of object names returned is filtered by whether the calling user has at least VIEW rights on each object.
WavesetException
public LockInfo lockObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
Locking is used to prevent other users from modifying the object
for some period of time. This would be used in an application
that presented an editing interface for fields in the object. While
the object is being edited, it is desireable to prevent other
users from editing the same object, to prevent overwriting of
changes. Normally the checkoutObject
is used
to both lock and retrieve the object for editing. A call
to checkoutObject
is semantically the same as
a call to lockObject
followed by a call to
getObject
.
Locks are maintained in the repository and will persist until one of the following events:
checkinObject
method is called on the object.unlockObject
method is called on the object.checkinObject
to
store changes to the object in the repository and release the lock.
If the application has checked out an object for editing,
and wishes to cancel the edit without storing any changes,
the unlockObject
method is called.
The repository will automatically remove or time out locks that have been held longer than a certain period of tome. This is necessary to prevent errant applications or forgetful users from holding onto locks for long periods of time. This is especially important in a web environment.
type
- the type of the object.id
- the object id or name.
LockInfo
object containing information about
the lock.
WSAuthorizationException
- if the user is not authorized to view this object.
LockedByAnother
- if the object is already locked by someone else.
WavesetException
- if an internal server error was encountered.
ItemNotFound
checkoutObject(com.waveset.object.Type, java.lang.String)
,
getObject(java.lang.Object, java.lang.String)
,
unlockObject(com.waveset.object.Type, java.lang.String)
,
LockInfo
public LockInfo getLockInfo(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
A lock may be placed on an object through either
the lockObject
or checkoutObject
methods.
This mehtod may be used to determine whether or not such a lock exists.
type
- the type of the object.id
- the object id or name.
LockInfo
object containing information about
the lock or null if there is no lock.
WSAuthorizationException
- if the user is not authorized to view this object.
ItemNotFound
- if the object does not exist in the repository.
WavesetException
- if an internal server error was encountered.lockObject(com.waveset.object.Type, java.lang.String)
,
unlockObject(com.waveset.object.Type, java.lang.String)
,
checkoutObject(com.waveset.object.Type, java.lang.String)
,
LockInfo
public void createObject(PersistentObject object) throws WSAuthorizationException, AlreadyExists, ValidationFailed, WavesetException
Objects are created by first instantiating a subclass of
PersistentObject
, then calling appropriate
accessor methods to specify the object's attributes, and
finally calling the createObject
method to store
the object in the repository.
The new object must be given a name that is unique within the repository. If an object with this name already exist, an exception is thrown.
Other type specific validation may also be performed before the
object is stored in the repository. If any of these validation
tests fail, a ValidationFailed
exception will be
thrown describing the nature of the failure.
After the method returns, the supplied object will be in the session's cache, but the server will not retain any references to this object.
WSAuthorizationException
- if the user is not authorized to create objects of this type.
AlreadyExists
- if the object with this name already exists in the repository.
ValidationFailed
- if the object was not constructed properly.
WavesetException
- if an internal server error was encountered.public PersistentObject checkoutObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
This method is normally used by an application that presents an editing interface for the fields in the object. Locking is used to prevent other users from modifying the object for some period of time. While the object is being edited, it is desireable to prevent other users from editing the same object, to prevent overwriting of changes.
The returned object may be modified by the application. When
complete, the modifications are then stored in the repository
by calling the checkinObject
method.
Locks are maintained in the repository and will persist until one of the following events:
checkinObject
method is called on the object.unlockObject
method is called on the object.checkinObject
to
store changes to the object in the repository and release the lock.
If the application has checked out an object for editing,
and wishes to cancel the edit without storing any changes,
the unlockObject
method is called.
The repository will automatically remove or time out locks that have been held longer than a certain period of tome. This is necessary to prevent errant applications or forgetful users from holding onto locks for long periods of time. This is especially important in a web environment.
type
- the type of the object.id
- the object id or name.
PersistentObject
instance representing the
contents of the requested object.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
- if the object is already locked by someone else.
WavesetException
- if an internal server error was encountered.checkinObject(com.waveset.object.PersistentObject)
,
unlockObject(com.waveset.object.Type, java.lang.String)
public WavesetResult checkinObject(PersistentObject object) throws WSAuthorizationException, ItemNotFound, ItemNotLocked, LockedByAnother, AlreadyExists, ValidationFailed, WavesetException
This method is normally used by an application that presents an
editing interface for the fields in the object. First the
application calls checkoutObject
to obtain a memory
representation of the object. Next, the application uses
accessor methods on the object to make the desired modifications.
Finally the modifications are stored by calling
checkinObject
.
The object must have been locked by the current user for the
checkin to succees. If the application has been executing
for a long time, the lock originally obtained by a call to
code>checkoutObject may have timed out. In this case
the checkin will fail, and the ItemNotLocked
exception is thrown. When this happens, the application should
not simply obtain a new lock and store the changes, since changes
made by another user may have been stored and would be lost.
It is suggested that the application cancel the edit
in progress, and require the user to perform the edit again.
More sophisticated applications may attempt to merge the changes,
though for some objects this can be difficult, and is not recommended.
The system will perform type specific validation on the object
to ensure that it is well formed before storing it in the
repository. If any of the validation tests fail, the
ValidationFailed
exception is thrown, which
will contain an informative message.
After the checkin method has returned, the object supplied as an argument is no longer valid and will not be stored in the session's object cache. If the application wishes to continue displaying or editing the object, a new version of the object must be obtained by calling the getObject or checkoutObject method.
Certain object types may return a WavesetResult
object which contains additional information related to the
checkin. This was formerly the case for some workflow objects
that we no longer support, so at the moment, no checks should
return a meaningful result object.
WavesetResult
containing additional
information about the processing of the object.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
ItemNotLocked
- if the object is not locked.
LockedByANother
- if the object is locked by someone else.
ValidationFailed
- if the object has not been constructed properly.
WavesetException
- if an internal server error was encountered.
LockedByAnother
AlreadyExists
checkoutObject(com.waveset.object.Type, java.lang.String)
,
unlockObject(com.waveset.object.Type, java.lang.String)
public void unlockObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
This method should be called by an application when the user wishes to cancel an editing operation on an object after a lock has been obtained.
type
- the type of the object.id
- the object id or name.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
ItemNotLocked
- if the object is not locked.
LockedByAnother
- if the object is locked by someone else.
WavesetException
- if an internal server error was encountered.lockObject(com.waveset.object.Type, java.lang.String)
,
checkoutObject(com.waveset.object.Type, java.lang.String)
public void deleteObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, ObjectInUse, ObjectProtected, WavesetException
The object must either be unlocked, or locked by the current user. After deletion, the object will also be removed from all object caches, including the session's object cache.
Some objects cannot be deleted if they are being referenced
by other objects. In these cases, the method will
throw the ObjectInUse
exception.
Some special system objects cannot be deleted. If an attempt
is made to delete these objects, the ObjectProtected
exception is thrown.
type
- the type of the object.id
- the object id or name.
WSAuthorizationException
- if the user is not authorized to delete this object.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
- if the object is locked by someone else.
ObjectInUse
- if there is an unbreakable reference to this object.
ObjectProtected
- if the object is protected from deletion.
WavesetException
- if an internal server error was encountered.public void deleteObject(Type type, java.lang.String id, boolean force) throws WSAuthorizationException, ItemNotFound, LockedByAnother, ObjectInUse, ObjectProtected, WavesetException
This is the same as deleteObject, except that we will allow the object to be deleted even if there are references to it from another object. This is the signature we should move to, the other can be deprecated.
WSAuthorizationException
ItemNotFound
LockedByAnother
ObjectInUse
ObjectProtected
WavesetException
public void deleteObjects(Type type, java.lang.String objectGroupName, Session.Scope scope) throws PolicyViolation, WavesetException
Objects which are members of the specified object group will be deleted. The set of objects is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only delete objects which are immeadiate or direct members of the specified object group.
Scope.ALL means to delete objects which are members of the specified object group as well as member objects of object groups contained within the specified object group.
deleteObjects without the force flag will call deleteObjects with force = false.
PolicyViolation
WavesetException
public void deleteObjects(Type type, java.lang.String objectGroupName, Session.Scope scope, boolean force) throws PolicyViolation, WavesetException
PolicyViolation
WavesetException
public long getDeleteDestroyInterval(Type type) throws WavesetException
NOTE: Currently, only objects of Type.USER are not destroyed immediately.
WavesetException
public void setDeleteDestroyInterval(Type type, long deleteDestroyInterval) throws WavesetException
NOTE: Currently, only objects of Type.USER are not destroyed immediately.
WavesetException
public void renameObject(Type type, java.lang.String id, java.lang.String newName) throws WSAuthorizationException, ItemNotFound, LockedByAnother, AlreadyExists, WavesetException
The object must either be unlocked, or locked by the current user. References to this object will still exist after the name change, references are made using the object's generated system identifier which does not change when the name changes.
type
- the type of the object.id
- the object id or name.newName
- the new object name.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
- if the object is locked by someone else.
AlreadyExists
- if the new name has already been assigned to another object.
WavesetException
- if an internal server error was encountered.public void breakLock(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
This was originally added for the unit tests, which would sometimes crash and leave locks behind. It can also be useful to allow administrators to steal each others locks in case someone goes to lunch.
The user must have authorization to modify the object in order to break a lock. If no lock is held on the object, the method has no effect.
type
- the type of the object.id
- the object id or name.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
WavesetException
- if an internal server error was encountered.public java.lang.String resolveName(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
You must have "connect" rights on this object, but you do not need full "view" rights.
This is used by applications that obtain object IDs without names, typically through summary attributes, and need to obtain the object name for display. Since the user may not have view rights, you can't just call getObject.
type
- the type of the object.id
- the object.
WSAuthorizationException
- if the user is not authorized to view the object's name.
ItemNotFound
- if the object does not exist in the repository.
WavesetException
- if an internal server error was encountered.public void importObjects(java.lang.String file, BulkMonitor monitor, boolean force) throws WSAuthorizationException, LockedByAnother, WavesetException
This method provides a convenient way to create or modify a potentially large collection of objects at once. It is often used to initialize a new repository with a set of pre-defined objects.
When combined with the exportObjects
method, it
provides a mechanism for backup and restore of the repository.
The objects to be imported are specified using XML. The XML
is expected to contain a single
For each object in the XML stream, the following operations
are performed:
The import will halt upon the first error condition. This should
normally be done when the system is quiet, and locks are not
currently being held on any of the objects. The user
performing the import must have the authorization required
to perform an import.
file
- the name of the import file.monitor
- an optional object that will receive callbacks
as the import progresses.force
- will force the update of objects even if they have not
changed. This is useful when the summary, queryable, or attributes or
"inline" attributes change
WSAuthorizationException
- if the user is not authorized to perform an import.
LockedByAnother
- if an object is locked by another user.
WavesetException
- if an internal server error was encountered.
public void importObjects(java.io.InputStream input, BulkMonitor monitor, boolean force) throws WSAuthorizationException, LockedByAnother, WavesetException
This method provides a convenient way to create or modify a potentially large collection of objects at once. It is often used to initialize a new repository with a set of pre-defined objects.
When combined with the exportObjects
method, it
provides a mechanism for backup and restore of the repository.
The objects to be imported are specified using XML. The XML
is expected to contain a single
For each object in the XML stream, the following operations
are performed:
The import will halt upon the first error condition. This should
normally be done when the system is quiet, and locks are not
currently being held on any of the objects. The user
performing the import must have the authorization required
to perform an import.
input
- the input stream to importmonitor
- an optional object that will receive callbacks
as the import progresses.force
- will force the update of objects even if they have not
changed. This is useful when the summary, queryable, or attributes or
"inline" attributes change
WSAuthorizationException
- if the user is not authorized to perform an import.
LockedByAnother
- if an object is locked by another user.
WavesetException
- if an internal server error was encountered.
public void importXml(java.lang.String xml, BulkMonitor monitor) throws WSAuthorizationException, LockedByAnother, WavesetException
This is semantically the same as importObjects
except that the import is performed from a string rather
than a file.
xml
- the XML string to import.
WSAuthorizationException
- if the user is not authorized to perform an import.
LockedByANother
- if an object is locked by another user.
WavesetException
- if an internal server error was encountered.
LockedByAnother
public void exportObjects(Type[] types, java.lang.String filename, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
The types
argument specifies which objects will
be included. If the types argument is null, a collection
of "interesting" types is exported. Types that are not
consisdered interesting are those associated with log records,
trace records, and other high volume types whose presence is
not required for the normal functioning of the system.
We also exclude user account objects from the default export due to their large number.
When combined with the importObjects
method, this
provides a basic mechanism for backup and restore of the repository.
The objects are exported as XML, the XML string will contain
a single
Export will not halt if any objects are currently locked.
The user must have the necessary privileges to export objects.
Normally the
Configurator
user performs this
operation.
WSAuthorizationException
- if the user is not authorized to perform an export.
WavesetException
- if an internal server error was encountered.
public void exportObjects(Type[] types, java.io.OutputStream stream, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public void exportObjects(Type[] types, java.io.Writer wrt, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public void exportObjects(java.lang.String typeSet, java.lang.String filename, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
The typeSet
argument is the name of a "type set",
which defines a collection of Type objects. Using type set names
is more convenient than building up arrays of Type objects
for some common forms of export.
The currently defined type set names are:
Type sets cannot be defined by the application, they are hard coded into the system. We may allow the definition of custom type sets at a later time.
The export will not halt if any objects are currently locked.
The user must have the necessary privileges to export objects.
Normally the Configurator
user performs this
operation.
WSAuthorizationException
- if the user is not authorized to perform an export.
WavesetException
- if an internal server error was encountered.public void exportObjects(java.lang.String typeSet, java.io.OutputStream stream, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public void exportObjects(java.lang.String typeSet, java.io.Writer wrt, BulkMonitor monitor) throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public QueryResult getAdministrators(java.util.Map options) throws WavesetException
options
- future use to specify query options.
WavesetException
public java.lang.String[] listSimilarApprovers(java.lang.String adminName) throws WavesetException
WavesetException
getAdministrators(Map)
public java.lang.String[] listControlledApprovers() throws WavesetException
WavesetException
getAdministrators(Map)
public java.lang.String[] listApprovers() throws WavesetException
WavesetException
getAdministrators(Map)
public java.lang.String getAdminApprovalForwardRef(java.lang.String adminName) throws WavesetException
WavesetException
public RepositoryResult listObjects(Type type, java.util.List conditions, java.util.List orderBy, boolean bufferResult) throws WavesetException
getObject
or
checkoutObject
to retrieve all of an object's contents.
If the type
argument is specified, information for
objects of that type is returned. If type
is null,
information for all listable objects in the repository is returned.
The conditions
list may contain a list of
AttributeCondition
objects which constrain the query.
The orderBy
may contain a list of attribute names.
The result will be sorted according to the values of these attributes.
The list may contain either strings, or Attribute objects.
The bufferResult
controls the RepositoryResult
.
true will generate a buffered result, returning getting a block at a
time from the repository and using constant memory. false will get
the whole result at once which will use memory in proportion to the
number of items matched by the attribute conditions.
The information returned in the RepositoryResult
object will include the type, name, internal id, lock status,
and selected attributes of each object. The selected attributes
returned are different for each type. Consult the the documentation
for the getQueryableAttributes
method for each
PersistentObject
for more information on the attributes
that will be returned.
The list will be filtered according to the access rights held on each object by the current subject. The subject must have at least VIEW rights on an object for it to appear in the list.
This is the cannonical form of the listObjects
method,
all others will call this one indirectly.
WavesetException
- if there is an internal error.listObjects(Type, WSAttributes)
,
getObjects(Type)
,
getObjects(Type, WSAttributes)
,
RepositoryResult
public RepositoryResult listObjects(Type type) throws WavesetException
If the type
argument is specified, information for
objects of that type is returned. If type
is null,
information for all listable objects in the repository is returned.
WavesetException
- if there is an internal error locating the policy objects.#listObjects(Type, List, List)
,
getObjects(Type)
,
getObjects(Type, List)
,
RepositoryResult
public RepositoryResult listObjects(Type type, WSAttributes atts) throws WavesetException
This is similar to listObjects(Type)
, but the
additonal WSAttributes
argument can be used to
filter the result so that it contains information for only
those objects with matching attributes.
This is implemented by the listObjects(Type, List, List)
method by converting the WSAttributes
object into
a list of AttributeCondition
objects.
WavesetException
- if there is an internal error locating the objects.#listObjects(Type, List, List)
,
getObjects(Type, List)
,
getObjects(Type, WSAttributes)
,
RepositoryResult
public RepositoryResult listObjects(Type type, AttributeCondition[] attrConds) throws WavesetException
This is similar to listObjects(Type, List, List)
,
but the AttributeCondition
objects may be specified
in an array rather than a list.
This is implemented by the listObjects(Type, List, List)
method by converting the WSAttributes
object into
a list of AttributeCondition
objects.
WavesetException
- if there is an internal error locating the objects.#listObjects(Type, List, List)
,
getObjects(Type, List)
,
getObjects(Type, WSAttributes)
,
RepositoryResult
public RepositoryResult listObjects(Type type, AttributeCondition[] attrConds, Attribute[] orderBy) throws WavesetException
This is the sema as listObjects(Type, List, List)
except that the AttributeCondition objects may be specified
in an array, and the orderBy
attributes
may be specified as an array of Attribute objects.
WavesetException
- if there is an internal error#listObjects(Type, List, List)
public java.util.List getObjects(Type type, java.util.List conditions) throws WavesetException
The type
argument must be specified.
Only those objects for which the current subject is authorized
to read will be returned. The subject must have at leats
VIEW rights on each object.
The conditions
list may contain a list of
AttributeCondition
objects which constrain the
objects to be returned.
You should avoid calling this for types that can have many objects, such as Type.USER, Type.WORK_ITEM, and Type.TASK_INSTANCE.
WavesetException
- if there is an internal error#listObjects(Type, List, List)
public java.util.ArrayList getObjects(Type type) throws WavesetException
This is the same as getObjects(Type, List)
except there is no argument to specify attribute conditions.
WavesetException
- if there is an internal errorlistObjects(Type)
,
getObjects(Type, List)
public java.util.ArrayList getObjects(Type type, WSAttributes atts) throws WavesetException
This is the same as getObjects(type, List)
except that the attribute conditions may be specfied
using a WSAttributes object rather than a list of
AttributeCondition objects. Only those objects that have
attributes whose values match those specified
in WSAttributes
will be returned.
WavesetException
- if there is an internal error#listObjects(Type, List)
,
getObjects(Type, List)
public java.util.ArrayList getObjects(Type type, AttributeCondition[] attrConds) throws WavesetException
This is the same as getObjects(Type, List)
except
that the AttributeCondition objects may be specified in an array
rather than a List.
WavesetException
- if there is an internal errorgetObjects(Type, List)
,
getObjects(Type, WSAttributes)
public java.lang.String getObjectGroupHandle(ObjectRef oref) throws WavesetException
Assumes that object groups can have only a single parent object group and therefore every object group will have a single unique fully qualified path from Top or All
Path is returned as a concatinated string of member object groups starting at "Top" down to the n'th object group which is the oref passed in.
Authorization checking is not done since the caller may not have access to all member object groups up to "Top" (e.g. delegated admins)
WavesetException
public java.util.List getTaskDefinitions() throws WavesetException
TaskDefinition
This is a convenience method to avoid multiple calls to
getObjects
since there are several subtypes
of TASK_DEFINITION
and all will be returned by
this method.
WavesetException
- if there is an internal error determine the list of definitions.public TaskDefinition getTaskDefinition(java.lang.String name) throws ItemNotFound, WavesetException
This is a convenience method to avoid multiple calls to
getObject
since there are several subtypes
of TASK_DEFINITION
and all will be returned by
this method. Note that since each type will have its own
namespace in the repository, there could be more than one
task definition with this name. We will return the
first one we find, there is no defined order of the subtypes.
WavesetException
- if there is an internal error determine the list of definitions.
ItemNotFound
public RepositoryResult getTaskInstances(TaskState state, java.lang.String owner, java.lang.String definition) throws WavesetException
We might be able to reduce this to just a getObjects
call with Type.TASK_INSTANCE
but I'd like to
hold the option open to have this be an assembly of objects
of several types. Even if we don't do that, this is a convenient
method to run the query.
WavesetException
- if there is an internal error determine the list of tasks.public TaskInstance runTask(TaskDefinition definition, java.util.Map variables, java.lang.String taskName, java.lang.String description, TaskDefinition.ExecMode execMode) throws WavesetException
If you wish to schedule a task for later or repetative execution,
you must create a TaskSchedule
object and add it to
the repository with the createObject
method.
WavesetException
TaskSchedule
public TaskInstance runTask(TaskTemplate template) throws WavesetException
runTask
in interface LighthouseContext
WavesetException
TaskTemplate
public TaskInstance runTask(java.lang.String templateName, java.lang.String taskName, java.lang.String description, boolean templateSubject) throws WavesetException
WavesetException
TaskTemplate
public void suspendTask(java.lang.String taskId) throws WavesetException
WavesetException
public void resumeTask(java.lang.String taskId) throws WavesetException
WavesetException
public void terminateTask(java.lang.String taskId) throws WavesetException
WavesetException
public void deleteTask(java.lang.String taskId) throws WavesetException
WavesetException
public RepositoryResult listTaskExtendedResult(java.lang.String taskId, java.util.Map options) throws WavesetException
WavesetException
public RepositoryResult getTaskExtendedResult(java.lang.String taskId, java.util.Map options) throws WavesetException
WavesetException
public RepositoryResult getTaskExtendedResult(java.lang.String taskId, java.util.Map options, int fromSequence, int toSequence) throws WavesetException
WavesetException
public void runScheduler() throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public void stopScheduler() throws WSAuthorizationException, WavesetException
WSAuthorizationException
WavesetException
public void startScheduler() throws WSAuthorizationException, WavesetException
stopScheduler
or to
force the scheduler on this machine to start if it is normally
disabled.
WSAuthorizationException
WavesetException
public void setSchedulerCycleTime(TaskState state, int seconds)
public void setSubjectOptions(java.util.Map map)
public WorkItem[] getWorkItems(java.lang.String user) throws WSAuthorizationException, ItemNotFound, WavesetException
This would be used by a workflow management application, where tasks for users other than the current user need to be displayed.
The current user must have the necessary permissions to access the item list for other users.
WSAuthorizationException
- if the user does not have access to the requested items.
ItemNotFound
- if the user did not exist.
WavesetException
- if an internal error is encountered.WorkItem
public WorkItem[] getWorkItems() throws WSAuthorizationException, ItemNotFound, WavesetException
This would be used by a workflow management application, where tasks for users other than the current user need to be displayed.
The current user must have the necessary permissions to access the item list for other users.
WSAuthorizationException
- if the user does not have access to the requested items.
ItemNotFound
- if the user did not exist.
WavesetException
- if an internal error is encountered.WorkItem
public WorkItem getWorkItem(java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
Applications may wish to call this method rather than
getWorkItems
if only a single object needs to
be examined.
Work items are usually referenced by their system generated id. They will also have names, but the names are also system generated and are not meaningful.
WSAuthorizationException
- if the user does not have access to the requested item.
ItemNotFound
- if the task did not exist.
WavesetException
- if an internal error is encountered.getWorkItems(java.lang.String)
,
WorkItem
public RepositoryResult listWorkItems(java.lang.String user) throws WSAuthorizationException, ItemNotFound, WavesetException
WSAuthorizationException
ItemNotFound
WavesetException
public void approveWorkItem(java.lang.String itemId) throws WavesetException
After an item has been approved, the task scheduler will eventually notice the change and advance the workflow case. Unlike the older approveTask method, there is no "async" option here, the operation is always asynchronous.
This method is normally called from an application that presents a "work list" of tasks assigned to a user, and allows them to selectively approve or reject each item. In the first release of the Waveset system, the only items will be manual approval tasks for the account provisioning process.
WorkItem objects are usually referenced by their system generated id. They will also have names, but the names are also system generated and are not meaningful.
WSAuthorizationException
- if the user does not have permission to modify the item.
ItemNotFound
- if the item did not exist.
WavesetException
- if an internal error is encountered.rejectWorkItem(String)
,
getWorkItems(java.lang.String)
,
getWorkItem(java.lang.String)
public void rejectWorkItem(java.lang.String itemId) throws WSAuthorizationException, ItemNotFound, WavesetException
After an item has been rejected, the task scheduler will eventually notice the change and advance the workflow case. Unlike the older approveTask method, there is no "async" option here, the operation is always asynchronous.
WSAuthorizationException
- if the user does not have permission to modify the item.
ItemNotFound
- if the item did not exist.
WavesetException
- if an internal error is encountered.approveWorkItem(String)
,
getWorkItems(java.lang.String)
,
getWorkItem(java.lang.String)
public void changeAdminPassword(java.lang.String name, EncryptedData newPassword) throws WSAuthorizationException, ItemNotFound, WavesetException
This method is used to change another administrator's password.
To change the password of the administrator authenticated to
this session, use the changePassword(EncryptedData)
method.
To change an end-user's password use
the ChangeUserPassword view
.
WSAuthorizationException
- if this administrator does not have permission to modify the
other administrator.
ItemNotFound
- if the administrator does not exist.
WavesetException
- if an internal error is encountered.changePassword(EncryptedData)
public WavesetResult changePassword(EncryptedData newPassword) throws PolicyViolation, WavesetException
This may be used as an alternative to resetPassword
if the application wants to allow the user to enter their own
password.
Note that unlike the other "end-user" methods, this one is applicable for administrators as well. I'm not sure I like this ambiguity.
PolicyViolation
- if the password did not adhere the policies specified by
the resources.
WavesetException
- if an internal error is encountered.public WavesetResult reProvision(ProvisioningOptions ops) throws WSAuthorizationException, ItemNotFound, PolicyViolation, WavesetException
Reprovisioning consists of updating the resource accounts to reflect changes made to the user object, to the user's role, or to applications referenced by this user. This may include creating new resource accounts, updating exsting accounts, and deleting accounts for resources no longer in a role or application.
Reprovisioning is a complex process that has many options encapsulated
in a ProvisioningOptions
object. Other re-provisioning
methods exist that use default options.
WSAuthorizationException
- if this administrator does not have permission to modify the user.
ItemNotFound
- if the user does not exist.
PolicyViolation
- if the password currently set for this user fails the policy
defined by one of the resources.
WavesetException
- if an internal error is encountered.public WavesetResult reProvision(java.lang.String userName, boolean getUserFromResources) throws WSAuthorizationException, ItemNotFound, PolicyViolation, WavesetException
Reprovisioning consists of updating the resource accounts to reflect changes made to the user object, and to the user's role. This may include creating new resource accounts, updating exsting accounts, and deleting accounts for resources no longer in the role.
This is normally done after a role change has been performed, but it may also be necessary after account attributes stored in the Waveset user object have been modified.
We don't automatically reprovision accounts after role modification, since this could be a very time consuming operation. Instead reprovisioning is done either explicitly through the adminstrator gui, or periodically by a scheduled background task.
Since reprovisioning may impact many resources, status of the reprovisioning is returned in a WavesetResult object.
NOTE: Need to document the items in the result object.
WSAuthorizationException
- if this administrator does not have permission to modify the user.
ItemNotFound
- if the user does not exist.
PolicyViolation
- if the password currently set for this user fails the policy
defined by one of the resources.
WavesetException
- if an internal error is encountered.public WavesetResult reProvision(java.lang.String objectGroupName, Session.Scope scope, boolean getUserFromResources) throws PolicyViolation, WavesetException
Users which are members of the specified object group will be reprovisioned. The set of users is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only reprovision users which are immeadiate or direct members of the specified object group.
Scope.ALL means to reprovision users which are members of the specified object group as well as member users of object groups contained within the specified object group.
PolicyViolation
WavesetException
public WavesetResult deProvision(java.lang.String userName) throws WavesetException
Deprovisioning consists of deleting all of the resource accounts that have been created for this user.
This is may be done to clean up accounts for a user that has become dormant. It must also be performed before the Waveset user object can be deleted.
Since deprovisioning may impact many resources, status of the deprovisioning is returned in a WavesetResult object.
NOTE: Need to document the items in the result object.
If any of the resources could not be contacted, this status will be returned in the result object, but no exception will be thrown. This means that "succesfull" completion of the method does not necessarily mean that deprovisioning has been completed.
NOTE: I'm not sure I like this, we might want to say that if any of the resources fail to deprovision, that we expose that as an exception.
WSAuthorizationException
- if this administrator does not have permission to modify the user.
ItemNotFound
- if the user does not exist.
WavesetException
- if an internal error is encountered.public WavesetResult deProvision(java.lang.String objectGroupName, Session.Scope scope) throws PolicyViolation, WavesetException
Users which are members of the specified object group will be deprovisioned. The set of users is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only deprovision users which are immeadiate or direct members of the specified object group.
Scope.ALL means to deprovision users which are members of the specified object group as well as member users of object groups contained within the specified object group.
PolicyViolation
WavesetException
public WavesetResult deleteAccount(java.lang.String userName, boolean force) throws WSAuthorizationException, ItemNotFound, DeprovisionRequired, WavesetException
If the force
option is false, the deletion of
the user object will not be allowed unless all resource accounts
have been deprovisionedwith the deProvision
method.
If the force
option is true, the account will be
deleted and any resource accounts will be left intact.
The control provided by the force option is the only difference
between this method and the generic deleteObject
method.
Calling deleteObject
with an object of Type.USER is
the same as calling deleteAccount
with the force
option set to false.
WSAuthorizationException
- if this administrator does not have permission to modify the user.
ItemNotFound
- if the user does not exist.
DeprovisionRequired
- if resource accounts still exist.
WavesetException
- if an internal error is encountered.deProvision(java.lang.String)
public WavesetResult provision(WSUser user) throws WSAuthorizationException, MissingAttribute, PolicyViolation, WavesetException
WSAuthorizationException
MissingAttribute
PolicyViolation
WavesetException
public Form getViewForm(GenericObject view, java.lang.String formId, java.util.Map options) throws WavesetException
WavesetException
public java.lang.Object callRule(ExState state, java.lang.String name, java.util.Map args) throws WavesetException
callRule
in interface RuleExecutor
WavesetException
public ObjectCache getCache()
getCache
in interface ObjectSource
public void clearCache() throws WavesetException
This is intended for testing. Applications may want to clear the cache periodically as part of a "refresh" operation to ensure that the displayed data is up to date.
WavesetException
- if an internal error is encountered.public void setCache(PersistentObject obj) throws WavesetException
This method is no longer necessary. You may use
getCache
to obtain the session's cache then
use Persistentobject.setCache
to assign it.
There is a subtle difference between adding an object to
a cache, and setting the cache. ObjectCache.addObject
will store a reference to the object in the cache, thereby
making it visible to getObject
method.
The setCache
method will store a reference to the
cache in the object, but will not put a reference to the object
in the cache. This will allow the
object to perform auto-resolution, but the object will be invisible
to the cache. The latter behavior is what you normally want
when manipulating temporary objects that are in the process
of being created.
WavesetException
- if an internal error is encountered.public WavesetResult load(LoadConfig config, Monitor monitor) throws WavesetException
Bulk loading is a complex operation with many options. All the
options are specified using a single LoadConfig
object
that may be created by the application, or stored in the repository.
While the load is being performed, the application may receive
status events by supplying a Monitor
object.
This in effect defines a set of "callback" methods, that
will be called periodically during the load.
A full description of the bulk load process is beyond the scope of Javadoc.
NOTE: Will have to refine the set of recoverable exceptions that bulk load may produce.
WavesetException
LoadConfig
,
Monitor
public long getModificationCounter(Type t) throws WavesetException
WavesetException
public java.lang.String getStatus()
This is intended to be an XML string containing lots of interesting information, but there isn't much in here now. As this evolves we will probably move it out of the "test" category, and make it a supported diagnostic method.
public java.util.ArrayList getDebugCommands() throws WavesetException
WavesetException
public void dump()
This differs from getStatus in that we're not trying to make it pretty XML, its just a bunch of undefined raw data from the server. This is used only for testing, it isn't guaranteed to behave in any particular way.
public void setOption(java.lang.String name, java.lang.String value) throws WavesetException
This is intended only for the unit tests. There are no formally supported options that can be set by an application. Note that some of these options effect the operation of entire server, not just this session, so they are recommended only for standalone tests.
After setting options, a test may return the session
to its default state with the resetOptions
method.
WavesetException
- if an unknown option was specified, or an internal error was
encountered.resetOptions()
public void resetOptions()
Typically used at the start of a test to clear out any lingering runtime options set by a failed test that didn't clean up after itself.
setOption(java.lang.String, java.lang.String)
public void clearServerCache() throws WavesetException
This is intended for use only by the unit tests.
Similar to clearCache
but this clears the
server cache, not the session cache. This might be used
by a test that wants to ensure that the cache contains current
information. It should never be called by an application,
and is not guaranteed to be supported by all implementations
of the Session
interface.
WavesetException
- if an internal error is encountered.clearCache()
public void clearListCache(Type type, java.lang.String ogNameOrId) throws WavesetException
Only used for the debug UI - and maybe the user UI. See
clearServerCache
WavesetException
public void setCurrentTime(java.util.Date d)
This is intended only for use in testing. Since setting this can circumvent security features like password reset limits, we only allow this to be set if the CONFIGURATOR has authenticated.
Applications should never call this method.
public void resourceAuthenticate(java.lang.String resourceName, java.util.HashMap loginProps) throws WavesetException
WavesetException
public java.util.ArrayList listResourceObjects(java.lang.String resourceObjectType, java.util.ArrayList resourceList, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheTimeout, boolean clearCacheIfExists) throws WavesetException
WavesetException
public java.util.ArrayList listResourceObjects(java.lang.String resourceObjectType, java.lang.String resId, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheTimeout, boolean clearCacheIfExists) throws WavesetException
WavesetException
public void clearResourceObjectListCache(java.lang.String subjectName, java.lang.String resourceObjectType, java.lang.String resId) throws WavesetException
clearResourceObjectListCache
in interface LighthouseContext
WavesetException
public void clearResourceObjectListCache(java.util.Map options) throws WavesetException
clearResourceObjectListCache
in interface LighthouseContext
WavesetException
public java.lang.String getResourceIdentity(java.lang.String subjectName, java.lang.String resId) throws WavesetException
WavesetException
public java.util.List getResourceObjects(java.lang.String objectType, java.lang.String resId, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheInvalidAfter, boolean clearCacheIfExists) throws WavesetException
objectType
- - the name of a valid object class for this specified "resId". If null,
will return objects of all object types defined by the specified resId found within the
specified search container and scope.resId
- - the resource from which to get the objectsoptions
- - several options can be specified which control the behavior of the search.
They include:
WavesetException
public void clearResourceObjectGetCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resId) throws WavesetException
LighthouseContext
clearResourceObjectGetCache
in interface LighthouseContext
WavesetException
public void clearResourceObjectGetCache(java.util.Map options) throws WavesetException
clearResourceObjectGetCache
in interface LighthouseContext
WavesetException
public java.util.Locale getLocale()
public void setLocale(java.util.Locale locale)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |