|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.waveset.session.LocalSession
An implementation of the Session interface that directly access the internal Server components to carry out requests. This is a "local" or in-process implementation of the server API.
We will manage a Server object which itself packages the other internal objects that implement the API.
Nested Class Summary |
Nested classes inherited from class com.waveset.session.Session |
Session.Scope |
Field Summary | |
static java.lang.String |
code_id
|
static java.lang.String |
DEFAULT_PROVISIONING_TASK
Temporary: the name of the default provisioning task, recognized by runTask. |
protected static Trace |
trace
|
Fields inherited from interface com.waveset.object.LighthouseContext |
COMP_ACCESS_POLICY, COMP_AUTH_CACHE, COMP_LOGIN_CONFIG_INFO, COMP_PROVISIONER, COMP_RECONCILER, COMP_REPOSITORY, COMP_SUBJECT_AUTH_CACHE, COMP_TASK_MANAGER, COMP_WORKFLOW, OP_CACHE, OP_CACHE_TIMEOUT, OP_CLEAR_CACHE, OP_NO_RESULT |
Fields inherited from interface com.waveset.object.ObjectSource |
HIGH_VALUES, OP_ALLOW_NOT_FOUND, OP_ATTRIBUTES, OP_BLOCK_SIZE, OP_BUFFERED, OP_CONDITIONS, OP_END_BEFORE, OP_FAST, OP_FILTER, OP_FORCE, OP_KEEP_LOCK, OP_MAX_ROWS, OP_NO_CACHE, OP_NO_RULE_DRIVEN_MEMBERS, OP_ONLY_NAMES, OP_ORDER_BY, OP_START_AFTER, OP_SUBJECT, OP_SUBTYPES, OP_USER |
Fields inherited from interface com.sun.idm.idmx.api.IDMXConstants |
COMP_AUTHENTICATOR, COMP_CHANGE_NOTIFIER, COMP_PERSISTENT_TRANSACTION_STORE, COMP_TRANSACTION_MANAGER, CONFIGURATION_ID, LOCAL_HOST, OP_ATTRS_TO_GET, OP_AUDIT, OP_NO_TRANSACTIONS, PRE_AUTHENTICATED_USER_LOGIN_TYPE, SPE_LOGIN_USER_INTERFACE, USER_LOGIN_TYPE |
Constructor Summary | |
LocalSession()
|
|
LocalSession(LoginInfo loginInfo)
|
|
LocalSession(LoginInfo loginInfo,
java.util.Locale locale)
|
|
LocalSession(java.lang.String appName,
ObjectRef lmgRef,
java.lang.String appType,
java.lang.String loginMode)
|
|
LocalSession(java.lang.String appName,
java.lang.String appType,
java.lang.String loginMode)
Build a session for use by logins in progress |
|
LocalSession(Subject subject,
java.lang.String appName,
java.lang.String appType)
Build a session for a predetermined subject. |
Method Summary | |
void |
approveWorkItem(java.lang.String id)
Approve a work item. |
boolean |
breakLock(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Break a lock held on an object. |
void |
breakLock(Type type,
java.lang.String id)
Break a lock held on an object. |
void |
cacheObject(PersistentObject obj)
Add an object to the session cache. |
java.lang.Object |
callResourceMethod(java.lang.String resourceId,
java.lang.String methodName,
java.util.Map args)
This method will invoke the specified method on the specified resource, passing the given Map of arguments into the method, if the current subject has view access to the specified resource. |
java.lang.Object |
callRule(ExState state,
java.lang.String name,
java.util.Map args)
Execute a rule. |
void |
changeAdminPassword(java.lang.String name,
EncryptedData newPassword)
Change the password of an administrator. |
WavesetResult |
changePassword(EncryptedData newPassword)
Change the password of the currently authenticated administrator. |
WavesetResult |
checkinObject(PersistentObject obj)
Checkin changes to an object. |
protected WavesetResult |
checkinObject(PersistentObject obj,
boolean keepLock)
Checkin changes to an object. |
WavesetResult |
checkinObject(PersistentObject obj,
java.util.Map options)
Store changes to an object and release the logical lock. |
WavesetResult |
checkinView(GenericObject view,
java.util.Map options)
Checkin a view. |
PersistentObject |
checkoutObject(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Checkout a persistent object for editing. |
PersistentObject |
checkoutObject(Type type,
java.lang.String id)
Standard checkout interface that handles authorization. |
PersistentObject |
checkoutObject(Type type,
java.lang.String id,
java.util.Map options)
Standard checkout interface that handles authorization. |
GenericObject |
checkoutView(java.lang.String id,
java.util.Map options)
Checkout a view. |
void |
checkPermission(PersistentObject obj,
Right right)
Check permissions for the curent subject against the given object and right. |
void |
checkPermission(Type type,
Right right)
Check permissions for the current subject, against the given type and right. |
void |
checkPermissionToAnyAuthTypeSubType(Type type,
Right right)
Check permissions for the given subject, against the given type or any of its authtype subtypes and right. |
void |
checkReferencePermissions(PersistentObject obj)
Check connect/disconnect permissions to objects referenced by another object. |
void |
clearCache()
Initialize the client cache. |
void |
clearListCache(Type type,
java.lang.String ogNameOrId)
Initialize the list cache. |
void |
clearResourceObjectGetCache(java.util.Map options)
Clear specified resource object lists from the cache |
void |
clearResourceObjectGetCache(java.lang.String subjectName,
java.lang.String objectType,
java.lang.String resId)
Clear all resource object lists from the cache for all users including default |
void |
clearResourceObjectListCache(java.util.Map options)
Clear specified resource object lists from the cache |
void |
clearResourceObjectListCache(java.lang.String subjectName,
java.lang.String objectType,
java.lang.String resId)
Clear all resource object lists from the cache for all users including default |
void |
clearServerCache()
Initialize the server cache. |
void |
clearSubject()
Clear out any current credentials / settings in this session's subject |
WavesetResult |
commitView(GenericObject view,
java.util.Map options)
Commit a view. |
boolean |
controlsTop()
|
boolean |
controlsTop(Subject subject)
|
int |
countObjects(java.lang.Object typeid,
java.util.Map options)
This method returns an integer which represents the number of objects that exist in the repository which match the given attribute conditions. |
int |
countObjects(RepositoryResult rr)
Intended for internal use by RepositoryResult . |
void |
createObject(PersistentObject obj)
Creates a new object in the repository. |
GenericObject |
createView(java.lang.String id,
java.util.Map options)
Create a view. |
void |
decacheObject(Type type,
java.lang.String id)
Remove an object from the session cache. |
WavesetResult |
deleteAccount(java.lang.String userName,
boolean force)
Delete an account. |
void |
deleteAccountImmediate(java.lang.String userName,
boolean force)
Delete an account. |
void |
deleteObject(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Delete an object. |
void |
deleteObject(Type type,
java.lang.String id)
Delete an object from the repository, and remove it from any caches. |
void |
deleteObject(Type type,
java.lang.String id,
boolean force)
Delete an object from the repository, and remove it from any caches. |
void |
deleteObjects(java.lang.Object typeid,
java.util.Map options)
Delete all objects matching certain conditions. |
void |
deleteObjects(Type type,
java.lang.String objectGroupName,
Session.Scope scope)
Delete objects of the specified type which are members of the specified object group |
void |
deleteObjects(Type type,
java.lang.String objectGroupName,
Session.Scope scope,
boolean force)
|
void |
deleteTask(java.lang.String taskId)
Delete a finished task. |
WavesetResult |
deleteView(java.lang.String id,
java.util.Map options)
Delete the repository objects that are associated with the view id. |
WavesetResult |
deProvision(java.lang.String userName)
Deprovision accounts for an existing user. |
WavesetResult |
deProvision(java.lang.String objectGroupName,
Session.Scope scope)
DeProvision accounts for user's which are members of the specified object group |
WavesetResult |
deProvisionImmediate(java.lang.String userName)
|
void |
dump()
Dump session status. |
void |
exportObjects(java.lang.String typeSet,
java.io.OutputStream stream,
BulkMonitor monitor)
Exports the objects whose types are within the specified type set. |
void |
exportObjects(java.lang.String typeSet,
java.lang.String filename,
BulkMonitor monitor)
Exports the objects whose types are within the specified type set. |
void |
exportObjects(java.lang.String typeSet,
java.io.Writer wrt,
BulkMonitor monitor)
Exports the objects whose types are within the specified type set. |
void |
exportObjects(Type[] types,
java.io.OutputStream stream,
BulkMonitor monitor)
Exports the objects of the specified types to a stream. |
void |
exportObjects(Type[] types,
java.lang.String filename,
BulkMonitor monitor)
Exports the objects of the specified types to a file. |
void |
exportObjects(Type[] types,
java.io.Writer wrt,
BulkMonitor monitor)
Exports the objects of the specified types to a writer. |
java.lang.Object |
extendedOperation(java.lang.String op,
java.util.Map arguments)
No extended operations allowed at this time, but may need some. |
com.waveset.security.authz.AccessPolicy |
getAccessPolicy()
Return the access policy for this session. |
java.lang.String |
getAdminApprovalForwardRef(java.lang.String adminName)
Get your own approval reference, or one of an administrator that you control. |
QueryResult |
getAdministrators(java.util.Map options)
Deprecated. - use com.waveset.view.WorkItemUtil.getAdministrators |
java.util.List |
getAdmins()
Helper method that returns a filtered list of WSUsers that have one or more capabilities (are members of one or more AdminGroups) and control one or more Organizations (ObjectGroups) |
java.lang.String |
getAppName()
Return the application associated with the session |
Attribute[] |
getAttributeArray(java.util.List src)
Convert a List containing either Strings or Attribute objects into an array of Attribute objects. |
com.waveset.server.SubjectAuthCache |
getAuthCache()
|
LighthouseContext |
getAuthenticatedContext(IDMXUser user)
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with an IDMXUser |
LighthouseContext |
getAuthenticatedContext(java.lang.String user)
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of the named user. |
LighthouseContext |
getAuthenticatedContext(Subject subject)
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a Subject. |
LighthouseContext |
getAuthenticatedContext(WSUser user)
Derive a LighthouseContext from this one, that is configured to perform operations on behalf of a user specified with a WSUser |
ObjectCache |
getCache()
Return the cache managed by this session. |
long |
getCacheConsistencyNumber()
|
long |
getCacheConsistencyNumber(Type type)
Return a Cache Consistency Number. |
java.lang.Object |
getComponent(java.lang.String name)
No internal component access is allowed here. |
java.util.ArrayList |
getDebugCommands()
return a collection of string arrays of debug commands & params. |
long |
getDeleteDestroyInterval(Type type)
Gets the minimum interval in milliseconds after which a deleted object of the specified time will be destroyed. |
Permission |
getEffectivePermission(Principal p,
PersistentObject o)
|
Permission |
getEffectivePermission(Subject s,
PersistentObject o)
|
Right[] |
getEffectiveTypeRights(Principal principal,
java.lang.String typeName)
|
Right[] |
getEffectiveTypeRights(Principal principal,
Type type)
|
Right[] |
getEffectiveTypeRights(Subject subject,
java.lang.String typeName)
|
Right[] |
getEffectiveTypeRights(Subject subject,
Type type)
|
Type[] |
getEffectiveTypes(Principal principal)
|
Type[] |
getEffectiveTypes(Subject subject)
|
int |
getFailedPasswordLoginAttempts()
|
int |
getFailedQuestionLoginAttempts()
|
Form |
getForm(GenericObject view,
java.util.Map options)
Get the form to be used with a view. |
java.util.HashMap |
getInitialInstanceInfo()
Build up a map of initial instance info for use when importing full exchange files. |
java.util.Locale |
getLocale()
Get the locale from the subject. |
LockInfo |
getLock(java.lang.Object typeid,
java.lang.String id)
Obtain current lock status. |
LockInfo |
getLockInfo(Type type,
java.lang.String id)
Return information about a lock held on this object if any. |
LoginConfig |
getLoginConfig()
|
java.lang.String[] |
getLoginExceptions()
|
LoginInfo |
getLoginInfo()
Return the login information associated with this Session. |
ObjectRef |
getLoginModGrp()
Return the application associated with the session |
int |
getLoginModuleIndex()
|
boolean[] |
getLoginPasswordExpired()
|
WavesetResult |
getLoginResult()
Returns the login result messages, if any. |
java.lang.String[] |
getLoginSucceeded()
|
long |
getModificationCounter(Type type)
Return the modification counter for a type. |
PersistentObject |
getObject(java.lang.Object typeid,
java.lang.String id)
Retrieve an object from the repository. |
PersistentObject |
getObject(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Get a read-only copy of an object. |
java.lang.String |
getObjectGroupHandle(ObjectRef oref)
Assumed input is an object ref to an ObjectGroup. |
PersistentObject |
getObjectIfExists(java.lang.Object typeid,
java.lang.String id)
Retrieve an object from the repository if it exists. |
PersistentObject |
getObjectIfExists(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Get a read-only object copy of an object, but do not throw an exception if it does not exist. |
java.lang.String[] |
getObjectNamesInObjectGroup(java.lang.String objectGroupName,
Type type,
Session.Scope scope)
Return a list of objects of the given type which are members of the given object group. |
QueryResult |
getObjects(java.lang.Object typeid,
java.util.Map options)
The older getObjects methods always used the session cache. |
java.util.ArrayList |
getObjects(Type type)
Retrieves all of the objects of a certain type. |
java.util.ArrayList |
getObjects(Type type,
AttributeCondition[] attrConds)
Return a list of objects of the given type and whose attribute values match those specified in the list of atts. |
java.util.List |
getObjects(Type type,
java.util.List conditions)
New canonical 'getObjects' method. |
java.util.ArrayList |
getObjects(Type type,
WSAttributes atts)
Original one that takes WSAttributes. |
Policy[] |
getPolicyTypes()
Returns an array of prototype instances for the currently available id & password validation policies. |
java.lang.String |
getResourceIdentity(java.lang.String subjectName,
java.lang.String resId)
|
GenericObject |
getResourceObject(java.lang.String resourceId,
java.lang.String objectType,
java.lang.String objectId,
java.util.Map options)
Returns the requested objectId of the requested objectType from the resource |
java.util.List |
getResourceObjects(java.lang.String objectType,
java.lang.String resId,
java.util.Map options)
Returns a list of GenericObjects where each object contains a set of attributes including type, name, and id (fully qualified name - e.g. |
java.util.List |
getResourceObjects(java.lang.String objectType,
java.lang.String resId,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheTimeout,
boolean clearCacheIfExists)
Returns a list of GenericObjects where each object contains a set of attributes including type, name, and id (fully qualified name - e.g. |
java.util.List |
getResourceTypeNames()
Return a list of resource types for which the authenticated subject has access to at least one resource of that type. |
Resource[] |
getResourceTypes()
Returns an array of prototype instances for the currently available resources. |
java.lang.String |
getStatus()
Return session status. |
Subject |
getSubject()
Returns the subject that is authenticated for this session. |
GenericObject |
getSystemConfiguration()
Obtain the system configuration object. |
TaskDefinition |
getTaskDefinition(java.lang.String name)
Get a task definition by name. |
java.util.List |
getTaskDefinitions()
Return all task definitions. |
RepositoryResult |
getTaskExtendedResult(java.lang.String taskId,
java.util.Map options)
Get all extended results for a task. |
RepositoryResult |
getTaskExtendedResult(java.lang.String taskId,
java.util.Map options,
int fromSequence,
int toSequence)
Get a subset of extended task results. |
RepositoryResult |
getTaskInstances(TaskState state,
java.lang.String owner,
java.lang.String definition)
Get the tasks currently in the queue. |
ObjectGroup[] |
getTopControlledObjectGroups(Principal p)
|
ObjectGroup[] |
getTopControlledObjectGroups(java.lang.String pname)
|
ObjectGroup[] |
getTopControlledObjectGroups(Subject subject)
Get Top Controlled Object Groups for a Subject |
java.lang.String |
getUser()
Get the name of the administrator or end-user that has authenticated to this session. |
static WSUser |
getUserByResourceAccount(com.waveset.repository.Repository repo,
java.lang.String accountId,
boolean supportsCaseInsensitiveAccountIds)
Try to find user by resource accountId. |
static WSUser |
getUserByResourceAccount(com.waveset.repository.Repository repo,
java.lang.String accountId,
Resource r,
boolean supportsCaseInsensitiveAccountIds)
Try to find user by accountId and resource. |
static java.util.List |
getUsersWithResourceAccount(com.waveset.repository.Repository repo,
java.lang.String accountId,
boolean supportsCaseInsensitiveAccountIds)
|
static java.util.List |
getUsersWithResourceAccount(com.waveset.repository.Repository repo,
java.lang.String accountId,
Resource r,
boolean supportsCaseInsensitiveAccountIds)
|
static java.util.List |
getUsersWithResourceAccount(com.waveset.repository.Repository repo,
java.lang.String accountId,
java.lang.String guid,
Resource r,
boolean supportsCaseInsensitiveAccountIds)
|
GenericObject |
getView(java.lang.String id,
java.util.Map options)
Get a view. |
Form |
getViewForm(GenericObject view,
java.lang.String formId,
java.util.Map options)
This is the original signature, the new ObjectSource signature doesn't have a formId argument since that was never used and can be accomplished with the "Form" option. |
WorkItem |
getWorkItem(java.lang.String id)
Retrieves a single workflow work item. |
WorkItem[] |
getWorkItems()
Retrieve the workflow work items assigned to the currently authenticated user. |
WorkItem[] |
getWorkItems(java.lang.String owner)
Return the work items for a particular user. |
void |
importObjects(java.io.InputStream input,
BulkMonitor monitor,
boolean force)
Import objects from a stream. |
void |
importObjects(java.lang.String file,
BulkMonitor monitor,
boolean force)
Import a collection of objects defined in an import file. |
void |
importXml(java.lang.String xml,
BulkMonitor monitor)
Import a collection of objects defined in an XML string. |
PersistentObject.InitialInstance |
isInitialInstance(PersistentObject obj)
Test to see if this is the id of an "initial instance", one that is created automatically by the repository and is not allowed to be modified. |
RepositoryResult |
listAdmins(AttributeCondition[] conds)
Helper method that returns a filtered list of WSUser names that have one or more capabilities (are members of one or more AdminGroups) and control one or more Organizations (ObjectGroups) |
java.lang.String[] |
listApprovers()
Deprecated. - Use getAdministrators with the following values in the map: "type", "approver" |
java.lang.String[] |
listControlledApprovers()
Deprecated. - Use getAdministrators with the following values in the map: "scope", "current" "type", "approver" |
RepositoryResult |
listObjects()
List every object in the known universe, except instances of suppressed (i.e., non-cached) types. |
QueryResult |
listObjects(java.lang.Object typeid,
java.util.Map options)
The new canonical interface for running object queries. |
RepositoryResult |
listObjects(Type type)
Returns information about objects in the repository. |
RepositoryResult |
listObjects(Type type,
AttributeCondition[] attrConds)
Returns information about objects in the repository. |
RepositoryResult |
listObjects(Type type,
AttributeCondition[] attrConds,
Attribute[] orderBy)
Lists all of the objects of a certain type currently stored in the repository that meet the specified set of attribute conditions. |
RepositoryResult |
listObjects(Type type,
AttributeCondition[] attrConds,
Attribute[] orderBy,
int blockSize)
Not exposed in the Session interface, until we know whether we want to support it forever. |
RepositoryResult |
listObjects(Type type,
java.util.List conditions,
java.util.List orderBy,
boolean bufferResult)
This was the "preferred" interface until we introduced LighthouseContext. |
protected RepositoryResult |
listObjects(Type type,
java.util.List conditions,
java.util.List orderBy,
boolean bufferResult,
int blockSize)
Internal method all of the other listObjects methods returning RepositoryResult call. |
RepositoryResult |
listObjects(Type type,
WSAttributes atts)
Returns information about objects in the repository. |
java.util.ArrayList |
listResourceObjects(java.lang.String objectType,
java.util.ArrayList resourceList,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheTimeout,
boolean clearCacheIfExists)
This method returns a list of resource object names of the specified resource object type from the specified list of resources (resourceList of Ids or names). |
java.util.List |
listResourceObjects(java.lang.String objectType,
java.util.List resourceList,
java.util.Map options)
Return a List of object names of a given type and a list of resources |
java.util.List |
listResourceObjects(java.lang.String objectType,
java.lang.String resourceId,
java.util.Map options)
Return a List of object names of a given type on a resource. |
java.util.ArrayList |
listResourceObjects(java.lang.String objectType,
java.lang.String resId,
java.util.Map options,
java.lang.String subjectName,
boolean cacheList,
long cacheTimeout,
boolean clearCacheIfExists)
This method returns a list of resource object names of the specified resource object type from the specified resourceId. |
java.lang.String[] |
listSimilarApprovers(java.lang.String adminName)
Deprecated. - Use getAdministrators with the following values in the map: "similarTo", adminName "type", "approver" |
RepositoryResult |
listTaskExtendedResult(java.lang.String taskId,
java.util.Map options)
Get all extended results for a task. |
RepositoryResult |
listUsers(AttributeCondition[] conds)
Helper method that returns a filtered list of WSUser names that have no capabilities (are not members of one or more AdminGroups) and control no Organizations (ObjectGroups) |
RepositoryResult |
listWorkItems(java.lang.String owner)
Return a list of work items for a particular user. |
WavesetResult |
load(LoadConfig config,
Monitor monitor)
Perform a bulk load. |
PersistentObject |
loadObject(Type type,
java.lang.String id,
boolean tolerateMissing,
boolean tolerateAuthzFailure,
java.util.Map options)
Load an object from the storage manager. |
java.util.ArrayList |
loadObjects(Type type,
AttributeCondition[] attrConds)
Load all objects of a given type. |
LockInfo |
lockObject(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Acquire a logical lock an object, without retrieving it. |
LockInfo |
lockObject(Type type,
java.lang.String id)
Lock an object. |
void |
log(AuditEvent event)
Log an event fully specified with an AuditEvent object. |
void |
logFailure(PersistentObject obj,
java.lang.String action,
java.lang.String reason)
Log a failure event for an object. |
void |
logFailure(java.lang.String objectName,
java.lang.String objType,
java.lang.String action,
java.lang.String reason)
Log a failure event with an object name and type mask. |
void |
login()
Perform authentication of the subject (user or administrator) that was specified using the the LoginInfo object given to the Session constructor. |
void |
login(boolean tolerateExpiredPassword)
This method should NOT be called by any method other than the change password view handler used when a user's waveset password expires |
boolean |
loginConfigContainsAppLoginModule(java.lang.String appName,
java.lang.String loginModuleName)
Checks to determine if login config for the specified appName contains the specified login module name or not. |
void |
logout()
Remove authentication credentials from this session, and release resources held by the session. |
void |
logResultErrors(PersistentObject obj,
java.lang.String action,
WavesetResult result)
Log any errors found within a WavesetResult. |
void |
logSuccess(PersistentObject obj,
java.lang.String action)
Log a success event for an object. |
void |
logSuccess(PersistentObject obj,
java.lang.String action,
java.util.Map oldValues,
java.util.Map newValues)
Log a success event for an object, include new and old values that will be stored in the blob of the audit table. |
void |
nextBlock(RepositoryResult result)
Return information about objects in the repository. |
boolean |
obfuscateLoginErrors()
|
void |
previousBlock(RepositoryResult result)
Return information about objects in the repository. |
void |
println(java.lang.String msg)
|
WavesetResult |
provision(WSUser userdef)
DEPRECATED |
GenericObject |
refreshView(GenericObject view,
java.util.Map options)
Refresh a view. |
void |
rejectWorkItem(java.lang.String id)
Rejects a workflow work item. |
void |
renameObject(java.lang.Object typeid,
java.lang.String id,
java.lang.String newName,
java.util.Map options)
Rename an object. |
void |
renameObject(Type type,
java.lang.String id,
java.lang.String newName)
Rename an object. |
WavesetResult |
reProvision(ProvisioningOptions ops)
New reprovision with full options. |
WavesetResult |
reProvision(java.lang.String userName,
boolean getUserFromResources)
Original reprovision with default options. |
WavesetResult |
reProvision(java.lang.String objectGroupName,
Session.Scope scope,
boolean getUserFromResources)
ReProvision accounts for user's which are members of the specified object group |
WavesetResult |
reProvisionImmediate(ProvisioningOptions ops)
New reprovision with full options. |
void |
resetOptions()
Resets runtime options to their default state. |
java.lang.String |
resolveName(Type type,
java.lang.String id)
Given an ID, determine the name. |
void |
resourceAuthenticate(java.lang.String resId,
java.util.HashMap loginProps)
Authenticate's against a resource using the resource adapter's authenticate method. |
void |
resumeTask(java.lang.String taskId)
Resume a task that is suspended or waiting. |
void |
runScheduler()
Request that the scheduler run now. |
void |
runScheduler(long waitMillis)
Request that the scheduler run now and wait for it to finish processing tasks. |
TaskInstance |
runTask(java.lang.String templateName,
java.lang.String taskName,
java.lang.String description,
boolean templateSubject)
Run a task defined by a persistent template. |
TaskInstance |
runTask(TaskDefinition def,
java.util.Map variables,
java.lang.String taskName,
java.lang.String description,
TaskDefinition.ExecMode execMode)
Deprecated runTask signature. |
TaskInstance |
runTask(TaskTemplate template)
Run a task defined by a template. |
void |
setCache(PersistentObject obj)
Set the cache pointer of an object, but don't make the object appear in the cache. |
void |
setCurrentTime(java.util.Date d)
Set what the system considers the current date and time to a fixed value. |
void |
setDeleteDestroyInterval(Type type,
long deleteDestroyInterval)
Sets the minimum interval in milliseconds after which a deleted object of the specified type will be destroyed. |
void |
setFailedPasswordLoginAttempts(int passwordAttempts)
|
void |
setFailedQuestionLoginAttempts(int questionAttempts)
|
void |
setLocale(java.util.Locale locale)
Set the locale on the subject of this session. |
void |
setLoginExceptions(java.lang.String[] loginExceptions)
|
void |
setLoginInfo(LoginInfo loginInfo)
|
void |
setLoginInProgress(boolean loginInProgress)
|
void |
setLoginModuleIndex(int loginModuleIndex)
|
void |
setLoginPasswordExpired(boolean[] loginPasswordExpired)
|
void |
setLoginResult(WavesetResult loginResult)
|
void |
setLoginSucceeded(java.lang.String[] loginSucceeded)
|
void |
setObfuscateLoginErrors(boolean obfuscateLoginErrors)
|
void |
setOption(java.lang.String option,
java.lang.String value)
Sets a runtime session option. |
void |
setSchedulerCycleTime(TaskState state,
int seconds)
Sets the scheduler cycle time. |
void |
setSubject(Subject subject)
Change the effective user for logical locking. |
void |
setSubjectOptions(java.util.Map map)
Set the subject that has authenticated to this session. |
void |
setUser(java.lang.String name)
Change the effective user for logical locking. |
void |
startScheduler()
Test method to request that the task scheduler be started. |
void |
stopScheduler()
Test method to request that the task scheduler be suspended. |
boolean |
subjectControlsObjectGroup(java.util.List objectgroups)
This method will return true if the current subject controls any one of the organizations in the list; otherwise, returns false. |
boolean |
subjectHasRight(java.lang.String typeName,
Right right)
This method will return true if the subject has the specified right to the specified type. |
boolean |
subjectHasRight(Type type,
Right right)
This method will return true if the subject has the specified right to the specified type. |
boolean |
subjectHasRightToAnyAuthTypeSubType(java.lang.String type,
Right right)
This method will return true if the subject has the specified right to the specified type or any of its authtype subtypes. |
boolean |
subjectIsAssignedAdminGroups(java.util.List admingroups)
This method will return true if the current subject has the specified capabilities; otherwise, returns false. |
void |
suspendTask(java.lang.String taskId)
Suspend a task. |
void |
terminateTask(java.lang.String taskId)
Terminate a task. |
boolean |
testPermission(PersistentObject obj,
Right right)
Test permissions without throwing an exception. |
boolean |
testPermission(Type type,
java.lang.String id,
Right right)
Test permissions without throwing an exception. |
void |
unlockObject(java.lang.Object typeid,
java.lang.String id,
java.util.Map options)
Unlock a previously locked object. |
void |
unlockObject(Type type,
java.lang.String id)
Unlock an object. |
void |
unlockView(GenericObject view,
java.util.Map options)
Unlock a view. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String code_id
protected static Trace trace
public static final java.lang.String DEFAULT_PROVISIONING_TASK
Constructor Detail |
public LocalSession() throws WavesetException
public LocalSession(LoginInfo loginInfo, java.util.Locale locale) throws WavesetException
public LocalSession(LoginInfo loginInfo) throws WavesetException
public LocalSession(Subject subject, java.lang.String appName, java.lang.String appType) throws WavesetException
Applications should use this constructor to create a session subsequent to the initial authentication... will avoid having to challenge user for authentication information again after initial authentication.
If local session is successfully constructed, then user can begin invoking local session methods immeadiately; there is no need to invoke session.login again since the user has already authenticated once in the past.
First validate the Subject by checking that it has one or more Principals associated with it. jsl - temporarliy had to make this public to allow Provisioner to call this, need to sort this out...
public LocalSession(java.lang.String appName, ObjectRef lmgRef, java.lang.String appType, java.lang.String loginMode) throws WavesetException
public LocalSession(java.lang.String appName, java.lang.String appType, java.lang.String loginMode) throws WavesetException
Method Detail |
public GenericObject getSystemConfiguration() throws WavesetException
ObjectSource
getSystemConfiguration
in interface ObjectSource
WavesetException
public PersistentObject getObject(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws WSAuthorizationException, ItemNotFound, WavesetException
ObjectSource
getObject
in interface ObjectSource
WSAuthorizationException
ItemNotFound
WavesetException
public PersistentObject getObject(java.lang.Object typeid, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
Session
For most types, caching is employed, and the returned object will be stored in this session's cache. For others types, notably Type.USER, and Type.WORK_ITEM, the object will not be cached. In either case, the object is considered to be owned by the application, the server will not maintain any references to the object. It is possible to modify the object, but it should normally be considered read-only, since there will be no write lock held in the repository.
getObject
in interface Session
typeid
- the type of the object.id
- the object id or name.
ItemNotFound
- if the object did not exist in the repository.
WSAuthorizationException
- if the user is not authorized to view this object.
WavesetException
- if an internal server error was encountered.Session.checkoutObject(com.waveset.object.Type, java.lang.String)
public PersistentObject getObjectIfExists(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws WSAuthorizationException, WavesetException
ObjectSource
getObjectIfExists
in interface ObjectSource
WSAuthorizationException
WavesetException
public PersistentObject getObjectIfExists(java.lang.Object typeid, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
Session
This is similar to the getObject
method, except
that it will not throw an exception if the object does
not exist.
This method is preferred over getObject
if
the application is prepared to handle non-existant objects.
Use this rather and test for a null return value rather
than catching the ItemNotFound
exception.
getObjectIfExists
in interface Session
typeid
- the type of the object.id
- the object id or name.
WavesetException
- if an internal server error was encountered.
WSAuthorizationException
- if the user is not authorized to view this object.
ItemNotFound
Session.getObject(java.lang.Object, java.lang.String)
public LockInfo lockObject(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws ItemNotFound, LockedByAnother, WavesetException
ObjectSource
The OP_USER
option may be used to specify the
name of the user considered to be acquiring the lock.
lockObject
in interface ObjectSource
ItemNotFound
LockedByAnother
WavesetException
public void unlockObject(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
ObjectSource
The OP_USER
option may be used to specify the
name of the user considered to be releasing the lock.
unlockObject
in interface ObjectSource
ItemNotFound
ItemNotLocked
LockedByAnother
WavesetException
public LockInfo getLock(java.lang.Object typeid, java.lang.String id) throws ItemNotFound, WavesetException
ObjectSource
getLock
in interface ObjectSource
ItemNotFound
WavesetException
public boolean breakLock(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws ItemNotFound, WavesetException
ObjectSource
There is no guarentee a lock will be broken, you normally must have authority over the user that is currently holding the lock.
The OP_USER
option may be used to specify the
name of the user considered to be breaking the lock.
breakLock
in interface ObjectSource
ItemNotFound
WavesetException
public PersistentObject checkoutObject(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws ItemNotFound, LockedByAnother, WavesetException
ObjectSource
It is usually more efficient to call checkoutObject
rather
than make individual calls to lockObject
and getObject
The OP_USER
option may be used to specify the
name of the user considered to be checking out the object.
The OP_ALLOW_NOT_FOUND
option may be passed
to return null
if cannot find the specified object.
Otherwise, this method throws ItemNotFound
.
checkoutObject
in interface ObjectSource
ItemNotFound
LockedByAnother
WavesetException
public WavesetResult checkinObject(PersistentObject obj, java.util.Map options) throws ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
ObjectSource
The OP_USER
option may be used to specify the
name of the user considered to be checkin in the object.
The OP_FORCE
option may be passed to inhibit
any constraint checking that would ordinarilly be done
prior to storage. This is normally
off, but since constraint checking can be expensive, there may
be performance reasons for turning it on if you can ensure that
the object is correct.
The OP_KEEP_LOCK
option may be passed
to preserve the caller's logical lock on the specified object.
Otherwise, this method releases any lock after updating the object.
checkinObject
in interface ObjectSource
ItemNotFound
ItemNotLocked
LockedByAnother
WavesetException
public void deleteObject(java.lang.Object typeid, java.lang.String id, java.util.Map options) throws ItemNotFound, LockedByAnother, WavesetException
ObjectSource
The OP_FORCE
option may be passed to inhibit
any constraint checking that would ordinarilly be done.
This may be used to delete a WSUser object that has provisioned
resource accounts, normally a WSUser cannot be deleted until
it has been fully deprovisioned.
deleteObject
in interface ObjectSource
ItemNotFound
LockedByAnother
WavesetException
public void deleteObjects(java.lang.Object typeid, java.util.Map options) throws LockedByAnother, WavesetException
ObjectSource
deleteObjects
in interface ObjectSource
LockedByAnother
WavesetException
public void renameObject(java.lang.Object typeid, java.lang.String id, java.lang.String newName, java.util.Map options) throws ItemNotFound, LockedByAnother, AlreadyExists, WavesetException
ObjectSource
The object must unlocked, or locked by the current user. It will be implicitly locked to perform the rename.
The OP_USER
option may be used to specify the
name of the user considered to be renaming the object.
renameObject
in interface ObjectSource
ItemNotFound
LockedByAnother
AlreadyExists
WavesetException
public QueryResult listObjects(java.lang.Object typeid, java.util.Map options) throws WavesetException
listObjects
in interface ObjectSource
WavesetException
public QueryResult getObjects(java.lang.Object typeid, java.util.Map options) throws WavesetException
getObjects
in interface ObjectSource
WavesetException
public GenericObject createView(java.lang.String id, java.util.Map options) throws WavesetException
ObjectSource
createView
in interface ObjectSource
WavesetException
public GenericObject getView(java.lang.String id, java.util.Map options) throws WavesetException
ObjectSource
getView
in interface ObjectSource
WavesetException
public Form getForm(GenericObject view, java.util.Map options) throws WavesetException
ObjectSource
getForm
in interface ObjectSource
WavesetException
public Form getViewForm(GenericObject view, java.lang.String formId, java.util.Map options) throws WavesetException
getViewForm
in interface Session
WavesetException
public GenericObject checkoutView(java.lang.String id, java.util.Map options) throws WavesetException
ObjectSource
checkoutView
in interface ObjectSource
WavesetException
public WavesetResult checkinView(GenericObject view, java.util.Map options) throws WavesetException
ObjectSource
checkinView
in interface ObjectSource
WavesetException
public WavesetResult commitView(GenericObject view, java.util.Map options) throws WavesetException
ObjectSource
commitView
in interface ObjectSource
WavesetException
public void unlockView(GenericObject view, java.util.Map options) throws WavesetException
ObjectSource
unlockView
in interface ObjectSource
WavesetException
public GenericObject refreshView(GenericObject view, java.util.Map options) throws WavesetException
ObjectSource
refreshView
in interface ObjectSource
WavesetException
public WavesetResult deleteView(java.lang.String id, java.util.Map options) throws WavesetException
ObjectSource
deleteView
in interface ObjectSource
WavesetException
public LighthouseContext getAuthenticatedContext(java.lang.String user) throws WavesetException
LighthouseContext
getAuthenticatedContext
in interface LighthouseContext
WavesetException
public LighthouseContext getAuthenticatedContext(Subject subject) throws WavesetException
LighthouseContext
getAuthenticatedContext
in interface LighthouseContext
WavesetException
public LighthouseContext getAuthenticatedContext(WSUser user) throws WavesetException
LighthouseContext
getAuthenticatedContext
in interface LighthouseContext
WavesetException
public LighthouseContext getAuthenticatedContext(IDMXUser user) throws WavesetException
LighthouseContext
getAuthenticatedContext
in interface LighthouseContext
WavesetException
public void setUser(java.lang.String name) throws WavesetException
LighthouseContext
setUser
in interface LighthouseContext
WavesetException
public void setSubject(Subject subject) throws WavesetException
LighthouseContext
setSubject
in interface LighthouseContext
WavesetException
public java.lang.String getUser()
Session
This can be used as an alternative to getSubject
if all you need is the name.
getUser
in interface Session
Session.getSubject()
public Subject getSubject()
Session
This will be either an Administrator
or
a WSUser
object. Applications will have to use
the Java operator instanceof
to perform the
appropriate downcast.
If the goal is to obtain the name of the administrator or end-user
that has authenticated to this session, you may use the
convenience method getUser
instead.
getSubject
in interface Session
Session.getUser()
,
Subject
,
WSUser
,
Administrator
public java.lang.Object getComponent(java.lang.String name)
getComponent
in interface LighthouseContext
public java.lang.Object extendedOperation(java.lang.String op, java.util.Map arguments) throws WavesetException
extendedOperation
in interface LighthouseContext
WavesetException
public void checkPermission(PersistentObject obj, Right right) throws WSAuthorizationException, WavesetException
LighthouseContext
checkPermission
in interface LighthouseContext
WSAuthorizationException
WavesetException
public void checkPermission(Type type, Right right) throws WSAuthorizationException, WavesetException
LighthouseContext
checkPermission
in interface LighthouseContext
WSAuthorizationException
WavesetException
public void checkPermissionToAnyAuthTypeSubType(Type type, Right right) throws WSAuthorizationException, WavesetException
checkPermissionToAnyAuthTypeSubType
in interface LighthouseContext
WSAuthorizationException
WavesetException
public boolean testPermission(PersistentObject obj, Right right) throws WSAuthorizationException, WavesetException
LighthouseContext
testPermission
in interface LighthouseContext
WSAuthorizationException
WavesetException
public boolean testPermission(Type type, java.lang.String id, Right right) throws WSAuthorizationException, WavesetException
LighthouseContext
testPermission
in interface LighthouseContext
WSAuthorizationException
WavesetException
public void checkReferencePermissions(PersistentObject obj) throws WSAuthorizationException, WavesetException
LighthouseContext
We might be able to assume this is done by checkinObject, but then we would want this disabled by default in most of the context implemetations.
checkReferencePermissions
in interface LighthouseContext
WSAuthorizationException
WavesetException
public void log(AuditEvent event) throws WavesetException
LighthouseContext
log
in interface LighthouseContext
WavesetException
public void logFailure(PersistentObject obj, java.lang.String action, java.lang.String reason) throws WavesetException
LighthouseContext
logFailure
in interface LighthouseContext
WavesetException
public void logFailure(java.lang.String objectName, java.lang.String objType, java.lang.String action, java.lang.String reason) throws WavesetException
LighthouseContext
logFailure
in interface LighthouseContext
WavesetException
public void logSuccess(PersistentObject obj, java.lang.String action) throws WavesetException
LighthouseContext
logSuccess
in interface LighthouseContext
WavesetException
public void logResultErrors(PersistentObject obj, java.lang.String action, WavesetResult result) throws WavesetException
LighthouseContext
logResultErrors
in interface LighthouseContext
WavesetException
public void logSuccess(PersistentObject obj, java.lang.String action, java.util.Map oldValues, java.util.Map newValues) throws WavesetException
LighthouseContext
logSuccess
in interface LighthouseContext
WavesetException
public java.util.List listResourceObjects(java.lang.String objectType, java.util.List resourceList, java.util.Map options) throws WavesetException
LighthouseContext
listResourceObjects
in interface LighthouseContext
WavesetException
public java.util.List listResourceObjects(java.lang.String objectType, java.lang.String resourceId, java.util.Map options) throws WavesetException
LighthouseContext
listResourceObjects
in interface LighthouseContext
WavesetException
public java.lang.Object callResourceMethod(java.lang.String resourceId, java.lang.String methodName, java.util.Map args) throws WavesetException
callResourceMethod
in interface LighthouseContext
WavesetException
public TaskInstance runTask(TaskTemplate template) throws WavesetException
runTask
in interface Session
WavesetException
TaskTemplate
public LoginConfig getLoginConfig() throws WavesetException
getLoginConfig
in interface Session
WavesetException
public LoginInfo getLoginInfo()
getLoginInfo
in interface Session
public void setLoginInfo(LoginInfo loginInfo)
setLoginInfo
in interface Session
public void setLoginInProgress(boolean loginInProgress)
setLoginInProgress
in interface Session
public java.lang.String[] getLoginSucceeded()
getLoginSucceeded
in interface Session
public void setLoginSucceeded(java.lang.String[] loginSucceeded)
setLoginSucceeded
in interface Session
public java.lang.String[] getLoginExceptions()
getLoginExceptions
in interface Session
public void setLoginExceptions(java.lang.String[] loginExceptions)
setLoginExceptions
in interface Session
public boolean obfuscateLoginErrors()
obfuscateLoginErrors
in interface Session
public void setObfuscateLoginErrors(boolean obfuscateLoginErrors)
setObfuscateLoginErrors
in interface Session
public boolean[] getLoginPasswordExpired()
getLoginPasswordExpired
in interface Session
public void setLoginPasswordExpired(boolean[] loginPasswordExpired)
setLoginPasswordExpired
in interface Session
public int getLoginModuleIndex()
getLoginModuleIndex
in interface Session
public void setLoginModuleIndex(int loginModuleIndex)
setLoginModuleIndex
in interface Session
public int getFailedPasswordLoginAttempts()
public void setFailedPasswordLoginAttempts(int passwordAttempts)
public int getFailedQuestionLoginAttempts()
public void setFailedQuestionLoginAttempts(int questionAttempts)
public void login() throws WSLoginException, WavesetException
Session
When using the SessionFactory, the login call happens automatically, there is no need for the application to explicitly call login.
login
in interface Session
WSLoginException
- The credentials specified in the LoginInfo were not correct.
WavesetException
- if an internal error was encountered.SessionFactory
public void login(boolean tolerateExpiredPassword) throws WSLoginException, WavesetException
Session
login
in interface Session
WSLoginException
WavesetException
public void logout() throws WavesetException
Session
After a logout
call, the session object may
no longer be used. It is important that an application call logout()
when they know that the user's session has completed. For web
applications, the servlet or JSP may call
SessionFactory.poolSession
to keep the authenticated
session alive for some period of time. But the application should
also support the concept of an explicit logout, and call the
logout
method.
logout
in interface Session
WavesetException
- if an internal error was encountered.SessionFactory
public void setSubjectOptions(java.util.Map map)
setSubjectOptions
in interface Session
public void clearSubject() throws WavesetException
clearSubject
in interface Session
WavesetException
- if an internal error was encountered.public RepositoryResult listUsers(AttributeCondition[] conds) throws WavesetException
listUsers
in interface Session
WavesetException
public java.util.List getAdmins() throws WavesetException
getAdmins
in interface Session
WavesetException
public RepositoryResult listAdmins(AttributeCondition[] conds) throws WavesetException
listAdmins
in interface Session
WavesetException
public boolean loginConfigContainsAppLoginModule(java.lang.String appName, java.lang.String loginModuleName) throws WavesetException
loginConfigContainsAppLoginModule
in interface Session
WavesetException
public static java.util.List getUsersWithResourceAccount(com.waveset.repository.Repository repo, java.lang.String accountId, boolean supportsCaseInsensitiveAccountIds) throws WavesetException
WavesetException
public static java.util.List getUsersWithResourceAccount(com.waveset.repository.Repository repo, java.lang.String accountId, Resource r, boolean supportsCaseInsensitiveAccountIds) throws WavesetException
WavesetException
public static java.util.List getUsersWithResourceAccount(com.waveset.repository.Repository repo, java.lang.String accountId, java.lang.String guid, Resource r, boolean supportsCaseInsensitiveAccountIds) throws WavesetException
WavesetException
public static WSUser getUserByResourceAccount(com.waveset.repository.Repository repo, java.lang.String accountId, boolean supportsCaseInsensitiveAccountIds) throws WSFailedLoginException, WavesetException
WSFailedLoginException
- if more than one user matches.
WavesetException
public static WSUser getUserByResourceAccount(com.waveset.repository.Repository repo, java.lang.String accountId, Resource r, boolean supportsCaseInsensitiveAccountIds) throws WSFailedLoginException, WavesetException
WSFailedLoginException
- if more than one user matches.
WavesetException
public WavesetResult getLoginResult()
Session
Null if no messages. Otherwise contains message (e.g. Password will expire in 'n' day(s).
getLoginResult
in interface Session
public void setLoginResult(WavesetResult loginResult)
setLoginResult
in interface Session
public com.waveset.security.authz.AccessPolicy getAccessPolicy()
public com.waveset.server.SubjectAuthCache getAuthCache()
public Type[] getEffectiveTypes(Subject subject) throws WavesetException
getEffectiveTypes
in interface Session
WavesetException
public Type[] getEffectiveTypes(Principal principal) throws WavesetException
getEffectiveTypes
in interface Session
WavesetException
public Right[] getEffectiveTypeRights(Subject subject, Type type) throws WavesetException
getEffectiveTypeRights
in interface Session
WavesetException
public Right[] getEffectiveTypeRights(Subject subject, java.lang.String typeName) throws WavesetException
getEffectiveTypeRights
in interface Session
WavesetException
public Right[] getEffectiveTypeRights(Principal principal, Type type) throws WavesetException
getEffectiveTypeRights
in interface Session
WavesetException
public Right[] getEffectiveTypeRights(Principal principal, java.lang.String typeName) throws WavesetException
getEffectiveTypeRights
in interface Session
WavesetException
public Permission getEffectivePermission(Subject s, PersistentObject o) throws WavesetException
getEffectivePermission
in interface Session
WavesetException
public Permission getEffectivePermission(Principal p, PersistentObject o) throws WavesetException
getEffectivePermission
in interface Session
WavesetException
public boolean subjectHasRight(Type type, Right right) throws WavesetException
subjectHasRight
in interface Session
WavesetException
public boolean subjectHasRight(java.lang.String typeName, Right right) throws WavesetException
subjectHasRight
in interface Session
WavesetException
public boolean subjectHasRightToAnyAuthTypeSubType(java.lang.String type, Right right) throws WavesetException
Therefore, this method is primarily used to determine if the subject has the specified right to at least one object of the specified type or any of its authtype subtypes. For example, this method is called by the UI to determine if the current subject should be able to view a given page or not. If the subject has the specified right to the specified type or one of the type's authtype subtypes, then they can view the page.
subjectHasRightToAnyAuthTypeSubType
in interface Session
WavesetException
public boolean subjectIsAssignedAdminGroups(java.util.List admingroups) throws WavesetException
subjectIsAssignedAdminGroups
in interface Session
WavesetException
public boolean subjectControlsObjectGroup(java.util.List objectgroups) throws WavesetException
subjectControlsObjectGroup
in interface Session
WavesetException
public boolean controlsTop()
true
if this session's subject
controls the entire "tree" of Lighthouse organizations;
otherwise false
.public boolean controlsTop(Subject subject)
true
if the specified subject
controls the entire "tree" of Lighthouse organizations;
otherwise false
.public ObjectGroup[] getTopControlledObjectGroups(Principal p) throws WavesetException
getTopControlledObjectGroups
in interface Session
WavesetException
public ObjectGroup[] getTopControlledObjectGroups(java.lang.String pname) throws WavesetException
getTopControlledObjectGroups
in interface Session
WavesetException
public ObjectGroup[] getTopControlledObjectGroups(Subject subject) throws WavesetException
LighthouseContext
Returns the set of 0 or more object groups controlled by the specified principal, each of which has no object group parent that is also controlled by the principal.
getTopControlledObjectGroups
in interface Session
WavesetException
public java.lang.String resolveName(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
resolveName
in interface Session
type
- the type of the object.id
- the object.
ItemNotFound
- if the object does not exist in the repository.
WSAuthorizationException
- if the user is not authorized to view the object's name.
WavesetException
- if an internal server error was encountered.public LockInfo lockObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
This will have the side effect of removing the object from both the session cache, since we're normally going to turn around and get the object, and expect it to be up to date. We also remove it from the server cache, for the same reason.
lockObject
in interface Session
type
- the type of the object.id
- the object id or name.
LockInfo
object containing information about
the lock.
LockedByAnother
- if the object is already locked by someone else.
WavesetException
- if an internal server error was encountered.
WSAuthorizationException
- if the user is not authorized to view this object.
ItemNotFound
Session.checkoutObject(com.waveset.object.Type, java.lang.String)
,
Session.getObject(java.lang.Object, java.lang.String)
,
Session.unlockObject(com.waveset.object.Type, java.lang.String)
,
LockInfo
public LockInfo getLockInfo(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
getLockInfo
in interface Session
type
- the type of the object.id
- the object id or name.
LockInfo
object containing information about
the lock or null if there is no lock.
ItemNotFound
- if the object does not exist in the repository.
WavesetException
- if an internal server error was encountered.
WSAuthorizationException
- if the user is not authorized to view this object.Session.lockObject(com.waveset.object.Type, java.lang.String)
,
Session.unlockObject(com.waveset.object.Type, java.lang.String)
,
Session.checkoutObject(com.waveset.object.Type, java.lang.String)
,
LockInfo
public void breakLock(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
!! Should have a new log type for this.
breakLock
in interface Session
type
- the type of the object.id
- the object id or name.
WavesetException
- if an internal server error was encountered.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.public void createObject(PersistentObject obj) throws WSAuthorizationException, AlreadyExists, WavesetException
Session
Objects are created by first instantiating a subclass of
PersistentObject
, then calling appropriate
accessor methods to specify the object's attributes, and
finally calling the createObject
method to store
the object in the repository.
The new object must be given a name that is unique within the repository. If an object with this name already exist, an exception is thrown.
Other type specific validation may also be performed before the
object is stored in the repository. If any of these validation
tests fail, a ValidationFailed
exception will be
thrown describing the nature of the failure.
After the method returns, the supplied object will be in the session's cache, but the server will not retain any references to this object.
createObject
in interface Session
WSAuthorizationException
- if the user is not authorized to create objects of this type.
WavesetException
- if an internal server error was encountered.
AlreadyExists
- if the object with this name already exists in the repository.public PersistentObject checkoutObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
checkoutObject
in interface Session
type
- the type of the object.id
- the object id or name.
PersistentObject
instance representing the
contents of the requested object.
WavesetException
- if an internal server error was encountered.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
- if the object is already locked by someone else.
WSAuthorizationException
- if the user is not authorized to modify this object.Session.checkinObject(com.waveset.object.PersistentObject)
,
Session.unlockObject(com.waveset.object.Type, java.lang.String)
public PersistentObject checkoutObject(Type type, java.lang.String id, java.util.Map options) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
WSAuthorizationException
ItemNotFound
LockedByAnother
WavesetException
public WavesetResult checkinObject(PersistentObject obj) throws WSAuthorizationException, ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
checkinObject
in interface Session
WavesetResult
containing additional
information about the processing of the object.
WSAuthorizationException
- if the user is not authorized to modify this object.
WavesetException
- if an internal server error was encountered.
ItemNotLocked
- if the object is not locked.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
Session.checkoutObject(com.waveset.object.Type, java.lang.String)
,
Session.unlockObject(com.waveset.object.Type, java.lang.String)
protected WavesetResult checkinObject(PersistentObject obj, boolean keepLock) throws WSAuthorizationException, ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
WSAuthorizationException
ItemNotFound
ItemNotLocked
LockedByAnother
WavesetException
public void unlockObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, ItemNotLocked, LockedByAnother, WavesetException
unlockObject
in interface Session
type
- the type of the object.id
- the object id or name.
ItemNotLocked
- if the object is not locked.
WavesetException
- if an internal server error was encountered.
WSAuthorizationException
- if the user is not authorized to modify this object.
ItemNotFound
- if the object does not exist in the repository.
LockedByAnother
- if the object is locked by someone else.Session.lockObject(com.waveset.object.Type, java.lang.String)
,
Session.checkoutObject(com.waveset.object.Type, java.lang.String)
public void deleteObject(Type type, java.lang.String id) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
deleteObject
in interface Session
type
- the type of the object.id
- the object id or name.
WavesetException
- if an internal server error was encountered.
LockedByAnother
- if the object is locked by someone else.
ItemNotFound
- if the object does not exist in the repository.
WSAuthorizationException
- if the user is not authorized to delete this object.public void deleteObject(Type type, java.lang.String id, boolean force) throws WSAuthorizationException, ItemNotFound, LockedByAnother, WavesetException
deleteObject
in interface Session
WSAuthorizationException
ItemNotFound
LockedByAnother
WavesetException
public void deleteObjects(Type type, java.lang.String objectGroupName, Session.Scope scope) throws PolicyViolation, WavesetException
Objects which are members of the specified object group will be deleted. The set of objects is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only delete objects which are immeadiate or direct members of the specified object group.
Scope.ALL means to delete objects which are members of the specified object group as well as member objects of object groups contained within the specified object group.
deleteObjects
in interface Session
PolicyViolation
WavesetException
public void deleteObjects(Type type, java.lang.String objectGroupName, Session.Scope scope, boolean force) throws PolicyViolation, WavesetException
deleteObjects
in interface Session
PolicyViolation
WavesetException
public long getDeleteDestroyInterval(Type type) throws WavesetException
NOTE: Currently, only objects of Type.USER are not destroyed immediately.
getDeleteDestroyInterval
in interface Session
WavesetException
public void setDeleteDestroyInterval(Type type, long deleteDestroyInterval) throws WavesetException
NOTE: Currently, only objects of Type.USER are not destroyed immediately.
setDeleteDestroyInterval
in interface Session
WavesetException
public void renameObject(Type type, java.lang.String id, java.lang.String newName) throws WSAuthorizationException, ItemNotFound, LockedByAnother, AlreadyExists, WavesetException
The object must unlocked, or locked by the current user. It will be implicitly locked to perform the rename. Some types may not allow rename, we should have a RenameNotAllowed exception.
renameObject
in interface Session
type
- the type of the object.id
- the object id or name.newName
- the new object name.
WavesetException
- if an internal server error was encountered.
LockedByAnother
- if the object is locked by someone else.
ItemNotFound
- if the object does not exist in the repository.
WSAuthorizationException
- if the user is not authorized to modify this object.
AlreadyExists
- if the new name has already been assigned to another object.public void cacheObject(PersistentObject obj) throws WavesetException
WavesetException
public void setCache(PersistentObject obj) throws WavesetException
setCache
in interface Session
WavesetException
- if an internal error is encountered.public void decacheObject(Type type, java.lang.String id) throws WavesetException
Call this if you had formerly cached the object manually using cacheObject and no longer want it to appear in the cache.
WavesetException
public ObjectCache getCache()
getCache
in interface Session
public QueryResult getAdministrators(java.util.Map options) throws WavesetException
getAdministrators
in interface Session
options
- future use to specify query options.
WavesetException
UPDATE: This is now supported in the InternalSession implementation
of the LighthouseContext interface. The option names are slighthly
different though. This is the last remaining caller of
WorkItemUtil.getAdministrators, need to migrate! - jsl
public java.lang.String[] listSimilarApprovers(java.lang.String adminName) throws WavesetException
listSimilarApprovers
in interface Session
WavesetException
getAdministrators(Map)
public java.lang.String[] listControlledApprovers() throws WavesetException
listControlledApprovers
in interface Session
WavesetException
getAdministrators(Map)
public java.lang.String[] listApprovers() throws WavesetException
listApprovers
in interface Session
WavesetException
getAdministrators(Map)
public java.lang.String getAdminApprovalForwardRef(java.lang.String adminName) throws WavesetException
getAdminApprovalForwardRef
in interface Session
WavesetException
public Attribute[] getAttributeArray(java.util.List src) throws WavesetException
WavesetException
public RepositoryResult listObjects(Type type, java.util.List conditions, java.util.List orderBy, boolean bufferResult) throws WavesetException
listObjects
in interface Session
WavesetException
- if there is an internal error.Session.listObjects(Type, WSAttributes)
,
Session.getObjects(Type)
,
Session.getObjects(Type, WSAttributes)
,
RepositoryResult
public RepositoryResult listObjects(Type type, AttributeCondition[] attrConds) throws WavesetException
Session
This is similar to listObjects(Type, List, List)
,
but the AttributeCondition
objects may be specified
in an array rather than a list.
This is implemented by the listObjects(Type, List, List)
method by converting the WSAttributes
object into
a list of AttributeCondition
objects.
listObjects
in interface Session
WavesetException
- if there is an internal error locating the objects.#listObjects(Type, List, List)
,
Session.getObjects(Type, List)
,
Session.getObjects(Type, WSAttributes)
,
RepositoryResult
public RepositoryResult listObjects(Type type, AttributeCondition[] attrConds, Attribute[] orderBy) throws WavesetException
Session
This is the sema as listObjects(Type, List, List)
except that the AttributeCondition objects may be specified
in an array, and the orderBy
attributes
may be specified as an array of Attribute objects.
listObjects
in interface Session
WavesetException
- if there is an internal error#listObjects(Type, List, List)
public RepositoryResult listObjects(Type type, AttributeCondition[] attrConds, Attribute[] orderBy, int blockSize) throws WavesetException
WavesetException
public RepositoryResult listObjects(Type type) throws WavesetException
Session
If the type
argument is specified, information for
objects of that type is returned. If type
is null,
information for all listable objects in the repository is returned.
listObjects
in interface Session
WavesetException
- if there is an internal error locating the policy objects.#listObjects(Type, List, List)
,
Session.getObjects(Type)
,
Session.getObjects(Type, List)
,
RepositoryResult
public RepositoryResult listObjects(Type type, WSAttributes atts) throws WavesetException
Session
This is similar to listObjects(Type)
, but the
additonal WSAttributes
argument can be used to
filter the result so that it contains information for only
those objects with matching attributes.
This is implemented by the listObjects(Type, List, List)
method by converting the WSAttributes
object into
a list of AttributeCondition
objects.
listObjects
in interface Session
WavesetException
- if there is an internal error locating the objects.#listObjects(Type, List, List)
,
Session.getObjects(Type, List)
,
Session.getObjects(Type, WSAttributes)
,
RepositoryResult
protected RepositoryResult listObjects(Type type, java.util.List conditions, java.util.List orderBy, boolean bufferResult, int blockSize) throws WavesetException
WavesetException
public RepositoryResult listObjects() throws WavesetException
WavesetException
public int countObjects(RepositoryResult rr) throws WavesetException
RepositoryResult
.
Public as an implementation side-effect.
// * (Required by ObjectLoader interface.)
countObjects
in interface ObjectLoader
WavesetException
- if an internal error was encountered.public void nextBlock(RepositoryResult result) throws WavesetException
nextBlock
in interface ObjectLoader
WavesetException
- if an internal error was encountered.public void previousBlock(RepositoryResult result) throws WavesetException
previousBlock
in interface ObjectLoader
WavesetException
- if an internal error was encountered.public java.lang.String getObjectGroupHandle(ObjectRef oref) throws WavesetException
Returns the handle (either org path or org displayname) for the object group ref.
Authorization checking is not done since the caller may not have access to all member object groups up to "Top" (e.g. delegated admins)
getObjectGroupHandle
in interface Session
WavesetException
public java.util.List getObjects(Type type, java.util.List conditions) throws WavesetException
getObjects
in interface Session
WavesetException
- if there is an internal error#listObjects(Type, List, List)
public java.util.ArrayList getObjects(Type type, WSAttributes atts) throws WavesetException
getObjects
in interface Session
WavesetException
- if there is an internal error#listObjects(Type, List)
,
Session.getObjects(Type, List)
public java.util.ArrayList getObjects(Type type) throws WavesetException
Session
This is the same as getObjects(Type, List)
except there is no argument to specify attribute conditions.
getObjects
in interface Session
WavesetException
- if there is an internal errorSession.listObjects(Type)
,
Session.getObjects(Type, List)
public java.lang.String[] getObjectNamesInObjectGroup(java.lang.String objectGroupName, Type type, Session.Scope scope) throws WavesetException
The scope specifies how far down the object group hierarchy to search for object's of the specified type. Valid values are Scope.IMMEDIATE and Scope.ALL:
The common method for authorization checking is in the local session listObjects method.
getObjectNamesInObjectGroup
in interface Session
WavesetException
public java.util.ArrayList getObjects(Type type, AttributeCondition[] attrConds) throws WavesetException
This method could directly hit the repository via the _repo.get(type, atts) method, but then it would bypass authorization checking. If this proves to be a performance problem, we can always revert to calling the repository directly and putting explicit authorization checking in this method.
The common method for authorization checking is in the local session loadObject and loadObjects methods
If the type of objects being requested are Users and the attrConds include a request for members of a given ObjectGroup, and if the ObjectGroup has a userMemberRule specified, then we need to include any rule driven members in the list of objects returned
getObjects
in interface Session
WavesetException
- if there is an internal errorSession.getObjects(Type, List)
,
Session.getObjects(Type, WSAttributes)
public Policy[] getPolicyTypes() throws WavesetException
Session
The prototype instances are immutable objects created at runtime by their respective policy implementation classes. They are not stored in the repository and cannot be locked or checked in.
The prototype instances describe the "types" of policy
objects that may be created. Fresh repositories typically contain
no policy objects. To create a new policy object, an application
selects one of the prototype instances, clones it, adjusts the
name and attributes, then calls createObject
.
getPolicyTypes
in interface Session
WavesetException
- if there is an internal error locating the policy objects.public Resource[] getResourceTypes() throws WavesetException
Session
The prototype instances are immutable objects created at runtime by their respective ResourceAdapter classes. They are not stored in the repository and cannot be locked or checked in.
The prototype instances describe the "types" of resource
objects that may be created. Fresh repositories typically contain
no resource objects. To create a new resource object, an application
selects one of the prototype instances, clones it, adjusts the
name and attributes, then calls createObject
.
getResourceTypes
in interface Session
WavesetException
- if there is an internal error locating the policy objects.public java.util.List getResourceTypeNames() throws WavesetException
getResourceTypeNames
in interface Session
WavesetException
public void importObjects(java.lang.String file, BulkMonitor monitor, boolean force) throws WavesetException
The implementation has been broken out into the Importer class.
You must be "Configurator" to run this method. Since there is no particular object this applies to, we can't use the usual object-centric access check methods. It might be worth introducing a global "system" object at some point on which we could define permissions for things like this.
importObjects
in interface Session
file
- the name of the import file.monitor
- an optional object that will receive callbacks
as the import progresses.force
- will force the update of objects even if they have not
changed. This is useful when the summary, queryable, or attributes or
"inline" attributes change
WavesetException
- if an internal server error was encountered.public void importObjects(java.io.InputStream input, BulkMonitor monitor, boolean force) throws WavesetException
importObjects
in interface Session
input
- the input stream to importmonitor
- an optional object that will receive callbacks
as the import progresses.force
- will force the update of objects even if they have not
changed. This is useful when the summary, queryable, or attributes or
"inline" attributes change
WavesetException
- if an internal server error was encountered.public void importXml(java.lang.String xml, BulkMonitor monitor) throws WavesetException
We'll assume that with the string interface we can use the DOM parser.
importXml
in interface Session
xml
- the XML string to import.
WavesetException
- if an internal server error was encountered.public java.util.HashMap getInitialInstanceInfo() throws InternalError
InternalError
public PersistentObject.InitialInstance isInitialInstance(PersistentObject obj) throws WavesetException
Formerly we didn't include these in the export file, but now we do, provided they're modifiable.
We used to detect this using a naming convention on the ID, now we can use the _initialInstances map that gets created by getInitialInstanceInfo.
WavesetException
public void exportObjects(Type[] types, java.lang.String filename, BulkMonitor monitor) throws WavesetException
exportObjects
in interface Session
WavesetException
- if an internal server error was encountered.public void exportObjects(Type[] types, java.io.OutputStream stream, BulkMonitor monitor) throws WavesetException
exportObjects
in interface Session
WavesetException
public void exportObjects(Type[] types, java.io.Writer wrt, BulkMonitor monitor) throws WavesetException
exportObjects
in interface Session
WavesetException
public void exportObjects(java.lang.String typeSet, java.lang.String filename, BulkMonitor monitor) throws WavesetException
We have hard wired support for a few common type sets, should make this extensible.
exportObjects
in interface Session
WavesetException
- if an internal server error was encountered.public void exportObjects(java.lang.String typeSet, java.io.OutputStream stream, BulkMonitor monitor) throws WavesetException
We have hard wired support for a few common type sets, should make this extensible.
exportObjects
in interface Session
WavesetException
public void exportObjects(java.lang.String typeSet, java.io.Writer wrt, BulkMonitor monitor) throws WavesetException
We have hard wired support for a few common type sets, should make this extensible.
exportObjects
in interface Session
WavesetException
public java.util.List getTaskDefinitions() throws WavesetException
Defined in terms of the new getAllObjects cache method which will do the traversal.
getTaskDefinitions
in interface Session
WavesetException
- if there is an internal error determine the list of definitions.public TaskDefinition getTaskDefinition(java.lang.String name) throws WavesetException
getTaskDefinition
in interface Session
WavesetException
- if there is an internal error determine the list of definitions.public TaskInstance runTask(TaskDefinition def, java.util.Map variables, java.lang.String taskName, java.lang.String description, TaskDefinition.ExecMode execMode) throws WavesetException
runTask
in interface Session
WavesetException
TaskSchedule
public TaskInstance runTask(java.lang.String templateName, java.lang.String taskName, java.lang.String description, boolean templateSubject) throws WavesetException
runTask
in interface Session
WavesetException
TaskTemplate
public RepositoryResult getTaskInstances(TaskState state, java.lang.String owner, java.lang.String definition) throws WavesetException
getTaskInstances
in interface Session
WavesetException
- if there is an internal error determine the list of tasks.public void suspendTask(java.lang.String taskId) throws WavesetException
suspendTask
in interface Session
WavesetException
public void resumeTask(java.lang.String taskId) throws WavesetException
resumeTask
in interface Session
WavesetException
public void terminateTask(java.lang.String taskId) throws WavesetException
terminateTask
in interface Session
WavesetException
public void deleteTask(java.lang.String taskId) throws WavesetException
deleteTask
in interface Session
WavesetException
public RepositoryResult listTaskExtendedResult(java.lang.String taskId, java.util.Map options) throws WavesetException
listTaskExtendedResult
in interface Session
WavesetException
public RepositoryResult getTaskExtendedResult(java.lang.String taskId, java.util.Map options) throws WavesetException
getTaskExtendedResult
in interface Session
WavesetException
public RepositoryResult getTaskExtendedResult(java.lang.String taskId, java.util.Map options, int fromSequence, int toSequence) throws WavesetException
Session
getTaskExtendedResult
in interface Session
WavesetException
public void runScheduler() throws WSAuthorizationException, WavesetException
runScheduler
in interface Session
WSAuthorizationException
WavesetException
public void runScheduler(long waitMillis) throws WSAuthorizationException, WavesetException
waitMillis
- - wait this long. (If -1, wait forever.)
An internal method that is not exposed through the GUI.
We could try to prevent anyone from Configurator from calling
this, but its relatively harmless.
WSAuthorizationException
WavesetException
public void stopScheduler() throws WSAuthorizationException, WavesetException
stopScheduler
in interface Session
WSAuthorizationException
WavesetException
public void startScheduler() throws WSAuthorizationException, WavesetException
startScheduler
in interface Session
WSAuthorizationException
WavesetException
public void setSchedulerCycleTime(TaskState state, int seconds)
setSchedulerCycleTime
in interface Session
public WorkItem[] getWorkItems() throws WSAuthorizationException, ItemNotFound, WavesetException
Session
This would be used by a workflow management application, where tasks for users other than the current user need to be displayed.
The current user must have the necessary permissions to access the item list for other users.
getWorkItems
in interface Session
WSAuthorizationException
- if the user does not have access to the requested items.
ItemNotFound
- if the user did not exist.
WavesetException
- if an internal error is encountered.WorkItem
public WorkItem[] getWorkItems(java.lang.String owner) throws WSAuthorizationException, ItemNotFound, WavesetException
We don't check authorization on the list, since we query for just those that belong to he user.
We SHOULD however ensure that the current subject has access to the named user!
Note that the stored work item owner may now have a prefix if it is owned by a non-administrator. You must include this prefix in the owner argument.
getWorkItems
in interface Session
ItemNotFound
- if the user did not exist.
WSAuthorizationException
- if the user does not have access to the requested items.
WavesetException
- if an internal error is encountered.WorkItem
public RepositoryResult listWorkItems(java.lang.String owner) throws WSAuthorizationException, ItemNotFound, WavesetException
We don't check authorization on the list, since we query for just those that belong tot he user.
We SHOULD however ensure that the current subject has access to the named user!
Note that the stored work item owner may now have a prefix if it is owned by a non-administrator. You must include this prefix in the owner argument.
listWorkItems
in interface Session
WSAuthorizationException
ItemNotFound
WavesetException
public WorkItem getWorkItem(java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
Session
Applications may wish to call this method rather than
getWorkItems
if only a single object needs to
be examined.
Work items are usually referenced by their system generated id. They will also have names, but the names are also system generated and are not meaningful.
getWorkItem
in interface Session
WavesetException
- if an internal error is encountered.
WSAuthorizationException
- if the user does not have access to the requested item.
ItemNotFound
- if the task did not exist.Session.getWorkItems(java.lang.String)
,
WorkItem
public void approveWorkItem(java.lang.String id) throws WavesetException
approveWorkItem
in interface Session
WavesetException
- if an internal error is encountered.Session.rejectWorkItem(String)
,
Session.getWorkItems(java.lang.String)
,
Session.getWorkItem(java.lang.String)
public void rejectWorkItem(java.lang.String id) throws WSAuthorizationException, ItemNotFound, WavesetException
Session
After an item has been rejected, the task scheduler will eventually notice the change and advance the workflow case. Unlike the older approveTask method, there is no "async" option here, the operation is always asynchronous.
rejectWorkItem
in interface Session
WavesetException
- if an internal error is encountered.
WSAuthorizationException
- if the user does not have permission to modify the item.
ItemNotFound
- if the item did not exist.Session.approveWorkItem(String)
,
Session.getWorkItems(java.lang.String)
,
Session.getWorkItem(java.lang.String)
public WavesetResult provision(WSUser userdef) throws MissingAttribute, PolicyViolation, WavesetException
provision
in interface Session
MissingAttribute
PolicyViolation
WavesetException
public void changeAdminPassword(java.lang.String name, EncryptedData newPassword) throws WavesetException
Session
This method is used to change another administrator's password.
To change the password of the administrator authenticated to
this session, use the changePassword(EncryptedData)
method.
To change an end-user's password use
the ChangeUserPassword view
.
changeAdminPassword
in interface Session
WavesetException
- if an internal error is encountered.Session.changePassword(EncryptedData)
public WavesetResult reProvision(java.lang.String objectGroupName, Session.Scope scope, boolean getUserFromResources) throws PolicyViolation, WavesetException
Users which are members of the specified object group will be reprovisioned. The set of users is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only reprovision users which are immeadiate or direct members of the specified object group.
Scope.ALL means to reprovision users which are members of the specified object group as well as member users of object groups contained within the specified object group.
reProvision
in interface Session
PolicyViolation
WavesetException
public WavesetResult reProvision(java.lang.String userName, boolean getUserFromResources) throws PolicyViolation, WavesetException
reProvision
in interface Session
WavesetException
- if an internal error is encountered.
PolicyViolation
- if the password currently set for this user fails the policy
defined by one of the resources.public WavesetResult reProvision(ProvisioningOptions ops) throws PolicyViolation, WavesetException
reProvision
in interface Session
PolicyViolation
- if the password currently set for this user fails the policy
defined by one of the resources.
WavesetException
- if an internal error is encountered.public WavesetResult reProvisionImmediate(ProvisioningOptions ops) throws PolicyViolation, WavesetException
PolicyViolation
WavesetException
public WavesetResult deProvision(java.lang.String userName) throws WavesetException
Session
Deprovisioning consists of deleting all of the resource accounts that have been created for this user.
This is may be done to clean up accounts for a user that has become dormant. It must also be performed before the Waveset user object can be deleted.
Since deprovisioning may impact many resources, status of the deprovisioning is returned in a WavesetResult object.
NOTE: Need to document the items in the result object.
If any of the resources could not be contacted, this status will be returned in the result object, but no exception will be thrown. This means that "succesfull" completion of the method does not necessarily mean that deprovisioning has been completed.
NOTE: I'm not sure I like this, we might want to say that if any of the resources fail to deprovision, that we expose that as an exception.
deProvision
in interface Session
WavesetException
- if an internal error is encountered.public WavesetResult deProvisionImmediate(java.lang.String userName) throws WavesetException
WavesetException
public WavesetResult deProvision(java.lang.String objectGroupName, Session.Scope scope) throws PolicyViolation, WavesetException
Users which are members of the specified object group will be deprovisioned. The set of users is determined by the scope argument, where scope can be Scope.IMMEDIATE or Scope.ALL.
Scope.IMMEDIATE means to only reprovision users which are immeadiate or direct members of the specified object group.
Scope.ALL means to reprovision users which are members of the specified object group as well as member users of object groups contained within the specified object group.
deProvision
in interface Session
PolicyViolation
WavesetException
public WavesetResult deleteAccount(java.lang.String userName, boolean force) throws DeprovisionRequired, WavesetException
deleteAccount
in interface Session
DeprovisionRequired
- if resource accounts still exist.
WavesetException
- if an internal error is encountered.Session.deProvision(java.lang.String)
public void deleteAccountImmediate(java.lang.String userName, boolean force) throws DeprovisionRequired, WavesetException
userName
- - the user to deleteforce
- - delete even if it has resource accounts attached
DeprovisionRequired
WavesetException
public WavesetResult changePassword(EncryptedData newPassword) throws WavesetException
This bypasses the usual authentication checking because our own Administrator is often not in a group we control.
changePassword
in interface Session
WavesetException
- if an internal error is encountered.public java.lang.Object callRule(ExState state, java.lang.String name, java.util.Map args) throws WavesetException
callRule
in interface Session
WavesetException
public WavesetResult load(LoadConfig config, Monitor monitor) throws WavesetException
Session
Bulk loading is a complex operation with many options. All the
options are specified using a single LoadConfig
object
that may be created by the application, or stored in the repository.
While the load is being performed, the application may receive
status events by supplying a Monitor
object.
This in effect defines a set of "callback" methods, that
will be called periodically during the load.
A full description of the bulk load process is beyond the scope of Javadoc.
NOTE: Will have to refine the set of recoverable exceptions that bulk load may produce.
load
in interface Session
WavesetException
LoadConfig
,
Monitor
public void setOption(java.lang.String option, java.lang.String value) throws WavesetException
setOption
in interface Session
WavesetException
- if an unknown option was specified, or an internal error was
encountered.Session.resetOptions()
public void resetOptions()
resetOptions
in interface Session
Session.setOption(java.lang.String, java.lang.String)
public void clearCache() throws WavesetException
clearCache
in interface Session
WavesetException
- if an internal error is encountered.public void clearServerCache() throws WavesetException
Used in a few unit tests, though we might be able to switch to the more powerful initServer method now?
clearServerCache
in interface Session
WavesetException
- if an internal error is encountered.Session.clearCache()
public void clearListCache(Type type, java.lang.String ogNameOrId) throws WavesetException
Only used for the debug UI - and maybe the user UI
clearListCache
in interface Session
WavesetException
public java.lang.String getAppName()
getAppName
in interface Session
public ObjectRef getLoginModGrp()
public long getModificationCounter(Type type) throws WavesetException
getModificationCounter
in interface Session
WavesetException
public java.lang.String getStatus()
Intended only for debugging, calls various status dumpers for internal objects. Might be better if we returned an XML string with a defined syntax.
getStatus
in interface Session
public void dump()
Intended only for debugging, calls various status dumpers for internal objects.
dump
in interface Session
public void println(java.lang.String msg)
public void setCurrentTime(java.util.Date d)
Since setting this can circumvent security features like password reset limits, we only allow this to be set if the CONFIGURATOR has authenticated.
setCurrentTime
in interface Session
public java.util.ArrayList getDebugCommands() throws WavesetException
getDebugCommands
in interface Session
WavesetException
public long getCacheConsistencyNumber() throws WavesetException
WavesetException
public long getCacheConsistencyNumber(Type type) throws WavesetException
CacheConsistencyNumberLoader
The loader typically runs a database query after some number of calls to this method, and returns the current CCN. The loader typically does NOT query the database on every call to this method. While that would ensure that the cache is always up to date, it would slow things down, defeating some of the purpose of the cache. The loader should maintain a timestamp of the last database query, and reissue the query after a configurable number of seconds has passed. This behavior is put into the loader rather than the cache so we have fewer objects to update in case the CCN "polling interval" changes.
getCacheConsistencyNumber
in interface CacheConsistencyNumberLoader
WavesetException
public PersistentObject loadObject(Type type, java.lang.String id, boolean tolerateMissing, boolean tolerateAuthzFailure, java.util.Map options) throws WavesetException
ObjectLoader
loadObject
in interface ObjectLoader
WavesetException
- if the object was not found in the storage manager, or
an internal error was encountered.public java.util.ArrayList loadObjects(Type type, AttributeCondition[] attrConds) throws WavesetException
ObjectLoader
loadObjects
in interface ObjectLoader
WavesetException
- if an internal error was encountered.public void resourceAuthenticate(java.lang.String resId, java.util.HashMap loginProps) throws WavesetException
resourceAuthenticate
in interface Session
WavesetException
public GenericObject getResourceObject(java.lang.String resourceId, java.lang.String objectType, java.lang.String objectId, java.util.Map options) throws WavesetException
getResourceObject
in interface LighthouseContext
objectId
- - a valid fully qualified object identifier on this resource
(e.g. "dn")options
- - not currently used since the objectId/objectType provide a unique
identifier of the object being requested
WavesetException
public java.util.ArrayList listResourceObjects(java.lang.String objectType, java.util.ArrayList resourceList, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheTimeout, boolean clearCacheIfExists) throws WavesetException
listResourceObjects
in interface Session
WavesetException
public java.util.ArrayList listResourceObjects(java.lang.String objectType, java.lang.String resId, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheTimeout, boolean clearCacheIfExists) throws WavesetException
listResourceObjects
in interface Session
objectType
- - the name of a valid object class for this specified
"resourceId". If null, will return objects of all object types defined
by the specified resId found within the specified search container and
scope and the search filter is specified.options
- - several options can be specified which control the
behavior of the search.
They include:
WavesetException
public void clearResourceObjectListCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resId) throws WavesetException
clearResourceObjectListCache
in interface Session
WavesetException
public void clearResourceObjectListCache(java.util.Map options) throws WavesetException
clearResourceObjectListCache
in interface Session
WavesetException
public java.lang.String getResourceIdentity(java.lang.String subjectName, java.lang.String resId) throws WavesetException
getResourceIdentity
in interface Session
WavesetException
public java.util.List getResourceObjects(java.lang.String objectType, java.lang.String resId, java.util.Map options, java.lang.String subjectName, boolean cacheList, long cacheTimeout, boolean clearCacheIfExists) throws WavesetException
getResourceObjects
in interface Session
objectType
- - the name of a valid object class for this specified
"resourceId". If null, will return objects of all object types defined
by the specified resId found within the specified search container and
scope and the search filter is specified.options
- - several options can be specified which control the
behavior of the search.
They include:
resId
- - the resource from which to get the objects
WavesetException
public java.util.List getResourceObjects(java.lang.String objectType, java.lang.String resId, java.util.Map options) throws WavesetException
getResourceObjects
in interface LighthouseContext
objectType
- - the name of a valid object class for this specified
"resourceId". If null, will return objects of all object types defined
by the specified resId found within the specified search container and
scope and the search filter is specified.resId
- - the resource from which to get the objectsoptions
- - several options can be specified which control the
behavior of the search.
They include:
WavesetException
public void clearResourceObjectGetCache(java.lang.String subjectName, java.lang.String objectType, java.lang.String resId) throws WavesetException
clearResourceObjectGetCache
in interface Session
WavesetException
public void clearResourceObjectGetCache(java.util.Map options) throws WavesetException
clearResourceObjectGetCache
in interface Session
WavesetException
public java.util.Locale getLocale()
getLocale
in interface Session
public void setLocale(java.util.Locale locale)
setLocale
in interface Session
public int countObjects(java.lang.Object typeid, java.util.Map options) throws WavesetException
countObjects
in interface ObjectSource
WavesetException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |