ome.logic
Class AdminImpl

java.lang.Object
  extended by ome.logic.AbstractLevel2Service
      extended by ome.logic.AdminImpl
All Implemented Interfaces:
IAdmin, LocalAdmin, ServiceInterface, SelfConfigurableService, org.springframework.context.ApplicationContextAware

@Transactional
public class AdminImpl
extends AbstractLevel2Service
implements LocalAdmin, org.springframework.context.ApplicationContextAware

Provides methods for administering user accounts, passwords, as well as methods which require special privileges. Developer note: As can be expected, to perform these privileged the Admin service has access to several resources that should not be generally used while developing services. Misuse could circumvent security or auditing.

Since:
3.0-M3
Version:
$Revision:1754 $, $Date:2007-08-20 10:36:07 +0100 (Mon, 20 Aug 2007) $
Author:
Josh Moore, josh.moore at gmx.de
See Also:
SecuritySystem, Permissions

Field Summary
protected  ACLVoter aclVoter
           
protected  OmeroContext context
           
protected  org.springframework.jdbc.core.simple.SimpleJdbcOperations jdbc
           
protected  org.springframework.mail.MailSender mailSender
           
protected  PasswordProvider passwordProvider
           
protected  RoleProvider roleProvider
           
protected  org.hibernate.SessionFactory sf
           
protected  org.springframework.mail.SimpleMailMessage templateMessage
           
 
Fields inherited from class ome.logic.AbstractLevel2Service
iQuery, iUpdate, metadata, queryFactory, sec
 
Constructor Summary
AdminImpl(org.springframework.jdbc.core.simple.SimpleJdbcOperations jdbc, org.hibernate.SessionFactory sf, org.springframework.mail.MailSender mailSender, org.springframework.mail.SimpleMailMessage templateMessage, ACLVoter aclVoter, PasswordProvider passwordProvider, RoleProvider roleProvider)
           
 
Method Summary
 void addGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
          adds a user to the given groups.
protected  void assertManaged(ome.model.IObject o)
           
 boolean canUpdate(ome.model.IObject obj)
          Returns true if the currently logged in user can modify the given IObject.
 void changeExpiredCredentials(String name, String oldCred, String newCred)
          Used after an ExpiredCredentialsException instance is thrown.
 void changeGroup(ome.model.IObject iObject, String groupName)
          call details.setGroup() on this instance.
 void changeOwner(ome.model.IObject iObject, String omeName)
          call details.setOwner() on this instance.
 void changePassword(String newPassword)
          change the password for the current user
 void changePermissions(ome.model.IObject iObject, ome.model.internal.Permissions perms)
          the implementation of this method is somewhat tricky in that Permissions changes must be allowed even when other updates are not.
 void changeUserPassword(String user, String newPassword)
          change the password for the a given user.
 boolean checkPassword(String name, String password)
          Jumps through some hurdles (see PasswordUtil#userId(SimpleJdbcTemplate, String) to not have to use Hibernate in order to prevent unauthorized access to Hibernate.
 ome.model.meta.Experimenter[] containedExperimenters(long groupId)
          fetch all users contained in this group.
 ome.model.meta.ExperimenterGroup[] containedGroups(long experimenterId)
          fetch all groups of which the given user is a member.
 long createExperimenter(ome.model.meta.Experimenter experimenter, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
          create and return a new user in the given groups.
 long createExperimenterWithPassword(ome.model.meta.Experimenter experimenter, String password, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
          create and return a new user in the given groups with password.
 long createGroup(ome.model.meta.ExperimenterGroup group)
          create and return a new group.
 long createSystemUser(ome.model.meta.Experimenter newSystemUser)
          create and return a new system user.
 long createUser(ome.model.meta.Experimenter newUser, String defaultGroup)
          create and return a new user.
 void deleteExperimenter(ome.model.meta.Experimenter user)
          removes a user by removing the password information for that user as well as all GroupExperimenterMap instances.
 void deleteGroup(ome.model.meta.ExperimenterGroup group)
          removes a group by first removing all users in the group, and then deleting the actual ExperimenterGroup instance.
 ome.model.meta.ExperimenterGroup getDefaultGroup(long experimenterId)
          retrieve the default group for the given user id.
 EventContext getEventContext()
          returns an implementation of EventContext loaded with the security for the current user and thread.
 ome.model.meta.Experimenter getExperimenter(long id)
          fetch an Experimenter and all related groups.
 ome.model.meta.ExperimenterGroup getGroup(long id)
          fetch an ExperimenterGroup and all contained users.
 List<Long> getLeaderOfGroupIds(ome.model.meta.Experimenter e)
          Finds the ids for all groups for which the given Experimenter is owner/leader.
 Map<String,Long> getLockingIds(ome.model.IObject object)
          Returns a map from Class (as string) to a count for all entities which point to the given IObject.
 List<Long> getMemberOfGroupIds(ome.model.meta.Experimenter e)
          Finds the ids for all groups for which the given Experimenter is a member.
 Roles getSecurityRoles()
          returns the active Roles in use by the server.
 Class<? extends ServiceInterface> getServiceInterface()
           
 List<String> getUserRoles(ome.model.meta.Experimenter e)
          Finds the group names for all groups for which the given Experimenter is a member.
 ome.model.meta.ExperimenterGroup groupProxy(Long id)
          returns a possibly uninitialized proxy for the given group id.
 ome.model.meta.ExperimenterGroup groupProxy(String groupName)
          returns a possibly uninitialized proxy for the given group name.
 ome.model.meta.Experimenter lookupExperimenter(String omeName)
          look up an Experimenter and all related groups by name.
 List<ome.model.meta.Experimenter> lookupExperimenters()
          Looks up all experimenters present and all related groups.
 ome.model.meta.ExperimenterGroup lookupGroup(String groupName)
          look up an ExperimenterGroup and all contained users by name.
 List<ome.model.meta.ExperimenterGroup> lookupGroups()
          Looks up all groups present and all related experimenters.
 String lookupLdapAuthExperimenter(long id)
          Looks up experimenters who uses LDAP authentication (has set dn on password table).
 List<Map<String,Object>> lookupLdapAuthExperimenters()
          Looks up all id of experimenters who uses LDAP authentication (has set dn on password table).
 void removeGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
          removes a user from the given groups.
 void reportForgottenPassword(String name, String email)
          Can be used after repeated AuthenticationException instances are thrown, to request that an email with a temporary password be sent.
 void setApplicationContext(org.springframework.context.ApplicationContext ctx)
           
 void setDefaultGroup(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup group)
          sets the default group for a given user.
 void setGroupOwner(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
          sets the owner of a group to be a given user.
 void synchronizeLoginCache()
          uses JMX to refresh the login cache if supported.
 boolean[] unlock(ome.model.IObject... iObjects)
          checks an entity for any in-bound references and if none are present, will remove the Permissions.Flag.LOCKED status.
 void updateExperimenter(ome.model.meta.Experimenter experimenter)
          Updates an experimenter as admin.
 void updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter, String password)
          Updates an experimenter as admin.
 void updateGroup(ome.model.meta.ExperimenterGroup group)
          Updates a group.
 void updateSelf(ome.model.meta.Experimenter e)
          Allows a user to update his/her own information.
 ome.model.meta.Experimenter userProxy(Long id)
          returns a possibly uninitialized proxy for the given user id.
 ome.model.meta.Experimenter userProxy(String omeName)
          returns a possibly uninitialized proxy for the given user name.
 
Methods inherited from class ome.logic.AbstractLevel2Service
getBeanHelper, getExtendedMetadata, getQueryFactory, getSecuritySystem, selfConfigure, setExtendedMetadata, setQueryFactory, setQueryService, setSecuritySystem, setUpdateService
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

jdbc

protected final org.springframework.jdbc.core.simple.SimpleJdbcOperations jdbc

sf

protected final org.hibernate.SessionFactory sf

mailSender

protected final org.springframework.mail.MailSender mailSender

templateMessage

protected final org.springframework.mail.SimpleMailMessage templateMessage

aclVoter

protected final ACLVoter aclVoter

passwordProvider

protected final PasswordProvider passwordProvider

roleProvider

protected final RoleProvider roleProvider

context

protected OmeroContext context
Constructor Detail

AdminImpl

public AdminImpl(org.springframework.jdbc.core.simple.SimpleJdbcOperations jdbc,
                 org.hibernate.SessionFactory sf,
                 org.springframework.mail.MailSender mailSender,
                 org.springframework.mail.SimpleMailMessage templateMessage,
                 ACLVoter aclVoter,
                 PasswordProvider passwordProvider,
                 RoleProvider roleProvider)
Method Detail

setApplicationContext

public void setApplicationContext(org.springframework.context.ApplicationContext ctx)
                           throws org.springframework.beans.BeansException
Specified by:
setApplicationContext in interface org.springframework.context.ApplicationContextAware
Throws:
org.springframework.beans.BeansException

getServiceInterface

public Class<? extends ServiceInterface> getServiceInterface()
Specified by:
getServiceInterface in interface SelfConfigurableService

userProxy

public ome.model.meta.Experimenter userProxy(Long id)
Description copied from interface: LocalAdmin
returns a possibly uninitialized proxy for the given user id. Use of the Experimenter instance will initial its values.

Specified by:
userProxy in interface LocalAdmin

userProxy

public ome.model.meta.Experimenter userProxy(String omeName)
Description copied from interface: LocalAdmin
returns a possibly uninitialized proxy for the given user name. Use of the Experimenter instance will initial its values.

Specified by:
userProxy in interface LocalAdmin

groupProxy

public ome.model.meta.ExperimenterGroup groupProxy(Long id)
Description copied from interface: LocalAdmin
returns a possibly uninitialized proxy for the given group id. Use of the Experimenter instance will initial its values.

Specified by:
groupProxy in interface LocalAdmin

groupProxy

public ome.model.meta.ExperimenterGroup groupProxy(String groupName)
Description copied from interface: LocalAdmin
returns a possibly uninitialized proxy for the given group name. Use of the Experimenter instance will initial its values.

Specified by:
groupProxy in interface LocalAdmin

getLeaderOfGroupIds

public List<Long> getLeaderOfGroupIds(ome.model.meta.Experimenter e)
Description copied from interface: LocalAdmin
Finds the ids for all groups for which the given Experimenter is owner/leader.

Specified by:
getLeaderOfGroupIds in interface LocalAdmin
Parameters:
e - Non-null, managed (i.e. with id) Experimenter
See Also:
ExperimenterGroup.getDetails(), Details.getOwner()

getMemberOfGroupIds

public List<Long> getMemberOfGroupIds(ome.model.meta.Experimenter e)
Description copied from interface: LocalAdmin
Finds the ids for all groups for which the given Experimenter is a member.

Specified by:
getMemberOfGroupIds in interface LocalAdmin
Parameters:
e - Non-null, managed (i.e. with id) Experimenter
See Also:
ExperimenterGroup.getDetails(), Details.getOwner()

getUserRoles

public List<String> getUserRoles(ome.model.meta.Experimenter e)
Description copied from interface: LocalAdmin
Finds the group names for all groups for which the given Experimenter is a member.

Specified by:
getUserRoles in interface LocalAdmin
Parameters:
e - Non-null, managed (i.e. with id) Experimenter
See Also:
ExperimenterGroup.getDetails(), Details.getOwner()

canUpdate

public boolean canUpdate(ome.model.IObject obj)
Description copied from interface: IAdmin
Returns true if the currently logged in user can modify the given IObject. This uses the same logic that would be applied during a Hibernate flush to the database.

Specified by:
canUpdate in interface IAdmin

getExperimenter

public ome.model.meta.Experimenter getExperimenter(long id)
Description copied from interface: IAdmin
fetch an Experimenter and all related groups.

Specified by:
getExperimenter in interface IAdmin
Parameters:
id - id of the Experimenter
Returns:
an Experimenter. Never null.

lookupExperimenter

public ome.model.meta.Experimenter lookupExperimenter(String omeName)
Description copied from interface: IAdmin
look up an Experimenter and all related groups by name.

Specified by:
lookupExperimenter in interface IAdmin
Parameters:
omeName - Name of the Experimenter
Returns:
an Experimenter. Never null.

lookupExperimenters

public List<ome.model.meta.Experimenter> lookupExperimenters()
Description copied from interface: IAdmin
Looks up all experimenters present and all related groups.

Specified by:
lookupExperimenters in interface IAdmin
Returns:
all Experimenters. Never null.

lookupLdapAuthExperimenters

@Transactional(readOnly=true)
public List<Map<String,Object>> lookupLdapAuthExperimenters()
Description copied from interface: IAdmin
Looks up all id of experimenters who uses LDAP authentication (has set dn on password table).

Specified by:
lookupLdapAuthExperimenters in interface IAdmin
Returns:
list of Experimenters. Never null.

lookupLdapAuthExperimenter

public String lookupLdapAuthExperimenter(long id)
Description copied from interface: IAdmin
Looks up experimenters who uses LDAP authentication (has set dn on password table).

Specified by:
lookupLdapAuthExperimenter in interface IAdmin
Returns:
Experimenter. Never null.

getGroup

public ome.model.meta.ExperimenterGroup getGroup(long id)
Description copied from interface: IAdmin
fetch an ExperimenterGroup and all contained users.

Specified by:
getGroup in interface IAdmin
Parameters:
id - id of the ExperimenterGroup
Returns:
an ExperimenterGroup. Never null.

lookupGroup

public ome.model.meta.ExperimenterGroup lookupGroup(String groupName)
Description copied from interface: IAdmin
look up an ExperimenterGroup and all contained users by name.

Specified by:
lookupGroup in interface IAdmin
Parameters:
groupName - Name of the ExperimenterGroup
Returns:
an ExperimenterGroup. Never null.

lookupGroups

public List<ome.model.meta.ExperimenterGroup> lookupGroups()
Description copied from interface: IAdmin
Looks up all groups present and all related experimenters. The experimenters' groups are also loaded.

Specified by:
lookupGroups in interface IAdmin
Returns:
all Groups. Never null.

containedExperimenters

public ome.model.meta.Experimenter[] containedExperimenters(long groupId)
Description copied from interface: IAdmin
fetch all users contained in this group. The returned users will have all fields filled in and all collections unloaded.

Specified by:
containedExperimenters in interface IAdmin
Parameters:
groupId - id of the ExperimenterGroup
Returns:
non-null array of all users in this group.

containedGroups

public ome.model.meta.ExperimenterGroup[] containedGroups(long experimenterId)
Description copied from interface: IAdmin
fetch all groups of which the given user is a member. The returned groups will have all fields filled in and all collections unloaded.

Specified by:
containedGroups in interface IAdmin
Parameters:
experimenterId - id of the Experimenter. Not null.
Returns:
non-null array of all groups for this user.

synchronizeLoginCache

public void synchronizeLoginCache()
Description copied from interface: IAdmin
uses JMX to refresh the login cache if supported. Some backends may not provide refreshing. This may be called internally during some other administrative tasks. The exact implementation of this depends on the application server and the authentication/authorization backend.

Specified by:
synchronizeLoginCache in interface IAdmin

updateSelf

public void updateSelf(ome.model.meta.Experimenter e)
Description copied from interface: IAdmin
Allows a user to update his/her own information. This is limited to the fields on Experimenter, all other fields (groups, etc.) are ignored. The experimenter argument need not have the proper id nor the proper omeName (which is immutable). To change the users default group (which is the only other customizable option), use IAdmin.setDefaultGroup(Experimenter, ExperimenterGroup)

Specified by:
updateSelf in interface IAdmin
Parameters:
e - A data transfer object. Only the fields: firstName, middleName, lastName, email, and institution are checked. Not null.
See Also:
IAdmin.setDefaultGroup(Experimenter, ExperimenterGroup)

updateExperimenter

public void updateExperimenter(ome.model.meta.Experimenter experimenter)
Description copied from interface: IAdmin
Updates an experimenter as admin. All aspects of the passed object are taken into account including omeName, groups, and default group.

Specified by:
updateExperimenter in interface IAdmin
Parameters:
experimenter - the Experimenter to update.

updateExperimenterWithPassword

public void updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
                                           String password)
Description copied from interface: IAdmin
Updates an experimenter as admin. All aspects of the passed object are taken into account including omeName, groups, and default group.

Specified by:
updateExperimenterWithPassword in interface IAdmin
Parameters:
experimenter - the Experimenter to update.
password - Not-null. Must pass validation in the security sub-system.

updateGroup

public void updateGroup(ome.model.meta.ExperimenterGroup group)
Description copied from interface: IAdmin
Updates a group. All aspects of the passed object are taken into account including group name and the included users.

Specified by:
updateGroup in interface IAdmin
Parameters:
group - the ExperimenterGroup to update.

createUser

public long createUser(ome.model.meta.Experimenter newUser,
                       String defaultGroup)
Description copied from interface: IAdmin
create and return a new user. This user will be created with the default group specified.

Specified by:
createUser in interface IAdmin
Parameters:
newUser - a new Experimenter instance
Returns:
id of the newly created Experimenter

createSystemUser

public long createSystemUser(ome.model.meta.Experimenter newSystemUser)
Description copied from interface: IAdmin
create and return a new system user. This user will be created with the "System" (administration) group as default and will also be in the "user" group.

Specified by:
createSystemUser in interface IAdmin
Returns:
id of the newly created Experimenter

createExperimenter

public long createExperimenter(ome.model.meta.Experimenter experimenter,
                               ome.model.meta.ExperimenterGroup defaultGroup,
                               ome.model.meta.ExperimenterGroup... otherGroups)
Description copied from interface: IAdmin
create and return a new user in the given groups.

Specified by:
createExperimenter in interface IAdmin
Parameters:
experimenter - A new Experimenter instance. Not null.
defaultGroup - Instance of ExperimenterGroup. Not null.
otherGroups - Array of ExperimenterGroup instances. Can be null.
Returns:
id of the newly created Experimenter Not null.

createExperimenterWithPassword

public long createExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
                                           String password,
                                           ome.model.meta.ExperimenterGroup defaultGroup,
                                           ome.model.meta.ExperimenterGroup... otherGroups)
Description copied from interface: IAdmin
create and return a new user in the given groups with password.

Specified by:
createExperimenterWithPassword in interface IAdmin
Parameters:
experimenter - A new Experimenter instance. Not null.
password - Not-null. Must pass validation in the security sub-system.
defaultGroup - Instance of ExperimenterGroup. Not null.
otherGroups - Array of ExperimenterGroup instances. Can be null.
Returns:
id of the newly created Experimenter Not null.

createGroup

public long createGroup(ome.model.meta.ExperimenterGroup group)
Description copied from interface: IAdmin
create and return a new group.

Specified by:
createGroup in interface IAdmin
Returns:
id of the newly created ExperimenterGroup

addGroups

public void addGroups(ome.model.meta.Experimenter user,
                      ome.model.meta.ExperimenterGroup... groups)
Description copied from interface: IAdmin
adds a user to the given groups.

Specified by:
addGroups in interface IAdmin
Parameters:
user - A currently managed entity. Not null.
groups - Groups to which the user will be added. Not null.

removeGroups

public void removeGroups(ome.model.meta.Experimenter user,
                         ome.model.meta.ExperimenterGroup... groups)
Description copied from interface: IAdmin
removes a user from the given groups.

Specified by:
removeGroups in interface IAdmin
Parameters:
user - A currently managed entity. Not null.
groups - Groups from which the user will be removed. Not null.

setDefaultGroup

public void setDefaultGroup(ome.model.meta.Experimenter user,
                            ome.model.meta.ExperimenterGroup group)
Description copied from interface: IAdmin
sets the default group for a given user.

Specified by:
setDefaultGroup in interface IAdmin
Parameters:
user - A currently managed Experimenter. Not null.
group - The group which should be set as default group for this user. Not null.

setGroupOwner

public void setGroupOwner(ome.model.meta.ExperimenterGroup group,
                          ome.model.meta.Experimenter owner)
Description copied from interface: IAdmin
sets the owner of a group to be a given user.

Specified by:
setGroupOwner in interface IAdmin
Parameters:
group - A currently managed ExperimenterGroup. Not null.
owner - A currently managed Experimenter. Not null.

getDefaultGroup

public ome.model.meta.ExperimenterGroup getDefaultGroup(long experimenterId)
Description copied from interface: IAdmin
retrieve the default group for the given user id.

Specified by:
getDefaultGroup in interface IAdmin
Parameters:
experimenterId - of the Experimenter. Not null.
Returns:
non-null ExperimenterGroup. If no default group is found, an exception will be thrown.

deleteExperimenter

public void deleteExperimenter(ome.model.meta.Experimenter user)
Description copied from interface: IAdmin
removes a user by removing the password information for that user as well as all GroupExperimenterMap instances.

Specified by:
deleteExperimenter in interface IAdmin
Parameters:
user - Experimenter to be deleted. Not null.

deleteGroup

public void deleteGroup(ome.model.meta.ExperimenterGroup group)
Description copied from interface: IAdmin
removes a group by first removing all users in the group, and then deleting the actual ExperimenterGroup instance.

Specified by:
deleteGroup in interface IAdmin
Parameters:
group - ExperimenterGroup to be deleted. Not null.

changeOwner

public void changeOwner(ome.model.IObject iObject,
                        String omeName)
Description copied from interface: IAdmin
call details.setOwner() on this instance. It is valid for the instance to be unloaded (or constructed with an unloading-constructor.)

Specified by:
changeOwner in interface IAdmin
Parameters:
iObject - An entity or an unloaded reference to an entity. Not null.
omeName - The user name who should gain ownership of this entity. Not null.

changeGroup

public void changeGroup(ome.model.IObject iObject,
                        String groupName)
Description copied from interface: IAdmin
call details.setGroup() on this instance. It is valid for the instance to be unloaded (or constructed with an unloading-constructor.)

Specified by:
changeGroup in interface IAdmin
Parameters:
iObject - An entity or an unloaded reference to an entity. Not null.
groupName - The group name who should gain ownership of this entity. Not null.

changePermissions

public void changePermissions(ome.model.IObject iObject,
                              ome.model.internal.Permissions perms)
the implementation of this method is somewhat tricky in that Permissions changes must be allowed even when other updates are not. Therefore, we must manually check if the object belongs to this user or is admin (before the call to SecuritySystem.runAsAdmin(AdminAction) This logic is duplicated in BasicSecuritySystem.checkManagedDetails(IObject, ome.model.internal.Details).

Specified by:
changePermissions in interface IAdmin
Parameters:
iObject - An entity or an unloaded reference to an entity. Not null.
perms - The permissions value for this entity. Not null.
See Also:
IAdmin.changePermissions(IObject, Permissions), ticket:293

unlock

public boolean[] unlock(ome.model.IObject... iObjects)
Description copied from interface: IAdmin
checks an entity for any in-bound references and if none are present, will remove the Permissions.Flag.LOCKED status. This method is backend- intensive and should not be used in a tight loop. Returns an array with length equal to the number of instances passed in. A true value means that the object is now unlocked.

Specified by:
unlock in interface IAdmin
Parameters:
iObjects - a variable array argument of objects to be unlocked
Returns:
an array of equal length to iObjects where a true value asserts that the instance is now unlocked in the database.

getLockingIds

public Map<String,Long> getLockingIds(ome.model.IObject object)
Description copied from interface: LocalAdmin
Returns a map from Class (as string) to a count for all entities which point to the given IObject. The String "*" is mapped to the sum of all the locks. TODO This will eventually return a list of ids

Specified by:
getLockingIds in interface LocalAdmin

reportForgottenPassword

public void reportForgottenPassword(String name,
                                    String email)
                             throws ome.conditions.AuthenticationException
Description copied from interface: IAdmin
Can be used after repeated AuthenticationException instances are thrown, to request that an email with a temporary password be sent. The given email must match the email for the user listed under the name argument. Does not require a session to be active.

Specified by:
reportForgottenPassword in interface IAdmin
Throws:
ome.conditions.AuthenticationException - when name and email do not match

changeExpiredCredentials

public void changeExpiredCredentials(String name,
                                     String oldCred,
                                     String newCred)
                              throws ome.conditions.AuthenticationException
Description copied from interface: IAdmin
Used after an ExpiredCredentialsException instance is thrown. Does not require

Specified by:
changeExpiredCredentials in interface IAdmin
Throws:
ome.conditions.AuthenticationException

changePassword

public void changePassword(String newPassword)
Description copied from interface: IAdmin
change the password for the current user

Specified by:
changePassword in interface IAdmin
Parameters:
newPassword - Not-null. Must pass validation in the security sub-system.

changeUserPassword

public void changeUserPassword(String user,
                               String newPassword)
Description copied from interface: IAdmin
change the password for the a given user.

Specified by:
changeUserPassword in interface IAdmin
newPassword - Not-null. Might must pass validation in the security sub-system.

checkPassword

public boolean checkPassword(String name,
                             String password)
Jumps through some hurdles (see PasswordUtil#userId(SimpleJdbcTemplate, String) to not have to use Hibernate in order to prevent unauthorized access to Hibernate. If ldap plugin turned, creates Ldap accounts and authentication by LDAP available.

Specified by:
checkPassword in interface LocalAdmin

getSecurityRoles

public Roles getSecurityRoles()
Description copied from interface: IAdmin
returns the active Roles in use by the server.

Specified by:
getSecurityRoles in interface IAdmin
Returns:
Non-null, immutable Roles instance.

getEventContext

@Transactional(readOnly=true)
public EventContext getEventContext()
Description copied from interface: IAdmin
returns an implementation of EventContext loaded with the security for the current user and thread. If called remotely, not all values of EventContext will be sensible.

Specified by:
getEventContext in interface IAdmin
Returns:
Non-null, immutable EventContext instance

assertManaged

protected void assertManaged(ome.model.IObject o)


OmeroJava Api

Version: Beta-4.1.1-r5927-b91

Copyright © 2009 The University of Dundee. All Rights Reserved.