|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface IAdmin
Administration interface providing access to admin-only functionality as well
as JMX-based server access and selected user functions. Most methods require
membership in privileged groups
.
Methods which return Experimenter
or
ExperimenterGroup
instances fetch and load all related
instances of ExperimenterGroup
or
Experimenter
, respectively.
Method Summary | |
---|---|
void |
addGroupOwners(ome.model.meta.ExperimenterGroup group,
ome.model.meta.Experimenter... owner)
adds the given users to the owner list for this group. |
void |
addGroups(ome.model.meta.Experimenter user,
ome.model.meta.ExperimenterGroup... groups)
adds a user to the given groups. |
boolean |
canUpdate(ome.model.IObject obj)
Returns true if the currently logged in user can modify the given IObject . |
void |
changeExpiredCredentials(String name,
String oldCred,
String newCred)
Used after an ExpiredCredentialsException instance is thrown. |
void |
changeGroup(ome.model.IObject iObject,
String groupName)
call details.setGroup()
on this instance. |
void |
changeOwner(ome.model.IObject iObject,
String omeName)
call details.setOwner()
on this instance. |
void |
changePassword(String newPassword)
change the password for the current user. |
void |
changePasswordWithOldPassword(String oldPassword,
String newPassword)
change the password for the current user by passing the old password. |
void |
changePermissions(ome.model.IObject iObject,
ome.model.internal.Permissions perms)
call defaults.setPermissions()
on this instance. |
void |
changeUserPassword(String omeName,
String newPassword)
change the password for the a given user. |
ome.model.meta.Experimenter[] |
containedExperimenters(long groupId)
fetch all users contained in this group. |
ome.model.meta.ExperimenterGroup[] |
containedGroups(long experimenterId)
fetch all groups of which the given user is a
member. |
long |
createExperimenter(ome.model.meta.Experimenter experimenter,
ome.model.meta.ExperimenterGroup defaultGroup,
ome.model.meta.ExperimenterGroup... otherGroups)
create and return a new user in the given groups. |
long |
createExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
String password,
ome.model.meta.ExperimenterGroup defaultGroup,
ome.model.meta.ExperimenterGroup... otherGroups)
create and return a new user in the given groups with password. |
long |
createGroup(ome.model.meta.ExperimenterGroup group)
create and return a new group. |
long |
createSystemUser(ome.model.meta.Experimenter newSystemUser)
create and return a new system user. |
long |
createUser(ome.model.meta.Experimenter newUser,
String group)
create and return a new user. |
void |
deleteExperimenter(ome.model.meta.Experimenter user)
removes a user by removing the password information for that user as well as all GroupExperimenterMap instances. |
void |
deleteGroup(ome.model.meta.ExperimenterGroup group)
removes a group by first removing all users in the group, and then deleting the actual ExperimenterGroup instance. |
ome.model.meta.ExperimenterGroup |
getDefaultGroup(long experimenterId)
retrieve the default group for the given user
id. |
EventContext |
getEventContext()
returns an implementation of EventContext loaded with the
security for the current user and thread. |
ome.model.meta.Experimenter |
getExperimenter(long id)
fetch an Experimenter and all related
groups . |
ome.model.meta.ExperimenterGroup |
getGroup(long id)
fetch an ExperimenterGroup and all contained
users . |
List<Long> |
getLeaderOfGroupIds(ome.model.meta.Experimenter e)
Finds the ids for all groups for which the given Experimenter is
owner/leader. |
List<Long> |
getMemberOfGroupIds(ome.model.meta.Experimenter e)
Finds the ids for all groups for which the given Experimenter is
a member. |
List<ome.model.core.OriginalFile> |
getMyUserPhotos()
Retrieve the OriginalFile objectd attached to this
user as specified by {@link #uploadMyUserPhoto(String, String, byte[]). |
Roles |
getSecurityRoles()
returns the active Roles in use by the server. |
ome.model.meta.Experimenter |
lookupExperimenter(String omeName)
look up an Experimenter and all related
groups by name. |
List<ome.model.meta.Experimenter> |
lookupExperimenters()
Looks up all experimenters present and all related
groups . |
ome.model.meta.ExperimenterGroup |
lookupGroup(String groupName)
look up an ExperimenterGroup and all contained
users by name. |
List<ome.model.meta.ExperimenterGroup> |
lookupGroups()
Looks up all groups present and all related
experimenters . |
String |
lookupLdapAuthExperimenter(long id)
Looks up experimenters who uses LDAP authentication
(has set dn on password table). |
List<Map<String,Object>> |
lookupLdapAuthExperimenters()
Looks up all id of experimenters who uses LDAP
authentication (has set dn on password table). |
void |
moveToCommonSpace(ome.model.IObject... iObjects)
Moves the given objects into the "user" group to make them visible and linkable from all security contexts. |
void |
removeGroupOwners(ome.model.meta.ExperimenterGroup group,
ome.model.meta.Experimenter... owner)
removes the given users from the owner list for this group. |
void |
removeGroups(ome.model.meta.Experimenter user,
ome.model.meta.ExperimenterGroup... groups)
removes a user from the given groups. |
void |
reportForgottenPassword(String name,
String email)
Can be used after repeated AuthenticationException instances are
thrown, to request that an email with a temporary password be sent. |
void |
setDefaultGroup(ome.model.meta.Experimenter user,
ome.model.meta.ExperimenterGroup group)
sets the default group for a given user. |
void |
setGroupOwner(ome.model.meta.ExperimenterGroup group,
ome.model.meta.Experimenter owner)
adds the user to the owner list for this group. |
void |
synchronizeLoginCache()
uses JMX to refresh the login cache if supported. |
void |
unsetGroupOwner(ome.model.meta.ExperimenterGroup group,
ome.model.meta.Experimenter owner)
removes the user from the owner list for this group. |
void |
updateExperimenter(ome.model.meta.Experimenter experimenter)
Updates an experimenter if admin or owner of group. |
void |
updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
String password)
Updates an experimenter if admin or owner of group. |
void |
updateGroup(ome.model.meta.ExperimenterGroup group)
Updates an experimenter group if admin or owner of group. |
void |
updateSelf(ome.model.meta.Experimenter experimenter)
Allows a user to update his/her own information. |
long |
uploadMyUserPhoto(String filename,
String format,
byte[] data)
Uploads a photo for the user which will be displayed on his/her profile. |
Method Detail |
---|
boolean canUpdate(ome.model.IObject obj)
IObject
. This uses the same logic that would be applied during
a Hibernate flush to the database.
ome.model.meta.Experimenter getExperimenter(long id)
Experimenter
and all related
groups
.
id
- id of the Experimenter
ome.conditions.ApiUsageException
- if id does not exist.ome.model.meta.Experimenter lookupExperimenter(String omeName)
Experimenter
and all related
groups
by name.
omeName
- Name of the Experimenter
ome.conditions.ApiUsageException
- if omeName does not exist.List<ome.model.meta.Experimenter> lookupExperimenters()
experimenters
present and all related
groups
.
List<Map<String,Object>> lookupLdapAuthExperimenters()
experimenters
who uses LDAP
authentication (has set dn on password table).
String lookupLdapAuthExperimenter(long id)
experimenters
who uses LDAP authentication
(has set dn on password table).
ome.model.meta.ExperimenterGroup getGroup(long id)
ExperimenterGroup
and all contained
users
.
id
- id of the ExperimenterGroup
ome.conditions.ApiUsageException
- if id does not exist.ome.model.meta.ExperimenterGroup lookupGroup(String groupName)
ExperimenterGroup
and all contained
users
by name.
groupName
- Name of the ExperimenterGroup
ome.conditions.ApiUsageException
- if groupName does not exist.List<ome.model.meta.ExperimenterGroup> lookupGroups()
groups
present and all related
experimenters
. The experimenters' groups are also
loaded.
ome.model.meta.Experimenter[] containedExperimenters(long groupId)
users
contained in this group. The
returned users will have all fields filled in and all collections
unloaded.
groupId
- id of the ExperimenterGroup
users
in this group.ome.model.meta.ExperimenterGroup[] containedGroups(long experimenterId)
groups
of which the given user is a
member. The returned groups will have all fields filled in and all
collections unloaded.
experimenterId
- id of the Experimenter. Not null.
groups
for this
user.ome.model.meta.ExperimenterGroup getDefaultGroup(long experimenterId)
group
for the given user
id.
experimenterId
- of the Experimenter. Not null.
ExperimenterGroup
. If no default group is
found, an exception will be thrown.List<Long> getLeaderOfGroupIds(ome.model.meta.Experimenter e)
Experimenter
is
owner/leader.
e
- Non-null, managed (i.e. with id) Experimenter
ExperimenterGroup.getDetails()
,
Details.getOwner()
List<Long> getMemberOfGroupIds(ome.model.meta.Experimenter e)
Experimenter
is
a member.
e
- Non-null, managed (i.e. with id) Experimenter
ExperimenterGroup.getDetails()
,
Details.getOwner()
void updateSelf(ome.model.meta.Experimenter experimenter)
setDefaultGroup(Experimenter, ExperimenterGroup)
experimenter
- A data transfer object. Only the fields: firstName,
middleName, lastName, email, and institution are checked. Not
null.setDefaultGroup(Experimenter, ExperimenterGroup)
long uploadMyUserPhoto(String filename, String format, byte[] data)
OriginalFile
object
with the given format, and attached to the user's Experimenter
object via an FileAnnotation
with
the namespace: "openmicroscopy.org/omero/experimenter/photo" (NSEXPERIMENTERPHOTO).
If such an OriginalFile
instance already exists,
it will be overwritten. If more than one photo is present, the oldest
version will be modified (i.e. the highest updateEvent id).
Note: as outlined in ticket:1794, this photo will be placed in the "user"
group and therefore will be visible to everyone on the system.
filename
- Not null. String name which will be used.format
- Not null. Format.value string. 'image/jpeg' and 'image/png' are common values.data
- Not null. Data from the image. This will be written to disk.
List<ome.model.core.OriginalFile> getMyUserPhotos()
OriginalFile
objectd attached to this
user as specified by {@link #uploadMyUserPhoto(String, String, byte[]).
The return value is order by the most recently modified file first.
void updateExperimenter(ome.model.meta.Experimenter experimenter)
updateSelf(Experimenter)
if the current user
matches the given experimenter.
experimenter
- the Experimenter to update.void updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter, String password)
experimenter
- the Experimenter to update.password
- Not-null. Must pass validation in the security sub-system.void updateGroup(ome.model.meta.ExperimenterGroup group)
group
- the ExperimenterGroup to update.long createUser(ome.model.meta.Experimenter newUser, String group)
newUser
- a new Experimenter
instance
Experimenter
long createSystemUser(ome.model.meta.Experimenter newSystemUser)
newUser
- a new Experimenter
instance
Experimenter
long createExperimenter(ome.model.meta.Experimenter experimenter, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
experimenter
- A new Experimenter
instance. Not null.defaultGroup
- Instance of ExperimenterGroup
. Not null.otherGroups
- Array of ExperimenterGroup
instances. Can be null.
Experimenter
Not null.long createExperimenterWithPassword(ome.model.meta.Experimenter experimenter, String password, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
experimenter
- A new Experimenter
instance. Not null.password
- Not-null. Must pass validation in the security sub-system.defaultGroup
- Instance of ExperimenterGroup
. Not null.otherGroups
- Array of ExperimenterGroup
instances. Can be null.
Experimenter
Not null.
ome.conditions.SecurityViolation
- if the new password is too weak.long createGroup(ome.model.meta.ExperimenterGroup group)
Details.setPermissions(Permissions)
method should be called on the instance which is passed. The given
Permissions
will become the default for all objects created while
logged into this group, possibly modified by the user's umask settings.
If no permissions is set, the default will be Permissions.USER_PRIVATE
,
i.e. a group in which no user can see the other group member's data.
newGroup
- a new ExperimenterGroup
instance. Not null.
ExperimenterGroup
void addGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
user
- A currently managed entity. Not null.groups
- Groups to which the user will be added. Not null.void removeGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
user
- A currently managed entity. Not null.groups
- Groups from which the user will be removed. Not null.void setDefaultGroup(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup group)
user
- A currently managed Experimenter
. Not null.group
- The group which should be set as default group for this user.
Not null.void setGroupOwner(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
group
- A currently managed ExperimenterGroup
. Not null.owner
- A currently managed Experimenter
. Not null.void unsetGroupOwner(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
group
- A currently managed ExperimenterGroup
. Not null.owner
- A currently managed Experimenter
. Not null.void addGroupOwners(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
group
- A currently managed ExperimenterGroup
. Not null.owner
- A set of currently managed Experimenter
s. Not null.void removeGroupOwners(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
group
- A currently managed ExperimenterGroup
. Not null.owners
- A set of currently managed Experimenter
s. Not null.void deleteExperimenter(ome.model.meta.Experimenter user)
GroupExperimenterMap
instances.
user
- Experimenter to be deleted. Not null.void deleteGroup(ome.model.meta.ExperimenterGroup group)
ExperimenterGroup
instance.
group
- ExperimenterGroup
to be deleted. Not null.void changeOwner(ome.model.IObject iObject, String omeName)
details.setOwner()
on this instance. It is valid for the instance to be
unloaded
(or constructed with an
unloading-constructor.)
iObject
- An entity or an unloaded reference to an entity. Not null.omeName
- The user name who should gain ownership of this entity. Not
null.void changeGroup(ome.model.IObject iObject, String groupName)
details.setGroup()
on this instance. It is valid for the instance to be
unloaded
(or constructed with an
unloading-constructor.)
iObject
- An entity or an unloaded reference to an entity. Not null.groupName
- The group name who should gain ownership of this entity. Not
null.void changePermissions(ome.model.IObject iObject, ome.model.internal.Permissions perms)
defaults.setPermissions()
on this instance. It is valid for the instance to be
unloaded
(or constructed with an
unloading-constructor.)
iObject
- An entity or an unloaded reference to an entity. Not null.perms
- The permissions value for this entity. Not null.void moveToCommonSpace(ome.model.IObject... iObjects)
iObjects
- ticket:1794
void reportForgottenPassword(String name, String email) throws ome.conditions.AuthenticationException
AuthenticationException
instances are
thrown, to request that an email with a temporary password be sent. The
given email must match the email for the user listed under the name
argument.
Does not require a session to be active.
name
- email
-
ome.conditions.AuthenticationException
- when name and email do not matchvoid changeExpiredCredentials(String name, String oldCred, String newCred) throws ome.conditions.AuthenticationException
ExpiredCredentialsException
instance is thrown.
Does not require
ome.conditions.AuthenticationException
void changePassword(String newPassword)
Warning:This method requires the user to be authenticated
with a password and not with a one-time session id. To avoid this
problem, use changePasswordWithOldPassword(String, String)
.
newPassword
- Possibly null to allow logging in with no password.
ome.conditions.SecurityViolation
- if the user is not authenticated with a password.void changePasswordWithOldPassword(String oldPassword, String newPassword)
newPassword
- Not-null. Must pass validation in the security sub-system.newPassword
- Possibly null to allow logging in with no password.
ome.conditions.SecurityViolation
- if the oldPassword is incorrect.void changeUserPassword(String omeName, String newPassword)
newPassword
- Not-null. Might must pass validation in the security
sub-system.
ome.conditions.SecurityViolation
- if the new password is too weak.void synchronizeLoginCache()
Roles getSecurityRoles()
Roles
in use by the server.
Roles
instance.EventContext getEventContext()
EventContext
loaded with the
security for the current user and thread. If called remotely, not all
values of EventContext
will be sensible.
EventContext
instance
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Version: 4.3.3-00d1137e-b2894
Copyright © 2009 The University of Dundee. All Rights Reserved.