com.waveset.object
Class WSUser

java.lang.Object
  extended by com.waveset.object.PersistentObject
      extended by com.waveset.object.Principal
          extended by com.waveset.object.WSUser
All Implemented Interfaces:
com.waveset.object.AttributeBag, XmlObject, java.io.Serializable, java.lang.Comparable, javax.naming.Referenceable

public class WSUser
extends Principal

The memory representation for a Waveset user account.

Beyond a set of "special" attributes like id, password, and email address, the user may also have set of arbitrary attributes.

Each user normally has a role which defines a set of resources as well as security options to apply to this user. The role may be changed as time goes on, so we also must maintain a list of the resource accounts that are currently provisioned.

See Also:
Serialized Form

Nested Class Summary
static class WSUser.Delegate
          A class which defines the type, to whom, and start/end dates for delegating future workitems
 
Nested classes/interfaces inherited from class com.waveset.object.PersistentObject
PersistentObject.Comparator, PersistentObject.InitialInstance
 
Field Summary
static java.lang.String ALL_INTERFACES
          Value of the loginInterface argument indicating the "All Interfaces" value.
static java.lang.String code_id
           
static java.lang.String CORRELATION_KEY
           
static java.lang.String PASSWORD_EXPIRATION
           
static java.lang.String POLICIES
           
static java.lang.String ROLE
           
static java.lang.String ROLES
           
 
Fields inherited from class com.waveset.object.Principal
LAST_LOGIN_LOCALE_PROP, LOCALE_PROP, USER_FORM_NAME, VIEW_USER_FORM_NAME
 
Fields inherited from class com.waveset.object.PersistentObject
INITIAL_OBJECT_VERSION
 
Constructor Summary
WSUser()
          Create an empty user object.
WSUser(com.waveset.object.Administrator admin)
          Note that this constructor is to be used strictly for migration/conversion of the old Administrator Type to Users.
WSUser(org.w3c.dom.Element e)
          Create a user object by parsing its DOM representation.
WSUser(java.lang.String xml)
          Create a user object by parsing its XML representation.
WSUser(java.lang.String name, java.lang.String noop)
           
WSUser(WSUser user)
          Create a basic Waveset User from an existing Waveset User.
 
Method Summary
 void addAuditPolicyRef(com.waveset.object.ObjectRef ref)
           
 void addPasswordToPasswordHistory(byte[] newPassword, com.waveset.object.Policy pwdpol)
          Add to the new password to the top of the list of previous passwords
 void addPasswordToPasswordHistory(byte[] newPassword, java.lang.String enc, com.waveset.object.Policy pwdpol)
           
 void addPolicyRef(com.waveset.object.ObjectRef ref)
           
 void addPrivateService(com.waveset.object.ObjectRef ref)
          Add a private service to the list.
 void addPrivateService(Service s)
          Add a private service to the list.
 void addPrivateServices(java.util.List src)
          Add a list of private services.
 void addResourceIdentity(com.waveset.object.ResourceIdentity rid)
          Add information about a resource identity.
 void addResourceInfo(ResourceInfo info)
          Add information about a resource account.
 void addRole(com.waveset.object.ObjectRef ref)
          Set the role reference.
 void addRole(Role role)
          Set the role.
 void addRoleInfo(com.waveset.object.RoleInfo roleInfo)
           
 void addRoleInfoDirect(com.waveset.object.RoleInfo roleInfo)
           
 void addRoleRef(com.waveset.object.ObjectRef ref)
          Set the role reference.
 void addWorkItemDelegate(WSUser.Delegate workItemDelegate)
          Adds the specified Delegate object to this user's set of work item delegate objects.
 void applyAssignmentExclusions(java.util.Collection assignments)
           
static void applyAssignmentExclusions(java.util.Collection assignments, java.util.Collection exclusions)
          Static utility method to apply an exclusion list.
 void applyExclusions(java.util.Collection resources)
           
static void applyExclusions(java.util.Collection resources, java.util.Collection exclusions)
           
 java.util.List applyExclusions(java.util.List resources)
          Given a flattened list of Resource objects such as that returned by Service.getFlatResources, return a new list filtered to remove any Resources that are on this user's exclusion list.
static java.util.List applyExclusions(java.util.List resources, java.util.List exclusions)
          Static utility method to apply an exclusion list.
 void clearAnswers()
          Remove all answers from this user.
 void clearAnswers(java.lang.String loginInterface)
          Remove all answers for the specified login interface from this user.
static void clearExtendedAttributes()
          Deprecated as of 8.0.
 void clearResourceIdentities()
          Remove all the resource identity objects from the user.
 void clearResourceInfo()
          Remove all the resource info objects from the user.
 void clearWSAttributes()
           
 void convertAdminInfo(com.waveset.object.Administrator admin, java.lang.String option)
           
 int countProvisionedAccounts()
           
 void dumpSummary(java.lang.String file)
           
 void expirePassword()
          Sets the password expiration date to yesterday's date to force the next check to see if the password is expired to return true
 void filterPrivateServices(com.waveset.object.Type type)
          Filter the service list based on type.
 void forceProvisioned(boolean on)
           
 void fromMap(java.util.Map map, boolean checkRequiredAttributes)
          Assemble a user object from a map of name value pairs.
 boolean generateTemporaryIds()
          Walk over the ResourceInfo list looking for those that do not have an account id and make sure they have a temporary id.
 java.lang.String getAccountId()
          Get the account id.
 java.lang.String getAccountId(com.waveset.object.Resource r)
           
 java.util.Set getAllPrivateResourceAssignments()
           
 java.util.List getAllPrivateResources()
          Get a flat list of resolved resources.
 com.waveset.object.Answer getAnswer(java.lang.String id)
          Get the answer object with a given id.
 com.waveset.object.Answer[] getAnswers()
          Get the array of authentication answer objects assigned to this user.
 com.waveset.object.Answer[] getAnswers(java.lang.String loginInterface)
           
 com.waveset.object.Resource getAssignedResource(java.lang.String resNameOrId)
           
 java.util.List getAssignedResourceList()
          Return a flat list of Resource objects for all resources assigned directly or indirectly to this user.
 com.waveset.object.Resource[] getAssignedResources()
          Return a flat list of Resource objects assigned to this user.
 java.util.List<java.lang.String> getAssignedRoleIds()
           
 java.util.List getAssignmentList()
          Return a flat list of Resource objects plus any qualifiers for all qualified resources assigned directly or indirectly to this user.
 java.lang.String getAttribute(java.lang.String attrId)
          Get the value of an account attribute as a string.
 java.util.List getAuditPolicyRefs()
           
 java.util.ArrayList getAuthReferences()
          Return the list of references that should be access checked when changed.
 java.lang.String getCorrelationKey()
          Get the correlation key.
 java.lang.String getEmail()
          Get the email address of this user.
 java.util.List getEncryptedValues()
           
 java.util.List getExclusionRefs()
          Get the list of resource exclusions.
 java.util.List getExclusions()
          Get a resolved list of resource exclusions.
 java.util.List getExpandedAdminGroupRefs()
           
 java.util.List getExpandedControlledObjectGroupRefs()
           
 boolean getExternal()
           
 int getFailedPasswordLoginAttemptsCount()
           
 int getFailedPasswordLoginAttemptsSinceLastGoodLogin()
           
 int getFailedQuestionLoginAttemptsCount()
           
 int getFailedQuestionLoginAttemptsSinceLastGoodLogin()
           
 WSUser getForwardAdmin()
           
 com.waveset.object.ObjectRef getForwardAdminRef()
           
 WSUser getIdmManager()
           
 java.lang.String getIdmManagerId()
           
 java.lang.String getIdmManagerName()
           
 com.waveset.object.ObjectRef getIdmManagerRef()
           
static com.waveset.object.Attribute getInbuiltAttr(java.lang.String name)
           
static com.waveset.object.Attribute[] getInbuiltAttrs()
           
 com.waveset.object.Keychain getKeychain()
          Get the SSO keychain.
 java.util.Date getLastAuditorScan()
           
 long getLastPasswordUpdate()
           
 java.util.Date getLockExpiry()
          Get the lock expiration date.
 com.waveset.util.EncryptedData getPassword()
          Get the user's password.
 java.util.Date getPasswordExpiry()
          Get the password expiration date.
 java.util.Date getPasswordExpiryWarning()
          Get the password expiration warning date.
 java.util.List getPasswordHistory()
          Get the current list of stored previous passwords
 java.util.List getPolicyRefs()
           
 com.sun.idm.object.IDMObjectClass getPrimaryObjectClass()
           
 java.util.List getPrivateApplicationRefs()
          Get the list of private application references.
 java.util.List getPrivateApplications()
          Get a resolved list of private Applications.
 java.util.List getPrivateAuditPolicies()
           
 java.util.List getPrivatePolicies()
           
 java.util.List getPrivateResourceAssignmentRefs()
           
 java.util.List getPrivateResourceAssignments()
           
 java.util.ArrayList getPrivateResourceRefs()
          Get the list of private resource references.
 java.util.List getPrivateResources()
          Get a resolved list of private Resources.
 java.util.ArrayList getPrivateServiceRefs()
          Get the list of private service references.
 java.util.List getPrivateServices()
          Get a resolved list of private services.
 java.util.Date getQuestionLockExpiry()
          Get the lock expiration date.
 java.util.ArrayList getReferences()
          Return the list of references within this object.
 java.util.List getResetHistory()
          Get the password reset history.
 com.waveset.object.ResourceIdentity[] getResourceIdentities()
          Return the array of resource identity information.
 com.waveset.object.ResourceIdentity getResourceIdentity(com.waveset.object.Resource res)
          Find a resource identity given a Resource object.
 com.waveset.object.ResourceIdentity getResourceIdentity(java.lang.String name)
          Find a resource identity given a name or ID (usually a name).
 java.util.List getResourceIds(java.util.List refs)
          Given a list of references to Resources, normalize it into a list of repository ids or names.
 ResourceInfo[] getResourceInfo()
          Return the array of resource account information.
 ResourceInfo getResourceInfo(com.waveset.object.Resource res)
          Return the information about a specific resource account associated with this user.
 ResourceInfo getResourceInfo(ResourceInfo src)
           
 ResourceInfo getResourceInfo(ResourceInfo src, boolean caseInsensitive)
          Look for a ResourceInfo on this user whose identity matches that of the supplied ResourceInfo object.
 ResourceInfo getResourceInfo(com.waveset.object.Resource resource, java.lang.String accountId)
           
 ResourceInfo getResourceInfo(java.lang.String resName)
          Return the information about a specific resource account associated with this user.
 ResourceInfo getResourceInfo(java.lang.String resname, java.lang.String accountId)
          Look for a ResourceInfo with the given resource name and id.
 java.util.List<ResourceInfo> getResourceInfos()
          Utility to retrieve the resource infos as a List.
 java.util.List getResourceInfos(com.waveset.object.Resource res)
          Return a list of ResourceInfo objects associated with the given resource.
 java.util.List getResourceInfos(java.lang.String resName)
          Return a list of ResourceInfo objects associated with a resource with the given name.
 java.util.List getRoleIds()
          Return a List of String ids of roles assigned to this user.
 java.util.List getRoleInfoRefs(java.lang.String type)
          Get all, direct, or indirect role info references
 java.util.List<com.waveset.object.RoleInfo> getRoleInfos()
           
 java.util.List<com.waveset.object.RoleInfo> getRoleInfos(java.lang.String state)
           
 java.util.List getRoleNames()
          Return a List of String names of roles assigned to this user.
 java.util.List<com.waveset.object.ObjectRef> getRoleRefs()
          Get the role references.
 com.waveset.object.Resource[] getRoleResources()
          Return an array of all resources assigned through roles to this user.
 java.util.List getRoles()
          Resolve and return the role objects.
 java.util.List getRoleServiceRefs()
          Return a List of ObjectRefs to all services assigned through roles to this user.
 WSAttributes getSummaryAttributes()
           
static com.waveset.object.Type[] getSummaryAttributeTypes()
          Types resolved by resolveSummaryAttributes
 com.waveset.object.Answer[] getSuppliedQuestionAnswers()
          Utility method to return Answers which have a suppliedQuestion set.
 com.waveset.object.Answer[] getSuppliedQuestionAnswers(java.lang.String loginInterface)
          Utility method to return just the answers to user supplied questions for the specified login interface.
 com.waveset.object.Type getType()
          Returns the associated Type object.
 WSUser.Delegate getWorkItemDelegate(java.lang.String workItemType)
          Returns a Delegate object whose workItemType matches the one specified.
 java.util.List getWorkItemDelegateHistory()
          Gets this user's list of Delegate History objects
 java.util.Map getWorkItemDelegates()
           
 WSAttribute getWSAttribute(java.lang.String attrId)
          Get an account attribute.
 WSAttributes getWSAttributes()
          Get the collection of all account attributes for this user.
 boolean hasAssignedResource(com.waveset.object.Resource r)
           
static boolean hasEncryptedData()
           
 int incrementFailedPasswordLoginAttemptsCount()
           
 int incrementFailedQuestionLoginAttemptsCount()
           
 boolean isDisabled()
          Test the account disabled flag.
 boolean isExternal()
          Test the external account flag.
static boolean isInbuiltAttribute(java.lang.String name)
          Returns true if this is the name of one of the built-in Waveset attributes that all user accounts must have.
 boolean isLocked()
           
 boolean isLockExpired()
           
 boolean isLoggedIn(Subject subject)
           
 boolean isLoggedInToApp(java.lang.String appName)
           
 boolean isNullAccountId()
           
 boolean isPasswordChanged()
          Test the password changed flag.
 boolean isPasswordExpired()
           
 boolean isQuestionLocked()
           
 boolean isQuestionLockExpired()
           
 java.util.List listQueryableAttributes()
           
 java.util.List listQueryableReferenceAttributes()
           
 java.util.List listSummaryAttributes()
          Returns the complete list of defined attributes that this type of persistent object exposes as summary attributes (regardless of whether this particular object has a value for each).
 void normalizeAssignments(java.util.List assigned)
          Normalize the ResourceInfo list given an existing assignment list.
 boolean normalizeResourceInfos()
          Normalize the resource info list based on assignments currently stored in the user.
 void prepareForSerialization()
          We overload this to flesh out the ResourceInfo list according to our current assignments.
 WSAttribute putAttribute(WSAttribute attr)
          Set an account attribute, specifying through a WSAttribute object.
 void questionUnlock()
           
 com.waveset.object.Answer removeAnswer(java.lang.String id)
          Remove one answer from the user, given its question id.
 WSAttribute removeAttribute(java.lang.String attrId)
           
 boolean removePrivateService(com.waveset.object.ObjectRef ref)
          Remove any private service reference that matches the specified service reference.
 boolean removePrivateService(Service service)
          Remove any private service reference that matches the specified service.
 void removeResourceIdentity(com.waveset.object.ResourceIdentity rid)
          Remove the information for one resource.
 void removeResourceInfo(ResourceInfo info)
          Remove the information for one resource.
 void removeResourceInfo(java.lang.String id)
          Remove the information for one resource.
 void removeRoleInfo(com.waveset.object.RoleInfo roleInfo)
           
 void removeWorkItemDelegate(java.lang.String workItemType)
          Removes the specified workItemType from the set of work item delegate objects.
static void resolveSummaryAttributes(com.waveset.object.ObjectCache cache, WSAttributes attrs)
          Walk the summary attributes, translating the embedded IDs to names.
 void setAccountId(java.lang.String s)
          Sets the account id.
 void setAnswer(java.lang.String id, com.waveset.util.EncryptedData answer, java.lang.String loginInterface)
          Add or modify an answer.
 void setAnswer(java.lang.String id, java.lang.String answer, java.lang.String loginInterface)
          Add or modify an answer.
 void setAnswers(com.waveset.object.Answer[] answers)
           
 void setAttribute(java.lang.String attrId, java.lang.String value)
          Sets an abstract attribute.
 void setAuditPolicyRef(com.waveset.object.ObjectRef ref)
           
 void setAuditPolicyRefs(java.util.List auditPolicies)
           
 void setCorrelationKey(java.lang.String key)
          Set the correlation key.
 void setDisabled(boolean b)
          Set the account disabled flag.
 void setEmail(java.lang.String s)
          Set the email address of this user.
 void setExclusions(java.util.List refs)
          Set the list of resource exclusions.
 void setExternal(boolean b)
          Set the external account flag.
 void setFailedPasswordLoginAttemptsCount(int failedPasswordLoginAttemptsCount)
           
 void setFailedPasswordLoginAttemptsSinceLastGoodLogin(int failedPasswordLoginAttemptsSinceLastGoodLogin)
           
 void setFailedQuestionLoginAttemptsCount(int failedQuestionLoginAttemptsCount)
           
 void setFailedQuestionLoginAttemptsSinceLastGoodLogin(int failedQuestionLoginAttemptsSinceLastGoodLogin)
           
 void setForwardAdmin(com.waveset.object.ObjectRef ref)
           
 void setForwardAdmin(WSUser admin)
           
 void setIdmManager(java.lang.Object idmManager)
           
static void setInbuiltAttrs(com.waveset.object.Attribute[] userAttrs)
           
 void setKeychain(com.waveset.object.Keychain keys)
          Set the SSO keycain.
 void setLastAuditorScan(java.util.Date lastScan)
           
 void setLastPasswordChange(long millis)
           
 void setLocked(boolean b)
           
 void setLockExpiry(java.util.Date d)
          Set the lock expiration date.
 void setLoggedIn(Subject subject, boolean loggedIn)
           
 void setNullAccountId(boolean b)
           
 void setPassword(com.waveset.util.EncryptedData p)
          Set the user's password.
 void setPassword(java.lang.String p)
          Set the user's password.
 void setPasswordChanged(boolean passwordChanged)
           
 void setPasswordExpiry(java.util.Date d)
          Set the password expiration date.
 void setPasswordExpiryWarning(java.util.Date d)
          Set the password expiration warning date.
 void setPolicyRef(com.waveset.object.ObjectRef ref)
           
 void setPolicyRefs(java.util.List policies)
           
 void setPrivateServiceRefs(java.util.List refs)
          Set the list of private service references.
 void setQuestionLocked(boolean b)
           
 void setQuestionLockExpiry(java.util.Date d)
          Set the lock expiration date.
 void setResetHistory(java.util.List hist)
          Sets the password reset history.
 void setResourceInfo(ResourceInfo[] infos)
          Assigned the full ResourceInfo array.
 void setRoleInfos(java.util.List<com.waveset.object.RoleInfo> roleInfos)
           
 void setRoleRef(com.waveset.object.ObjectRef ref)
           
 void setRoleRefs(java.util.List roles)
           
 void setRoles(java.util.List roles)
          set the roles.
 void setWorkItemDelegateHistory(java.util.List workItemDelegateHistory)
          Sets this user's list of Delegate History objects
 void setWorkItemDelegates(java.util.Map workItemDelegates)
          Sets the set of work item delegate objects for this user.
 boolean setWSAttribute(java.lang.String attrId, java.lang.Object value)
          Sets an account attribute of supported types.
 WSAttribute setWSAttribute(WSAttribute attr)
          Set an account attribute.
 void setWSAttributes(WSAttributes attrs)
          Sets all of the account attributes for this user.
 void terminateLoggedIn(java.lang.String appName)
           
 java.util.HashMap toHashMap(boolean convertAttrValuesToStrings)
          Converts a WSUser object into a Map of name/value pairs.
 java.lang.String toIdentityString()
           
 java.lang.String toVerboseString()
           
 java.lang.String toVerboseString(java.lang.String indent)
           
 void unlock()
           
 void unlockAll()
           
 void visit(com.waveset.object.Visitor v)
          Visitor interface.
static AttributeCondition[] withAnyListedResource(java.util.List resoIdList)
           
static AttributeCondition[] withResource(com.waveset.object.Resource r)
           
static WSUser xcloneObject(WSUser src)
          Make a clone of the object, doing a deep copy where needed to prune ObjectRefs and protect Lists.
 
Methods inherited from class com.waveset.object.Principal
addAdminGroup, addAdminGroupRef, addControlledObjectGroup, addPermission, clearAdminGroups, getAdminGroupRefs, getAdminGroups, getAdminGroupsRuleRef, getAdminRoleRefs, getAdminRoles, getControlledObjectGroupRefs, getControlledObjectGroups, getControlledObjectGroupsRuleRef, getCustomForm, getCustomFormKeys, getPermissions, getUserForm, getUserFormId, getUserFormRef, getViewUserForm, getViewUserFormId, getViewUserFormRef, hasCapabilities, parsePermissions, removeAdminGroup, removeControlledObjectGroup, removePermission, setAdminGroupRefs, setAdminGroups, setAdminGroupsRuleRef, setAdminRoleRefs, setAdminRoles, setControlledObjectGroupRefs, setControlledObjectGroups, setControlledObjectGroupsRuleRef, setCustomForm, setPermissions, setUserForm, setUserFormRef, setViewUserForm, setViewUserFormRef
 
Methods inherited from class com.waveset.object.PersistentObject
addMemberObjectGroup, addMemberObjectGroup, addXmlHeader, attributesMatch, attributesMatch, attributesMatch, checkReference, checkReferences, clearId, cloneAs, cloneObject, compareTo, create, create, create, create, createLastModItem, createLastModItem, createLastModItemList, directObjectGroupMember, dump, dumpFile, equals, getAttributeValues, getAuthType, getBasicAttributes, getBasicAttributes, getBasicAttributes, getCache, getCounterValue, getCreateDate, getCreator, getDisplayableName, getDisplayName, getElementName, getId, getIdOrName, getInitialInstances, getLastMod, getLastModDate, getLastModifier, getLastModItemId, getLockInfo, getMemberObjectGroupRefs, getMemberObjectGroupRefsUpTo, getMemberObjectGroups, getName, getNameOrId, getProperties, getProperty, getPropertyAsString, getPropertyList, getQueryableAttributes, getReference, getRepositoryMod, getRuleDrivenMemberObjectGroupRefs, getRuleDrivenMemberObjectGroupRefsUpTo, getRuleDrivenMemberObjectGroups, getSubtype, getSummaryString, getXMLSize, hashCode, identityEquals, isAlias, isHidden, isProtected, isProtectedFromDelete, isReferencedIn, listOperationalAttributes, objectGroupMember, objectGroupMemberRef, prepareToSerialize, reEncrypt, removeMemberObjectGroup, removeProperty, resolve, resolve, resolve, resolveArray, resolveArrayByFetching, resolveObjectReferences, resolveReference, resolveSummaryAttributes, ruleDrivenObjectGroupMemberRef, setAuthType, setAuthType, setCache, setDisplayName, setDisplayName, setHidden, setIsAlias, setMemberObjectGroupRef, setMemberObjectGroupRefs, setMemberObjectGroups, setName, setProperties, setProperty, setPropertyList, setRuleDrivenMembersCache, setSubtype, setTrace, toString, toXml, toXml, toXml, toXmlFile
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

ALL_INTERFACES

public static final java.lang.String ALL_INTERFACES
Value of the loginInterface argument indicating the "All Interfaces" value. This is currently the message catalog key which is unwieldy, if we must use keys for these things, can we rewrite them so they have shorter more obvious names?

See Also:
Constant Field Values

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

CORRELATION_KEY

public static final java.lang.String CORRELATION_KEY

PASSWORD_EXPIRATION

public static final java.lang.String PASSWORD_EXPIRATION
See Also:
Constant Field Values

POLICIES

public static final java.lang.String POLICIES
See Also:
Constant Field Values

ROLE

public static final java.lang.String ROLE

ROLES

public static final java.lang.String ROLES
Constructor Detail

WSUser

public WSUser()
Create an empty user object.


WSUser

public WSUser(com.waveset.object.Administrator admin)
       throws com.waveset.util.WavesetException
Note that this constructor is to be used strictly for migration/conversion of the old Administrator Type to Users. The only caller should be Importer cmdConvert Create a Waveset User with capabilities from an existing Waveset Administrator. New users will only have the following attributes set: - name - id (for built-in admins only - e.g. #ID#Configurator) - password - permissions - adminGroupRefs - controlledObjectGroupRefs - userFormRef - forwardAdmin - memberObjectGroups

Throws:
com.waveset.util.WavesetException

WSUser

public WSUser(org.w3c.dom.Element e)
       throws com.waveset.util.WavesetException
Create a user object by parsing its DOM representation.

Parameters:
e - xml element
Throws:
com.waveset.util.WavesetException - if e can't be parsed.

WSUser

public WSUser(java.lang.String xml)
       throws com.waveset.util.WavesetException
Create a user object by parsing its XML representation.

Parameters:
xml - string to parse
Throws:
com.waveset.util.WavesetException - if xml can'tbe parsed.

WSUser

public WSUser(java.lang.String name,
              java.lang.String noop)

WSUser

public WSUser(WSUser user)
       throws com.waveset.util.WavesetException
Create a basic Waveset User from an existing Waveset User. The new user will only have the following attributes set - accountId - password - confirmpassword (if non-null) - role - privateResourceRefs - memberObjectGroups

Parameters:
user - Prototype user from which to create a new user.
Throws:
com.waveset.util.WavesetException - if user can't be cloned.
Method Detail

addAuditPolicyRef

public void addAuditPolicyRef(com.waveset.object.ObjectRef ref)

addPasswordToPasswordHistory

public void addPasswordToPasswordHistory(byte[] newPassword,
                                         com.waveset.object.Policy pwdpol)
                                  throws com.waveset.util.WavesetException
Add to the new password to the top of the list of previous passwords

Throws:
com.waveset.util.WavesetException

addPasswordToPasswordHistory

public void addPasswordToPasswordHistory(byte[] newPassword,
                                         java.lang.String enc,
                                         com.waveset.object.Policy pwdpol)
                                  throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

addPolicyRef

public void addPolicyRef(com.waveset.object.ObjectRef ref)

addPrivateService

public void addPrivateService(com.waveset.object.ObjectRef ref)
Add a private service to the list.


addPrivateService

public void addPrivateService(Service s)
Add a private service to the list.


addPrivateServices

public void addPrivateServices(java.util.List src)
Add a list of private services.


addResourceIdentity

public void addResourceIdentity(com.waveset.object.ResourceIdentity rid)
Add information about a resource identity.


addResourceInfo

public void addResourceInfo(ResourceInfo info)
Add information about a resource account.

Called by the Provisioner as it provisions or re-provisions.


addRole

public void addRole(com.waveset.object.ObjectRef ref)
Set the role reference.


addRole

public void addRole(Role role)
Set the role.


addRoleInfo

public void addRoleInfo(com.waveset.object.RoleInfo roleInfo)

addRoleInfoDirect

public void addRoleInfoDirect(com.waveset.object.RoleInfo roleInfo)

addRoleRef

public void addRoleRef(com.waveset.object.ObjectRef ref)
Set the role reference.


addWorkItemDelegate

public void addWorkItemDelegate(WSUser.Delegate workItemDelegate)
Adds the specified Delegate object to this user's set of work item delegate objects. If one of the same type already exists, the one specified will replace it.

Parameters:
workItemDelegate -

applyAssignmentExclusions

public void applyAssignmentExclusions(java.util.Collection assignments)

applyAssignmentExclusions

public static void applyAssignmentExclusions(java.util.Collection assignments,
                                             java.util.Collection exclusions)
Static utility method to apply an exclusion list.


applyExclusions

public void applyExclusions(java.util.Collection resources)

applyExclusions

public static void applyExclusions(java.util.Collection resources,
                                   java.util.Collection exclusions)

applyExclusions

public java.util.List applyExclusions(java.util.List resources)
Given a flattened list of Resource objects such as that returned by Service.getFlatResources, return a new list filtered to remove any Resources that are on this user's exclusion list.


applyExclusions

public static java.util.List applyExclusions(java.util.List resources,
                                             java.util.List exclusions)
Static utility method to apply an exclusion list.


clearAnswers

public void clearAnswers()
Remove all answers from this user. Used if the user's role changes, and all the answers have become meaningless.


clearAnswers

public void clearAnswers(java.lang.String loginInterface)
Remove all answers for the specified login interface from this user. Used if the user's role changes, and all login interface specific answers have become meaningless.


clearExtendedAttributes

public static void clearExtendedAttributes()
Deprecated as of 8.0. Extended Attributes are available via ObjectClasses.


clearResourceIdentities

public void clearResourceIdentities()
Remove all the resource identity objects from the user.


clearResourceInfo

public void clearResourceInfo()
Remove all the resource info objects from the user.

This used to be called by Provisioner, but it now calls removeResourceInfo incrementally. Its still called by some of the session tests though.


clearWSAttributes

public void clearWSAttributes()

convertAdminInfo

public void convertAdminInfo(com.waveset.object.Administrator admin,
                             java.lang.String option)
                      throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

countProvisionedAccounts

public int countProvisionedAccounts()

dumpSummary

public void dumpSummary(java.lang.String file)

expirePassword

public void expirePassword()
Sets the password expiration date to yesterday's date to force the next check to see if the password is expired to return true


filterPrivateServices

public void filterPrivateServices(com.waveset.object.Type type)
Filter the service list based on type.


forceProvisioned

public final void forceProvisioned(boolean on)

fromMap

public void fromMap(java.util.Map map,
                    boolean checkRequiredAttributes)
             throws com.waveset.util.WavesetException
Assemble a user object from a map of name value pairs. Check to make sure that we have all of the values required by the resources contained in the map.

Throws:
com.waveset.util.WavesetException

generateTemporaryIds

public boolean generateTemporaryIds()
Walk over the ResourceInfo list looking for those that do not have an account id and make sure they have a temporary id. Return true if we generated any ids. This will be called by view handlers before they build the view to ensure that we have unique ways to identify accounts that are on the list but haven't been created yet.


getAccountId

public java.lang.String getAccountId()
Get the account id.

This is a convenience method for a standard attribute. You can also get at it with the getAttribute method under the name specified by the ACCOUNT_ID constant.

NOTE: The account ID is never different than the PersistentObject._name field, so we decided to keep it in the name, and not represent it as a WSAttribute to avoid consistency problems.


getAccountId

public java.lang.String getAccountId(com.waveset.object.Resource r)
Returns:
the account id associated with a specified resource. If this user has no recorded account for that resource, return null. NOTE: Will return the account id of the designated primary resource if there is more than one.

getAllPrivateResourceAssignments

public java.util.Set getAllPrivateResourceAssignments()
                                               throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

getAllPrivateResources

public java.util.List getAllPrivateResources()
                                      throws com.waveset.util.WavesetException
Get a flat list of resolved resources.

Throws:
com.waveset.util.WavesetException

getAnswer

public com.waveset.object.Answer getAnswer(java.lang.String id)
Get the answer object with a given id.


getAnswers

public com.waveset.object.Answer[] getAnswers()
Get the array of authentication answer objects assigned to this user.


getAnswers

public com.waveset.object.Answer[] getAnswers(java.lang.String loginInterface)

getAssignedResource

public com.waveset.object.Resource getAssignedResource(java.lang.String resNameOrId)
                                                throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

getAssignedResourceList

public java.util.List getAssignedResourceList()
                                       throws com.waveset.util.WavesetException
Return a flat list of Resource objects for all resources assigned directly or indirectly to this user. The exclusion list will be applied. The list is relatively expensive to compute and is not retained, so if you need to call this more than once, keep the list.

Throws:
com.waveset.util.WavesetException

getAssignedResources

public com.waveset.object.Resource[] getAssignedResources()
                                                   throws com.waveset.util.WavesetException
Return a flat list of Resource objects assigned to this user. Same as getAssignedResourceList but converts it to an array.

Throws:
com.waveset.util.WavesetException

getAssignedRoleIds

public java.util.List<java.lang.String> getAssignedRoleIds()

getAssignmentList

public java.util.List getAssignmentList()
                                 throws com.waveset.util.WavesetException
Return a flat list of Resource objects plus any qualifiers for all qualified resources assigned directly or indirectly to this user. The exclusion list will be applied. This list is relatively expensive to compute and is not retained, so if you need to call this more than once, keep the list.

Throws:
com.waveset.util.WavesetException

getAttribute

public java.lang.String getAttribute(java.lang.String attrId)
Get the value of an account attribute as a string.

A convenience method that hides WSAttribute handling, since most attributes are strings.

Overrides:
getAttribute in class PersistentObject

getAuditPolicyRefs

public java.util.List getAuditPolicyRefs()

getAuthReferences

public java.util.ArrayList getAuthReferences()
Return the list of references that should be access checked when changed.

Overrides:
getAuthReferences in class PersistentObject

getCorrelationKey

public java.lang.String getCorrelationKey()
Get the correlation key.


getEmail

public java.lang.String getEmail()
Get the email address of this user.


getEncryptedValues

public java.util.List getEncryptedValues()
Overrides:
getEncryptedValues in class Principal
Returns:
the complete set of object values whose type is encrypted data (regardless of whether this object has a value for each).

Any subclass of PersistentObject that overrides this method must first invoke super.getEncryptedValues() to ensure that the list of encrypted values for PersistentObjects are included in the subclasses list.


getExclusionRefs

public java.util.List getExclusionRefs()
Get the list of resource exclusions.


getExclusions

public java.util.List getExclusions()
                             throws com.waveset.util.WavesetException
Get a resolved list of resource exclusions.

Throws:
com.waveset.util.WavesetException

getExpandedAdminGroupRefs

public java.util.List getExpandedAdminGroupRefs()

getExpandedControlledObjectGroupRefs

public java.util.List getExpandedControlledObjectGroupRefs()

getExternal

public boolean getExternal()

getFailedPasswordLoginAttemptsCount

public int getFailedPasswordLoginAttemptsCount()

getFailedPasswordLoginAttemptsSinceLastGoodLogin

public int getFailedPasswordLoginAttemptsSinceLastGoodLogin()

getFailedQuestionLoginAttemptsCount

public int getFailedQuestionLoginAttemptsCount()

getFailedQuestionLoginAttemptsSinceLastGoodLogin

public int getFailedQuestionLoginAttemptsSinceLastGoodLogin()

getForwardAdmin

public WSUser getForwardAdmin()
                       throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

getForwardAdminRef

public com.waveset.object.ObjectRef getForwardAdminRef()

getIdmManager

public WSUser getIdmManager()
                     throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

getIdmManagerId

public java.lang.String getIdmManagerId()

getIdmManagerName

public java.lang.String getIdmManagerName()

getIdmManagerRef

public com.waveset.object.ObjectRef getIdmManagerRef()

getInbuiltAttr

public static com.waveset.object.Attribute getInbuiltAttr(java.lang.String name)

getInbuiltAttrs

public static com.waveset.object.Attribute[] getInbuiltAttrs()

getKeychain

public com.waveset.object.Keychain getKeychain()
Get the SSO keychain. The chain and the keys may be modified.


getLastAuditorScan

public java.util.Date getLastAuditorScan()

getLastPasswordUpdate

public long getLastPasswordUpdate()

getLockExpiry

public java.util.Date getLockExpiry()
Get the lock expiration date.


getPassword

public com.waveset.util.EncryptedData getPassword()
Get the user's password. The password is returned in its encrypted form


getPasswordExpiry

public java.util.Date getPasswordExpiry()
Get the password expiration date.


getPasswordExpiryWarning

public java.util.Date getPasswordExpiryWarning()
Get the password expiration warning date.


getPasswordHistory

public java.util.List getPasswordHistory()
Get the current list of stored previous passwords


getPolicyRefs

public java.util.List getPolicyRefs()

getPrimaryObjectClass

public com.sun.idm.object.IDMObjectClass getPrimaryObjectClass()
Overrides:
getPrimaryObjectClass in class PersistentObject
Returns:
User objectclass, since User is a leaf node in the objectclass hierarchy..

getPrivateApplicationRefs

public java.util.List getPrivateApplicationRefs()
Get the list of private application references.


getPrivateApplications

public java.util.List getPrivateApplications()
                                      throws com.waveset.util.WavesetException
Get a resolved list of private Applications.

Throws:
com.waveset.util.WavesetException

getPrivateAuditPolicies

public java.util.List getPrivateAuditPolicies()
                                       throws com.waveset.util.WavesetException
Returns:
a List of Policy objects, resolved from getAuditPolicyRefs
Throws:
com.waveset.util.WavesetException

getPrivatePolicies

public java.util.List getPrivatePolicies()
                                  throws com.waveset.util.WavesetException
Returns:
a List of Policy objects, resolved from getPolicyRefs
Throws:
com.waveset.util.WavesetException

getPrivateResourceAssignmentRefs

public java.util.List getPrivateResourceAssignmentRefs()

getPrivateResourceAssignments

public java.util.List getPrivateResourceAssignments()
                                             throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

getPrivateResourceRefs

public java.util.ArrayList getPrivateResourceRefs()
Get the list of private resource references.


getPrivateResources

public java.util.List getPrivateResources()
                                   throws com.waveset.util.WavesetException
Get a resolved list of private Resources.

Throws:
com.waveset.util.WavesetException

getPrivateServiceRefs

public java.util.ArrayList getPrivateServiceRefs()
Get the list of private service references.


getPrivateServices

public java.util.List getPrivateServices()
                                  throws com.waveset.util.WavesetException
Get a resolved list of private services.

Throws:
com.waveset.util.WavesetException

getQuestionLockExpiry

public java.util.Date getQuestionLockExpiry()
Get the lock expiration date.


getReferences

public java.util.ArrayList getReferences()
Return the list of references within this object.

Overrides:
getReferences in class Principal

getResetHistory

public java.util.List getResetHistory()
Get the password reset history.

This is a list of Date objects representing the times at which the password was reset. This is not necessarily the complete list, it may be cleaned periodically by the provisioning engine. Note that the returned list is mutable, you do not need to call setResetHistory to record list modifications.


getResourceIdentities

public com.waveset.object.ResourceIdentity[] getResourceIdentities()
Return the array of resource identity information.


getResourceIdentity

public com.waveset.object.ResourceIdentity getResourceIdentity(com.waveset.object.Resource res)
Find a resource identity given a Resource object.


getResourceIdentity

public com.waveset.object.ResourceIdentity getResourceIdentity(java.lang.String name)
Find a resource identity given a name or ID (usually a name).


getResourceIds

public java.util.List getResourceIds(java.util.List refs)
Given a list of references to Resources, normalize it into a list of repository ids or names.


getResourceInfo

public ResourceInfo[] getResourceInfo()
Return the array of resource account information.

Returns:
array of ResourceInfo on the user.

getResourceInfo

public ResourceInfo getResourceInfo(com.waveset.object.Resource res)
Return the information about a specific resource account associated with this user. The resource is identified with a Resource object.


getResourceInfo

public ResourceInfo getResourceInfo(ResourceInfo src)

getResourceInfo

public ResourceInfo getResourceInfo(ResourceInfo src,
                                    boolean caseInsensitive)
Look for a ResourceInfo on this user whose identity matches that of the supplied ResourceInfo object. This is the most flexible of the ResourceInfo search methods and should now be used by code within the system. The other search methods are supported for backward compatibility, but since they do not handle account identity matching they cannot be used reliably in an environment where more than one account may exists on a resource. The following things are considered in determining the match: - Resource identity - account GUID - accountId - Lighthouse "temporary id" The resource identity must match. Either a repository id, name, or resolved Resource object may be provided. If a GUID is present in the passed object, then we look for an object with a matching GUID. If one is found it is returned even if the accountId does not match. This is because GUIDs are immutable, but accountIds can be changed (e.g. local rename or moving something in a directory hierarchy). If a GUID was passed but we do not find a GUID match, we will look for a matching accountId. If the ResourceInfo with the matching accountId does not also have a GUID it is returned. If it has a matching accountId but a different GUID it is not returned. If a GUID was not passed but an accountId was passed, we will look for a ResourceInfo with a matching accountId. If only a tempId is passed, we look for a matching tempId. If no identity is passed, we return the "primary" account for this resource. caseInsensitive parameter identifies resources that support case insensitive account Ids. It is used to compare accountIds in case a resource have no GUID support.


getResourceInfo

public ResourceInfo getResourceInfo(com.waveset.object.Resource resource,
                                    java.lang.String accountId)

getResourceInfo

public ResourceInfo getResourceInfo(java.lang.String resName)
Return the information about a specific resource account associated with this user. The resource is identifed by name.


getResourceInfo

public ResourceInfo getResourceInfo(java.lang.String resname,
                                    java.lang.String accountId)
Look for a ResourceInfo with the given resource name and id. If id is null, return the primary ResourceInfo. These were added to support multiple accounts per resource, but you probably should be using getResourceInfo(ResourceInfo) instead as that will in addition handle matching based on GUID. These will work only if you know that the accountId will match.


getResourceInfos

public java.util.List<ResourceInfo> getResourceInfos()
Utility to retrieve the resource infos as a List.

Returns:
List of resource infos, empty list if none, never null.

getResourceInfos

public java.util.List getResourceInfos(com.waveset.object.Resource res)
Return a list of ResourceInfo objects associated with the given resource.


getResourceInfos

public java.util.List getResourceInfos(java.lang.String resName)
Return a list of ResourceInfo objects associated with a resource with the given name.


getRoleIds

public java.util.List getRoleIds()
                          throws com.waveset.util.WavesetException
Return a List of String ids of roles assigned to this user.

Throws:
com.waveset.util.WavesetException

getRoleInfoRefs

public java.util.List getRoleInfoRefs(java.lang.String type)
Get all, direct, or indirect role info references


getRoleInfos

public java.util.List<com.waveset.object.RoleInfo> getRoleInfos()

getRoleInfos

public java.util.List<com.waveset.object.RoleInfo> getRoleInfos(java.lang.String state)

getRoleNames

public java.util.List getRoleNames()
                            throws com.waveset.util.WavesetException
Return a List of String names of roles assigned to this user.

Throws:
com.waveset.util.WavesetException

getRoleRefs

public java.util.List<com.waveset.object.ObjectRef> getRoleRefs()
Get the role references. No longer get from _roles. Instead now get Role ObjectRef from roleInfos but only those that are not assigned by another role (e.g are directly assigned to the user)


getRoleResources

public com.waveset.object.Resource[] getRoleResources()
                                               throws com.waveset.util.WavesetException
Return an array of all resources assigned through roles to this user.

Throws:
com.waveset.util.WavesetException

getRoles

public java.util.List getRoles()
                        throws com.waveset.util.WavesetException
Resolve and return the role objects. Note that this will only return roles that are directly assigned to this user. Contained roles will not be returned.

Throws:
com.waveset.util.WavesetException

getRoleServiceRefs

public java.util.List getRoleServiceRefs()
                                  throws com.waveset.util.WavesetException
Return a List of ObjectRefs to all services assigned through roles to this user. Since roles are now services and can be ordered, return the roles and applications instead of their resources. Note that this list includes only Role or Application objects, not Resources. // jsl - this name is wrong since Resources are also Services.

Throws:
com.waveset.util.WavesetException

getSummaryAttributes

public WSAttributes getSummaryAttributes()
Overrides:
getSummaryAttributes in class PersistentObject
Returns:
attribute values to be displayed when this object appears in a list. The WSAttributes contains a WSAttribute for each summary attribute. Each WSAttribute may contain multiple values.

Any subclass of PersistentObject that overrides this method should first invoke super.getSummaryAttributes() to ensure that the subclass includes summary attributes that are common to all PersistentObjects.

See Also:

If a subclass wants to expose a different set of summary attributes, that subclass should override {@link #listSummaryAttributes}. In order to supply values for summary attributes that may not be available in PersistentObject (e.g., from a field specified to that subclass), such a subclass may also override {@link #getAttributeValues(String)}.

A subclass should not need to override this method (except to limit the number of values for a summary attribute).


getSummaryAttributeTypes

public static com.waveset.object.Type[] getSummaryAttributeTypes()
Types resolved by resolveSummaryAttributes


getSuppliedQuestionAnswers

public com.waveset.object.Answer[] getSuppliedQuestionAnswers()
Utility method to return Answers which have a suppliedQuestion set.

Returns:
Answers which have a suppliedQuestion set.

getSuppliedQuestionAnswers

public com.waveset.object.Answer[] getSuppliedQuestionAnswers(java.lang.String loginInterface)
Utility method to return just the answers to user supplied questions for the specified login interface.

Parameters:
loginInterface -
Returns:
Answers for user supplied questions on the loginInterface

getType

public com.waveset.object.Type getType()
Returns the associated Type object.

Specified by:
getType in class PersistentObject
Returns:
type of this persistent object.

getWorkItemDelegate

public WSUser.Delegate getWorkItemDelegate(java.lang.String workItemType)
Returns a Delegate object whose workItemType matches the one specified.

Parameters:
workItemType -

getWorkItemDelegateHistory

public java.util.List getWorkItemDelegateHistory()
Gets this user's list of Delegate History objects


getWorkItemDelegates

public java.util.Map getWorkItemDelegates()

getWSAttribute

public WSAttribute getWSAttribute(java.lang.String attrId)
Get an account attribute.

The attribute is returned as a WSAttribute object. You might use this instead of getAttribute if you want to avoid coercing the attribute value to a string.

Note that the reference to this object is retained by the user so any modifications to the WSAttribute will be reflected in the WSUser. This is NOT the recommended way to modify user attributes. To change the value of an attribute, create a new WSAttribute and use setWSAttribute. In particular note account id isn't represented as a "real" attribute, so we have to fake one up if you ask for it here. Modifying this WSAttribute will have no effect on the name of this object.


getWSAttributes

public WSAttributes getWSAttributes()
Get the collection of all account attributes for this user.

To keep up the appearances of the account ID being a "real" attribute, we have to add it to the list before returning it.

NOTE: This may result in inconsistencies if the name is changed later since we're still referencing the WSAttributes list. // * I think this should be invisible, since you can't get // * at the WSAttribute copy of the name without causing it to // * be refreshed with the new name. Should consider not // * treating this as an attribute? We might at least want // * to copy the list before returning it. - jsl


hasAssignedResource

public boolean hasAssignedResource(com.waveset.object.Resource r)
                            throws com.waveset.util.WavesetException
Throws:
com.waveset.util.WavesetException

hasEncryptedData

public static boolean hasEncryptedData()

incrementFailedPasswordLoginAttemptsCount

public int incrementFailedPasswordLoginAttemptsCount()

incrementFailedQuestionLoginAttemptsCount

public int incrementFailedQuestionLoginAttemptsCount()

isDisabled

public boolean isDisabled()
Test the account disabled flag.


isExternal

public boolean isExternal()
Test the external account flag.


isInbuiltAttribute

public static boolean isInbuiltAttribute(java.lang.String name)
Returns true if this is the name of one of the built-in Waveset attributes that all user accounts must have. We treat these in a few special ways, notably they are rendered as XML attributes rather than as <Attribute> elements in the body.

Called by the toXml method, but might be of general use. // *

// * Note that this is going to be called a LOT due to way // * we serialize the types differently, I don't really like this, // * can we just keep the waveset attributes on a different list, // * or just as fields? // * jsl


isLocked

public boolean isLocked()

isLockExpired

public boolean isLockExpired()

isLoggedIn

public boolean isLoggedIn(Subject subject)

isLoggedInToApp

public boolean isLoggedInToApp(java.lang.String appName)

isNullAccountId

public boolean isNullAccountId()

isPasswordChanged

public boolean isPasswordChanged()
Test the password changed flag.


isPasswordExpired

public boolean isPasswordExpired()

isQuestionLocked

public boolean isQuestionLocked()

isQuestionLockExpired

public boolean isQuestionLockExpired()

listQueryableAttributes

public java.util.List listQueryableAttributes()
Overrides:
listQueryableAttributes in class Principal
Returns:
the complete list of defined attributes that this type of persistent object exposes as queryable attributes (regardless of whether this particular object has a value for each).

Any subclass of PersistentObject that overrides this method should first invoke super.listQueryableAttributes() to ensure that the subclass includes queryable attributes that are common to all PersistentObjects.


listQueryableReferenceAttributes

public java.util.List listQueryableReferenceAttributes()
Overrides:
listQueryableReferenceAttributes in class Principal
Returns:
the complete list of defined attributes that this type of persistent object exposes as queryable attributes and for which each value is a reference to another persistent object.

listSummaryAttributes

public java.util.List listSummaryAttributes()
Description copied from class: PersistentObject
Returns the complete list of defined attributes that this type of persistent object exposes as summary attributes (regardless of whether this particular object has a value for each).

Any subclass of PersistentObject that overrides this method should first invoke super.listSummaryAttributes() to ensure that the subclass includes summary attributes that are common to all PersistentObjects.

Any subclass that overrides this implementation must also consider the length of the summary string that will be generated from these attributes.

Overrides:
listSummaryAttributes in class Principal
Returns:
the complete list of defined attributes that this type of persistent object exposes as summary attributes (regardless of whether this particular object has a value for each).

Any subclass of PersistentObject that overrides this method should first invoke super.listSummaryAttributes() to ensure that the subclass includes summary attributes that are common to all PersistentObjects.

See Also:
Constants.MAX_SUMMARY_STRING_LENGTH, PersistentObject.getSummaryString()

normalizeAssignments

public void normalizeAssignments(java.util.List assigned)
                          throws com.waveset.util.WavesetException
Normalize the ResourceInfo list given an existing assignment list. With the introduction of exclusions, it is also necessary to remove any ResourceInfos for for resources that were formerly assigned, but not yet created. Without this, the user may show with the "provisioning needed" icon since getSummaryProvisioningLevel just looks at ResourceInfos not current assignments.

Throws:
com.waveset.util.WavesetException

normalizeResourceInfos

public boolean normalizeResourceInfos()
                               throws com.waveset.util.WavesetException
Normalize the resource info list based on assignments currently stored in the user. Returns true if any new temporary ids were generated. This is sometimes used as a signal to the view handler that it needs to save this WSUser so the view objects can be later be correlated with the ResourceInfos.

Throws:
com.waveset.util.WavesetException

prepareForSerialization

public void prepareForSerialization()
                             throws com.waveset.util.WavesetException
We overload this to flesh out the ResourceInfo list according to our current assignments. This is used later by getSummaryProvisioningLevel. Since we have to resolve object references in order to do this, we have to do it here rather than in toXml, getQueryableAttributes or getSummaryAttributes due to concurrency issues with the repository.

Overrides:
prepareForSerialization in class PersistentObject
Throws:
com.waveset.util.WavesetException

putAttribute

public WSAttribute putAttribute(WSAttribute attr)
Set an account attribute, specifying through a WSAttribute object.

This was the original interface, but it lacked symetry with getWSAttribute and other "set" methods. This an alias for backward compatibility.


questionUnlock

public void questionUnlock()

removeAnswer

public com.waveset.object.Answer removeAnswer(java.lang.String id)
Remove one answer from the user, given its question id. If the answer existed, it is returned.


removeAttribute

public WSAttribute removeAttribute(java.lang.String attrId)

removePrivateService

public boolean removePrivateService(com.waveset.object.ObjectRef ref)
Remove any private service reference that matches the specified service reference. Returns whether or not any service was removed.


removePrivateService

public boolean removePrivateService(Service service)
Remove any private service reference that matches the specified service. Returns whether or not any service was removed.


removeResourceIdentity

public void removeResourceIdentity(com.waveset.object.ResourceIdentity rid)
Remove the information for one resource.

Called by the Provisioner or Adapter as it creates resource accounts.


removeResourceInfo

public void removeResourceInfo(ResourceInfo info)
Remove the information for one resource.

Called by the Provisioner as it de-provisions resource accounts. // This would be easier if it were a Collection rather than an array.


removeResourceInfo

public void removeResourceInfo(java.lang.String id)
Remove the information for one resource.

Called by the Provisioner as it de-provisions resource accounts. // This would be easier if it were a Collection rather than an array.


removeRoleInfo

public void removeRoleInfo(com.waveset.object.RoleInfo roleInfo)

removeWorkItemDelegate

public void removeWorkItemDelegate(java.lang.String workItemType)
Removes the specified workItemType from the set of work item delegate objects.

Parameters:
workItemType -

resolveSummaryAttributes

public static void resolveSummaryAttributes(com.waveset.object.ObjectCache cache,
                                            WSAttributes attrs)
                                     throws com.waveset.util.WavesetException
Walk the summary attributes, translating the embedded IDs to names. For this object, they are just name and ID, which need no translation. IF YOU ADD A TYPE HERE, add it to the referenced types list

Throws:
com.waveset.util.WavesetException

setAccountId

public void setAccountId(java.lang.String s)
Sets the account id. The account id is the same as the name of this persistent object.

See Also:
getAccountId()

setAnswer

public void setAnswer(java.lang.String id,
                      com.waveset.util.EncryptedData answer,
                      java.lang.String loginInterface)
Add or modify an answer.


setAnswer

public void setAnswer(java.lang.String id,
                      java.lang.String answer,
                      java.lang.String loginInterface)
Add or modify an answer.


setAnswers

public void setAnswers(com.waveset.object.Answer[] answers)

setAttribute

public void setAttribute(java.lang.String attrId,
                         java.lang.String value)
Sets an abstract attribute.

A convenience method for string valued attributes that hides the WSAttribute manipulation.


setAuditPolicyRef

public void setAuditPolicyRef(com.waveset.object.ObjectRef ref)

setAuditPolicyRefs

public void setAuditPolicyRefs(java.util.List auditPolicies)

setCorrelationKey

public void setCorrelationKey(java.lang.String key)
Set the correlation key.


setDisabled

public void setDisabled(boolean b)
Set the account disabled flag.


setEmail

public void setEmail(java.lang.String s)
Set the email address of this user.


setExclusions

public void setExclusions(java.util.List refs)
Set the list of resource exclusions.


setExternal

public void setExternal(boolean b)
Set the external account flag.

Setting this to true indicates that the ResourceInfo list attached to this user is to be treated as the immutable definition of resource accounts. Reprovisioning operations will obey this list, regardless of what role the user is assigned to.


setFailedPasswordLoginAttemptsCount

public void setFailedPasswordLoginAttemptsCount(int failedPasswordLoginAttemptsCount)

setFailedPasswordLoginAttemptsSinceLastGoodLogin

public void setFailedPasswordLoginAttemptsSinceLastGoodLogin(int failedPasswordLoginAttemptsSinceLastGoodLogin)

setFailedQuestionLoginAttemptsCount

public void setFailedQuestionLoginAttemptsCount(int failedQuestionLoginAttemptsCount)

setFailedQuestionLoginAttemptsSinceLastGoodLogin

public void setFailedQuestionLoginAttemptsSinceLastGoodLogin(int failedQuestionLoginAttemptsSinceLastGoodLogin)

setForwardAdmin

public void setForwardAdmin(com.waveset.object.ObjectRef ref)

setForwardAdmin

public void setForwardAdmin(WSUser admin)

setIdmManager

public void setIdmManager(java.lang.Object idmManager)

setInbuiltAttrs

public static void setInbuiltAttrs(com.waveset.object.Attribute[] userAttrs)

setKeychain

public void setKeychain(com.waveset.object.Keychain keys)
Set the SSO keycain.


setLastAuditorScan

public void setLastAuditorScan(java.util.Date lastScan)

setLastPasswordChange

public void setLastPasswordChange(long millis)

setLocked

public void setLocked(boolean b)

setLockExpiry

public void setLockExpiry(java.util.Date d)
Set the lock expiration date.


setLoggedIn

public void setLoggedIn(Subject subject,
                        boolean loggedIn)

setNullAccountId

public void setNullAccountId(boolean b)

setPassword

public void setPassword(com.waveset.util.EncryptedData p)
Set the user's password. The password is passed as an encrypted byte array.


setPassword

public void setPassword(java.lang.String p)
Set the user's password. The password is passed as an unencrypted byte array, it will be converted into an encrypted byte array.


setPasswordChanged

public void setPasswordChanged(boolean passwordChanged)

setPasswordExpiry

public void setPasswordExpiry(java.util.Date d)
Set the password expiration date.


setPasswordExpiryWarning

public void setPasswordExpiryWarning(java.util.Date d)
Set the password expiration warning date.


setPolicyRef

public void setPolicyRef(com.waveset.object.ObjectRef ref)

setPolicyRefs

public void setPolicyRefs(java.util.List policies)

setPrivateServiceRefs

public void setPrivateServiceRefs(java.util.List refs)
Set the list of private service references.


setQuestionLocked

public void setQuestionLocked(boolean b)

setQuestionLockExpiry

public void setQuestionLockExpiry(java.util.Date d)
Set the lock expiration date.


setResetHistory

public void setResetHistory(java.util.List hist)
Sets the password reset history.

The provisioning engine will want to add elements to the history list, and may age selected entries out of the list.


setResourceInfo

public void setResourceInfo(ResourceInfo[] infos)
Assigned the full ResourceInfo array.


setRoleInfos

public void setRoleInfos(java.util.List<com.waveset.object.RoleInfo> roleInfos)

setRoleRef

public void setRoleRef(com.waveset.object.ObjectRef ref)
Parameters:
ref -

setRoleRefs

public void setRoleRefs(java.util.List roles)
Parameters:
roles -

setRoles

public void setRoles(java.util.List roles)
set the roles.

Parameters:
roles - - List of ObjectRefs to Role objects

setWorkItemDelegateHistory

public void setWorkItemDelegateHistory(java.util.List workItemDelegateHistory)
Sets this user's list of Delegate History objects

Parameters:
workItemDelegateHistory -

setWorkItemDelegates

public void setWorkItemDelegates(java.util.Map workItemDelegates)
Sets the set of work item delegate objects for this user.

Parameters:
workItemDelegates -

setWSAttribute

public boolean setWSAttribute(java.lang.String attrId,
                              java.lang.Object value)
                       throws com.waveset.util.WavesetException
Sets an account attribute of supported types. If 'value' is an ArrayList, then we will add a multi-valued attribute with 0 or more values. If there are no values in the list, this indicates to the resource adapter that all values should be cleared. If the value of an attribute is "", we will set the attribute's value to null to indicate to resource adapters that the value of this attribute should be cleared. Returns true if the attribute is set, otherwise returns false.

Throws:
com.waveset.util.WavesetException

setWSAttribute

public WSAttribute setWSAttribute(WSAttribute attr)
Set an account attribute.

If this attribute is already set, the old value is returned.


setWSAttributes

public void setWSAttributes(WSAttributes attrs)
Sets all of the account attributes for this user.

The attribute list will be copied, so subsequent modifications to it by the application will have no effect.

Note that the account ID and hence the object name can be set indirectly here, but since that isn't a real attribute we have to convert it.


terminateLoggedIn

public void terminateLoggedIn(java.lang.String appName)

toHashMap

public java.util.HashMap toHashMap(boolean convertAttrValuesToStrings)
                            throws com.waveset.util.WavesetException
Converts a WSUser object into a Map of name/value pairs. This is mostly used for placing a representation of the user into the provisioning pipe.

Throws:
com.waveset.util.WavesetException

toIdentityString

public java.lang.String toIdentityString()

toVerboseString

public java.lang.String toVerboseString()

toVerboseString

public java.lang.String toVerboseString(java.lang.String indent)

unlock

public void unlock()

unlockAll

public void unlockAll()

visit

public void visit(com.waveset.object.Visitor v)
           throws com.waveset.util.WavesetException
Visitor interface.

Overrides:
visit in class PersistentObject
Parameters:
v - Visitor for this persistent object.
Throws:
com.waveset.util.WavesetException - if there's a problem from visitPersistentObject

withAnyListedResource

public static AttributeCondition[] withAnyListedResource(java.util.List resoIdList)
                                                  throws com.waveset.util.InvalidArgument
Returns:
conditions to select every user that claims any of the specified resources.
Throws:
com.waveset.util.InvalidArgument

withResource

public static AttributeCondition[] withResource(com.waveset.object.Resource r)

xcloneObject

public static WSUser xcloneObject(WSUser src)
                           throws com.waveset.util.WavesetException
Make a clone of the object, doing a deep copy where needed to prune ObjectRefs and protect Lists. Because there is already a shallow copy constructor, make an explicit method (ugh)

Throws:
com.waveset.util.WavesetException