ApplicationService (Atlassian Crowd 2.0.m1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.manager.application
Interface ApplicationService

All Known Implementing Classes:: ApplicationServiceGeneric

public interface ApplicationService

The exposed service provided by Crowd to client applications.

This class performs amalgamation across the directories assigned to client applications (providing a unified view of their directories).

Method Summary
`Group`	`addGroup(Application application, GroupTemplate group)` Adds the group to ALL the permissible directories.
`void`	`addGroupToGroup(Application application, java.lang.String childGroup, java.lang.String parentGroup)` Makes groups matching the given name (childGroup) direct members of the group (parentGroup) across ALL directories.
`User`	`addUser(Application application, UserTemplate user, PasswordCredential credential)` Adds the user to ALL the permissible directories.
`void`	`addUserToGroup(Application application, java.lang.String username, java.lang.String groupName)` Makes users matching the given name direct members of the group across ALL directories.
`Token`	`authenticateApplication(ApplicationAuthenticationContext authenticationContext)` Authenticates an application and generates an authentication token.
`Token`	`authenticateUser(UserAuthenticationContext authenticateContext)` Authenticates a user and and generates an authentication token.
`Token`	`authenticateUserWithoutValidatingPassword(UserAuthenticationContext authenticateContext)` Feigns the authentication process for a user and creates a token for the authentication without validating the password.
`java.util.List<Application>`	`findAuthorisedApplications(User user)` Returns a list of applications a user is authorised to authenticate with.
`Group`	`findGroupByName(Application application, java.lang.String name)` Returns the first group with the matching groupname from all the directories assigned to the application.
`GroupWithAttributes`	`findGroupWithAttributesByName(Application application, java.lang.String name)` Returns the first group with the matching groupname from all the directories assigned to the application.
`User`	`findUserByName(Application application, java.lang.String name)` Returns the first user with the matching username from all the directories assigned to the application.
`UserWithAttributes`	`findUserWithAttributesByName(Application application, java.lang.String name)` Returns the first user with the matching username from all the directories assigned to the application.
`boolean`	`isGroupDirectGroupMember(Application application, java.lang.String childGroup, java.lang.String parentGroup)` Returns `true` if the childGroup is a direct member of the parentGroup in any of the application's assigned directories.
`boolean`	`isGroupNestedGroupMember(Application application, java.lang.String childGroup, java.lang.String parentGroup)` Returns `true` if the childGroup is a direct or indirect (nested) member of the parentGroup in any of the application's assigned directories.
`boolean`	`isUserDirectGroupMember(Application application, java.lang.String username, java.lang.String groupName)` Returns `true` if the user is a direct member of the group in any of the application's assigned directories.
`boolean`	`isUserNestedGroupMember(Application application, java.lang.String username, java.lang.String groupName)` Returns `true` if the user is a direct or indirect (nested) member of the group in any of the application's assigned directories.
`void`	`removeGroup(Application application, java.lang.String group)` Removes ALL groups from each of the application's assigned directories.
`void`	`removeGroupAttributes(Application application, java.lang.String groupname, java.lang.String attributeName)` Removes a group's attribute values for all permissible directories assigned to the application.
`void`	`removeGroupFromGroup(Application application, java.lang.String childGroup, java.lang.String parentGroup)` Makes child group matching the given name not members of the parent group across ALL directories.
`void`	`removeUser(Application application, java.lang.String user)` Removes ALL users from each of the application's assigned directories.
`void`	`removeUserAttributes(Application application, java.lang.String username, java.lang.String attributeName)` Removes a user's attribute values for all permissible directories assigned to the application.
`void`	`removeUserFromGroup(Application application, java.lang.String username, java.lang.String groupName)` Makes users matching the given name not members of the group across ALL directories.
`void`	`resetUserCredential(Application application, java.lang.String username)` Resets the credentials of the first matching user in the application's directories.
`java.util.List`	`searchDirectGroupRelationships(Application application, MembershipQuery query)` Searches for direct group relationships in any of the application's assigned directories.
`java.util.List`	`searchGroups(Application application, EntityQuery query)` Returns a List matching the search criteria defined in the query for ALL of the directories assigned to the application.
`java.util.List`	`searchNestedGroupRelationships(Application application, MembershipQuery query)` Searches for direct and indirect (nested) group relationships in any of the application's assigned directories.
`java.util.List`	`searchUsers(Application application, EntityQuery query)` Returns a List matching the search criteria defined in the query for ALL of the directories assigned to the application.
`void`	`storeGroupAttributes(Application application, java.lang.String groupname, java.util.Map<java.lang.String,java.util.List<java.lang.String>> attributes)` Adds or updates a group's attributes with the new Map of attribute values for all permissible directories assigned to the application.
`void`	`storeUserAttributes(Application application, java.lang.String username, java.util.Map<java.lang.String,java.util.List<java.lang.String>> attributes)` Adds or updates a user's attributes with the new Map of attribute values for all permissible directories assigned to the application.
`Group`	`updateGroup(Application application, GroupTemplate group)` Updates the group in ALL the permissible directories.
`User`	`updateUser(Application application, UserTemplate user)` Updates the user in ALL the permissible directories.
`void`	`updateUserCredential(Application application, java.lang.String username, PasswordCredential credential)` Updates the credentials of the first matching user in the application's assigned directories.
`Token`	`validateApplicationToken(java.lang.String tokenKey, ValidationFactor[] validationFactors)` Validates an application token key given validation factors.
`Token`	`validateUserToken(java.lang.String userTokenKey, ValidationFactor[] validationFactors, java.lang.String application)` Validates a user token key given validation factors and checks that the user is allowed to authenticate with the specified application

Method Detail

findAuthorisedApplications

java.util.List<Application> findAuthorisedApplications(User user)

Returns a list of applications a user is authorised to authenticate with.

NOTE: this is a potentially expensive call, iterating all applications and all group mappings for each application and determining group membership, ie. expense = number of applications * number of group mappings per application.

Parameters:: user - user to search for.
Returns:: list of applications.

authenticateApplication

Token authenticateApplication(ApplicationAuthenticationContext authenticationContext)
                              throws InvalidAuthenticationException

Authenticates an application and generates an authentication token.

Parameters:: authenticationContext - application authentication credentials.
Returns:: generated authentication token.
Throws:: InvalidAuthenticationException - authentication was not successful because either the application does not exist, the password is incorrect, the application is inactive or there was a problem generating the authentication token.

authenticateUser

Token authenticateUser(UserAuthenticationContext authenticateContext)
                       throws InvalidAuthenticationException,
                              DirectoryAccessException,
                              InactiveAccountException,
                              ApplicationAccessDeniedException

Authenticates a user and and generates an authentication token. The password of the user is validated before generating a token.

The RemoteDirectory.authenticate(String, com.atlassian.crowd.integration.authentication.PasswordCredential) method is iteratively called for each assigned directory. If the user does not exist in one directory, the directory is skipped and the next one is examined. If the user does not exist in any of the assigned directories then an InvalidAuthenticationException is thrown.

Parameters:: authenticateContext - The authentication details for the user.
Returns:: The authenticated token for the user.
Throws:: InvalidAuthenticationException - The authentication was not successful.; DirectoryAccessException - error thrown by directory implementation when attempting to find or authenticate the user.; InactiveAccountException - user account is inactive.; ApplicationAccessDeniedException - user does not have access to authenticate with application.

authenticateUserWithoutValidatingPassword

Token authenticateUserWithoutValidatingPassword(UserAuthenticationContext authenticateContext)
                                                throws InvalidAuthenticationException,
                                                       DirectoryAccessException,
                                                       InactiveAccountException,
                                                       ApplicationAccessDeniedException

Feigns the authentication process for a user and creates a token for the authentication without validating the password.

This method only be used to generate a token for a user that has already authenticated credentials via some other means (eg. SharePoint NTLM connector) as this method bypasses any password checks.

If you want actual password authentication, use the authenticateUser(com.atlassian.crowd.integration.authentication.UserAuthenticationContext) method.

Parameters:: authenticateContext - The authentication details for the user.
Returns:: The authenticated token for the user.
Throws:: InvalidAuthenticationException - The authentication was not successful.; DirectoryAccessException - error thrown by directory implementation when attempting to find or authenticate the user.; InactiveAccountException - user account is inactive.; ApplicationAccessDeniedException - user does not have access to authenticate with application.

validateApplicationToken

Token validateApplicationToken(java.lang.String tokenKey,
                               ValidationFactor[] validationFactors)
                               throws InvalidTokenException

Validates an application token key given validation factors.

Parameters:: tokenKey - returns a valid token corresponding to the tokenKey.; validationFactors - validation factors for generating the token hash.
Returns:: validated token.
Throws:: InvalidTokenException - if the tokenKey or corresponding client validation factors do not represent a valid application token.

validateUserToken

Token validateUserToken(java.lang.String userTokenKey,
                        ValidationFactor[] validationFactors,
                        java.lang.String application)
                        throws InvalidTokenException,
                               ApplicationAccessDeniedException,
                               DirectoryAccessException

Validates a user token key given validation factors and checks that the user is allowed to authenticate with the specified application

Parameters:: userTokenKey - returns a valid token corresponding to the tokenKey.; validationFactors - validation factors for generating the token hash.; application - name of application to authenticate with.
Returns:: validated authentication token.
Throws:: InvalidTokenException - if the userTokenKey or corresponding validationFactors do not represent a valid SSO token.; DirectoryAccessException - there was an error communicating with an underlying directory when determining if a user is allowed to authenticate with the application (eg. if a user has the appropriate group memberships).; ApplicationAccessDeniedException - the user is not allowed to authenticate with the application.

findUserByName

User findUserByName(Application application,
                    java.lang.String name)
                    throws ObjectNotFoundException,
                           DirectoryAccessException

Returns the first user with the matching username from all the directories assigned to the application.

The directories are searched in the order they are assigned to the application.

Parameters:: application - search application's assigned directories.; name - the username of the user to find.
Returns:: first matching user.
Throws:: ObjectNotFoundException - user not found in any of the directories.; DirectoryAccessException - there was an error executing the request with any underlying directory.

findUserWithAttributesByName

UserWithAttributes findUserWithAttributesByName(Application application,
                                                java.lang.String name)
                                                throws ObjectNotFoundException,
                                                       DirectoryAccessException

Returns the first user with the matching username from all the directories assigned to the application.

The directories are searched in the order they are assigned to the application.

Parameters:: application - search application's assigned directories.; name - the username of the user to find.
Returns:: first matching user.
Throws:: ObjectNotFoundException - user not found in any of the directories.; DirectoryAccessException - there was an error executing the request with any underlying directory.

addUser

User addUser(Application application,
             UserTemplate user,
             PasswordCredential credential)
             throws InvalidUserException,
                    DirectoryAccessException,
                    InvalidCredentialException,
                    ApplicationPermissionException

Adds the user to ALL the permissible directories.

If the user exists in ANY of the application's assigned directories, then an InvalidUserException will be thrown.

If the add operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the add operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Returns the user from the first directory containing the user.

Parameters:: application - add to application's assigned directories.; user - a template of the user to be added. The directoryId of the UserTemplate is ignored, and will be mutated for each directoryMapping.; credential - the password credential of the user (unencrypted).
Returns:: the added user returned from findUserByName(com.atlassian.crowd.model.application.Application , String).
Throws:: InvalidCredentialException - if the user's credential does not meet the validation requirements for an associated directory.; InvalidUserException - if the user already exists in ANY associated directory or the user template does not have the required properties populated.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.CREATE_USER.

updateUser

User updateUser(Application application,
                UserTemplate user)
                throws InvalidUserException,
                       DirectoryAccessException,
                       ApplicationPermissionException,
                       ObjectNotFoundException

Updates the user in ALL the permissible directories.

If the user does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Returns the user from the first directory containing the user.

Parameters:: application - application with assigned directories to operate on.; user - a template of the user to be added. The directoryId of the UserTemplate is ignored, and will be mutated for each directoryMapping.
Returns:: the added user returned from findUserByName(com.atlassian.crowd.model.application.Application , String).
Throws:: InvalidUserException - if the user already exists in ANY associated directory or the user template does not have the required properties populated.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_USER.; ObjectNotFoundException - user does not exist in any of the associated directories of the application.

updateUserCredential

void updateUserCredential(Application application,
                          java.lang.String username,
                          PasswordCredential credential)
                          throws DirectoryAccessException,
                                 ObjectNotFoundException,
                                 InvalidCredentialException,
                                 ApplicationPermissionException

Updates the credentials of the first matching user in the application's assigned directories.

Thus, the method only operates on the same user returned from a call to findUserByName.

Parameters:: application - update in application's assigned directories.; username - name of user.; credential - new (unencrypted) credentials.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; InvalidCredentialException - if the user's credential does not meet the validation requirements for an associated directory.; ApplicationPermissionException - if the first directory in which the user is found doesn't have the permission to perform operations of type OperationType.UPDATE_USER.; ObjectNotFoundException - if no user with the given name exists in ANY assigned directory.

resetUserCredential

void resetUserCredential(Application application,
                         java.lang.String username)
                         throws DirectoryAccessException,
                                ObjectNotFoundException,
                                InvalidCredentialException,
                                ApplicationPermissionException,
                                InvalidEmailAddressException

Resets the credentials of the first matching user in the application's directories.

Thus, the method only operates on the same user returned from a call to findUserByName.

This method will only function correctly if the User has an email address, otherwise no email can be sent to the user.

Parameters:: application - update in application's assigned directories.; username - name of user.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; InvalidCredentialException - if the generated credential does not meet the validation requirements for an associated directory.; ApplicationPermissionException - if the first directory in which the user is found doesn't have the permission to perform operations of type OperationType.UPDATE_USER.; ObjectNotFoundException - if no user with the given name exists in ANY assigned directory, or the associated directory does not exist; InvalidEmailAddressException - if the user doesn't have a valid email address and can't be notified.

storeUserAttributes

void storeUserAttributes(Application application,
                         java.lang.String username,
                         java.util.Map<java.lang.String,java.util.List<java.lang.String>> attributes)
                         throws DirectoryAccessException,
                                ApplicationPermissionException,
                                ObjectNotFoundException

Adds or updates a user's attributes with the new Map of attribute values for all permissible directories assigned to the application.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing attribute on the user.

This method does not update primary field attributes like firstName, lastName, etc.

If the user does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - application with assigned directories to operate on.; username - username of the user to update.; attributes - map of one-to-many attribute-values. All attribute keys are treated as new or updated attributes.
Throws:: ObjectNotFoundException - if the user with the supplied username does not exist in ANY assigned directory.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory..; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_USER.

removeUserAttributes

void removeUserAttributes(Application application,
                          java.lang.String username,
                          java.lang.String attributeName)
                          throws DirectoryAccessException,
                                 ApplicationPermissionException,
                                 ObjectNotFoundException

Removes a user's attribute values for all permissible directories assigned to the application.

If the user does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - application with assigned directories to operate on.; username - username of the user to update.; attributeName - all attribute values for this key will be removed from the user.
Throws:: ObjectNotFoundException - if the user with the supplied username does not exist in ANY assigned directory.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_USER.

removeUser

void removeUser(Application application,
                java.lang.String user)
                throws DirectoryAccessException,
                       ObjectNotFoundException,
                       ApplicationPermissionException

Removes ALL users from each of the application's assigned directories.

If the user doesn't exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the remove operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the remove operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - remove from application's assigned directories.; user - the name of the user to remove.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ObjectNotFoundException - if user with given name does not exist in ANY assigned directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.DELETE_USER.

searchUsers

java.util.List searchUsers(Application application,
                           EntityQuery query)
                           throws DirectoryAccessException

Returns a List matching the search criteria defined in the query for ALL of the directories assigned to the application.

Parameters:: application - search application's assigned directories.; query - the search query.
Returns:: List user objects or List usernames, depending on the query.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.

findGroupByName

Group findGroupByName(Application application,
                      java.lang.String name)
                      throws ObjectNotFoundException,
                             DirectoryAccessException

Returns the first group with the matching groupname from all the directories assigned to the application.

The directories are searched in the order they are assigned to the application.

Parameters:: application - search application's assigned directories.; name - the groupname of the group to find.
Returns:: first matching group.
Throws:: ObjectNotFoundException - group not found in any of the directories.; DirectoryAccessException - there was an error executing the request with any underlying directory.

findGroupWithAttributesByName

GroupWithAttributes findGroupWithAttributesByName(Application application,
                                                  java.lang.String name)
                                                  throws ObjectNotFoundException,
                                                         DirectoryAccessException

Returns the first group with the matching groupname from all the directories assigned to the application.

The directories are searched in the order they are assigned to the application.

Parameters:: application - search application's assigned directories.; name - the groupname of the group to find.
Returns:: first matching group.
Throws:: ObjectNotFoundException - group not found in any of the directories.; DirectoryAccessException - there was an error executing the request with any underlying directory.

addGroup

Group addGroup(Application application,
               GroupTemplate group)
               throws InvalidGroupException,
                      DirectoryAccessException,
                      ApplicationPermissionException

Adds the group to ALL the permissible directories.

If the group exists in ANY of the application's assigned directories, then an InvalidGroupException will be thrown.

If the add operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the add operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Returns the group from the first directory containing the group.

Parameters:: application - add to application's assigned directories.; group - a template of the group to be added. The directoryId of the GroupTemplate is ignored, and will be mutated for each directoryMapping.
Returns:: the added group returned from findGroupByName(com.atlassian.crowd.model.application.Application , String).
Throws:: InvalidGroupException - if the group already exists in ANY associated directory or the group template does not have the required properties populated.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.CREATE_GROUP.

updateGroup

Group updateGroup(Application application,
                  GroupTemplate group)
                  throws InvalidGroupException,
                         DirectoryAccessException,
                         ApplicationPermissionException,
                         ObjectNotFoundException

Updates the group in ALL the permissible directories.

If the group does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Returns the group from the first directory containing the group.

Parameters:: application - application with assigned directories to operate on.; group - a template of the group to be added. The directoryId of the GroupTemplate is ignored, and will be mutated for each directoryMapping.
Returns:: the added group returned from findGroupByName(com.atlassian.crowd.model.application.Application , String).
Throws:: InvalidGroupException - if the group already exists in ANY associated directory or the group template does not have the required properties populated.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.; ObjectNotFoundException - group does not exist in any of the associated directories of the application.

storeGroupAttributes

void storeGroupAttributes(Application application,
                          java.lang.String groupname,
                          java.util.Map<java.lang.String,java.util.List<java.lang.String>> attributes)
                          throws DirectoryAccessException,
                                 ApplicationPermissionException,
                                 ObjectNotFoundException

Adds or updates a group's attributes with the new Map of attribute values for all permissible directories assigned to the application.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing attribute on the group.

This method does not update primary field attributes like firstName, lastName, etc.

If the group does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - application with assigned directories to operate on.; groupname - groupname of the group to update.; attributes - map of one-to-many attribute-values. All attribute keys are treated as new or updated attributes.
Throws:: ObjectNotFoundException - if the group with the supplied groupname does not exist in ANY assigned directory.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory..; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.

removeGroupAttributes

void removeGroupAttributes(Application application,
                           java.lang.String groupname,
                           java.lang.String attributeName)
                           throws DirectoryAccessException,
                                  ApplicationPermissionException,
                                  ObjectNotFoundException

Removes a group's attribute values for all permissible directories assigned to the application.

If the group does not exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the update operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, an ApplicationPermissionException is thrown.

If the update operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - application with assigned directories to operate on.; groupname - groupname of the group to update.; attributeName - all attribute values for this key will be removed from the group.
Throws:: ObjectNotFoundException - if the group with the supplied groupname does not exist in ANY assigned directory.; DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.

removeGroup

void removeGroup(Application application,
                 java.lang.String group)
                 throws DirectoryAccessException,
                        ObjectNotFoundException,
                        ApplicationPermissionException

Removes ALL groups from each of the application's assigned directories.

If the group doesn't exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the remove operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the remove operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Parameters:: application - remove from application's assigned directories.; group - the name of the group to remove.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.; ObjectNotFoundException - if group with given name does not exist in ANY assigned directory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.DELETE_GROUP.

searchGroups

java.util.List searchGroups(Application application,
                            EntityQuery query)
                            throws DirectoryAccessException

Returns a List matching the search criteria defined in the query for ALL of the directories assigned to the application.

Parameters:: application - search application's assigned directories.; query - the search query.
Returns:: List group objects or List groupnames, depending on the query.
Throws:: DirectoryAccessException - if there was an error performing the operation or instantiating the backend directory.

addUserToGroup

void addUserToGroup(Application application,
                    java.lang.String username,
                    java.lang.String groupName)
                    throws DirectoryAccessException,
                           ObjectNotFoundException,
                           ApplicationPermissionException

Makes users matching the given name direct members of the group across ALL directories.

Parameters:: application - modify groups in application's assigned directories.; username - username of the user.; groupName - name of the group.
Throws:: ObjectNotFoundException - when the user cannot be found in ANY directory OR when ALL users are in directories which don't have the requested group.; DirectoryAccessException - if there was an error executing the update or instantiating the RemoteDirectory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.

addGroupToGroup

void addGroupToGroup(Application application,
                     java.lang.String childGroup,
                     java.lang.String parentGroup)
                     throws DirectoryAccessException,
                            ObjectNotFoundException,
                            ApplicationPermissionException

Makes groups matching the given name (childGroup) direct members of the group (parentGroup) across ALL directories.

Parameters:: application - modify groups in application's assigned directories.; childGroup - name of child group.; parentGroup - name of parent group.
Throws:: ObjectNotFoundException - when the child group cannot be found in ANY directory OR when ALL child groups are in directories which don't have the requested parent group.; DirectoryAccessException - if there was an error executing the update or instantiating the RemoteDirectory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.

removeUserFromGroup

void removeUserFromGroup(Application application,
                         java.lang.String username,
                         java.lang.String groupName)
                         throws DirectoryAccessException,
                                ObjectNotFoundException,
                                ApplicationPermissionException,
                                MembershipNotFoundException

Makes users matching the given name not members of the group across ALL directories.

Parameters:: application - modify groups in application's assigned directories.; username - username of the user.; groupName - name of the group.
Throws:: ObjectNotFoundException - when the user cannot be found in ANY directory OR when ALL users are in directories which don't have the requested group.; DirectoryAccessException - if there was an error executing the update or instantiating the RemoteDirectory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.; MembershipNotFoundException - if the user is not a direct member of the group in an assigned directory.

removeGroupFromGroup

void removeGroupFromGroup(Application application,
                          java.lang.String childGroup,
                          java.lang.String parentGroup)
                          throws DirectoryAccessException,
                                 ObjectNotFoundException,
                                 ApplicationPermissionException,
                                 MembershipNotFoundException

Makes child group matching the given name not members of the parent group across ALL directories.

Parameters:: application - modify groups in application's assigned directories.; childGroup - name of child group.; parentGroup - name of parent group.
Throws:: ObjectNotFoundException - when the child group cannot be found in ANY directory OR when ALL child groups are in directories which don't have the requested parent group.; DirectoryAccessException - if there was an error executing the update or instantiating the RemoteDirectory.; ApplicationPermissionException - if none of the application's associated directories are allowed to perform operations of type OperationType.UPDATE_GROUP.; MembershipNotFoundException - if the user is not a direct member of the group in an assigned directory.

isUserDirectGroupMember

boolean isUserDirectGroupMember(Application application,
                                java.lang.String username,
                                java.lang.String groupName)
                                throws DirectoryAccessException

Returns true if the user is a direct member of the group in any of the application's assigned directories.

Parameters:: application - search groups in application's assigned directories.; username - name of the user to inspect.; groupName - name of the group to inspect.
Returns:: true if and only if the user is a direct member of the group. If the group or user does not exist in any directory, false is returned.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

isGroupDirectGroupMember

boolean isGroupDirectGroupMember(Application application,
                                 java.lang.String childGroup,
                                 java.lang.String parentGroup)
                                 throws DirectoryAccessException

Returns true if the childGroup is a direct member of the parentGroup in any of the application's assigned directories.

Parameters:: application - search groups in application's assigned directories.; childGroup - name of the group to inspect.; parentGroup - name of the group to inspect.
Returns:: true if and only if the childGroup is a direct member of the parentGroup. If either group does not exist in any directory, false is returned.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

isUserNestedGroupMember

boolean isUserNestedGroupMember(Application application,
                                java.lang.String username,
                                java.lang.String groupName)
                                throws DirectoryAccessException

Returns true if the user is a direct or indirect (nested) member of the group in any of the application's assigned directories.

If the directory does not support nested groups, this call will be equivalent to DirectoryManager.isUserDirectGroupMember(long, String, String).

WARNING: this method could be very slow if the underlying RemoteDirectory does not employ caching.

See CWD-1485 for explanation of logic in amalgamation.

Parameters:: application - search groups in application's assigned directories.; username - name of the user to inspect.; groupName - name of the group to inspect.
Returns:: true if and only if the user is a direct or indirect (nested) member of the group. If the group or user does not exist in the directory, false is returned.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

isGroupNestedGroupMember

boolean isGroupNestedGroupMember(Application application,
                                 java.lang.String childGroup,
                                 java.lang.String parentGroup)
                                 throws DirectoryAccessException

Returns true if the childGroup is a direct or indirect (nested) member of the parentGroup in any of the application's assigned directories.

If the directory does not support nested groups, this call will be equivalent to DirectoryManager.isGroupDirectGroupMember(long, String, String).

WARNING: this method could be very slow if the underlying RemoteDirectory does not employ caching.

See CWD-1485 for explanation of logic in amalgamation.

Parameters:: application - search groups in application's assigned directories.; childGroup - name of the user to inspect.; parentGroup - name of the group to inspect.
Returns:: true if and only if the childGroup is a direct or indirect (nested) member of the parentGruop. If either group does not exist in the directory, false is returned.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

searchDirectGroupRelationships

java.util.List searchDirectGroupRelationships(Application application,
                                              MembershipQuery query)
                                              throws DirectoryAccessException

Searches for direct group relationships in any of the application's assigned directories.

Parameters:: application - search groups in application's assigned directories.; query - membership query.
Returns:: List of User entities, Group entites, String usernames or String group names matching the query criteria.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

searchNestedGroupRelationships

java.util.List searchNestedGroupRelationships(Application application,
                                              MembershipQuery query)
                                              throws DirectoryAccessException

Searches for direct and indirect (nested) group relationships in any of the application's assigned directories.

If the directory does not support nested groups, this call will be equivalent to DirectoryManager.searchDirectGroupRelationships(long, com.atlassian.crowd.search.query.membership.MembershipQuery).

WARNING: this method could be very slow if the underlying RemoteDirectory does not employ caching.

See CWD-1485 for explanation of logic in amalgamation.

Parameters:: application - search groups in application's assigned directories.; query - membership query.
Returns:: List of User entities, Group entites, String usernames or String group names matching the query criteria.
Throws:: DirectoryAccessException - if there was an error executing the search or instantiating the RemoteDirectory.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.manager.application Interface ApplicationService

findAuthorisedApplications

authenticateApplication

authenticateUser

authenticateUserWithoutValidatingPassword

validateApplicationToken

validateUserToken

findUserByName

findUserWithAttributesByName

addUser

updateUser

updateUserCredential

resetUserCredential

storeUserAttributes

removeUserAttributes

removeUser

searchUsers

findGroupByName

findGroupWithAttributesByName

addGroup

updateGroup

storeGroupAttributes

removeGroupAttributes

removeGroup

searchGroups

addUserToGroup

addGroupToGroup

removeUserFromGroup

removeGroupFromGroup

isUserDirectGroupMember

isGroupDirectGroupMember

isUserNestedGroupMember

isGroupNestedGroupMember

searchDirectGroupRelationships

searchNestedGroupRelationships

com.atlassian.crowd.manager.application
Interface ApplicationService