Package pl.edu.icm.unity.engine.api

Interface EntityManagement

public interface EntityManagement
Engine API for (closely related) entities and identities management.
Author:
K. Benedyczak

  • Method Summary

    Modifier and Type
    Method
    Description
    pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqIdId, pl.edu.icm.unity.base.entity.EntityState initialState)
    As addEntity(IdentityParam, String, EntityState, List) with the empty list of attributes.
    default pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqIdId, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes, List<pl.edu.icm.unity.base.attribute.Attribute> attributes)
    Deprecated.
    pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqId, pl.edu.icm.unity.base.entity.EntityState initialState, List<pl.edu.icm.unity.base.attribute.Attribute> attributes)
    Adds a new entity with an initial identity.
    pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState)
    As addEntity(IdentityParam, EntityState, List) with the empty list of attributes and default credential requirements.
    default pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes)
    Deprecated.
    default pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes, List<pl.edu.icm.unity.base.attribute.Attribute> attributes)
    Deprecated.
    pl.edu.icm.unity.base.identity.Identity
    addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, List<pl.edu.icm.unity.base.attribute.Attribute> attributes)
    As addEntity(IdentityParam, String, EntityState, List) with the empty list of attributes and default credential requirements.
    pl.edu.icm.unity.base.identity.Identity
    addIdentity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityParam parentEntity)
    Adds a new identity under existing entity.
    default pl.edu.icm.unity.base.identity.Identity
    addIdentity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityParam parentEntity, boolean extractAttributes)
    Deprecated.
    Set<EntityWithContactInfo>
    getAllEntitiesWithContactEmails(Set<String> contactEmails)
    Returns entities with assigned e-mail - as attribute or identity
    pl.edu.icm.unity.base.entity.Entity
    getEntity(pl.edu.icm.unity.base.entity.EntityParam entity)
    Returns information about an entity along with its all identities with authorization in '/'.
    pl.edu.icm.unity.base.entity.Entity
    getEntity(pl.edu.icm.unity.base.entity.EntityParam entity, String target, boolean allowCreate, String group)
    Returns information about an entity along with its all identities.
    String
    getEntityLabel(pl.edu.icm.unity.base.entity.EntityParam entity)
     
    pl.edu.icm.unity.base.entity.Entity
    getEntityNoContext(pl.edu.icm.unity.base.entity.EntityParam entity, String group)
    Returns information about an entity along with its identities.
    Map<String,pl.edu.icm.unity.base.group.GroupMembership>
    getGroups(pl.edu.icm.unity.base.entity.EntityParam entity)
    Returns a collection with all groups where the entity is a member.
    Collection<pl.edu.icm.unity.base.group.Group>
    getGroupsForPresentation(pl.edu.icm.unity.base.entity.EntityParam entity)
    Returns a collection with all groups where the entity is a member.
    Map<Long,List<pl.edu.icm.unity.base.identity.Identity>>
    getIdentitiesForEntities(Set<Long> entityIds)
     
    void
    mergeEntities(pl.edu.icm.unity.base.entity.EntityParam target, pl.edu.icm.unity.base.entity.EntityParam merged, boolean safeMode)
    Merge the 2nd entity with the first one.
    void
    removeEntity(pl.edu.icm.unity.base.entity.EntityParam toRemove)
     
    void
    removeIdentity(pl.edu.icm.unity.base.identity.IdentityTaV toRemove)
    Deletes identity.
    void
    resetIdentity(pl.edu.icm.unity.base.entity.EntityParam entity, String typeIdToReset, String realm, String target)
    Reset a possibly targeted value of a dynamic identity.
    void
    scheduleEntityChange(pl.edu.icm.unity.base.entity.EntityParam toChange, Date changeTime, pl.edu.icm.unity.base.entity.EntityScheduledOperation operation)
    Schedules an operation to be invoked at a given time on an entity.
    void
    scheduleRemovalByUser(pl.edu.icm.unity.base.entity.EntityParam toChange, Date changeTime)
    Sets the entity in the EntityState.onlyLoginPermitted and schedules the entity removal at given time unless the user logs in before this time.
    void
    setEntityStatus(pl.edu.icm.unity.base.entity.EntityParam toChange, pl.edu.icm.unity.base.entity.EntityState state)
     
    void
    setIdentities(pl.edu.icm.unity.base.entity.EntityParam entity, Collection<String> updatedTypes, Collection<? extends pl.edu.icm.unity.base.identity.IdentityParam> newIdentities)
    Updates identities of a single entity.
    void
    updateIdentity(pl.edu.icm.unity.base.identity.IdentityTaV original, pl.edu.icm.unity.base.identity.IdentityParam updated)
    Updates a given identity.

  • Method Details

    • addEntity

      pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqId, pl.edu.icm.unity.base.entity.EntityState initialState, List<pl.edu.icm.unity.base.attribute.Attribute> attributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      Adds a new entity with an initial identity.
      Parameters:
      toAdd - new identity
      credReqId - Local CredentialRequirements id
      initialState - the initial state of the newly created entity
      attributes - initial attributes to be added for the entity. This is especially useful when the root group (to which the entity is automatically added) has some AttributesClasses assigned with mandatory attributes.
      Returns:
      newly created identity
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqIdId, pl.edu.icm.unity.base.entity.EntityState initialState) throws pl.edu.icm.unity.base.exceptions.EngineException
      As addEntity(IdentityParam, String, EntityState, List) with the empty list of attributes.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, List<pl.edu.icm.unity.base.attribute.Attribute> attributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      As addEntity(IdentityParam, String, EntityState, List) with the empty list of attributes and default credential requirements.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState) throws pl.edu.icm.unity.base.exceptions.EngineException
      As addEntity(IdentityParam, EntityState, List) with the empty list of attributes and default credential requirements.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addIdentity

      pl.edu.icm.unity.base.identity.Identity addIdentity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityParam parentEntity) throws pl.edu.icm.unity.base.exceptions.EngineException
      Adds a new identity under existing entity.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • removeIdentity

      void removeIdentity(pl.edu.icm.unity.base.identity.IdentityTaV toRemove) throws pl.edu.icm.unity.base.exceptions.EngineException
      Deletes identity. It must not be the last identity of the entity. Certain system Identities can not be removed.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • setIdentities

      void setIdentities(pl.edu.icm.unity.base.entity.EntityParam entity, Collection<String> updatedTypes, Collection<? extends pl.edu.icm.unity.base.identity.IdentityParam> newIdentities) throws pl.edu.icm.unity.base.exceptions.EngineException
      Updates identities of a single entity. The identities of the types provided with the first argument are replaced with the identities given as the second argument. The set of new identities can contain only identities of types enumerated in the first argument (which can have more types, if some needs to be cleared). Certain system identity types can not be modified using this method, only the resetIdentity(EntityParam, String, String, String) is available for them.
      Parameters:
      entity - all identities must belong to this entity
      updatedTypes - set of all types that shall be modified
      newIdentities - a new, complete set of identities for the given types
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • updateIdentity

      void updateIdentity(pl.edu.icm.unity.base.identity.IdentityTaV original, pl.edu.icm.unity.base.identity.IdentityParam updated) throws pl.edu.icm.unity.base.exceptions.EngineException
      Updates a given identity. Useful to change details of an identity like confirmation status. Note that updated identity must have the same comparable representation as the original one, i.e. must have the same type and value parts which are part of comparable representation must be unchanged. Operation only available with full permissions.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • resetIdentity

      void resetIdentity(pl.edu.icm.unity.base.entity.EntityParam entity, String typeIdToReset, String realm, String target) throws pl.edu.icm.unity.base.exceptions.EngineException
      Reset a possibly targeted value of a dynamic identity. For the identities which are fixed this method throws an exception.

      Parameters:
      entity - subject
      typeIdToReset - which id type should be reset, must be dynamic
      realm - if null then all realms should be cleared
      target - if null then all targets should be cleared
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • removeEntity

      void removeEntity(pl.edu.icm.unity.base.entity.EntityParam toRemove) throws pl.edu.icm.unity.base.exceptions.EngineException
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • setEntityStatus

      void setEntityStatus(pl.edu.icm.unity.base.entity.EntityParam toChange, pl.edu.icm.unity.base.entity.EntityState state) throws pl.edu.icm.unity.base.exceptions.EngineException
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • scheduleEntityChange

      void scheduleEntityChange(pl.edu.icm.unity.base.entity.EntityParam toChange, Date changeTime, pl.edu.icm.unity.base.entity.EntityScheduledOperation operation) throws pl.edu.icm.unity.base.exceptions.EngineException
      Schedules an operation to be invoked at a given time on an entity. Requires regular identityModify capability (not assigned for self access).
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • scheduleRemovalByUser

      void scheduleRemovalByUser(pl.edu.icm.unity.base.entity.EntityParam toChange, Date changeTime) throws pl.edu.icm.unity.base.exceptions.EngineException
      Sets the entity in the EntityState.onlyLoginPermitted and schedules the entity removal at given time unless the user logs in before this time. Requires only the attributeModify capability (allowed for selfAccess).
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getIdentitiesForEntities

      Map<Long,List<pl.edu.icm.unity.base.identity.Identity>> getIdentitiesForEntities(Set<Long> entityIds)

    • getEntity

      pl.edu.icm.unity.base.entity.Entity getEntity(pl.edu.icm.unity.base.entity.EntityParam entity) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns information about an entity along with its all identities with authorization in '/'.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getEntity

      pl.edu.icm.unity.base.entity.Entity getEntity(pl.edu.icm.unity.base.entity.EntityParam entity, String target, boolean allowCreate, String group) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns information about an entity along with its all identities. This version supports dynamic identities as it allows for specifying a receiver of the information and whether it is allowed to establish a new identifier.
      Parameters:
      entity - who to resolve
      target - for whom the information is targeted
      allowCreate - whether dynamic identities can be created
      group - group wrt which authorization should be performed.
      Returns:
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getEntityNoContext

      pl.edu.icm.unity.base.entity.Entity getEntityNoContext(pl.edu.icm.unity.base.entity.EntityParam entity, String group) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns information about an entity along with its identities. This version requires higher privileges and returns all identities, also those targeted for anybody in any realm.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getAllEntitiesWithContactEmails

      Set<EntityWithContactInfo> getAllEntitiesWithContactEmails(Set<String> contactEmails) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns entities with assigned e-mail - as attribute or identity
      Parameters:
      contactEmails - email assigned to the entity
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getGroups

      Map<String,pl.edu.icm.unity.base.group.GroupMembership> getGroups(pl.edu.icm.unity.base.entity.EntityParam entity) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns a collection with all groups where the entity is a member. For convenience returned as map indexed with group paths.
      Parameters:
      entity -
      Returns:
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getGroupsForPresentation

      Collection<pl.edu.icm.unity.base.group.Group> getGroupsForPresentation(pl.edu.icm.unity.base.entity.EntityParam entity) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns a collection with all groups where the entity is a member. This method returns resolved groups with description and displayed name, however without information on attribute statements and other data which might be secret.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • mergeEntities

      void mergeEntities(pl.edu.icm.unity.base.entity.EntityParam target, pl.edu.icm.unity.base.entity.EntityParam merged, boolean safeMode) throws pl.edu.icm.unity.base.exceptions.EngineException
      Merge the 2nd entity with the first one. Only non conflicting information is moved. In particular the information of the merged entity is processed as follows:
      1. static identities are added to the base entity
      2. dynamic identities are added to the base entity only if it has no identities of a particular identity type and the identity is removable
      3. credential requirement and attribute classes are ignored
      4. credentials are added, however only if the target identity has no credential defined of the same type
      5. group memberships are copied
      6. attributes are copied, however only if the target has no attribute of the same type in the same group. Also attributes not allowed by the target's attribute policy are ignored
      If the safe mode is activated then the operation will throw exception (without making any changes) if any of attributes, credentials or dynamic removable identity was not copied due to conflicts.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • getEntityLabel

      String getEntityLabel(pl.edu.icm.unity.base.entity.EntityParam entity) throws pl.edu.icm.unity.base.exceptions.EngineException
      Returns:
      displayed name of the entity or null if undefined
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      @Deprecated default pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, String credReqIdId, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes, List<pl.edu.icm.unity.base.attribute.Attribute> attributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      Deprecated.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      @Deprecated default pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes, List<pl.edu.icm.unity.base.attribute.Attribute> attributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      Deprecated.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addEntity

      @Deprecated default pl.edu.icm.unity.base.identity.Identity addEntity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityState initialState, boolean extractAttributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      Deprecated.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException

    • addIdentity

      @Deprecated default pl.edu.icm.unity.base.identity.Identity addIdentity(pl.edu.icm.unity.base.identity.IdentityParam toAdd, pl.edu.icm.unity.base.entity.EntityParam parentEntity, boolean extractAttributes) throws pl.edu.icm.unity.base.exceptions.EngineException
      Deprecated.
      Throws:
      pl.edu.icm.unity.base.exceptions.EngineException