psdi.app.signature

Class SignatureService

java.lang.Object

psdi.server.AppService

psdi.app.signature.SignatureService

All Implemented Interfaces:

java.rmi.Remote, SignatureServiceRemote, MboConstants, MboServerInterface, MaxRemoteProxy, AppServiceRemote, Dependable, Service, ServiceRemote, FixedLoggerNames, FixedLoggers

public class SignatureService
extends AppService
implements SignatureServiceRemote, MboConstants

SignatureService accommodates the Mbos that pertain to users and security groups. This includes LoginTracking, MaxUser, MaxGroup, etc.

Run-time privileges for active users are handled in memory by the SecurityService and the UserInfo and Profile classes. The contents of the security profile are derived from some of the Mbos in the Signature package (MaxGroup, MaxUser, ApplicationAuth, etc.).

See Also:

SecurityService, UserInfo, Profile

Field Summary

Fields inherited from interface psdi.app.signature.SignatureServiceRemote

PSWD_ALREADY_EXPIRED, PSWD_EXPIRES_LATER_TODAY, PSWD_NO_EXPIRATION

Fields inherited from interface psdi.mbo.MboConstants

ALLROWS, CHANGEDBY_USER, COUNT_ADDITIONS, COUNT_AFTERSAVE, COUNT_DATABASE, COUNT_DELETED, COUNT_EXISTING, DBCONFIG, DELAYVALIDATION, DELAYVALIDATIONONLY, DISCARDABLE, GOTCOMPLETEWHERE, HIDDEN, NO_RELATEDMBOS_OF_OWNERSCHILDREN_FETCH, NOACCESSCHECK, NOACTION, NOADD, NOCOMMIT, NODELETE, NONE, NOOVERWRITE, NOSAVE, NOSETVALUE, NOUPDATE, NOVALIDATION, NOVALIDATION_AND_NOACTION, NOVALIDATION_AND_NOACTION_ALLOWCROSSOVER, READONLY, REBUILD, REQUIRED, SAMEVALUEVALIDATION, SETBYPARENT, USER

Fields inherited from interface psdi.util.logging.FixedLoggers

APPLOGGER, CRONTASKLOGGER, CRONTASKMGRLOGGER, CRONTASKMGRSQLLOGGER, DBCONNECTIONLOGGER, DDLOGGER, DMLOGGER, EVENTLOGGER, EXCEPTIONLOGGER, MAILLOGGER, MAXIMOLOGGER, MTLOGGER, NULLMBOPOINTER, SECURITY, SENDFAILEDLOGGER, SERVICELOGGER, SQLLOGGER

Fields inherited from interface psdi.util.logging.FixedLoggerNames

appenderPrefix, LOGGERNAME_APP, LOGGERNAME_CRONTASK, LOGGERNAME_CRONTASKMGR, LOGGERNAME_DBCONNECTION, LOGGERNAME_DD, LOGGERNAME_DM, LOGGERNAME_DMPREVIEW, LOGGERNAME_EVENT, LOGGERNAME_EXCEPTION, LOGGERNAME_MAIL, LOGGERNAME_MAXIMO, LOGGERNAME_MT, LOGGERNAME_NULLMBOPOINTER, LOGGERNAME_SECURITY, LOGGERNAME_SENDFAILED, LOGGERNAME_SERVICE, LOGGERNAME_SQL, LOGGERNAME_SQL_CRONTASKMGR, LOGGERNAME_TXN, loggerPrefix

Constructor Summary

Constructors

Constructor and Description
SignatureService() Call SignatureCache init.
SignatureService(MXServer mxServer) Call SignatureCache init.

Method Summary

Methods

Modifier and Type	Method and Description
void	addLoginTracking(java.lang.String userID, boolean attemptResult, UserInfo userInfo) Add mbo to LoginTracking reflecting the successful or unsuccessful login, and save.
void	addLoginTracking(java.lang.String userID, boolean attemptResult, UserInfo userInfo, java.lang.String app, java.lang.String reason, java.lang.String transid, java.lang.String[] keyvalue) Deprecated. See Harrier Esig spec
void	addLoginTracking(java.lang.String userID, boolean attemptResult, UserInfo userInfo, java.lang.String app, java.lang.String reason, java.lang.String transid, java.lang.String[] keyvalue, java.lang.String ownerTable, java.lang.String ownerId) Deprecated. See Harrier Esig spec
boolean	allowedWithLDAP(java.lang.String app, java.lang.String optionname) Some combinations of app + optionname are not allowed to be turned on in Security Groups app when LDAP is on.
boolean	canChangePassword(java.lang.String userID, UserInfo userInfo) Can this session user change the password of the specified userID?
void	deleteUserPref(java.lang.String varname, UserInfo userInfo) Delete a mbo from UserPref for the specified user and varname.
java.lang.String	generatePassword(java.lang.String userID, UserInfo userInfo) Call generatePassword with the MboRemote parameter null.
java.lang.String	generatePassword(java.lang.String userID, UserInfo userInfo, MboRemote mbo) Generate a pseudo-random value for password.
java.util.HashSet<java.lang.String>	getAlsoSigoption(boolean alsoGrants, MboRemote mbo, MboSetRemote sigoSet1, MboSetRemote sigoSet2, MboSetRemote sigoSet3) Get "alsogrants" or "alsorevokes", and anything one level deep that's "also" granted/revoked.
MboSetRemote	getAppsForModuleAndUser(java.lang.String module, UserInfo userInfo) Get the set of applications (MaxApps) within a given module (via MaxMenu) where the user has some form of authorization to run the application and the application is not hidden.
java.lang.String	getEveryoneGroup(UserInfo userInfo) Get the default value for the "Everyone" security group to use when adding a new user.
LaborRemote	getLaborForUserAndOrg(java.lang.String userID, java.lang.String orgid, UserInfo userInfo) Get the Labor mbo for the given UserID and orgid.
LaborRemote	getLaborForUserAndSite(java.lang.String userID, java.lang.String siteid, UserInfo userInfo) Get the Labor mbo for the given userID and siteid.
java.util.TreeMap	getModuleMap(UserInfo userInfo) Get the map of modules and apps for this user, from maxmenu table.
java.lang.String	getNewUserGroup(UserInfo userInfo) Get the default value for the security group to use when adding a new user.
MboSetRemote	getQueriesForUser(java.lang.String appName, UserInfo userInfo) Get the set of queries that this user is allowed to execute.
java.util.TreeMap<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>>	getQueryMap(MboSetRemote querySet) Given a set of Query, reformat it as TreeMap.
java.lang.String	getQuerySql(java.lang.String clauseName, java.lang.String appName, UserInfo userInfo) Given the clausename and app name, what is the SQL for that Query? Strips out the word "Where" if present.
SignatureCache	getSigCache()
java.lang.String[]	getSiteAdminWhere(MboSetRemote mboSet, java.lang.String app) For the Users app and the Security Groups app, if the logon user is a "site administrator", then return the Where clause for the main MboSet (maxuser or maxgroup).
java.util.TreeMap[]	getUserAuthForApp(java.lang.String appName, UserInfo userInfo) Get the following: Menu options for this application and user (element 0).
java.lang.String	getUserPref(java.lang.String varname, UserInfo userInfo) Given the userpref.varname, what is the varvalue for the current user?
boolean	hasPasswordExpired(java.lang.String loginID, UserInfo userInfo) Determine whether the user's password has expired.
boolean	isActive(java.lang.String userID, UserInfo userInfo) Is this user active?
boolean	isActiveSite(java.lang.String siteID) Check whether the specified site is active or not.
boolean	isBlocked(java.lang.String userID, UserInfo userInfo) Is this user blocked?
boolean	isValidSite(UserInfo userInfo, java.lang.String siteId) Identifies whether the specified site is valid for the specified user.
int	passwordWillExpire(java.lang.String loginID, UserInfo userInfo) Determine number of days until the users's password expires.
MboSetRemote	setActive(java.lang.String userID, java.lang.String memo, UserInfo userInfo) Set this user to Active status.
void	setAuthorized(boolean authorized, MboRemote mbo, MboSetRemote sigoSet1, MboSetRemote sigoSet2, MboSetRemote sigoSet3) Called from Security Groups app.
MboSetRemote	setBlocked(java.lang.String userID, java.lang.String memo, UserInfo userInfo) Set this user to Blocked status.
void	setUserPref(java.lang.String varname, java.lang.String varvalue, UserInfo userInfo) Insert or update a mbo from UserPref for the specified user and varname.
boolean	showPasswordWarning(java.lang.String loginID, UserInfo userInfo) Determine whether a warning should be displayed that a user's password will soon expire.
boolean	testForcePasswordChange(java.lang.String userID, UserInfo userInfo) Determine whether the user's password is forced to be changed at the next login.
void	validateAuthorized(boolean authorized, MboRemote mbo, MboSetRemote sigoSet1, MboSetRemote sigoSet2, MboSetRemote sigoSet3) Called from Security Groups app.
void	validatePassword(java.lang.String userID, java.lang.String checkString, UserInfo userInfo) Call validatePassword with the MboRemote parameter null.
void	validatePassword(java.lang.String userID, java.lang.String checkString, UserInfo userInfo, MboRemote mbo) For validating Maximo password.

Methods inherited from class psdi.server.AppService

checkSecurity, configure, destroy, freeDBConnection, freeMboSet, getCriteria, getCurrentState, getDBConnection, getLiveObjCount, getLoad, getMaximoDD, getMaxVar, getMboSet, getMXServer, getName, getProfile, getProxy, getSchemaOwner, getServiceInfo, getServiceLogger, getSetForRelationship, getSetFromKeys, getStateCmdList, getStateList, getURL, init, initCriteriaList, isAppService, isRunning, isSingletonService, restart, setProxy, setRunning, setURL, verifyUser, verifyUser

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface psdi.server.AppServiceRemote

checkSecurity, getCriteria, getCurrentState, getLiveObjCount, getMboSet, getName, getSchemaOwner, getSetForRelationship, getSetFromKeys, getStateCmdList, getStateList, getURL, verifyUser, verifyUser

Methods inherited from interface psdi.server.ServiceRemote

isAppService, isSingletonService, restart

Constructor Detail

SignatureService

public SignatureService()
                 throws java.rmi.RemoteException

Call SignatureCache init.

Throws:

java.rmi.RemoteException

See Also:

SignatureCache, MXServer.addToMaximoCache(java.lang.String, psdi.mbo.MaximoCache)

SignatureService

public SignatureService(MXServer mxServer)
                 throws java.rmi.RemoteException

Call SignatureCache init.

Parameters:

mxServer -

Throws:

java.rmi.RemoteException

See Also:

SignatureCache, MXServer.addToMaximoCache(java.lang.String, psdi.mbo.MaximoCache)

Method Detail

getSigCache

public SignatureCache getSigCache()
                           throws MXException,
                                  java.rmi.RemoteException

Specified by:

getSigCache in interface SignatureServiceRemote

Returns:

SignatureCache object

Throws:

MXException

java.rmi.RemoteException

See Also:

getSigCache()

getNewUserGroup

public java.lang.String getNewUserGroup(UserInfo userInfo)
                                 throws MXException,
                                        java.rmi.RemoteException

Get the default value for the security group to use when adding a new user. Called from MaxUser add and MaxUser appValidate

Specified by:

getNewUserGroup in interface SignatureServiceRemote

Parameters:

userInfo - the user making the request

Returns:

the groupname

Throws:

MXException

java.rmi.RemoteException

See Also:

getNewUserGroup(psdi.security.UserInfo)

getEveryoneGroup

public java.lang.String getEveryoneGroup(UserInfo userInfo)
                                  throws MXException,
                                         java.rmi.RemoteException

Get the default value for the "Everyone" security group to use when adding a new user. Called from MaxUser add and MaxUser appValidate

Specified by:

getEveryoneGroup in interface SignatureServiceRemote

Parameters:

userInfo - the user making the request

Returns:

the groupname

Throws:

MXException

java.rmi.RemoteException

See Also:

getEveryoneGroup(psdi.security.UserInfo)

isActive

public boolean isActive(java.lang.String userID,
               UserInfo userInfo)
                 throws MXException,
                        java.rmi.RemoteException

Is this user active?

Specified by:

isActive in interface SignatureServiceRemote

Parameters:

userID - The user ID to be tested.

userInfo - The UserInfo making the request.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.isActive(java.lang.String)

setActive

public MboSetRemote setActive(java.lang.String userID,
                     java.lang.String memo,
                     UserInfo userInfo)
                       throws MXException,
                              java.rmi.RemoteException

Set this user to Active status.

Specified by:

setActive in interface SignatureServiceRemote

Parameters:

userID - The user name to be set active.

memo - Freeform comment; can be null.

userInfo - The UserInfo making the request.

Returns:

Set of maxuser containing the changed user. It must be saved for the new status to take effect.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.setActive(java.lang.String, java.lang.String)

isBlocked

public boolean isBlocked(java.lang.String userID,
                UserInfo userInfo)
                  throws MXException,
                         java.rmi.RemoteException

Is this user blocked?

Specified by:

isBlocked in interface SignatureServiceRemote

Parameters:

userID - The user ID to be tested.

userInfo - The UserInfo making the request.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.isBlocked(java.lang.String)

setBlocked

public MboSetRemote setBlocked(java.lang.String userID,
                      java.lang.String memo,
                      UserInfo userInfo)
                        throws MXException,
                               java.rmi.RemoteException

Set this user to Blocked status.

Specified by:

setBlocked in interface SignatureServiceRemote

Parameters:

userID - The user name to be set blocked.

memo - Freeform comment; can be null.

userInfo - The UserInfo making the request.

Returns:

Set of maxuser containing the changed user. It must be saved for the new status to take effect.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.setBlocked(java.lang.String, java.lang.String)

addLoginTracking

public void addLoginTracking(java.lang.String userID,
                    boolean attemptResult,
                    UserInfo userInfo)
                      throws MXException,
                             java.rmi.RemoteException

Add mbo to LoginTracking reflecting the successful or unsuccessful login, and save.

Specified by:

addLoginTracking in interface SignatureServiceRemote

Parameters:

userID - User ID to be operated upon.

attemptResult - True for successful login, else False

userInfo - The UserInfo making the request.

Throws:

MXException

java.rmi.RemoteException

See Also:

addLoginTracking(String, boolean, UserInfo, String, String, String, String[])

addLoginTracking

public void addLoginTracking(java.lang.String userID,
                    boolean attemptResult,
                    UserInfo userInfo,
                    java.lang.String app,
                    java.lang.String reason,
                    java.lang.String transid,
                    java.lang.String[] keyvalue)
                      throws MXException,
                             java.rmi.RemoteException

Deprecated. See Harrier Esig spec

Add mbo to LoginTracking reflecting the successful or unsuccessful login, and save.

Called from AppService verifyUser.

Specified by:

addLoginTracking in interface SignatureServiceRemote

Parameters:

userID - User ID to be operated upon.

attemptResult - True for successful login, else False

userInfo - The UserInfo making the request.

app - The application name (optional). Used for ESIG.

reason - The reason code (optional). Used for ESIG.

transid - The transaction ID (optional). Used for ESIG.

keyvalue - Array of up to seven key values (optional). Used for ESIG to identify a mbo in the main set for the app.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.addLoginTracking(java.lang.String, boolean)

addLoginTracking

public void addLoginTracking(java.lang.String userID,
                    boolean attemptResult,
                    UserInfo userInfo,
                    java.lang.String app,
                    java.lang.String reason,
                    java.lang.String transid,
                    java.lang.String[] keyvalue,
                    java.lang.String ownerTable,
                    java.lang.String ownerId)
                      throws MXException,
                             java.rmi.RemoteException

Deprecated. See Harrier Esig spec

Add mbo to LoginTracking reflecting the successful or unsuccessful login, and save.

Called from AppService verifyUser.

Specified by:

addLoginTracking in interface SignatureServiceRemote

Parameters:

userID - User ID to be operated upon.

attemptResult - True for successful login, else False

userInfo - The UserInfo making the request.

app - The application name (optional). Used for ESIG.

reason - The reason code (optional). Used for ESIG.

transid - The transaction ID (optional). Used for ESIG.

keyvalue - Array of up to seven key values (optional). Used for ESIG to identify a mbo in the main set for the app.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.addLoginTracking(java.lang.String, boolean)

generatePassword

public java.lang.String generatePassword(java.lang.String userID,
                                UserInfo userInfo)
                                  throws MXException,
                                         java.rmi.RemoteException

Call generatePassword with the MboRemote parameter null.

Specified by:

generatePassword in interface SignatureServiceRemote

Throws:

MXException

java.rmi.RemoteException

See Also:

generatePassword(String, UserInfo)

generatePassword

public java.lang.String generatePassword(java.lang.String userID,
                                UserInfo userInfo,
                                MboRemote mbo)
                                  throws MXException,
                                         java.rmi.RemoteException

Generate a pseudo-random value for password. This is guaranteed to be valid per validatePassword.

Specified by:

generatePassword in interface SignatureServiceRemote

Parameters:

userID - The user ID associated with the password

userInfo - The userInfo for getting MboSets

mbo - The mbo containing the password (optional). This is used when a new maxuser is being added and has not yet been saved to the database.

Returns:

New value for password

Throws:

MXException

java.rmi.RemoteException

See Also:

validatePassword(String, String, UserInfo, MboRemote)

validatePassword

public void validatePassword(java.lang.String userID,
                    java.lang.String checkString,
                    UserInfo userInfo)
                      throws MXException,
                             java.rmi.RemoteException

Call validatePassword with the MboRemote parameter null.

Specified by:

validatePassword in interface SignatureServiceRemote

Throws:

MXException

java.rmi.RemoteException

See Also:

validatePassword(String, String, UserInfo)

validatePassword

public void validatePassword(java.lang.String userID,
                    java.lang.String checkString,
                    UserInfo userInfo,
                    MboRemote mbo)
                      throws MXException,
                             java.rmi.RemoteException

For validating Maximo password. Uses maxvars PASSWORDMINLENGTH, PASSWORDNUM, PASSWORDCHAR, PASSWORDTHRESHOLD, etc. If not valid, throws signature / PswdMinLength, PswdNumReqd, PswdCharReqd, PswdReused (etc.).

Specified by:

validatePassword in interface SignatureServiceRemote

Parameters:

userID - The user ID associated with the password

checkString - The password to be validated

userInfo - The userInfo for getting MboSets

mbo - The mbo containing the password (optional). This is used when a new maxuser is being added and has not yet been saved to the database.

Throws:

MXException

java.rmi.RemoteException

See Also:

validatePassword(String, String, UserInfo, MboRemote)

canChangePassword

public boolean canChangePassword(java.lang.String userID,
                        UserInfo userInfo)
                          throws MXException,
                                 java.rmi.RemoteException

Can this session user change the password of the specified userID?

Specified by:

canChangePassword in interface SignatureServiceRemote

Parameters:

userID - User ID to be tested.

userInfo - The UserInfo making the request.

Returns:

True if password can be changed, else False.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.canChangePassword(java.lang.String)

showPasswordWarning

public boolean showPasswordWarning(java.lang.String loginID,
                          UserInfo userInfo)
                            throws MXException,
                                   java.rmi.RemoteException

Determine whether a warning should be displayed that a user's password will soon expire.

Specified by:

showPasswordWarning in interface SignatureServiceRemote

Parameters:

loginID - Login ID to be tested.

userInfo - The UserInfo making the request.

Returns:

True if warning should be displayed, else False.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.showPasswordWarning(java.lang.String)

hasPasswordExpired

public boolean hasPasswordExpired(java.lang.String loginID,
                         UserInfo userInfo)
                           throws MXException,
                                  java.rmi.RemoteException

Determine whether the user's password has expired.

Specified by:

hasPasswordExpired in interface SignatureServiceRemote

Parameters:

loginID - Login ID to be tested.

userInfo - The UserInfo making the request.

Returns:

True if user exists and password has expired, else False.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.hasPasswordExpired(java.lang.String)

testForcePasswordChange

public boolean testForcePasswordChange(java.lang.String userID,
                              UserInfo userInfo)
                                throws MXException,
                                       java.rmi.RemoteException

Determine whether the user's password is forced to be changed at the next login.

Specified by:

testForcePasswordChange in interface SignatureServiceRemote

Parameters:

userID - User ID to be tested.

userInfo - The UserInfo making the request.

Returns:

True if user exists and password is being forced to change, else False.

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.testForcePasswordChange(java.lang.String)

passwordWillExpire

public int passwordWillExpire(java.lang.String loginID,
                     UserInfo userInfo)
                       throws MXException,
                              java.rmi.RemoteException

Determine number of days until the users's password expires.

Specified by:

passwordWillExpire in interface SignatureServiceRemote

Parameters:

loginID - Login ID to be tested.

userInfo - The UserInfo making the request.

Returns:

the number of days from today when the password will expire. If it has already expired, this will equal (PSWD_ALREADY_EXPIRED).
If it expires later today, this will equal (PSWD_EXPIRES_LATER_TODAY).
If there is no expiration, this will equal (PSWD_NO_EXPIRATION).

Throws:

MXException

java.rmi.RemoteException

See Also:

MaxUserSet.passwordWillExpire(java.lang.String)

getQuerySql

public java.lang.String getQuerySql(java.lang.String clauseName,
                           java.lang.String appName,
                           UserInfo userInfo)
                             throws MXException,
                                    java.rmi.RemoteException

Given the clausename and app name, what is the SQL for that Query? Strips out the word "Where" if present. Gets the query where owner = the current user or type = Public.

Specified by:

getQuerySql in interface SignatureServiceRemote

Parameters:

clauseName - Identifies the Query name. Cannot be null.

appName - Identifies the application. Cannot be null.

userInfo - The UserInfo making the request. Cannot be null.

Returns:

the SQL for the Query (query.clause)

Throws:

MXException

java.rmi.RemoteException

See Also:

getQuerySql(java.lang.String, java.lang.String, psdi.security.UserInfo)

getUserPref

public java.lang.String getUserPref(java.lang.String varname,
                           UserInfo userInfo)
                             throws MXException,
                                    java.rmi.RemoteException

Given the userpref.varname, what is the varvalue for the current user?

Specified by:

getUserPref in interface SignatureServiceRemote

Parameters:

varname -

userInfo - The UserInfo making the request.

Returns:

varvalue

Throws:

MXException

java.rmi.RemoteException

See Also:

getUserPref(java.lang.String, psdi.security.UserInfo)

setUserPref

public void setUserPref(java.lang.String varname,
               java.lang.String varvalue,
               UserInfo userInfo)
                 throws MXException,
                        java.rmi.RemoteException

Insert or update a mbo from UserPref for the specified user and varname. This method saves the UserPref set.

Specified by:

setUserPref in interface SignatureServiceRemote

Parameters:

varname - The UserPref varname.

varvalue - The UserPref varvalue to be set.

userInfo - The UserInfo making the request. The UserPref userid will equal the username of this UserInfo.

Throws:

MXException

java.rmi.RemoteException

See Also:

setUserPref(java.lang.String, java.lang.String, psdi.security.UserInfo)

deleteUserPref

public void deleteUserPref(java.lang.String varname,
                  UserInfo userInfo)
                    throws MXException,
                           java.rmi.RemoteException

Delete a mbo from UserPref for the specified user and varname. This method saves the UserPref set.

Specified by:

deleteUserPref in interface SignatureServiceRemote

Parameters:

varname - The UserPref varname.

userInfo - The UserInfo making the request. The UserPref userid will equal the username of this UserInfo.

Throws:

MXException

java.rmi.RemoteException

See Also:

deleteUserPref(java.lang.String, psdi.security.UserInfo)

getQueriesForUser

public MboSetRemote getQueriesForUser(java.lang.String appName,
                             UserInfo userInfo)
                               throws MXException,
                                      java.rmi.RemoteException

Get the set of queries that this user is allowed to execute. If one is marked as that user's default query, then that row will be marked as Current, and its "default" attribute will be set to True.

Specified by:

getQueriesForUser in interface SignatureServiceRemote

Parameters:

appName - Application Name.

userInfo - The UserInfo making the request.

Returns:

Set of Query.

Throws:

MXException

java.rmi.RemoteException

See Also:

QuerySet.getQueriesForUser(java.lang.String)

getUserAuthForApp

public java.util.TreeMap[] getUserAuthForApp(java.lang.String appName,
                                    UserInfo userInfo)
                                      throws MXException,
                                             java.rmi.RemoteException

Get the following:

• Menu options for this application and user (element 0).
• Toolbar options for this application and user (element 1).
• Queries for this application and user (element 2).
• Application attributes (element 3).
• Search options (element 4).

From the UI, you should NOT call this method directly. Instead, call Profile getAppMenu, Profile getAppTools, Profile getAppSearch, Profile getQueryMap, or Profile getAppInfo.

Specified by:

getUserAuthForApp in interface SignatureServiceRemote

Parameters:

appName - Application Name.

userInfo - The UserInfo making the request.

Returns:

Array of TreeMap. There will be five elements in the array.

1. The first element describes menu options.
2. The second element describes toolbar options. For the menu, toolbar, and search options, the map is formatted as follows:
   Key = sequential Integer
   Element is a hashtable for the maxmenu + sigoption where key = attribute name and element = attribute string value.
3. The third element specifies the queries that this user is allowed to execute for this app.
   Key = clausename
   Element is a hashtable for the query where key = attribute name and element = attribute string value.
4. The fourth element describes application attributes (legacy code).
5. The fifth element describes search options. <

Throws:

MXException

java.rmi.RemoteException

See Also:

getUserAuthForAppSub(java.util.Map<java.lang.Integer, psdi.app.signature.MaxMenuInfo>, java.util.HashSet, java.lang.String, psdi.security.UserInfo), Profile.getAppOptions(java.lang.String), getQueriesForUser(java.lang.String, psdi.security.UserInfo), getQueryMap(psdi.mbo.MboSetRemote)

getModuleMap

public java.util.TreeMap getModuleMap(UserInfo userInfo)
                               throws MXException,
                                      java.rmi.RemoteException

Get the map of modules and apps for this user, from maxmenu table.

Specified by:

getModuleMap in interface SignatureServiceRemote

Throws:

MXException

java.rmi.RemoteException

See Also:

getUserAuthForAppSub(java.util.Map<java.lang.Integer, psdi.app.signature.MaxMenuInfo>, java.util.HashSet, java.lang.String, psdi.security.UserInfo)

getQueryMap

public java.util.TreeMap<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>> getQueryMap(MboSetRemote querySet)
                                                                                                       throws MXException,
                                                                                                              java.rmi.RemoteException

Given a set of Query, reformat it as TreeMap.

Specified by:

getQueryMap in interface SignatureServiceRemote

Parameters:

querySet - set of Query

Returns:

Map with one entry for each mbo; key is clausename

Throws:

MXException

java.rmi.RemoteException

See Also:

getQueryMap(psdi.mbo.MboSetRemote)

getAppsForModuleAndUser

public MboSetRemote getAppsForModuleAndUser(java.lang.String module,
                                   UserInfo userInfo)
                                     throws MXException,
                                            java.rmi.RemoteException

Get the set of applications (MaxApps) within a given module (via MaxMenu) where the user has some form of authorization to run the application and the application is not hidden.

Specified by:

getAppsForModuleAndUser in interface SignatureServiceRemote

Parameters:

module - Module name. If null, this method will get apps regardless of module.

userInfo - The user to be evaluated.

Returns:

Set of MaxApps

Throws:

MXException

java.rmi.RemoteException

See Also:

Profile.getApps(), MaxMenu, MaxApps

getLaborForUserAndSite

public LaborRemote getLaborForUserAndSite(java.lang.String userID,
                                 java.lang.String siteid,
                                 UserInfo userInfo)
                                   throws MXException,
                                          java.rmi.RemoteException

Get the Labor mbo for the given userID and siteid. Keep in mind that all Labor lookups are subject to the security restrictions specified in the security profile for userInfo.

Specified by:

getLaborForUserAndSite in interface SignatureServiceRemote

Parameters:

userID - The UserID used in the lookup.

siteid - The site used in the lookup.

userInfo - The UserInfo making the request. This can be different from the user being looked up.

Returns:

Labor mbo for the specified user and siteid

Throws:

MXException

java.rmi.RemoteException

See Also:

MXServer.getOrganization(java.lang.String), getLaborForUserAndOrg(java.lang.String, java.lang.String, psdi.security.UserInfo)

getLaborForUserAndOrg

public LaborRemote getLaborForUserAndOrg(java.lang.String userID,
                                java.lang.String orgid,
                                UserInfo userInfo)
                                  throws MXException,
                                         java.rmi.RemoteException

Get the Labor mbo for the given UserID and orgid. Keep in mind that all Labor lookups are subject to the security restrictions specified in the security profile for userInfo.

Specified by:

getLaborForUserAndOrg in interface SignatureServiceRemote

Parameters:

userID - The UserID used in the lookup.

orgid - The organization used in the lookup.

userInfo - The UserInfo making the request. This can be different from the user being looked up.

Returns:

Labor mbo for the specified user and orgid

Throws:

MXException

java.rmi.RemoteException

See Also:

LaborSet.getUserPrefWhere(), Profile.getLaborCodes(java.lang.String)

isValidSite

public boolean isValidSite(UserInfo userInfo,
                  java.lang.String siteId)
                    throws MXException,
                           java.rmi.RemoteException

Identifies whether the specified site is valid for the specified user. If no Site mbo, or Site is not active, or site is not in Profile, throws error signature / invalidSiteUser.

Specified by:

isValidSite in interface SignatureServiceRemote

Parameters:

userInfo - The user to be validated.

siteId - The site to be validated.

Returns:

True if valid as described above, else throws error.

Throws:

MXException

java.rmi.RemoteException

See Also:

Profile.getSite(java.lang.String)

getSiteAdminWhere

public java.lang.String[] getSiteAdminWhere(MboSetRemote mboSet,
                                   java.lang.String app)
                                     throws MXException,
                                            java.rmi.RemoteException

For the Users app and the Security Groups app, if the logon user is a "site administrator", then return the Where clause for the main MboSet (maxuser or maxgroup).

Specified by:

getSiteAdminWhere in interface SignatureServiceRemote

Parameters:

mboSet - Instance of MaxUser or MaxGroup. This is also used for getting the UserInfo and login UserID.

app - Normally USER or SECURGROUP, unless this is some kind of clone.

Returns:

String array where [0] is the Where condition for the main Select statement for the app, and [1] is only the site subselect portion of it (siteid in (A, B, C, ...)). This array will contain nulls if there is no restriction.

Throws:

MXException

java.rmi.RemoteException

See Also:

getSiteAdminWhere(psdi.mbo.MboSetRemote, java.lang.String)

validateAuthorized

public void validateAuthorized(boolean authorized,
                      MboRemote mbo,
                      MboSetRemote sigoSet1,
                      MboSetRemote sigoSet2,
                      MboSetRemote sigoSet3)
                        throws MXException,
                               java.rmi.RemoteException

Called from Security Groups app. Checks to ensure that any sigoption prerequisites have been fulfilled.

Specified by:

validateAuthorized in interface SignatureServiceRemote

Parameters:

authorized - The new value of "authorized".

mbo - The SigOption mbo whose value of "authorized" was changed.

sigoSet1 - Set 1 of sigoption for validation. Three sets can be passed in because the Security Groups app does not display some sigoptions, and displays the others in two different sets. The owner of these sets should be MaxApps, and the owner of MaxApps should be MaxGroup.

sigoSet2 - Set 2 of sigoption for validation.

sigoSet3 - Set 3 of sigoption for validation.

Throws:

MXException

java.rmi.RemoteException

See Also:

getAlsoSigoption(boolean, psdi.mbo.MboRemote, psdi.mbo.MboSetRemote, psdi.mbo.MboSetRemote, psdi.mbo.MboSetRemote), validateAuthorizedSub(psdi.mbo.MboRemote, java.util.HashSet, psdi.mbo.MboSetRemote)

setAuthorized

public void setAuthorized(boolean authorized,
                 MboRemote mbo,
                 MboSetRemote sigoSet1,
                 MboSetRemote sigoSet2,
                 MboSetRemote sigoSet3)
                   throws MXException,
                          java.rmi.RemoteException

Called from Security Groups app. Checks sigoptin alsogrants and alsorevokes and sets other sigoptions accordingly.

Specified by:

setAuthorized in interface SignatureServiceRemote

Parameters:

authorized - The new value of "authorized".

mbo - The SigOption mbo whose value of "authorized" was changed.

sigoSet1 - Set 1 of sigoption for validation. Three sets can be passed in because the Security Groups app does not display some sigoptions, and displays the others in two different sets. The owner of these sets should be MaxApps, and the owner of MaxApps should be MaxGroup.

sigoSet2 - Set 2 of sigoption for validation.

sigoSet3 - Set 3 of sigoption for validation.

Throws:

MXException

java.rmi.RemoteException

See Also:

getAlsoSigoption(boolean, psdi.mbo.MboRemote, psdi.mbo.MboSetRemote, psdi.mbo.MboSetRemote, psdi.mbo.MboSetRemote), setAuthorizedSub(boolean, java.util.HashSet, psdi.mbo.MboSetRemote)

getAlsoSigoption

public java.util.HashSet<java.lang.String> getAlsoSigoption(boolean alsoGrants,
                                                   MboRemote mbo,
                                                   MboSetRemote sigoSet1,
                                                   MboSetRemote sigoSet2,
                                                   MboSetRemote sigoSet3)
                                                     throws MXException,
                                                            java.rmi.RemoteException

Get "alsogrants" or "alsorevokes", and anything one level deep that's "also" granted/revoked. Called from validateAuthorized.

Parameters:

alsoGrants - True for "alsogrants", False for "alsorevokes"

mbo - The mbo whose authorized value is being changed.

sigoSet1 - Set 1 of sigoption

sigoSet2 - Set 2 of sigoption

sigoSet3 - Set 3 of sigoption

Returns:

optionnames

Throws:

MXException

java.rmi.RemoteException

See Also:

getAlsoSigoptionSub(java.util.HashSet, java.lang.String, psdi.mbo.MboSetRemote)

allowedWithLDAP

public boolean allowedWithLDAP(java.lang.String app,
                      java.lang.String optionname)
                        throws MXException,
                               java.rmi.RemoteException

Some combinations of app + optionname are not allowed to be turned on in Security Groups app when LDAP is on. If the option is permitted this method returns True, if not permitted it returns False.

Specified by:

allowedWithLDAP in interface SignatureServiceRemote

Parameters:

app - App name

optionname - Option name

Returns:

True if privilege is allowed to be turned on with LDAP. This means that Security Groups app, Application tab, checkbox for the sigoption will be editable. If it's not allowed the checkbox will be readonly.

Throws:

MXException

java.rmi.RemoteException

See Also:

allowedWithLDAP(java.lang.String, java.lang.String)

isActiveSite

public boolean isActiveSite(java.lang.String siteID)
                     throws MXException,
                            java.rmi.RemoteException

Check whether the specified site is active or not.

Specified by:

isActiveSite in interface SignatureServiceRemote

Parameters:

siteID -

Returns:

True if the site exists and is active, else false.

Throws:

MXException

java.rmi.RemoteException

See Also:

SiteCache.isActiveSite(java.lang.String)