Package wt.org
Interface OrganizationServicesManager
- All Known Implementing Classes:
StandardOrganizationServicesManager
This interface provides API definitions to manage participants in LDAP
and database.
Supported API: true
Extendable: false
Supported API: true
Extendable: false
-
Method Summary
Modifier and TypeMethodDescriptionbooleanaddMember(WTGroup group, WTPrincipal principal) Adds a principal to a group.addMembers(WTGroup group, WTPrincipal[] principals) Adds principals to a group.createPrincipal(WTPrincipal principal) This API persists the principal object in the database.The API is used to delete a group from the database and its corresponding entry in LDAP.The API is used to delete a user object from the database and its corresponding entry in LDAP.disablePrincipal(WTPrincipal principal) This API is used to disable a principal in the database.enablePrincipal(WTPrincipal principal) This API is used to enable a previously disabled principal.findActiveAndDisabledUsersByName(Class<?> principalClass, String name) This API returns an enumeration containing all the active and disabled users with the given name.findActiveAndDisabledUsersByName(Class<?> principalClass, String name, DirectoryContextProvider[] contexts) This API returns an enumeration containing all the active and disabled users with the given name.findDisabledUser(long key) This API can be used to query for a disabled user given the id value associated to the user object.This API returns an enumeration containing all the active and disabled users.findLikeActiveAndDisabledUsers(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider[] contexts) This API returns an enumeration containing all the active and disabled users.findLikeDisabledUsers(String criteria) Provides a result set of all disabled users that match the search criteria provided as a parameter.findLikeGroups(String pattern) This method will search for groups whose name matches the name pattern provided.findLikeGroups(String pattern, DirectoryContextProvider context) This method will search the given directory context for groups whose name matches the name pattern provided.findLikeOrganizations(String attributeName, String pattern) This API returns all the organizations matching the name provided as a pattern.findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context) Deprecated.deprecated in release 12.1findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context, boolean querySubtree) This API returns all the organizations matching the name provided as a pattern.findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context, boolean querySubtree, boolean applyAccessFilter) This API returns all the organizations matching the name provided as a pattern.findLikeUsers(String attributeName, String pattern) This API returns all the users matching the name provided as a pattern.findLikeUsers(String attributeName, String pattern, DirectoryContextProvider context) This API returns all the users matching the name provided as a pattern.findPersistedUsers(String[] userNames, String email, String fullName, String lastName, PrincipalStatus status, Boolean internal, Boolean disabled) Returns persisted users matching the given characteristics.findUserAnyState(String name) This API will search and return the first user whose name attribute value matches the given name.getAuthenticatedUser(String auth_name)
Supported API: trueString[]
Supported API: trueDeprecated.getGroup(String name, DirectoryContextProvider context) This method will search for groups whose name attribute matches the given name in the given directory context.
Supported API: truegetGroups(String name, DirectoryContextProvider context)
Supported API: truegetOrganization(String name) Get the organization by providing its name
Supported API: truegetOrganization(WTPrincipal principal) Returns the organization associated to the principal, if the organization is found and the session user has access to the organization If the organization is not found it return null.getPrincipal(String name, Class type, DirectoryContextProvider context) This method will search for a principal with the given name in the given organization.getPrincipal(String name, DirectoryContextProvider context) This method will search for principals with the given name in the given organization.getPrincipal(ObjectIdentifier reference) Gets the user or group for the specified principal reference.Returns the principal identified by a specific LDAP distinguished name, or null if no such principal exists.getPrincipalByDN(String dn, String service) Returns the principal identified by a specific distinguished name in a specific service, or null if no such principal exists.getPrincipalByDN(String dn, String service, boolean createNew) Returns the principal identified by a specific distinguished name in a specific service, or null if no such principal exists.getPrincipalReference(String name, Class type) Returns a reference to a principal, given the name and Class type.getPrincipalReference(String name, Class type, DirectoryContextProvider context) Returns a reference to a principal, given the name, Class type and DirectoryContextProvider.getPrincipalReference(String name, DirectoryContextProvider context) This method will search for principals with the given name in the given organization, and references to them will be returned.Gets the first user matched with the name passed as argument.getUser(String name, DirectoryContextProvider context) This API will search and return the first user whose name attribute value matches the given name in the specified DirectoryContext(s).This API will search and return all users whose name attribute value matches the given namegetUsers(String name, DirectoryContextProvider context) This API will search and return all users whose name attribute value matches the given name in the specified DirectoryContext(s).booleanisMember(ObjectIdentifier group, WTPrincipal principal, boolean cacheUser)
Supported API: truebooleanisMember(LicenseGroups licenseGroup, WTPrincipal principal) Check if this user is a member of this LicenseGroups instance.booleanisMember(WTGroup group, WTPrincipal principal)
Supported API: truebooleanisMember(WTPrincipalReference group, WTPrincipal principal)
Supported API: truelistofInvalidPrincipals(Class principalClass, String principalName) This method provides an option to query all disconnected principals in Windchill associated to a specific principal type and/or a specific principal name.listofInvalidPrincipals(Class principalClass, String principalName, boolean alwaysReconnect) This method created for EnableDisableduser utility only.This method returns a list of all principals that are disconnected in Windchill Principals are considered disconnected in Windchill if 1) The corresponding LDAP entry is missing OR 2) If the Remote information in the windchill database is missing.This API takes a set of groups and retrieves all of the direct members from the MembershipLink table.This API takes a set of groups and retrieves all of the direct members from the MembershipLink table.move(WTPrincipal principal, DirectoryContextProvider newContext)
Supported API: truenewDirectoryContextProvider(String[] services, String[] searchScopes)
Supported API: truenewDirectoryContextProvider(DirectoryContextProvider baseContext, String[] searchScopes)
Supported API: trueparentGroups(WTPrincipal principal) Deprecated.parentGroups(WTPrincipal principal, boolean flatten) Returns groups that the argument principal is a member of.
Supported API: truequeryPrincipals(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider context)
Supported API: truequeryPrincipals(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider[] contexts)
Supported API: truebooleanremoveMember(WTGroup group, WTPrincipal principal) Removes a principal from a group.booleanremoveMember(WTGroup group, WTPrincipal principal, boolean bValidate) Removes a principal from a group.booleanremoveMembers(WTGroup group, WTPrincipal[] principals) Removes principals from a group.booleanremoveMembers(WTGroup group, WTPrincipal[] principals, boolean bValidate) Removes principals from a group.rename(WTPrincipal principal, String newName)
Supported API: truerepairPrincipal(String oldName, String newDn, String oldEnteredDn) This method tries and repairs the principal given the "oldName" (name that is currently in the database and possibly will continue to be -- ie.updatePrincipal(WTPrincipal principal)
Supported API: true
-
Method Details
-
getPrincipal
Gets the user or group for the specified principal reference.
Supported API: true- Parameters:
reference-- Returns:
- WTPrincipal
- Throws:
WTException
-
getPrincipal
This method will search for principals with the given name in the given organization.
Supported API: true- Parameters:
name-context-- Returns:
- Enumeration
- Throws:
WTException
-
getPrincipal
WTPrincipal getPrincipal(String name, Class type, DirectoryContextProvider context) throws WTException This method will search for a principal with the given name in the given organization. If more than one principal is found, an exception is thrown.
Supported API: true- Parameters:
name-type-context-- Returns:
- WTPrincipal
- Throws:
WTException
-
getPrincipalByDN
Returns the principal identified by a specific LDAP distinguished name, or null if no such principal exists.
If a principal is not found in LDAP, nothing is returned.
If a principal is found in LDAP but not in the database, this creates a new entry in the database and returns the principal with both LDAP and database values populated.
If a principal is found in LDAP and in the database, this returns the principal with both LDAP and database values populated.
Supported API: true- Parameters:
dn-- Returns:
- WTPrincipal
- Throws:
WTException- See Also:
-
getPrincipalReference
This method will search for principals with the given name in the given organization, and references to them will be returned.
Supported API: true- Parameters:
name-context-- Returns:
- Enumeration
- Throws:
WTException
-
getPrincipalReference
WTPrincipalReference getPrincipalReference(String name, Class type, DirectoryContextProvider context) throws WTException Returns a reference to a principal, given the name, Class type and DirectoryContextProvider. If more than one principal is found, an exception is thrown.
Supported API: true- Parameters:
name-type-context-- Returns:
- WTPrincipalReference
- Throws:
WTException
-
getPrincipalReference
Returns a reference to a principal, given the name and Class type. If more than one principal is found, an exception is thrown.
Supported API: true- Parameters:
name-type-- Returns:
- WTPrincipalReference
- Throws:
WTException
-
queryPrincipals
Enumeration queryPrincipals(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider context) throws WTException
Supported API: true- Parameters:
principalClass-criteriaMap-context-- Returns:
- Enumeration
- Throws:
WTException
-
queryPrincipals
Enumeration queryPrincipals(Class principalClass, Map<String, List<String>> criteriaMap) throws WTException
Supported API: true- Parameters:
principalClass-criteria-- Returns:
- Enumeration
- Throws:
WTException
-
queryPrincipals
Enumeration queryPrincipals(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider[] contexts) throws WTException
Supported API: true- Parameters:
principalClass-criteriaMap-contexts-- Returns:
- Enumeration
- Throws:
WTException
-
createPrincipal
This API persists the principal object in the database. In addition it also creates a corresponding entry in LDAP if necessary.
Supported API: true- Parameters:
principal-- Returns:
- WTPrincipal
- Throws:
WTException
-
disablePrincipal
This API is used to disable a principal in the database. When a principal is deleted, it is not completely removed from the database. Instead it is disabled in the database. The process of disabling the principal object is by renaming the principal in the database to its object identifier and setting the disabled bit.
Supported API: true- Parameters:
principal-- Returns:
- WTPrincipal
- Throws:
WTException
-
enablePrincipal
This API is used to enable a previously disabled principal. The API renames the principal in the database from the current object identifier name to the actual name of the principal that needs to be displayed on the UI. In addition it also resets the disabled bit in the database. NOTE: This API does not recreate a previously deleted entry in LDAP corresponding to this principal. The API should only be used to enable the database entry for the principal after verifying that a corresponding entry for the principal exists in LDAP. Once the principal is enabled, the Principal Administrator maintenance page should be used to reconnect the principal to the corresponding LDAP node.
Supported API: true- Parameters:
principal-- Returns:
- WTPrincipal
- Throws:
WTException
-
updatePrincipal
Supported API: true- Parameters:
principal-- Returns:
- WTPrincipal
- Throws:
WTException
-
rename
Supported API: true- Parameters:
principal-newName-- Returns:
- WTPrincipal
- Throws:
WTException
-
move
Supported API: true- Parameters:
principal-newContext-- Returns:
- WTPrincipal
- Throws:
WTException
-
getAuthenticatedUser
Supported API: true- Parameters:
auth_name-- Returns:
- WTUser
- Throws:
WTException
-
getUser
Gets the first user matched with the name passed as argument. Returns null if there is no such user.
Supported API: true- Parameters:
name-- Returns:
- WTUser
- Throws:
WTException
-
getUser
This API will search and return the first user whose name attribute value matches the given name in the specified DirectoryContext(s).A few behaviors to note:
- All directory contexts (i.e. LDAP services) specified in the given
DirectoryContextProviderwill be searched - If the directory context provider does not identify any specific service, then all registered services will be searched
- The search is performed on the name attribute in LDAP and an exact match is expected. If user has multiple names in LDAP (aliases, alternate names), any of those can be considered a match
- The first matching user record will be returned. This API will NOT continue to look for additional matches
- A user that is only as-yet in LDAP and not yet persisted in
Windchill can also be found and returned by this API. The
Persistenceattributes of the user can be checked to determine if this is a persisted user or not - Since the search for a match occurs on the LDAP end, a Windchill user whose
LDAP record is missing (e.g user has been disabled) or has been renamed
(user is in a repair-needed state), will not be found. For the same reason,
Internalusers (users that are in Pending or Replicated states) will not be found, since they do not have corresponding LDAP records - This API makes use of caching and is suitable for repeat lookups
Also see other related APIs that can be used to find principals, to know if there's a more suitable API:
getUsers(String, DirectoryContextProvider)findLikeDisabledUsers(String)findActiveAndDisabledUsersByName(Class, String, DirectoryContextProvider[])findUserAnyState(String)findLikeUsers(String, String, DirectoryContextProvider)getPrincipal(String, DirectoryContextProvider)getPrincipal(String, Class, DirectoryContextProvider)getPrincipalByDN(String)
Supported API: true- Parameters:
name- - Name of the usercontext- - Required parameter. May not be null.- Returns:
- WTUser - The user found, or null if none found with that name
- Throws:
WTException
- All directory contexts (i.e. LDAP services) specified in the given
-
getUsers
This API will search and return all users whose name attribute value matches the given name in the specified DirectoryContext(s).A few behaviors to note:
- All directory contexts (i.e. LDAP services) specified in the given
DirectoryContextProviderwill be searched - If the directory context provider does not identify any specific service, then all registered services will be searched
- The search is performed on the name attribute in LDAP and an exact match is expected. If user has multiple names in LDAP (aliases, alternate names), any of those can be considered a match
- A user that is only as-yet in LDAP and not yet persisted in
Windchill can also be found and returned by this API. The
Persistenceattributes of the user can be checked to determine if this is a persisted user or not - Since the search for a match occurs on the LDAP end, a Windchill user whose
LDAP record is missing (e.g user has been disabled) or has been renamed
(user is in a repair-needed state), will not be found. For the same reason,
Internalusers (users that are in Pending or Replicated states) will not be found, since they do not have corresponding LDAP records - This API makes use of caching and is suitable for repeat lookups
Also see other related APIs that can be used to find principals, to know if there's a more suitable API:
getUser(String, DirectoryContextProvider)findLikeDisabledUsers(String)findActiveAndDisabledUsersByName(Class, String, DirectoryContextProvider[])findUserAnyState(String)findLikeUsers(String, String, DirectoryContextProvider)getPrincipal(String, DirectoryContextProvider)getPrincipal(String, Class, DirectoryContextProvider)getPrincipalByDN(String)
Supported API: true- Parameters:
name- - Name of the usercontext- - Required parameter. May not be null.- Returns:
- WTUser - The user found, or null if none found with that name
- Throws:
WTException
- All directory contexts (i.e. LDAP services) specified in the given
-
getUsers
This API will search and return all users whose name attribute value matches the given nameA few behaviors to note:
- All configured Idp services will be searched.
- The search is performed on the name attribute in Idp and an exact match is expected. If user has multiple names in Idp (aliases, alternate names), any of those can be considered a match
- A user that is only as-yet in Idp and not yet persisted in Windchill can also be found and returned by this
API. The
Persistenceattributes of the user can be checked to determine if this is a persisted user or not - Since the search for a match occurs on the Idp end, a Windchill user whose Idp record is missing (e.g user
has been disabled) or has been renamed (user is in a repair-needed state), will not be found. For the same
reason,
Internalusers (users that are in Pending or Replicated states) will not be found, since they do not have corresponding Idp records - This API makes use of caching and is suitable for repeat lookups
Also see other related APIs that can be used to find principals, to know if there's a more suitable API:
getUser(String, DirectoryContextProvider)findLikeDisabledUsers(String)findActiveAndDisabledUsersByName(Class, String, DirectoryContextProvider[])findUserAnyState(String)findLikeUsers(String, String, DirectoryContextProvider)getPrincipal(String, DirectoryContextProvider)getPrincipal(String, Class, DirectoryContextProvider)getPrincipalByDN(String)
Supported API: true- Parameters:
name- - Name of the user- Returns:
- WTUser - The user found, or null if none found with that name
- Throws:
WTException
-
findLikeUsers
Enumeration findLikeUsers(String attributeName, String pattern, DirectoryContextProvider context) throws WTException This API returns all the users matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the user name that is being searched for. The pattern would also accept a wild card search. Org services package documentation has a detailed description on how to create a DirectoryContexttProvider that needs to be passed into this API.
Supported API: true- Parameters:
attributeName-pattern-context-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeUsers
This API returns all the users matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the user name that is being searched for. The pattern would also accept a wild card search.
Supported API: true- Parameters:
attributeName-pattern-- Returns:
- Enumeration
- Throws:
WTException
-
findUserAnyState
This API will search and return the first user whose name attribute value matches the given name. The search first occurs for an active user, and if no match is found, then for a user in a disconnected or disabled state. At any point, if a match if found, that is returned.A few behaviors to note:
- All directory contexts (i.e. LDAP services) specified in the given
DirectoryContextProviderwill be searched - If the directory context provider does not identify any specific service, then all registered services will be searched
- The search is performed on the name attribute in LDAP and an exact match is expected. If user has multiple names in LDAP (aliases, alternate names), any of those can be considered a match
- The first matching user record will be returned. This API will NOT continue to look for additional matches
- A user that is only as-yet in LDAP and not yet persisted in
Windchill can also be found and returned by this API. The
Persistenceattributes of the user can be checked to determine if this is a persisted user or not - If no match occurs in LDAP, the database is searched for a user that is in a disconnected or disabled state
- This API makes use of caching for the predominant case (active user) and is suitable for repeat lookups. However, if looking mainly for disconnected or disabled users, this may not be the best API choice. Check options below for more suitable APIs
Also see other related APIs that can be used to find principals, to know if there's a more suitable API:
getUser(String, DirectoryContextProvider)getUsers(String, DirectoryContextProvider)findLikeDisabledUsers(String)findActiveAndDisabledUsersByName(Class, String, DirectoryContextProvider[])findLikeUsers(String, String, DirectoryContextProvider)getPrincipal(String, DirectoryContextProvider)getPrincipal(String, Class, DirectoryContextProvider)getPrincipalByDN(String)
Supported API: true- Parameters:
name- - Name of the usercontext- - Required parameter. May not be null.- Returns:
- WTUser - The user found, or null if none found with that name
- Throws:
WTException
- All directory contexts (i.e. LDAP services) specified in the given
-
delete
The API is used to delete a user object from the database and its corresponding entry in LDAP. Users are not completely deleted from the database. Instead when a user object is deleted, the correspodning user name in the database is renamed to the format of the user's object identifier and the disabled bit is set.
Supported API: true- Parameters:
user-- Returns:
- WTUser
- Throws:
WTException
-
getGroup
Deprecated.Gets the group with the name passed as argument. Returns null if there is no such group.
Supported API: true- Parameters:
name-- Returns:
- WTGroup
- Throws:
WTException- {@link Deprecated. Use #getPrincipal(String name, WTContainer container, boolean persist) }
-
getGroup
This method will search for groups whose name attribute matches the given name in the given directory context.
Supported API: true- Parameters:
name-context-- Returns:
- WTGroup
- Throws:
WTException
-
getGroups
Supported API: true- Parameters:
name-context-- Returns:
- Enumeration
- Throws:
WTException
-
getGroups
Supported API: true- Parameters:
name-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeGroups
This method will search the given directory context for groups whose name matches the name pattern provided. The "pattern" parameter could be something like "name=group1" or "name=g*.
Supported API: true- Parameters:
pattern-context-- Returns:
- Enumeration returns the groups whose name matches the pattern that is specified for name
- Throws:
WTException
-
findLikeGroups
This method will search for groups whose name matches the name pattern provided. The "pattern" parameter could be something like "name=group1" or "name=g*.
Supported API: true- Parameters:
pattern-- Returns:
- Enumeration returns the groups whose name matches the pattern that is specified for name
- Throws:
WTException
-
delete
The API is used to delete a group from the database and its corresponding entry in LDAP. Groups are not completely deleted from the database. Instead when a group is deleted, the corresponding group name in the database is renamed to the format of the groups's object identifier and the disabled bit is set..
Supported API: true- Parameters:
group-- Returns:
- WTGroup
- Throws:
WTException
-
addMember
Adds a principal to a group. Returns 'true' if principal was successfully added to the group, 'false' otherwise.
Supported API: true- Parameters:
group-principal-- Returns:
- boolean
- Throws:
WTExceptionUserNotFoundException
-
addMembers
Adds principals to a group. Returns an array containing principals that were newly added as members of the group..
Supported API: true- Parameters:
group-principals-- Returns:
- WTPrincipal[]
- Throws:
WTException
-
removeMember
boolean removeMember(WTGroup group, WTPrincipal principal) throws WTException, UserNotFoundException Removes a principal from a group. Returns true if principal belonged to the group, false otherwise.
Supported API: true- Parameters:
group-principal-- Returns:
- boolean
- Throws:
WTExceptionUserNotFoundException
-
isMember
Check if this user is a member of this LicenseGroups instance.
Supported API: true- Parameters:
licenseGroup- the LicenseGroups instanceprincipal- the user- Returns:
- boolean
- Throws:
WTException
-
isMember
Supported API: true- Parameters:
group-principal-- Returns:
- boolean
- Throws:
WTException
-
isMember
Supported API: true- Parameters:
group-principal-- Returns:
- boolean
- Throws:
WTException
-
isMember
boolean isMember(ObjectIdentifier group, WTPrincipal principal, boolean cacheUser) throws WTException
Supported API: true- Parameters:
group- the ObjectIdentifier instanceprincipal-cacheUser- Decides if the principal should be stored in cache- Returns:
- boolean
- Throws:
WTException
-
members
This API takes a set of groups and retrieves all of the direct members from the MembershipLink table. returns members in given group to reflect the user’s current membership. Enumeration the members of the given group
Supported API: true- Parameters:
group-- Returns:
- Enumeration the members of the given group
- Throws:
WTException
-
members
This API takes a set of groups and retrieves all of the direct members from the MembershipLink table. returns members in given group to to reflect the user’s current membership. If parameter flatten is true, it will recursively query all children or sub groups, but only return all WTUsers. If parameter flatten is false, it will return all the first level members, including WTUsers and WTGroups. Enumeration the members of the given group
Supported API: true- Parameters:
group-flatten-- Returns:
- Enumeration the members of the given group
- Throws:
WTException
-
parentGroups
Deprecated.
Supported API: true- Parameters:
principal-- Returns:
- Enumeration
- Throws:
WTException- See Also:
-
getOrganization
Returns the organization associated to the principal, if the organization is found and the session user has access to the organization If the organization is not found it return null. If the organization is found, but the session user does not have access to the organization, this method throws an AccessControlException
Supported API: true- Parameters:
principal-- Returns:
- WTOrganization
- Throws:
WTException
-
getOrganization
Get the organization by providing its name
Supported API: true- Parameters:
name-- Returns:
- WTOrganization
- Throws:
WTException
-
findLikeOrganizations
This API returns all the organizations matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the organization name that is being searched for. The pattern would also accept a wild card search.
Supported API: true- Parameters:
attributeName-pattern-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeOrganizations
@Deprecated Enumeration findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context) throws WTException Deprecated.deprecated in release 12.1This API returns all the organizations matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the organization name that is being searched for. The pattern would also accept a wild card search.
Supported API: true- Parameters:
attributeName-pattern-context-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeOrganizations
Enumeration findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context, boolean querySubtree) throws WTException This API returns all the organizations matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the organization name that is being searched for. The pattern also accepts a wild card search. Typically organizations are stored directly in the default search base i.e. within a one level search scope of the base where organizations are searched. On some occasions, there could be a new search base that may be created as a sub node of the default search base, to hold all the organizations. In this case a subtree search scope is necessary to retrieve the organizations. So if the parameter querySubTree is set to true, it seaches with the search scope of subtree, else it searches with a default search scope of one-level.
Supported API: true- Parameters:
attributeName-pattern-context-querySubtree-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeOrganizations
Enumeration findLikeOrganizations(String attributeName, String pattern, DirectoryContextProvider context, boolean querySubtree, boolean applyAccessFilter) throws WTException This API returns all the organizations matching the name provided as a pattern. For this API the attribute name would typically be "name". The pattern would be the organization name that is being searched for. The pattern also accepts a wild card search. Typically organizations are stored directly in the default search base i.e. within a one level search scope of the base where organizations are searched. On some occasions, there could be a new search base that may be created as a sub node of the default search base, to hold all the organizations. In this case a subtree search scope is necessary to retrieve the organizations. So if the parameter querySubTree is set to true, it seaches with the search scope of subtree, else it searches with a default search scope of one-level. If the boolean value applyAccessFilter is set to true, then the only organizations that the user has access to would be returned, else all organizations that match the search criteria would be returned.
Supported API: true- Parameters:
attributeName-pattern-context-querySubtree-applyAccessFilter-- Returns:
- Enumeration
- Throws:
WTException
-
getDirectoryServiceNames
Supported API: true- Returns:
- String []
- Throws:
WTException
-
repairPrincipal
This method tries and repairs the principal given the "oldName" (name that is currently in the database and possibly will continue to be -- ie. only the UFID has changed) and the new DN (Distinguished name in the DIrectory).
Supported API: true- Parameters:
oldName-newDn-oldEnteredDn-- Returns:
- WTPrincipal
- Throws:
WTException
-
listOfInvalidPrincipals
This method returns a list of all principals that are disconnected in Windchill Principals are considered disconnected in Windchill if 1) The corresponding LDAP entry is missing OR 2) If the Remote information in the windchill database is missing.
Supported API: true- Returns:
- Vector
- Throws:
WTException
-
newDirectoryContextProvider
DirectoryContextProvider newDirectoryContextProvider(DirectoryContextProvider baseContext, String[] searchScopes) throws WTException
Supported API: true- Parameters:
baseContext-searchScopes-- Returns:
- DirectoryContextProvider
- Throws:
WTException
-
newDirectoryContextProvider
DirectoryContextProvider newDirectoryContextProvider(String[] services, String[] searchScopes) throws WTException
Supported API: true- Parameters:
services-searchScopes-- Returns:
- DirectoryContextProvider
- Throws:
WTException
-
parentGroups
Returns groups that the argument principal is a member of. If the flatten variable is false, this will return only the immediate parent groups, otherwise all nested parent groups will be returned.
Supported API: true- Parameters:
principal-flatten- If false, only immediate parent groups will be returned If true, all nested groups for which principal is a member will be returned, e.g. the parent groups of principal's parent groups, and the parent groups of those groups, etc.,- Returns:
- Enumeration
- Throws:
WTException
-
removeMembers
boolean removeMembers(WTGroup group, WTPrincipal[] principals) throws WTException, UserNotFoundException Removes principals from a group. Returns true if principals belonged to the group, false otherwise.
Supported API: true- Parameters:
group-principals-- Returns:
- boolean
- Throws:
WTExceptionUserNotFoundException
-
findLikeActiveAndDisabledUsers
Enumeration findLikeActiveAndDisabledUsers(Class principalClass, Map<String, List<String>> criteriaMap, DirectoryContextProvider[] contexts) throws WTExceptionThis API returns an enumeration containing all the active and disabled users. 'criteriaMap' parameter has info similar to criteria but in a map format which supports multiple ; separated values and quoting is not needed The "criteria" parameter in deprecated API was something like "name=user1" or email="user1@email.com". Note that this parameter must use proper quoting (like name="some user") where spaces are involved and proper escaping when special characters are involved. Org services package documentation has a detailed description on how to create a DirectoryContextProvider that needs to be passed into this API.
Supported API: true- Parameters:
principalClass-criteriaMap-contexts-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeActiveAndDisabledUsers
Enumeration findLikeActiveAndDisabledUsers(Class principalClass, Map<String, List<String>> criteriaMap) throws WTExceptionThis API returns an enumeration containing all the active and disabled users. 'criteriaMap' parameter has info similar to criteria but in a map format which supports multiple ; separated values and quoting is not needed The "criteria" parameter of deprecated API was something like "name=user1" or email="user1@email.com". Note that this parameter must use proper quoting (like name="some user") where spaces are involved and proper escaping when special characters are involved.
Supported API: true- Parameters:
principalClass-criteriaMap-- Returns:
- Enumeration
- Throws:
WTException
-
findActiveAndDisabledUsersByName
Enumeration findActiveAndDisabledUsersByName(Class<?> principalClass, String name, DirectoryContextProvider[] contexts) throws WTException This API returns an enumeration containing all the active and disabled users with the given name. This is an easier-to-use convenience method wrappingfindActiveAndDisabledUsersByName(java.lang.Class, java.lang.String, wt.org.DirectoryContextProvider[])and doing all necessary quoting and escaping internally. Org services package documentation has a detailed description on how to create a DirectoryContextProvider that needs to be passed into this API.
Supported API: true- Parameters:
principalClass-name-contexts-- Returns:
- Enumeration
- Throws:
WTException
-
findActiveAndDisabledUsersByName
Enumeration findActiveAndDisabledUsersByName(Class<?> principalClass, String name) throws WTException This API returns an enumeration containing all the active and disabled users with the given name.
Supported API: true- Parameters:
principalClass-name-- Returns:
- Enumeration
- Throws:
WTException
-
findLikeDisabledUsers
Provides a result set of all disabled users that match the search criteria provided as a parameter. The search crteira should be along the lines "name = user1" or "name = u*" or "name=*"
Supported API: true- Parameters:
criteria-- Returns:
- Enumeration
- Throws:
WTException
-
removeMember
boolean removeMember(WTGroup group, WTPrincipal principal, boolean bValidate) throws WTException, UserNotFoundException Removes a principal from a group. Returns true if principal belonged to the group, false otherwise.
Supported API: true- Parameters:
group-principal-bValidate-- Returns:
- boolean
- Throws:
WTExceptionUserNotFoundException
-
removeMembers
boolean removeMembers(WTGroup group, WTPrincipal[] principals, boolean bValidate) throws WTException, UserNotFoundException Removes principals from a group. Returns true if principals belonged to the group, false otherwise.
Supported API: true- Parameters:
group-principals-bValidate-- Returns:
- boolean
- Throws:
WTExceptionUserNotFoundException
-
findDisabledUser
This API can be used to query for a disabled user given the id value associated to the user object.
Supported API: true- Parameters:
key-- Returns:
- WTUser
- Throws:
WTException
-
getPrincipalByDN
Returns the principal identified by a specific distinguished name in a specific service, or null if no such principal exists.
If a principal is not found in LDAP, nothing is returned.
If a principal is found in LDAP but not in the database, this creates a new entry in the database and returns the principal with both LDAP and database values populated.
If a principal is found in LDAP and in the database, this returns the principal with both LDAP and database values populated.
Supported API: true- Parameters:
dn-service-- Returns:
- WTPrincipal
- Throws:
WTException- See Also:
-
getPrincipalByDN
Returns the principal identified by a specific distinguished name in a specific service, or null if no such principal exists.
If a principal is not found in LDAP, nothing is returned.
If a principal is found in LDAP but not in the database, then the behavior depends on the value of thecreateNewflag. IfcreateNewis true, this creates a new entry in the database and returns the principal with both LDAP and database values populated. IfcreateNewis false, this returns the principal with just the LDAP values populated.
If a principal is found in LDAP and in the database, this returns the principal with both LDAP and database values populated.
Supported API: true- Parameters:
dn-service-createNew- - If true, creates a new database entry for the principal if none exist. If false, does not create a new database entry for the principal even if none exist- Returns:
- WTPrincipal
- Throws:
WTException
-
listofInvalidPrincipals
This method provides an option to query all disconnected principals in Windchill associated to a specific principal type and/or a specific principal name. Principals are considered disconnected in Windchill if 1) The corresponding LDAP entry is missing OR 2) If the Remote information in the windchill database is missing.
Supported API: true- Parameters:
principalClass- -principalName-- Returns:
- Vector
- Throws:
WTException
-
listofInvalidPrincipals
Vector listofInvalidPrincipals(Class principalClass, String principalName, boolean alwaysReconnect) throws WTException This method created for EnableDisableduser utility only. It will reconnect disabled users always inspite of autoreconnect option is not enabled. This method provides an option to query all disconnected principals in Windchill associated to a specific principal type and/or a specific principal name. Principals are considered disconnected in Windchill if 1) The corresponding LDAP entry is missing OR 2) If the Remote information in the windchill database is missing.
Supported API: true- Parameters:
principalClass- -principalName-alwaysReconnect-- Returns:
- Vector
- Throws:
WTException
-
findPersistedUsers
Enumeration findPersistedUsers(String[] userNames, String email, String fullName, String lastName, PrincipalStatus status, Boolean internal, Boolean disabled) throws WTException Returns persisted users matching the given characteristics. Only exact match is checked (no wildcards).
Arguments to this API are optional but at least one of either userNames array or email must be provided.
To explicitly check for blank or null values for full name, email or last name, use the constantOrganizationServicesHelper.QUERY_CRITERIA_BLANK_VALUEwhen providing values for these criteria. Otherwise, blank or null criteria will be ignored.
Supported API: true- Parameters:
userNames- - array of user's names (primary and alternate). At least one of either userNames array or email must be providedemail- - At least one of either userNames array or email must be providedfullName-lastName-status-internal-disabled-- Returns:
- Enumeration of resulting WTUser entries
- Throws:
WTException
-