Package ome.api

Interface IAdmin

  • All Superinterfaces:
    ServiceInterface
    public interface IAdmin
extends ServiceInterface
    Administration interface providing access to admin-only functionality as well as JMX-based server access and selected user functions. Most methods require membership in privileged groups. Methods which return Experimenter or ExperimenterGroup instances fetch and load all related instances of ExperimenterGroup or Experimenter, respectively.
    Since:
    OME3.0

    • Method Summary

      All Methods Instance Methods Abstract Methods Deprecated Methods 
      Modifier and Type Method Description
      void addGroupOwners​(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
      adds the given users to the owner list for this group.
      void addGroups​(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
      adds a user to the given groups.
      boolean canUpdate​(ome.model.IObject obj)
      Returns true if the currently logged in user can modify the given IObject.
      void changeExpiredCredentials​(java.lang.String name, java.lang.String oldCred, java.lang.String newCred)
      Used after an ExpiredCredentialException instance is thrown.
      void changeGroup​(ome.model.IObject iObject, java.lang.String groupName)
      call details.setGroup() on this instance.
      void changeOwner​(ome.model.IObject iObject, java.lang.String omeName)
      call details.setOwner() on this instance.
      void changePassword​(java.lang.String newPassword)
      change the password for the current user.
      void changePasswordWithOldPassword​(java.lang.String oldPassword, java.lang.String newPassword)
      change the password for the current user by passing the old password.
      void changePermissions​(ome.model.IObject iObject, ome.model.internal.Permissions perms)
      call defaults.setPermissions() on this instance.
      void changeUserPassword​(java.lang.String omeName, java.lang.String newPassword)
      change the password for the a given user.
      ome.model.meta.Experimenter[] containedExperimenters​(long groupId)
      fetch all users contained in this group.
      ome.model.meta.ExperimenterGroup[] containedGroups​(long experimenterId)
      fetch all groups of which the given user is a member.
      long createExperimenter​(ome.model.meta.Experimenter experimenter, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
      create and return a new user in the given groups.
      long createExperimenterWithPassword​(ome.model.meta.Experimenter experimenter, java.lang.String password, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
      create and return a new user in the given groups with password.
      long createGroup​(ome.model.meta.ExperimenterGroup group)
      create and return a new group.
      long createRestrictedSystemUser​(ome.model.meta.Experimenter newSystemUser, java.util.List<ome.model.enums.AdminPrivilege> privileges)
      Create and return a new system user.
      long createRestrictedSystemUserWithPassword​(ome.model.meta.Experimenter newSystemUser, java.util.List<ome.model.enums.AdminPrivilege> privileges, java.lang.String password)
      Create and return a new system user.
      long createSystemUser​(ome.model.meta.Experimenter newSystemUser)
      create and return a new system user.
      long createUser​(ome.model.meta.Experimenter newUser, java.lang.String group)
      create and return a new user.
      void deleteExperimenter​(ome.model.meta.Experimenter user)
      removes a user by removing the password information for that user as well as all GroupExperimenterMap instances.
      void deleteGroup​(ome.model.meta.ExperimenterGroup group)
      removes a group by first removing all users in the group, and then deleting the actual ExperimenterGroup instance.
      java.util.List<ome.model.enums.AdminPrivilege> getAdminPrivileges​(ome.model.meta.Experimenter user)
      Gets the light administrator privileges for the given user.
      java.util.List<ome.model.meta.Experimenter> getAdminsWithPrivileges​(java.util.List<ome.model.enums.AdminPrivilege> privileges)
      Gets the administrators who have all the given privileges.
      java.util.List<ome.model.enums.AdminPrivilege> getCurrentAdminPrivileges()
      Gets the light administrator privileges for the current user.
      ome.model.meta.ExperimenterGroup getDefaultGroup​(long experimenterId)
      retrieve the default group for the given user id.
      EventContext getEventContext()
      returns an implementation of EventContext loaded with the security for the current user and thread.
      ome.model.meta.Experimenter getExperimenter​(long id)
      fetch an Experimenter and all related groups.
      ome.model.meta.ExperimenterGroup getGroup​(long id)
      fetch an ExperimenterGroup and all contained users.
      java.util.List<java.lang.Long> getLeaderOfGroupIds​(ome.model.meta.Experimenter e)
      Finds the ids for all groups for which the given Experimenter is owner/leader.
      java.util.List<java.lang.Long> getMemberOfGroupIds​(ome.model.meta.Experimenter e)
      Finds the ids for all groups for which the given Experimenter is a member.
      java.util.List<ome.model.core.OriginalFile> getMyUserPhotos()
      Retrieve the OriginalFile object attached to this user as specified by uploadMyUserPhoto(String, String, byte[]).
      Roles getSecurityRoles()
      returns the active Roles in use by the server.
      ome.model.meta.Experimenter lookupExperimenter​(java.lang.String omeName)
      look up an Experimenter and all related groups by name.
      java.util.List<ome.model.meta.Experimenter> lookupExperimenters()
      Looks up all experimenters present and all related groups.
      ome.model.meta.ExperimenterGroup lookupGroup​(java.lang.String groupName)
      look up an ExperimenterGroup and all contained users by name.
      java.util.List<ome.model.meta.ExperimenterGroup> lookupGroups()
      Looks up all groups present and all related experimenters.
      java.lang.String lookupLdapAuthExperimenter​(long id)
      Looks up experimenters who uses LDAP authentication (has set dn on password table).
      java.util.List<java.util.Map<java.lang.String,​java.lang.Object>> lookupLdapAuthExperimenters()
      Looks up all id of experimenters who uses LDAP authentication (has set dn on password table).
      void moveToCommonSpace​(ome.model.IObject... iObjects)
      Moves the given objects into the "user" group to make them visible and linkable from all security contexts.
      void removeGroupOwners​(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
      removes the given users from the owner list for this group.
      void removeGroups​(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
      Removes an experimenter from the given groups.
      void reportForgottenPassword​(java.lang.String name, java.lang.String email)
      Deprecated. 
      void setAdminPrivileges​(ome.model.meta.Experimenter user, java.util.List<ome.model.enums.AdminPrivilege> privileges)
      Sets the set of light administrator privileges for the given user.
      void setDefaultGroup​(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup group)
      sets the default group for a given user.
      void setGroupOwner​(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
      adds the user to the owner list for this group.
      void synchronizeLoginCache()
      uses JMX to refresh the login cache if supported.
      void unsetGroupOwner​(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
      removes the user from the owner list for this group.
      void updateExperimenter​(ome.model.meta.Experimenter experimenter)
      Updates an experimenter if admin or owner of group.
      void updateExperimenterWithPassword​(ome.model.meta.Experimenter experimenter, java.lang.String password)
      Updates an experimenter if admin or owner of group.
      void updateGroup​(ome.model.meta.ExperimenterGroup group)
      Updates an experimenter group if admin or owner of group.
      void updateSelf​(ome.model.meta.Experimenter experimenter)
      Allows a user to update his/her own information.
      long uploadMyUserPhoto​(java.lang.String filename, java.lang.String format, byte[] data)
      Uploads a photo for the user which will be displayed on his/her profile.

    • Method Detail

      • canUpdate

        boolean canUpdate​(ome.model.IObject obj)
        Returns true if the currently logged in user can modify the given IObject. This uses the same logic that would be applied during a Hibernate flush to the database.

      • getExperimenter

        ome.model.meta.Experimenter getExperimenter​(long id)
        fetch an Experimenter and all related groups.
        Parameters:
        id - id of the Experimenter
        Returns:
        an Experimenter. Never null.
        Throws:
        ome.conditions.ApiUsageException - if id does not exist.

      • lookupExperimenter

        ome.model.meta.Experimenter lookupExperimenter​(java.lang.String omeName)
        look up an Experimenter and all related groups by name.
        Parameters:
        omeName - Name of the Experimenter
        Returns:
        an Experimenter. Never null.
        Throws:
        ome.conditions.ApiUsageException - if omeName does not exist.

      • lookupExperimenters

        java.util.List<ome.model.meta.Experimenter> lookupExperimenters()
        Looks up all experimenters present and all related groups.
        Returns:
        all Experimenters. Never null.

      • lookupLdapAuthExperimenters

        java.util.List<java.util.Map<java.lang.String,​java.lang.Object>> lookupLdapAuthExperimenters()
        Looks up all id of experimenters who uses LDAP authentication (has set dn on password table).
        Returns:
        list of Experimenters. Never null.

      • lookupLdapAuthExperimenter

        java.lang.String lookupLdapAuthExperimenter​(long id)
        Looks up experimenters who uses LDAP authentication (has set dn on password table).
        Returns:
        Experimenter. Never null.

      • getGroup

        ome.model.meta.ExperimenterGroup getGroup​(long id)
        fetch an ExperimenterGroup and all contained users.
        Parameters:
        id - id of the ExperimenterGroup
        Returns:
        an ExperimenterGroup. Never null.
        Throws:
        ome.conditions.ApiUsageException - if id does not exist.

      • lookupGroup

        ome.model.meta.ExperimenterGroup lookupGroup​(java.lang.String groupName)
        look up an ExperimenterGroup and all contained users by name.
        Parameters:
        groupName - Name of the ExperimenterGroup
        Returns:
        an ExperimenterGroup. Never null.
        Throws:
        ome.conditions.ApiUsageException - if groupName does not exist.

      • lookupGroups

        java.util.List<ome.model.meta.ExperimenterGroup> lookupGroups()
        Looks up all groups present and all related experimenters. The experimenters' groups are also loaded.
        Returns:
        all Groups. Never null.

      • containedExperimenters

        ome.model.meta.Experimenter[] containedExperimenters​(long groupId)
        fetch all users contained in this group. The returned users will have all fields filled in and all collections unloaded.
        Parameters:
        groupId - id of the ExperimenterGroup
        Returns:
        non-null array of all users in this group.

      • containedGroups

        ome.model.meta.ExperimenterGroup[] containedGroups​(long experimenterId)
        fetch all groups of which the given user is a member. The returned groups will have all fields filled in and all collections unloaded.
        Parameters:
        experimenterId - id of the Experimenter. Not null.
        Returns:
        non-null array of all groups for this user.

      • getDefaultGroup

        ome.model.meta.ExperimenterGroup getDefaultGroup​(long experimenterId)
        retrieve the default group for the given user id.
        Parameters:
        experimenterId - of the Experimenter. Not null.
        Returns:
        non-null ExperimenterGroup. If no default group is found, an exception will be thrown.

      • getLeaderOfGroupIds

        java.util.List<java.lang.Long> getLeaderOfGroupIds​(ome.model.meta.Experimenter e)
        Finds the ids for all groups for which the given Experimenter is owner/leader.
        Parameters:
        e - Non-null, managed (i.e. with id) Experimenter
        See Also:
        ExperimenterGroup.getDetails(), Details.getOwner()

      • getMemberOfGroupIds

        java.util.List<java.lang.Long> getMemberOfGroupIds​(ome.model.meta.Experimenter e)
        Finds the ids for all groups for which the given Experimenter is a member.
        Parameters:
        e - Non-null, managed (i.e. with id) Experimenter
        See Also:
        ExperimenterGroup.getDetails(), Details.getOwner()

      • updateSelf

        void updateSelf​(ome.model.meta.Experimenter experimenter)
        Allows a user to update his/her own information. This is limited to the fields on Experimenter, all other fields (groups, etc.) are ignored. The experimenter argument need not have the proper id nor the proper omeName (which is immutable). To change the users default group (which is the only other customizable option), use setDefaultGroup(Experimenter, ExperimenterGroup)
        Parameters:
        experimenter - A data transfer object. Only the fields: firstName, middleName, lastName, email, and institution are checked. Not null.
        See Also:
        setDefaultGroup(Experimenter, ExperimenterGroup)

      • uploadMyUserPhoto

        long uploadMyUserPhoto​(java.lang.String filename,
                       java.lang.String format,
                       byte[] data)
        Uploads a photo for the user which will be displayed on his/her profile. This photo will be saved as an OriginalFile object with the given format, and attached to the user's Experimenter object via an FileAnnotation with the namespace: "openmicroscopy.org/omero/experimenter/photo" (NSEXPERIMENTERPHOTO). If such an OriginalFile instance already exists, it will be overwritten. If more than one photo is present, the oldest version will be modified (i.e. the highest updateEvent id). Note: as outlined in ticket:1794, this photo will be placed in the "user" group and therefore will be visible to everyone on the system.
        Parameters:
        filename - Not null. String name which will be used.
        format - Not null. Format.value string. 'image/jpeg' and 'image/png' are common values.
        data - Not null. Data from the image. This will be written to disk.
        Returns:
        the id of the overwritten or newly created user photo OriginalFile object.

      • getMyUserPhotos

        java.util.List<ome.model.core.OriginalFile> getMyUserPhotos()
        Retrieve the OriginalFile object attached to this user as specified by uploadMyUserPhoto(String, String, byte[]). The return value is order by the most recently modified file first.
        Returns:
        file objects. Possibly empty.

      • updateExperimenter

        void updateExperimenter​(ome.model.meta.Experimenter experimenter)
        Updates an experimenter if admin or owner of group. Only string fields on the object are taken into account. The root and guest experimenters may not be renamed. Before a SecurityViolation would be thrown, however, this method will pass to updateSelf(Experimenter) if the current user matches the given experimenter.
        Parameters:
        experimenter - the Experimenter to update.

      • updateExperimenterWithPassword

        void updateExperimenterWithPassword​(ome.model.meta.Experimenter experimenter,
                                    java.lang.String password)
        Updates an experimenter if admin or owner of group. Only string fields on the object are taken into account. The root and guest experimenters may not be renamed.
        Parameters:
        experimenter - the Experimenter to update.
        password - Not-null. Must pass validation in the security sub-system.

      • updateGroup

        void updateGroup​(ome.model.meta.ExperimenterGroup group)
        Updates an experimenter group if admin or owner of group. Only string fields on the object are taken into account. The root, system and guest groups may not be renamed, nor may the user's current group.
        Parameters:
        group - the ExperimenterGroup to update.

      • createUser

        long createUser​(ome.model.meta.Experimenter newUser,
                java.lang.String group)
        create and return a new user. This user will be created with the default group specified.
        Parameters:
        newUser - a new Experimenter instance
        group - group name of the default group for this user
        Returns:
        id of the newly created Experimenter

      • createSystemUser

        long createSystemUser​(ome.model.meta.Experimenter newSystemUser)
        create and return a new system user. This user will be created with the "System" (administration) group as default and will also be in the "user" group.
        Parameters:
        newSystemUser - a new Experimenter instance
        Returns:
        id of the newly created Experimenter

      • createRestrictedSystemUser

        long createRestrictedSystemUser​(ome.model.meta.Experimenter newSystemUser,
                                java.util.List<ome.model.enums.AdminPrivilege> privileges)
        Create and return a new system user. This user will be created with the "System" (administration) group as default and will also be in the "user" group.
        Parameters:
        newSystemUser - a new Experimenter instance
        privileges - the privileges to set for the user
        Returns:
        id of the newly created Experimenter

      • createRestrictedSystemUserWithPassword

        long createRestrictedSystemUserWithPassword​(ome.model.meta.Experimenter newSystemUser,
                                            java.util.List<ome.model.enums.AdminPrivilege> privileges,
                                            java.lang.String password)
        Create and return a new system user. This user will be created with the "System" (administration) group as default and will also be in the "user" group.
        Parameters:
        newSystemUser - a new Experimenter instance
        privileges - the privileges to set for the user
        password - the password to set for the user
        Returns:
        id of the newly created Experimenter

      • createExperimenter

        long createExperimenter​(ome.model.meta.Experimenter experimenter,
                        ome.model.meta.ExperimenterGroup defaultGroup,
                        ome.model.meta.ExperimenterGroup... otherGroups)
        create and return a new user in the given groups.
        Parameters:
        experimenter - A new Experimenter instance. Not null.
        defaultGroup - Instance of ExperimenterGroup. Not null.
        otherGroups - Array of ExperimenterGroup instances. Can be null.
        Returns:
        id of the newly created Experimenter Not null.

      • createExperimenterWithPassword

        long createExperimenterWithPassword​(ome.model.meta.Experimenter experimenter,
                                    java.lang.String password,
                                    ome.model.meta.ExperimenterGroup defaultGroup,
                                    ome.model.meta.ExperimenterGroup... otherGroups)
        create and return a new user in the given groups with password.
        Parameters:
        experimenter - A new Experimenter instance. Not null.
        password - Not-null. Must pass validation in the security sub-system.
        defaultGroup - Instance of ExperimenterGroup. Not null.
        otherGroups - Array of ExperimenterGroup instances. Can be null.
        Returns:
        id of the newly created Experimenter Not null.
        Throws:
        ome.conditions.SecurityViolation - if the new password is too weak.

      • createGroup

        long createGroup​(ome.model.meta.ExperimenterGroup group)
        create and return a new group. The Details.setPermissions(Permissions) method should be called on the instance which is passed. The given Permissions will become the default for all objects created while logged into this group, possibly modified by the user's umask settings. If no permissions is set, the default will be Permissions.USER_PRIVATE, i.e. a group in which no user can see the other group member's data.
        Parameters:
        group - a new ExperimenterGroup instance. Not null.
        Returns:
        id of the newly created ExperimenterGroup
        See Also:
        ticket:1434"

      • addGroups

        void addGroups​(ome.model.meta.Experimenter user,
               ome.model.meta.ExperimenterGroup... groups)
        adds a user to the given groups.
        Parameters:
        user - A currently managed entity. Not null.
        groups - Groups to which the user will be added. Not null.

      • removeGroups

        void removeGroups​(ome.model.meta.Experimenter user,
                  ome.model.meta.ExperimenterGroup... groups)
        Removes an experimenter from the given groups.
        • The root experimenter is required to be in both the user and system groups.
        • An experimenter may not remove themself from the user or system group.
        • An experimenter may not be a member of only the user group, some other group is also required as the default group.
        • An experimenter must remain a member of some group.
        Parameters:
        user - A currently managed entity. Not null.
        groups - Groups from which the user will be removed. Not null.

      • setDefaultGroup

        void setDefaultGroup​(ome.model.meta.Experimenter user,
                     ome.model.meta.ExperimenterGroup group)
        sets the default group for a given user.
        Parameters:
        user - A currently managed Experimenter. Not null.
        group - The group which should be set as default group for this user. Not null.

      • setGroupOwner

        void setGroupOwner​(ome.model.meta.ExperimenterGroup group,
                   ome.model.meta.Experimenter owner)
        adds the user to the owner list for this group. Since Beta4.2 (ticket:1434) multiple users can be the "owner" of a group.
        Parameters:
        group - A currently managed ExperimenterGroup. Not null.
        owner - A currently managed Experimenter. Not null.

      • unsetGroupOwner

        void unsetGroupOwner​(ome.model.meta.ExperimenterGroup group,
                     ome.model.meta.Experimenter owner)
        removes the user from the owner list for this group. Since Beta4.2 (ticket:1434) multiple users can be the "owner" of a group.
        Parameters:
        group - A currently managed ExperimenterGroup. Not null.
        owner - A currently managed Experimenter. Not null.

      • addGroupOwners

        void addGroupOwners​(ome.model.meta.ExperimenterGroup group,
                    ome.model.meta.Experimenter... owner)
        adds the given users to the owner list for this group.
        Parameters:
        group - A currently managed ExperimenterGroup. Not null.
        owner - A set of currently managed Experimenters. Not null.

      • removeGroupOwners

        void removeGroupOwners​(ome.model.meta.ExperimenterGroup group,
                       ome.model.meta.Experimenter... owner)
        removes the given users from the owner list for this group.
        Parameters:
        group - A currently managed ExperimenterGroup. Not null.
        owner - A set of currently managed Experimenters. Not null.

      • deleteExperimenter

        void deleteExperimenter​(ome.model.meta.Experimenter user)
        removes a user by removing the password information for that user as well as all GroupExperimenterMap instances.
        Parameters:
        user - Experimenter to be deleted. Not null.

      • deleteGroup

        void deleteGroup​(ome.model.meta.ExperimenterGroup group)
        removes a group by first removing all users in the group, and then deleting the actual ExperimenterGroup instance.
        Parameters:
        group - ExperimenterGroup to be deleted. Not null.

      • changeOwner

        void changeOwner​(ome.model.IObject iObject,
                 java.lang.String omeName)
        call details.setOwner() on this instance. It is valid for the instance to be unloaded (or constructed with an unloading-constructor.)
        Parameters:
        iObject - An entity or an unloaded reference to an entity. Not null.
        omeName - The user name who should gain ownership of this entity. Not null.

      • changeGroup

        void changeGroup​(ome.model.IObject iObject,
                 java.lang.String groupName)
        call details.setGroup() on this instance. It is valid for the instance to be unloaded (or constructed with an unloading-constructor.)
        Parameters:
        iObject - An entity or an unloaded reference to an entity. Not null.
        groupName - The group name who should gain ownership of this entity. Not null.

      • changePermissions

        void changePermissions​(ome.model.IObject iObject,
                       ome.model.internal.Permissions perms)
        call defaults.setPermissions() on this instance. It is valid for the instance to be unloaded (or constructed with an unloading-constructor.)
        Parameters:
        iObject - An entity or an unloaded reference to an entity. Not null.
        perms - The permissions value for this entity. Not null.

      • moveToCommonSpace

        void moveToCommonSpace​(ome.model.IObject... iObjects)
        Moves the given objects into the "user" group to make them visible and linkable from all security contexts.
        Parameters:
        iObjects -
        See Also:
        ticket 1794

      • reportForgottenPassword

        @Deprecated
void reportForgottenPassword​(java.lang.String name,
                             java.lang.String email)
                      throws ome.conditions.AuthenticationException
        Deprecated.
        Can be used after repeated AuthenticationException instances are thrown, to request that an email with a temporary password be sent. The given email must match the email for the user listed under the name argument. The user must not be an administrator. Does not require a session to be active.
        Parameters:
        name -
        email -
        Throws:
        ome.conditions.AuthenticationException - when name and email do not match

      • changeExpiredCredentials

        void changeExpiredCredentials​(java.lang.String name,
                              java.lang.String oldCred,
                              java.lang.String newCred)
                       throws ome.conditions.AuthenticationException
        Used after an ExpiredCredentialException instance is thrown. Does not require
        Throws:
        ome.conditions.AuthenticationException

      • changePassword

        void changePassword​(java.lang.String newPassword)
        change the password for the current user.

        Warning:This method requires the user to be authenticated with a password and not with a one-time session id. To avoid this problem, use changePasswordWithOldPassword(String, String).

        Parameters:
        newPassword - Possibly null to allow logging in with no password.
        Throws:
        ome.conditions.SecurityViolation - if the user is not authenticated with a password.
        See Also:
        ticket:911, ticket:3201

      • changePasswordWithOldPassword

        void changePasswordWithOldPassword​(java.lang.String oldPassword,
                                   java.lang.String newPassword)
        change the password for the current user by passing the old password.
        Parameters:
        oldPassword - Not-null. Must pass validation in the security sub-system.
        newPassword - Possibly null to allow logging in with no password.
        Throws:
        ome.conditions.SecurityViolation - if the oldPassword is incorrect.

      • changeUserPassword

        void changeUserPassword​(java.lang.String omeName,
                        java.lang.String newPassword)
        change the password for the a given user.
        Parameters:
        newPassword - Not-null. Might must pass validation in the security sub-system.
        Throws:
        ome.conditions.SecurityViolation - if the new password is too weak.

      • synchronizeLoginCache

        void synchronizeLoginCache()
        uses JMX to refresh the login cache if supported. Some backends may not provide refreshing. This may be called internally during some other administrative tasks. The exact implementation of this depends on the application server and the authentication/authorization backend.

      • getAdminsWithPrivileges

        java.util.List<ome.model.meta.Experimenter> getAdminsWithPrivileges​(java.util.List<ome.model.enums.AdminPrivilege> privileges)
        Gets the administrators who have all the given privileges. Consistent with the results from getAdminPrivileges(Experimenter).
        Parameters:
        privileges - the required privileges
        Returns:
        the light administrators who have those privileges

      • getCurrentAdminPrivileges

        java.util.List<ome.model.enums.AdminPrivilege> getCurrentAdminPrivileges()
        Gets the light administrator privileges for the current user.
        Returns:
        the current user's light administrator privileges

      • getAdminPrivileges

        java.util.List<ome.model.enums.AdminPrivilege> getAdminPrivileges​(ome.model.meta.Experimenter user)
        Gets the light administrator privileges for the given user.
        Parameters:
        user - the user whose privileges are being queried
        Returns:
        the user's light administrator privileges

      • setAdminPrivileges

        void setAdminPrivileges​(ome.model.meta.Experimenter user,
                        java.util.List<ome.model.enums.AdminPrivilege> privileges)
        Sets the set of light administrator privileges for the given user.
        Parameters:
        user - the user whose privileges are to be set
        privileges - the privileges to set for the user

      • getSecurityRoles

        Roles getSecurityRoles()
        returns the active Roles in use by the server.
        Returns:
        Non-null, immutable Roles instance.

      • getEventContext

        EventContext getEventContext()
        returns an implementation of EventContext loaded with the security for the current user and thread. If called remotely, not all values of EventContext will be sensible.
        Returns:
        Non-null, immutable EventContext instance