ome.logic

Class AdminImpl

java.lang.Object

ome.logic.AbstractLevel2Service

ome.logic.AdminImpl

All Implemented Interfaces:

ome.api.IAdmin, LocalAdmin, ome.api.ServiceInterface, ome.system.SelfConfigurableService, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware

@Transactional(readOnly=true)
public class AdminImpl
extends AbstractLevel2Service
implements LocalAdmin, org.springframework.context.ApplicationContextAware

Provides methods for administering user accounts, passwords, as well as methods which require special privileges. Developer note: As can be expected, to perform these privileged the Admin service has access to several resources that should not be generally used while developing services. Misuse could circumvent security or auditing.

Since:

3.0-M3

See Also:

SecuritySystem, Permissions

Field Summary

Fields

Modifier and Type	Field and Description
protected ACLVoter	aclVoter
protected LightAdminPrivileges	adminPrivileges
protected ChmodStrategy	chmod
protected ome.system.OmeroContext	context
protected ome.util.checksum.ChecksumProviderFactory	cpf
protected LdapImpl	ldapUtil
protected org.springframework.mail.MailSender	mailSender
protected static java.lang.String	NSEXPERIMENTERPHOTO
protected SessionFactory	osf
protected PasswordProvider	passwordProvider
protected PasswordUtil	passwordUtil
protected RoleProvider	roleProvider
protected ome.util.SqlAction	sql
protected org.springframework.mail.SimpleMailMessage	templateMessage

Fields inherited from class ome.logic.AbstractLevel2Service

iQuery, iUpdate, metadata, queryFactory, readOnlyStatus, sec

Constructor Summary

Constructors

Constructor and Description
AdminImpl(ome.util.SqlAction sql, SessionFactory osf, org.springframework.mail.MailSender mailSender, org.springframework.mail.SimpleMailMessage templateMessage, ACLVoter aclVoter, PasswordProvider passwordProvider, RoleProvider roleProvider, LdapImpl ldapUtil, PasswordUtil passwordUtil, ChmodStrategy chmod, ome.util.checksum.ChecksumProviderFactory cpf, LightAdminPrivileges adminPrivileges)

Method Summary

Modifier and Type	Method and Description
void	addGroupOwners(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
void	addGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
protected void	assertManaged(ome.model.IObject o)
boolean	canAnnotate(ome.model.IObject obj) Companion to IAdmin.canUpdate(IObject) but not yet remotely accessible.
boolean	canUpdate(ome.model.IObject obj)
void	changeExpiredCredentials(java.lang.String name, java.lang.String oldCred, java.lang.String newCred)
void	changeGroup(ome.model.IObject iObject, java.lang.String groupName)
void	changeOwner(ome.model.IObject iObject, java.lang.String omeName)
void	changePassword(java.lang.String newPassword)
void	changePasswordWithOldPassword(java.lang.String oldPassword, java.lang.String newPassword)
void	changePermissions(ome.model.IObject iObject, ome.model.internal.Permissions perms) the implementation of this method is somewhat tricky in that Permissions changes must be allowed even when other updates are not.
void	changeUserPassword(java.lang.String user, java.lang.String newPassword)
boolean	checkPassword(java.lang.String name, java.lang.String password, boolean readOnly) If ldap plugin turned, creates Ldap accounts and authentication by LDAP available.
ome.model.meta.Experimenter[]	containedExperimenters(long groupId)
ome.model.meta.ExperimenterGroup[]	containedGroups(long experimenterId)
long	createExperimenter(ome.model.meta.Experimenter experimenter, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
long	createExperimenterWithPassword(ome.model.meta.Experimenter experimenter, java.lang.String password, ome.model.meta.ExperimenterGroup defaultGroup, ome.model.meta.ExperimenterGroup... otherGroups)
long	createGroup(ome.model.meta.ExperimenterGroup group)
long	createRestrictedSystemUser(ome.model.meta.Experimenter newSystemUser, java.util.List<ome.model.enums.AdminPrivilege> privileges)
long	createRestrictedSystemUserWithPassword(ome.model.meta.Experimenter newSystemUser, java.util.List<ome.model.enums.AdminPrivilege> privileges, java.lang.String password)
long	createSystemUser(ome.model.meta.Experimenter newSystemUser)
long	createUser(ome.model.meta.Experimenter newUser, java.lang.String defaultGroup)
void	deleteExperimenter(ome.model.meta.Experimenter user)
void	deleteGroup(ome.model.meta.ExperimenterGroup group)
java.util.List<ome.model.enums.AdminPrivilege>	getAdminPrivileges(ome.model.meta.Experimenter user)
java.util.List<ome.model.meta.Experimenter>	getAdminsWithPrivileges(java.util.List<ome.model.enums.AdminPrivilege> privileges)
java.util.List<ome.model.enums.AdminPrivilege>	getCurrentAdminPrivileges()
ome.model.meta.ExperimenterGroup	getDefaultGroup(long experimenterId)
ome.system.EventContext	getEventContext()
ome.system.EventContext	getEventContextQuiet() Like IAdmin.getEventContext() but will not reload the context.
ome.model.meta.Experimenter	getExperimenter(long id)
ome.model.meta.ExperimenterGroup	getGroup(long id)
java.util.List<java.lang.Long>	getLeaderOfGroupIds(ome.model.meta.Experimenter e)
java.util.Map<java.lang.String,java.lang.Long>	getLockingIds(java.lang.Class<ome.model.IObject> type, long id, java.lang.Long groupId) Returns a map from Class (as string) to a count for all entities which point to the given IObject.
java.util.Map<java.lang.String,java.lang.Long>	getLockingIds(ome.model.IObject object)
java.util.List<java.lang.Long>	getMemberOfGroupIds(ome.model.meta.Experimenter e)
java.util.List<ome.model.core.OriginalFile>	getMyUserPhotos()
ome.system.Roles	getSecurityRoles()
java.lang.Class<? extends ome.api.ServiceInterface>	getServiceInterface()
java.util.List<java.lang.String>	getUserRoles(ome.model.meta.Experimenter e) Finds the group names for all groups for which the given Experimenter is a member.
ome.model.meta.ExperimenterGroup	groupProxy(java.lang.Long id) returns a possibly uninitialized proxy for the given group id.
ome.model.meta.ExperimenterGroup	groupProxy(java.lang.String groupName) returns a possibly uninitialized proxy for the given group name.
void	internalMoveToCommonSpace(ome.model.IObject obj) Helpers which unconditionally moves the object to the common space.
ome.model.meta.Experimenter	lookupExperimenter(java.lang.String omeName)
java.util.List<ome.model.meta.Experimenter>	lookupExperimenters()
ome.model.meta.ExperimenterGroup	lookupGroup(java.lang.String groupName)
java.util.List<ome.model.meta.ExperimenterGroup>	lookupGroups()
java.lang.String	lookupLdapAuthExperimenter(long id)
java.util.List<java.util.Map<java.lang.String,java.lang.Object>>	lookupLdapAuthExperimenters()
void	moveToCommonSpace(ome.model.IObject... iObjects)
void	removeGroupOwners(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter... owner)
void	removeGroups(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup... groups)
void	reportForgottenPassword(java.lang.String name, java.lang.String email)
void	setAdminPrivileges(ome.model.meta.Experimenter user, java.util.List<ome.model.enums.AdminPrivilege> privileges)
void	setApplicationContext(org.springframework.context.ApplicationContext ctx)
void	setDefaultGroup(ome.model.meta.Experimenter user, ome.model.meta.ExperimenterGroup group)
void	setGroupOwner(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
void	synchronizeLoginCache()
void	unsetGroupOwner(ome.model.meta.ExperimenterGroup group, ome.model.meta.Experimenter owner)
void	updateExperimenter(ome.model.meta.Experimenter experimenter)
void	updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter, java.lang.String password)
void	updateGroup(ome.model.meta.ExperimenterGroup group)
void	updateSelf(ome.model.meta.Experimenter e)
long	uploadMyUserPhoto(java.lang.String filename, java.lang.String mimetype, byte[] data)
ome.model.meta.Experimenter	userProxy(java.lang.Long id) returns a possibly uninitialized proxy for the given user id.
ome.model.meta.Experimenter	userProxy(java.lang.String omeName) returns a possibly uninitialized proxy for the given user name.

Methods inherited from class ome.logic.AbstractLevel2Service

getBeanHelper, getExtendedMetadata, getQueryFactory, getSecuritySystem, selfConfigure, setExtendedMetadata, setQueryFactory, setQueryService, setReadOnlyStatus, setSecuritySystem, setUpdateService

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

sql

protected final ome.util.SqlAction sql

osf

protected final SessionFactory osf

mailSender

protected final org.springframework.mail.MailSender mailSender

templateMessage

protected final org.springframework.mail.SimpleMailMessage templateMessage

aclVoter

protected final ACLVoter aclVoter

passwordProvider

protected final PasswordProvider passwordProvider

roleProvider

protected final RoleProvider roleProvider

passwordUtil

protected final PasswordUtil passwordUtil

ldapUtil

protected final LdapImpl ldapUtil

chmod

protected final ChmodStrategy chmod

cpf

protected final ome.util.checksum.ChecksumProviderFactory cpf

adminPrivileges

protected final LightAdminPrivileges adminPrivileges

context

protected ome.system.OmeroContext context

NSEXPERIMENTERPHOTO

protected static final java.lang.String NSEXPERIMENTERPHOTO

See Also:

Constant Field Values

Constructor Detail

AdminImpl

public AdminImpl(ome.util.SqlAction sql,
                 SessionFactory osf,
                 org.springframework.mail.MailSender mailSender,
                 org.springframework.mail.SimpleMailMessage templateMessage,
                 ACLVoter aclVoter,
                 PasswordProvider passwordProvider,
                 RoleProvider roleProvider,
                 LdapImpl ldapUtil,
                 PasswordUtil passwordUtil,
                 ChmodStrategy chmod,
                 ome.util.checksum.ChecksumProviderFactory cpf,
                 LightAdminPrivileges adminPrivileges)

Method Detail

setApplicationContext

public void setApplicationContext(org.springframework.context.ApplicationContext ctx)
                           throws org.springframework.beans.BeansException

Specified by:

setApplicationContext in interface org.springframework.context.ApplicationContextAware

Throws:

org.springframework.beans.BeansException

getServiceInterface

public java.lang.Class<? extends ome.api.ServiceInterface> getServiceInterface()

Specified by:

getServiceInterface in interface ome.system.SelfConfigurableService

userProxy

public ome.model.meta.Experimenter userProxy(java.lang.Long id)

Description copied from interface: LocalAdmin

returns a possibly uninitialized proxy for the given user id. Use of the Experimenter instance will initialize its values.

Specified by:

userProxy in interface LocalAdmin

Parameters:

id - the ID of a user

Returns:

the user (may be uninitialized)

userProxy

public ome.model.meta.Experimenter userProxy(java.lang.String omeName)

Description copied from interface: LocalAdmin

returns a possibly uninitialized proxy for the given user name. Use of the Experimenter instance will initialize its values.

Specified by:

userProxy in interface LocalAdmin

Parameters:

omeName - the name of a user

Returns:

the user (may be uninitialized)

groupProxy

public ome.model.meta.ExperimenterGroup groupProxy(java.lang.Long id)

Description copied from interface: LocalAdmin

returns a possibly uninitialized proxy for the given group id. Use of the Experimenter instance will initialize its values.

Specified by:

groupProxy in interface LocalAdmin

Parameters:

id - the ID of a group

Returns:

the group (may be uninitialized)

groupProxy

public ome.model.meta.ExperimenterGroup groupProxy(java.lang.String groupName)

Description copied from interface: LocalAdmin

returns a possibly uninitialized proxy for the given group name. Use of the Experimenter instance will initialize its values.

Specified by:

groupProxy in interface LocalAdmin

Parameters:

groupName - the name of a group

Returns:

the group (may be uninitialized)

getLeaderOfGroupIds

public java.util.List<java.lang.Long> getLeaderOfGroupIds(ome.model.meta.Experimenter e)

Specified by:

getLeaderOfGroupIds in interface ome.api.IAdmin

getMemberOfGroupIds

public java.util.List<java.lang.Long> getMemberOfGroupIds(ome.model.meta.Experimenter e)

Specified by:

getMemberOfGroupIds in interface ome.api.IAdmin

getUserRoles

public java.util.List<java.lang.String> getUserRoles(ome.model.meta.Experimenter e)

Description copied from interface: LocalAdmin

Finds the group names for all groups for which the given Experimenter is a member.

Specified by:

getUserRoles in interface LocalAdmin

Parameters:

e - Non-null, managed (i.e. with id) Experimenter

Returns:

the groups of which the user is a member

See Also:

ExperimenterGroup.getDetails(), Details.getOwner()

canAnnotate

public boolean canAnnotate(ome.model.IObject obj)

Description copied from interface: LocalAdmin

Companion to IAdmin.canUpdate(IObject) but not yet remotely accessible.

Specified by:

canAnnotate in interface LocalAdmin

Parameters:

obj - Not null.

Returns:

if the object can be annotated

canUpdate

public boolean canUpdate(ome.model.IObject obj)

Specified by:

canUpdate in interface ome.api.IAdmin

getExperimenter

public ome.model.meta.Experimenter getExperimenter(long id)

Specified by:

getExperimenter in interface ome.api.IAdmin

lookupExperimenter

public ome.model.meta.Experimenter lookupExperimenter(java.lang.String omeName)

Specified by:

lookupExperimenter in interface ome.api.IAdmin

lookupExperimenters

public java.util.List<ome.model.meta.Experimenter> lookupExperimenters()

Specified by:

lookupExperimenters in interface ome.api.IAdmin

lookupLdapAuthExperimenters

public java.util.List<java.util.Map<java.lang.String,java.lang.Object>> lookupLdapAuthExperimenters()

Specified by:

lookupLdapAuthExperimenters in interface ome.api.IAdmin

lookupLdapAuthExperimenter

public java.lang.String lookupLdapAuthExperimenter(long id)

Specified by:

lookupLdapAuthExperimenter in interface ome.api.IAdmin

getGroup

public ome.model.meta.ExperimenterGroup getGroup(long id)

Specified by:

getGroup in interface ome.api.IAdmin

lookupGroup

public ome.model.meta.ExperimenterGroup lookupGroup(java.lang.String groupName)

Specified by:

lookupGroup in interface ome.api.IAdmin

lookupGroups

public java.util.List<ome.model.meta.ExperimenterGroup> lookupGroups()

Specified by:

lookupGroups in interface ome.api.IAdmin

containedExperimenters

public ome.model.meta.Experimenter[] containedExperimenters(long groupId)

Specified by:

containedExperimenters in interface ome.api.IAdmin

containedGroups

public ome.model.meta.ExperimenterGroup[] containedGroups(long experimenterId)

Specified by:

containedGroups in interface ome.api.IAdmin

synchronizeLoginCache

@Transactional(readOnly=false)
public void synchronizeLoginCache()

Specified by:

synchronizeLoginCache in interface ome.api.IAdmin

updateSelf

@Transactional(readOnly=false)
public void updateSelf(ome.model.meta.Experimenter e)

Specified by:

updateSelf in interface ome.api.IAdmin

getMyUserPhotos

public java.util.List<ome.model.core.OriginalFile> getMyUserPhotos()

Specified by:

getMyUserPhotos in interface ome.api.IAdmin

uploadMyUserPhoto

@Transactional(readOnly=false)
public long uploadMyUserPhoto(java.lang.String filename,
                                                             java.lang.String mimetype,
                                                             byte[] data)

Specified by:

uploadMyUserPhoto in interface ome.api.IAdmin

updateExperimenter

@Transactional(readOnly=false)
public void updateExperimenter(ome.model.meta.Experimenter experimenter)

Specified by:

updateExperimenter in interface ome.api.IAdmin

updateExperimenterWithPassword

@Transactional(readOnly=false)
public void updateExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
                                                                          java.lang.String password)

Specified by:

updateExperimenterWithPassword in interface ome.api.IAdmin

updateGroup

@Transactional(readOnly=false)
public void updateGroup(ome.model.meta.ExperimenterGroup group)

Specified by:

updateGroup in interface ome.api.IAdmin

createUser

@Transactional(readOnly=false)
public long createUser(ome.model.meta.Experimenter newUser,
                                                      java.lang.String defaultGroup)

Specified by:

createUser in interface ome.api.IAdmin

createSystemUser

@Transactional(readOnly=false)
public long createSystemUser(ome.model.meta.Experimenter newSystemUser)

Specified by:

createSystemUser in interface ome.api.IAdmin

createRestrictedSystemUser

@Transactional(readOnly=false)
public long createRestrictedSystemUser(ome.model.meta.Experimenter newSystemUser,
                                                                      java.util.List<ome.model.enums.AdminPrivilege> privileges)

Specified by:

createRestrictedSystemUser in interface ome.api.IAdmin

createRestrictedSystemUserWithPassword

@Transactional(readOnly=false)
public long createRestrictedSystemUserWithPassword(ome.model.meta.Experimenter newSystemUser,
                                                                                  java.util.List<ome.model.enums.AdminPrivilege> privileges,
                                                                                  java.lang.String password)

Specified by:

createRestrictedSystemUserWithPassword in interface ome.api.IAdmin

createExperimenter

@Transactional(readOnly=false)
public long createExperimenter(ome.model.meta.Experimenter experimenter,
                                                              ome.model.meta.ExperimenterGroup defaultGroup,
                                                              ome.model.meta.ExperimenterGroup... otherGroups)

Specified by:

createExperimenter in interface ome.api.IAdmin

createExperimenterWithPassword

@Transactional(readOnly=false)
public long createExperimenterWithPassword(ome.model.meta.Experimenter experimenter,
                                                                          java.lang.String password,
                                                                          ome.model.meta.ExperimenterGroup defaultGroup,
                                                                          ome.model.meta.ExperimenterGroup... otherGroups)

Specified by:

createExperimenterWithPassword in interface ome.api.IAdmin

createGroup

@Transactional(readOnly=false)
public long createGroup(ome.model.meta.ExperimenterGroup group)

Specified by:

createGroup in interface ome.api.IAdmin

addGroups

@Transactional(readOnly=false)
public void addGroups(ome.model.meta.Experimenter user,
                                                     ome.model.meta.ExperimenterGroup... groups)

Specified by:

addGroups in interface ome.api.IAdmin

removeGroups

@Transactional(readOnly=false)
public void removeGroups(ome.model.meta.Experimenter user,
                                                        ome.model.meta.ExperimenterGroup... groups)

Specified by:

removeGroups in interface ome.api.IAdmin

setDefaultGroup

@Transactional(readOnly=false)
public void setDefaultGroup(ome.model.meta.Experimenter user,
                                                           ome.model.meta.ExperimenterGroup group)

Specified by:

setDefaultGroup in interface ome.api.IAdmin

setGroupOwner

@Transactional(readOnly=false)
public void setGroupOwner(ome.model.meta.ExperimenterGroup group,
                                                         ome.model.meta.Experimenter owner)

Specified by:

setGroupOwner in interface ome.api.IAdmin

unsetGroupOwner

@Transactional(readOnly=false)
public void unsetGroupOwner(ome.model.meta.ExperimenterGroup group,
                                                           ome.model.meta.Experimenter owner)

Specified by:

unsetGroupOwner in interface ome.api.IAdmin

addGroupOwners

@Transactional(readOnly=false)
public void addGroupOwners(ome.model.meta.ExperimenterGroup group,
                                                          ome.model.meta.Experimenter... owner)

Specified by:

addGroupOwners in interface ome.api.IAdmin

removeGroupOwners

@Transactional(readOnly=false)
public void removeGroupOwners(ome.model.meta.ExperimenterGroup group,
                                                             ome.model.meta.Experimenter... owner)

Specified by:

removeGroupOwners in interface ome.api.IAdmin

getDefaultGroup

public ome.model.meta.ExperimenterGroup getDefaultGroup(long experimenterId)

Specified by:

getDefaultGroup in interface ome.api.IAdmin

deleteExperimenter

@Transactional(readOnly=false)
public void deleteExperimenter(ome.model.meta.Experimenter user)

Specified by:

deleteExperimenter in interface ome.api.IAdmin

deleteGroup

@Transactional(readOnly=false)
public void deleteGroup(ome.model.meta.ExperimenterGroup group)

Specified by:

deleteGroup in interface ome.api.IAdmin

changeOwner

@Transactional(readOnly=false)
public void changeOwner(ome.model.IObject iObject,
                                                       java.lang.String omeName)

Specified by:

changeOwner in interface ome.api.IAdmin

changeGroup

@Transactional(readOnly=false)
public void changeGroup(ome.model.IObject iObject,
                                                       java.lang.String groupName)

Specified by:

changeGroup in interface ome.api.IAdmin

changePermissions

@Transactional(readOnly=false)
public void changePermissions(ome.model.IObject iObject,
                                                             ome.model.internal.Permissions perms)

the implementation of this method is somewhat tricky in that Permissions changes must be allowed even when other updates are not. Therefore, we must manually check if the object belongs to this user or is admin (before the call to SecuritySystem.runAsAdmin(AdminAction) This logic is duplicated in BasicSecuritySystem.checkManagedDetails(IObject, ome.model.internal.Details). As of OMERO 4.2 (ticket:1434), this method has special handling for an instance of ExperimenterGroup and limited capabilities for changing any other object type (ticket:1776). For groups, the permission changes will be propagated to all the contained objects. For other objects, changes may not override group settings.

Specified by:

changePermissions in interface ome.api.IAdmin

See Also:

IAdmin.changePermissions(IObject, Permissions), ticket:293, ticket:1434

moveToCommonSpace

@Transactional(readOnly=false)
public void moveToCommonSpace(ome.model.IObject... iObjects)

Specified by:

moveToCommonSpace in interface ome.api.IAdmin

internalMoveToCommonSpace

public void internalMoveToCommonSpace(ome.model.IObject obj)

Helpers which unconditionally moves the object to the common space. This can be used by other methods like uploadMyUserPhoto(String, String, byte[])

Specified by:

internalMoveToCommonSpace in interface LocalAdmin

Parameters:

obj - a model object, linked to the current session; never null

getLockingIds

public java.util.Map<java.lang.String,java.lang.Long> getLockingIds(ome.model.IObject object)

getLockingIds

public java.util.Map<java.lang.String,java.lang.Long> getLockingIds(java.lang.Class<ome.model.IObject> type,
                                                                    long id,
                                                                    java.lang.Long groupId)

Description copied from interface: LocalAdmin

Returns a map from Class (as string) to a count for all entities which point to the given IObject. The String "*" is mapped to the sum of all the locks.

Specified by:

getLockingIds in interface LocalAdmin

Parameters:

type - the name of a model class

id - the ID of an instance of klass

groupId - the ID of a group to omit from the results, may be null

Returns:

the classes and counts of the objects that point to the given object

reportForgottenPassword

@Transactional(readOnly=false)
public void reportForgottenPassword(java.lang.String name,
                                                                   java.lang.String email)
                                                            throws ome.conditions.AuthenticationException

Specified by:

reportForgottenPassword in interface ome.api.IAdmin

Throws:

ome.conditions.AuthenticationException

changeExpiredCredentials

@Transactional(readOnly=false)
public void changeExpiredCredentials(java.lang.String name,
                                                                    java.lang.String oldCred,
                                                                    java.lang.String newCred)
                                                             throws ome.conditions.AuthenticationException

Specified by:

changeExpiredCredentials in interface ome.api.IAdmin

Throws:

ome.conditions.AuthenticationException

changePassword

@Transactional(readOnly=false)
public void changePassword(java.lang.String newPassword)

Specified by:

changePassword in interface ome.api.IAdmin

changePasswordWithOldPassword

@Transactional(readOnly=false)
public void changePasswordWithOldPassword(java.lang.String oldPassword,
                                                                         java.lang.String newPassword)

Specified by:

changePasswordWithOldPassword in interface ome.api.IAdmin

changeUserPassword

@Transactional(readOnly=false)
public void changeUserPassword(java.lang.String user,
                                                              java.lang.String newPassword)

Specified by:

changeUserPassword in interface ome.api.IAdmin

checkPassword

public boolean checkPassword(java.lang.String name,
                             java.lang.String password,
                             boolean readOnly)

If ldap plugin turned, creates Ldap accounts and authentication by LDAP available.

Specified by:

checkPassword in interface LocalAdmin

Parameters:

name - the name of a user

password - the user's password

readOnly - if the password check should be transactionally read-only

Returns:

if the user's password is correct

See Also:

Trac ticket #4626

getAdminsWithPrivileges

public java.util.List<ome.model.meta.Experimenter> getAdminsWithPrivileges(java.util.List<ome.model.enums.AdminPrivilege> privileges)

Specified by:

getAdminsWithPrivileges in interface ome.api.IAdmin

getCurrentAdminPrivileges

public java.util.List<ome.model.enums.AdminPrivilege> getCurrentAdminPrivileges()

Specified by:

getCurrentAdminPrivileges in interface ome.api.IAdmin

getAdminPrivileges

public java.util.List<ome.model.enums.AdminPrivilege> getAdminPrivileges(ome.model.meta.Experimenter user)

Specified by:

getAdminPrivileges in interface ome.api.IAdmin

setAdminPrivileges

@Transactional(readOnly=false)
public void setAdminPrivileges(ome.model.meta.Experimenter user,
                                                              java.util.List<ome.model.enums.AdminPrivilege> privileges)

Specified by:

setAdminPrivileges in interface ome.api.IAdmin

getSecurityRoles

public ome.system.Roles getSecurityRoles()

Specified by:

getSecurityRoles in interface ome.api.IAdmin

getEventContext

public ome.system.EventContext getEventContext()

Specified by:

getEventContext in interface ome.api.IAdmin

getEventContextQuiet

public ome.system.EventContext getEventContextQuiet()

Description copied from interface: LocalAdmin

Like IAdmin.getEventContext() but will not reload the context. This also has the result that values from the current call context will be applied as simply the session context.

Specified by:

getEventContextQuiet in interface LocalAdmin

Returns:

the current event context

assertManaged

protected void assertManaged(ome.model.IObject o)