org.glite.security.voms.service.admin
Interface VOMSAdmin

All Known Implementing Classes:
VOMSAdminSoapBindingImpl

public interface VOMSAdmin

Virtual Organisation Membership Service Administration interface.

Author:
Akos Frohner, Karoly Lorentey

Method Summary
 void addACLEntry(java.lang.String container, ACLEntry aclEntry)
          Adds a new entry to an ACL of a container.
 void addDefaultACLEntry(java.lang.String groupname, ACLEntry aclEntry)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void addMember(java.lang.String groupname, java.lang.String username, java.lang.String userca)
          Adds a new member to the group.
 void assignCapability(java.lang.String capability, java.lang.String username, java.lang.String userca)
          Assigns a new capability to the user.
 void assignRole(java.lang.String groupname, java.lang.String rolename, java.lang.String username, java.lang.String userca)
          Assigns a new role to the user.
 void createCapability(java.lang.String capability)
          Creates a new capability.
 void createGroup(java.lang.String parentname, java.lang.String groupname)
          Creates a new group as a subgroup of an existing group.
 void createRole(java.lang.String rolename)
          Creates a new role.
 void createUser(User user)
          Creates a new user in the VOMS database.
 void deleteCapability(java.lang.String capability)
          Deletes a capability.
 void deleteGroup(java.lang.String groupname)
          Deletes a group.
 void deleteRole(java.lang.String rolename)
          Deletes a role.
 void deleteUser(java.lang.String username, java.lang.String userca)
          Removes a user from the VOMS database.
 void dismissCapability(java.lang.String capability, java.lang.String username, java.lang.String userca)
          Dismisses a capability of a user.
 void dismissRole(java.lang.String parentname, java.lang.String rolename, java.lang.String username, java.lang.String userca)
          Dismisses a role of a user.
 ACLEntry[] getACL(java.lang.String container)
          Returns the whole ACL associated with a container.
 ACLEntry[] getDefaultACL(java.lang.String groupname)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 java.lang.String[] getGroupPath(java.lang.String groupname)
          Returns the absolute "path" down to this group.
 int getMajorVersionNumber()
          Returns the major version number.
 int getMinorVersionNumber()
          Returns the minor version number.
 int getPatchVersionNumber()
          Returns the patch version number.
 User getUser(java.lang.String username, java.lang.String userca)
          Returns information about a user in the VOMS database.
 java.lang.String getVOName()
          Return the name of this VO.
 java.lang.String[] listCapabilities()
          Lists capabilities.
 java.lang.String[] listCapabilities(java.lang.String username, java.lang.String userca)
          Lists capabilities of a user.
 java.lang.String[] listCAs()
          Lists certificate authorities.
 java.lang.String[] listGroups(java.lang.String username, java.lang.String userca)
          Lists groups of a user.
 User[] listMembers(java.lang.String groupname)
          Lists members of a group.
 java.lang.String[] listRoles()
          Lists roles.
 java.lang.String[] listRoles(java.lang.String username, java.lang.String userca)
          Lists roles of a user.
 java.lang.String[] listSubGroups(java.lang.String groupname)
          Lists immediate sub-groups of a group.
 User[] listUsersWithCapability(java.lang.String capability)
          Lists assigned users of a capability.
 User[] listUsersWithRole(java.lang.String groupname, java.lang.String rolename)
          Lists assigned users of a role associated with a group.
 void removeACLEntry(java.lang.String container, ACLEntry aclEntry)
          Removes an existing entry from the ACL.
 void removeDefaultACLEntry(java.lang.String groupname, ACLEntry aclEntry)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void removeMember(java.lang.String groupname, java.lang.String username, java.lang.String userca)
          Removes a member of a group.
 void setACL(java.lang.String container, ACLEntry[] acl)
          Replaces the existing ACL on this container.
 void setDefaultACL(java.lang.String groupname, ACLEntry[] aclEntry)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void setUser(User user)
          Updates auxiliary information about a user in the VOMS database.
 

Method Detail

getVOName

public java.lang.String getVOName()
                           throws VOMSException
Return the name of this VO.

Permission:LIST on the VO group.

Returns:
The name of this VO.
Throws:
VOMSException

getUser

public User getUser(java.lang.String username,
                    java.lang.String userca)
             throws VOMSException
Returns information about a user in the VOMS database. The user attributes are returned in a User object.

Permission: LIST on the VO group.

Parameters:
username - The name of the user to look up.
userca - The certificate authority of the user.
Returns:
All information about the user that is known to VOMS.
Throws:
VOMSException
See Also:
User

setUser

public void setUser(User user)
             throws VOMSException
Updates auxiliary information about a user in the VOMS database. The new attributes are passed in the User object.

Permission: ADD on the VO group.

Parameters:
user - The user to update.
Throws:
VOMSException
See Also:
User

createUser

public void createUser(User user)
                throws VOMSException
Creates a new user in the VOMS database.

Permission: ADD on the VO group.

Parameters:
user - The user to be added.
Throws:
VOMSException

deleteUser

public void deleteUser(java.lang.String username,
                       java.lang.String userca)
                throws VOMSException
Removes a user from the VOMS database. Deletes all the associated group, role membership information and corresponding ACL entries as well. It is basically a call to removeMember(VO, user).

Permission: REMOVE on the VO group.

Parameters:
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException
See Also:
removeMember(java.lang.String, java.lang.String, java.lang.String)

createGroup

public void createGroup(java.lang.String parentname,
                        java.lang.String groupname)
                 throws VOMSException
Creates a new group as a subgroup of an existing group. Copies the default ACL list of the parent to the new group and adds an extra entry for the administrator with full privileges.

Permission: CREATE on parent group.

Parameters:
parentname - The parent group's name.
groupname - The group's name.
Throws:
VOMSException

deleteGroup

public void deleteGroup(java.lang.String groupname)
                 throws VOMSException
Deletes a group. The operation deletes the group, all of its sub-groups and associated roles with all the membership information.

Warning: Deleting the VO "group" effectively wipes out the whole database, so use with care!

Permission: DELETE on the group.

Parameters:
groupname - The group's name.
Throws:
VOMSException

createRole

public void createRole(java.lang.String rolename)
                throws VOMSException
Creates a new role. Copies the default ACL list of the VO Group to the new role and adds an extra entry for the administrator with full privileges.

Permission: CREATE on the VO group.

Parameters:
rolename - The role to be added.
Throws:
VOMSException

deleteRole

public void deleteRole(java.lang.String rolename)
                throws VOMSException
Deletes a role. The role is removed with all the membership information.

Permission: DELETE on the role.

Parameters:
rolename - The role to be deleted.
Throws:
VOMSException

createCapability

public void createCapability(java.lang.String capability)
                      throws VOMSException
Creates a new capability. Copies the default ACL list of the VO to the new capability and adds an extra entry for the administrator with full privileges.

Permission: CREATE on the VO group.

Parameters:
capability - The capability to be created.
Throws:
VOMSException

deleteCapability

public void deleteCapability(java.lang.String capability)
                      throws VOMSException
Deletes a capability. Deletes the capability with all the membership information.

Permission: DELETE on the capability.

Parameters:
capability - The capability to be deleted.
Throws:
VOMSException

addMember

public void addMember(java.lang.String groupname,
                      java.lang.String username,
                      java.lang.String userca)
               throws VOMSException
Adds a new member to the group. The user must be a member of the parent group.

Permission: ADD on the group.

Parameters:
groupname - The group's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

removeMember

public void removeMember(java.lang.String groupname,
                         java.lang.String username,
                         java.lang.String userca)
                  throws VOMSException
Removes a member of a group. Also removes the membership information from the group's sub-groups and associated roles of these groups. If it is the VO group, then it will also delete the user with all its ACL entries.

Permission: REMOVE on the group.

Parameters:
groupname - The group's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException
See Also:
deleteUser(java.lang.String, java.lang.String)

assignRole

public void assignRole(java.lang.String groupname,
                       java.lang.String rolename,
                       java.lang.String username,
                       java.lang.String userca)
                throws VOMSException
Assigns a new role to the user. The user must be a member of the parent group.

Permission: ADD on the role.

Parameters:
groupname - The name of the group associated with this assignment.
rolename - The role's name.
username - The name of the user to add.
userca - The CA of the user to add.
Throws:
VOMSException

dismissRole

public void dismissRole(java.lang.String parentname,
                        java.lang.String rolename,
                        java.lang.String username,
                        java.lang.String userca)
                 throws VOMSException
Dismisses a role of a user.

Permission: REMOVE on the role.

Parameters:
parentname - The parent group's name.
rolename - The role's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

assignCapability

public void assignCapability(java.lang.String capability,
                             java.lang.String username,
                             java.lang.String userca)
                      throws VOMSException
Assigns a new capability to the user.

Permission: ADD on the capability.

Parameters:
capability - The capability's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

dismissCapability

public void dismissCapability(java.lang.String capability,
                              java.lang.String username,
                              java.lang.String userca)
                       throws VOMSException
Dismisses a capability of a user.

Permission: REMOVE on the capability.

Parameters:
capability - The capability's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

listMembers

public User[] listMembers(java.lang.String groupname)
                   throws VOMSException
Lists members of a group.

Permission:LIST on the group.

Parameters:
groupname - The group's name (null is the VO group).
Returns:
List of users in this group.
Throws:
VOMSException

listUsersWithRole

public User[] listUsersWithRole(java.lang.String groupname,
                                java.lang.String rolename)
                         throws VOMSException
Lists assigned users of a role associated with a group.

Permission:LIST on the role.

Parameters:
groupname - The group's name.
rolename - The role's name.
Returns:
List of users for this role.
Throws:
VOMSException

listUsersWithCapability

public User[] listUsersWithCapability(java.lang.String capability)
                               throws VOMSException
Lists assigned users of a capability.

Permission:LIST on the capability.

Parameters:
capability - The capability's name.
Returns:
List of users with this capability.
Throws:
VOMSException

getGroupPath

public java.lang.String[] getGroupPath(java.lang.String groupname)
                                throws VOMSException
Returns the absolute "path" down to this group. The first element is the VO group and the last is the group itself. There is at least one element in this path if the group exists: the VO group.

Permission:LIST on parent groups.

Parameters:
groupname - The group's name (null is the VO group).
Returns:
Path to the group.
Throws:
VOMSException

listSubGroups

public java.lang.String[] listSubGroups(java.lang.String groupname)
                                 throws VOMSException
Lists immediate sub-groups of a group.

Permission:LIST on the group.

Parameters:
groupname - The group's name (null is the VO group).
Returns:
List of groups in this group.
Throws:
VOMSException

listGroups

public java.lang.String[] listGroups(java.lang.String username,
                                     java.lang.String userca)
                              throws VOMSException
Lists groups of a user.

Permission:LIST on the VO group.

Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of groups in this group.
Throws:
VOMSException

listRoles

public java.lang.String[] listRoles()
                             throws VOMSException
Lists roles.

Permission:LIST on the VO group.

Returns:
List of roles in this VO.
Throws:
VOMSException

listRoles

public java.lang.String[] listRoles(java.lang.String username,
                                    java.lang.String userca)
                             throws VOMSException
Lists roles of a user.

Permission:LIST on the VO group.

Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of roles in this group.
Throws:
VOMSException

listCapabilities

public java.lang.String[] listCapabilities()
                                    throws VOMSException
Lists capabilities.

Permission:LIST on the VO group.

Returns:
List of capabilities.
Throws:
VOMSException

listCapabilities

public java.lang.String[] listCapabilities(java.lang.String username,
                                           java.lang.String userca)
                                    throws VOMSException
Lists capabilities of a user.

Permission:LIST on the VO group.

Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of capabilities.
Throws:
VOMSException

listCAs

public java.lang.String[] listCAs()
                           throws VOMSException
Lists certificate authorities.

Permission:LIST on the VO group.

Returns:
List of certificate authority DNs.
Throws:
VOMSException

getACL

public ACLEntry[] getACL(java.lang.String container)
                  throws VOMSException
Returns the whole ACL associated with a container.

Permission: GETACL on the container.

Parameters:
container - The container's name (null is the VO group).
Returns:
The access control list.
Throws:
VOMSException

setACL

public void setACL(java.lang.String container,
                   ACLEntry[] acl)
            throws VOMSException
Replaces the existing ACL on this container.

Permission: SETACL on the container.

Parameters:
container - The container's name.
acl - The new access control list.
Throws:
VOMSException

addACLEntry

public void addACLEntry(java.lang.String container,
                        ACLEntry aclEntry)
                 throws VOMSException
Adds a new entry to an ACL of a container.

Permission: SETACL on the container.

Parameters:
container - The container's name.
aclEntry - The new access control list entry.
Throws:
VOMSException

removeACLEntry

public void removeACLEntry(java.lang.String container,
                           ACLEntry aclEntry)
                    throws VOMSException
Removes an existing entry from the ACL.

Permission: SETACL on the container.

Parameters:
container - The container's name.
aclEntry - The access control list entry to be removed.
Throws:
VOMSException

getDefaultACL

public ACLEntry[] getDefaultACL(java.lang.String groupname)
                         throws VOMSException
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Parameters:
groupname - The group's name.
Returns:
The access control list.
Throws:
VOMSException
See Also:
getACL(java.lang.String)

setDefaultACL

public void setDefaultACL(java.lang.String groupname,
                          ACLEntry[] aclEntry)
                   throws VOMSException
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Parameters:
groupname - The group's name.
aclEntry - The new access control list.
Throws:
VOMSException
See Also:
setACL(java.lang.String, org.glite.security.voms.service.ACLEntry[])

addDefaultACLEntry

public void addDefaultACLEntry(java.lang.String groupname,
                               ACLEntry aclEntry)
                        throws VOMSException
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Parameters:
groupname - The group's name.
aclEntry - The new access control list entry.
Throws:
VOMSException
See Also:
addACLEntry(java.lang.String, org.glite.security.voms.service.ACLEntry)

removeDefaultACLEntry

public void removeDefaultACLEntry(java.lang.String groupname,
                                  ACLEntry aclEntry)
                           throws VOMSException
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Parameters:
groupname - The group's name.
aclEntry - The access control list entry to be removed.
Throws:
VOMSException
See Also:
removeACLEntry(java.lang.String, org.glite.security.voms.service.ACLEntry)

getMajorVersionNumber

public int getMajorVersionNumber()
Returns the major version number.


getMinorVersionNumber

public int getMinorVersionNumber()
Returns the minor version number.


getPatchVersionNumber

public int getPatchVersionNumber()
Returns the patch version number.