| Package | Description |
|---|---|
| edu.internet2.middleware.grouper.pspng |
| Modifier and Type | Method and Description |
|---|---|
protected void |
LdapGroupProvisioner.addMembership(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Subject subject,
LdapUser ldapUser) |
protected void |
LdapAttributeProvisioner.addMembership(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Subject subject,
LdapUser ldapUser) |
protected void |
VoidProvisioner.addMembership(GrouperGroupInfo grouperGroupInfo,
TargetSystemGroup tsGroup,
Subject subject,
TargetSystemUser tsUser) |
protected abstract void |
Provisioner.addMembership(GrouperGroupInfo grouperGroupInfo,
TSGroupClass tsGroup,
Subject subject,
TSUserClass tsUser)
Action method that handles membership additions where a person-subject is added to a
group.
|
protected TargetSystemGroup |
VoidProvisioner.createGroup(GrouperGroupInfo grouperGroup,
Collection initialMembers) |
protected abstract TSGroupClass |
Provisioner.createGroup(GrouperGroupInfo grouperGroup,
Collection<Subject> initialMembers)
Provisioning a new Group in the target system.
|
protected LdapGroup |
LdapGroupProvisioner.createGroup(GrouperGroupInfo grouperGroup,
Collection<Subject> initialMembers) |
protected LdapGroup |
LdapAttributeProvisioner.createGroup(GrouperGroupInfo grouperGroup,
Collection<Subject> initialMembers) |
protected void |
LdapProvisioner.createOuInExistingLocation(com.unboundid.ldap.sdk.DN ouDn)
This function creates an OU with the provided DN with the OU-Creation ldif template.
|
static Provisioner |
ProvisionerFactory.createProvisioner(String configName,
boolean fullSyncMode)
This constructs a provisioner based on the properties found for provisioner 'configName'
This should only be called internally and from FullSyncProvisionerFactory.
|
protected TSUserClass |
Provisioner.createUser(Subject personSubject)
Provisioning a new User account in the target system.
|
protected LdapUser |
LdapProvisioner.createUser(Subject personSubject) |
protected void |
LdapGroupProvisioner.deleteGroup(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup) |
protected void |
LdapAttributeProvisioner.deleteGroup(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup) |
protected void |
VoidProvisioner.deleteGroup(GrouperGroupInfo grouperGroupInfo,
TargetSystemGroup tsGroup) |
protected abstract void |
Provisioner.deleteGroup(GrouperGroupInfo grouperGroupInfo,
TSGroupClass tsGroup)
Action method that handles group removal.
|
protected void |
LdapGroupProvisioner.deleteMembership(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Subject subject,
LdapUser ldapUser) |
protected void |
LdapAttributeProvisioner.deleteMembership(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Subject subject,
LdapUser ldapUser) |
protected void |
VoidProvisioner.deleteMembership(GrouperGroupInfo grouperGroupInfo,
TargetSystemGroup tsGroup,
Subject subject,
TargetSystemUser tsUser) |
protected abstract void |
Provisioner.deleteMembership(GrouperGroupInfo grouperGroupInfo,
TSGroupClass tsGroup,
Subject subject,
TSUserClass tsUser)
Abstract action method that handles membership removals.
|
protected void |
VoidProvisioner.doFullSync_cleanupExtraGroups(JobStatistics stats) |
protected abstract void |
Provisioner.doFullSync_cleanupExtraGroups(JobStatistics stats)
This method's responsibility is find extra groups within Grouper's responsibility that
exist in the target system.
|
protected void |
LdapGroupProvisioner.doFullSync_cleanupExtraGroups(JobStatistics stats) |
protected void |
LdapAttributeProvisioner.doFullSync_cleanupExtraGroups(JobStatistics stats) |
protected boolean |
LdapGroupProvisioner.doFullSync(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Set<Subject> correctSubjects,
Map<Subject,LdapUser> tsUserMap,
Set<LdapUser> correctTSUsers,
JobStatistics stats) |
protected boolean |
LdapAttributeProvisioner.doFullSync(GrouperGroupInfo grouperGroupInfo,
LdapGroup ldapGroup,
Set<Subject> correctSubjects,
Map<Subject,LdapUser> tsUserMap,
Set<LdapUser> correctTSUsers,
JobStatistics stats) |
protected boolean |
VoidProvisioner.doFullSync(GrouperGroupInfo grouperGroupInfo,
TargetSystemGroup tsGroup,
Set correctSubjects,
Map tsUserMap,
Set correctTSUsers,
JobStatistics stats) |
protected abstract boolean |
Provisioner.doFullSync(GrouperGroupInfo grouperGroupInfo,
TSGroupClass tsGroup,
Set<Subject> correctSubjects,
Map<Subject,TSUserClass> tsUserMap,
Set<TSUserClass> correctTSUsers,
JobStatistics stats)
This method's responsibility is to make sure that group's only provisioned memberships are those
of correctSubjects.
|
protected void |
LdapProvisioner.ensureLdapOusExist(com.unboundid.ldap.sdk.DN dn)
Internal worker function called by ensureLdapOusExist(dnString, wholeDnIsTheOu).
|
void |
LdapProvisioner.ensureLdapOusExist(String dnString,
boolean wholeDnIsTheOu)
Public way to create any missing OUs.
|
static String |
PspJexlUtils.escapeLdapRdn(String rdnString)
This takes a string of attribute=value and makes sure that special, dn-relevant characters
are escaped, particularly commas, pluses, etc
|
protected String |
Provisioner.evaluateJexlExpression(String expressionName,
String expression,
Subject subject,
TSUserClass tsUser,
GrouperGroupInfo grouperGroupInfo,
TSGroupClass tsGroup,
Object... keysAndValues)
Make a JexlMap that contains subject and group information and evaluate the given
expression.
|
protected TSGroupClass |
Provisioner.fetchTargetSystemGroup(GrouperGroupInfo grouperGroup)
Lookup a single TSGroupClass for a single (grouper) Group.
|
protected Map |
VoidProvisioner.fetchTargetSystemGroups(Collection grouperGroups) |
protected abstract Map<GrouperGroupInfo,TSGroupClass> |
Provisioner.fetchTargetSystemGroups(Collection<GrouperGroupInfo> grouperGroups)
This fetches group information from the target system.
|
protected Map<GrouperGroupInfo,LdapGroup> |
LdapGroupProvisioner.fetchTargetSystemGroups(Collection<GrouperGroupInfo> grouperGroupsToFetch) |
protected Map<GrouperGroupInfo,LdapGroup> |
LdapAttributeProvisioner.fetchTargetSystemGroups(Collection<GrouperGroupInfo> grouperGroups) |
Map<GrouperGroupInfo,TSGroupClass> |
Provisioner.fetchTargetSystemGroupsInBatches(Collection<GrouperGroupInfo> groupsToFetch)
This method fetches an arbitrary number of groups from the target system.
|
protected TSUserClass |
Provisioner.fetchTargetSystemUser(Subject personSubject)
Lookup a single TSUserClass for a single Subject.
|
protected Map<Subject,TargetSystemUser> |
VoidProvisioner.fetchTargetSystemUsers(Collection personSubjects) |
protected abstract Map<Subject,TSUserClass> |
Provisioner.fetchTargetSystemUsers(Collection<Subject> personSubjects)
This fetches user information from the target system.
|
protected Map<Subject,LdapUser> |
LdapProvisioner.fetchTargetSystemUsers(Collection<Subject> subjectsToFetch)
Find the subjects in the ldap server.
|
List<ProvisioningWorkItem> |
Provisioner.filterWorkItems(List<ProvisioningWorkItem> workItems)
This method returns the work items that are supposed to be provisioned
by calling shouldGroupBeProvisioned on each group mentioned
by a workItem.
|
List<ProvisioningWorkItem> |
Provisioner.filterWorkItems2(List<ProvisioningWorkItem> workItems)
This method returns the work items that are supposed to be provisioned
by calling shouldGroupBeProvisioned on each group mentioned
by a workItem.
|
void |
Provisioner.finishProvisioningBatch(List<ProvisioningWorkItem> workItems) |
void |
LdapProvisioner.finishProvisioningBatch(List<ProvisioningWorkItem> workItems)
This implements the LDAP Modifications that were scheduled with schedulLdapModification.
|
protected void |
Provisioner.flushCachesIfNecessary(List<ProvisioningWorkItem> allWorkItems)
Look at the batch of workItems and flush caches necessary to process the entries
properly.
|
protected String |
LdapAttributeProvisioner.getAttributeValueForGroup(GrouperGroupInfo grouperGroupInfo) |
static FullSyncProvisioner |
FullSyncProvisionerFactory.getFullSyncer(Provisioner provisioner)
Shortcut to getFullSyncer(provisioner.getConfigName())
|
static FullSyncProvisioner |
FullSyncProvisionerFactory.getFullSyncer(String configName)
Factory for FullSync objects
|
static Provisioner |
ProvisionerFactory.getIncrementalProvisioner(String configName) |
protected org.ldaptive.Connection |
LdapSystem.getLdapConnection() |
org.ldaptive.pool.BlockingConnectionPool |
LdapSystem.getLdapPool() |
protected LdapSystem |
LdapProvisioner.getLdapSystem() |
String |
LdapObject.getLdifString() |
int |
TargetSystemUser.getNativeMemorySize_bytes()
Approximately how many bytes did target system provide to create this object?
For instance, for an ldap server, this would be how much LDIF information is
behind this user.
|
int |
TargetSystemGroup.getNativeMemorySize_bytes()
Approximately how many bytes did target system provide to create this object?
For instance, for an ldap server, this would be how much LDIF information is
behind this group.
|
int |
LdapUser.getNativeMemorySize_bytes() |
int |
LdapGroup.getNativeMemorySize_bytes() |
TSUserClass |
Provisioner.getTargetSystemUser(Subject subject) |
protected org.ldaptive.SearchFilter |
LdapProvisioner.getUserLdapFilter(Subject subject) |
protected boolean |
LdapSystem.makeLdapDataCorrect(org.ldaptive.LdapEntry correctEntry,
org.ldaptive.LdapEntry existingEntry,
boolean valuesAreCaseSensitive) |
protected boolean |
LdapSystem.makeLdapDnCorrect(org.ldaptive.LdapEntry correctEntry,
org.ldaptive.LdapEntry existingEntry)
Moves the ldap object if necessary.
|
boolean |
LdapSystem.makeLdapObjectCorrect(org.ldaptive.LdapEntry correctEntry,
org.ldaptive.LdapEntry existingEntry,
boolean valuesAreCaseSensitive) |
boolean |
LdapObject.matchesLdapFilter(org.ldaptive.SearchFilter filter) |
protected void |
LdapSystem.performLdapAdd(org.ldaptive.LdapEntry entryToAdd) |
protected void |
LdapProvisioner.performLdapAdd(org.ldaptive.LdapEntry entryToAdd)
Perform an LDAP ADD after making sure the new object's OU exists.
|
protected void |
LdapSystem.performLdapDelete(String dnToDelete) |
void |
LdapSystem.performLdapModify(org.ldaptive.ModifyRequest mod,
boolean valuesAreCaseSensitive) |
void |
LdapSystem.performLdapModify(org.ldaptive.ModifyRequest mod,
boolean valuesAreCaseSensitive,
boolean retryIfFails)
This performs a modification and optionally retries it by comparing attributeValues
being added/removed to those already on the ldap server
|
protected LdapObject |
LdapSystem.performLdapRead(com.unboundid.ldap.sdk.DN dn,
String... attributes) |
protected LdapObject |
LdapSystem.performLdapRead(String dn,
Collection<String> attributes) |
protected LdapObject |
LdapSystem.performLdapRead(String dn,
String... attributes) |
Set<String> |
LdapSystem.performLdapSearchRequest_returningValuesOfAnAttribute(int approximateNumResultsExpected,
String searchBaseDn,
org.ldaptive.SearchScope scope,
String attributeToReturn,
String filterTemplate,
Object... filterParams) |
protected void |
LdapSystem.performLdapSearchRequest(int approximateNumResultsExpected,
org.ldaptive.SearchRequest request,
org.ldaptive.handler.SearchEntryHandler callback) |
List<LdapObject> |
LdapSystem.performLdapSearchRequest(int approximateNumResultsExpected,
String searchBaseDn,
org.ldaptive.SearchScope scope,
Collection<String> attributesToReturn,
org.ldaptive.SearchFilter filter) |
List<LdapObject> |
LdapSystem.performLdapSearchRequest(int approximateNumResultsExpected,
String searchBaseDn,
org.ldaptive.SearchScope scope,
Collection<String> attributesToReturn,
String filterTemplate,
Object... filterParams) |
protected void |
LdapSystem.performTestLdapRead(org.ldaptive.Connection conn) |
protected void |
FullSyncProvisioner.processQueueItem(edu.internet2.middleware.grouper.pspng.FullSyncQueueItem queueItem) |
protected void |
Provisioner.provisionItem(ProvisioningWorkItem workItem)
Dispatches an event to the right method, with generally
useful parameters.
|
protected void |
LdapAttributeProvisioner.purgeAttributeValue(String attributeName,
String valueToPurge,
JobStatistics stats) |
protected List<edu.internet2.middleware.grouper.pspng.FullSyncQueueItem> |
FullSyncProvisioner.queueAllGroupsForFullSync(FullSyncProvisioner.QUEUE_TYPE queue,
String externalReference,
String reasonFormat,
Object... reasonArgs)
Go through the Grouper Groups and queue up the ones that match the provisioner's
ShouldBeProvisioned filter.
|
org.ldaptive.LdapEntry |
LdapSystem.rereadEntry(org.ldaptive.LdapEntry ldapEntry)
Read a fresh copy of an ldapEntry, using the dn and attribute list from the provided
entry.
|
protected String |
LdapProvisioner.sanityCheckDnAttributesOfLdif(String ldif,
String ldifSourceFormat,
Object... ldifSourceArgs)
Look at attributes that are supposed to store DNs and make sure they
are escaped and/or parsable
|
JobStatistics |
FullSyncProvisioner.startFullSyncOfAllGroupsAndWaitForCompletion(Hib3GrouperLoaderLog hib3GrouploaderLog) |
void |
Provisioner.startProvisioningBatch(List<ProvisioningWorkItem> workItems)
Get ready for a provisioning batch.
|
protected LdapGroup |
LdapGroupProvisioner.updateGroupFromTemplate(GrouperGroupInfo grouperGroupInfo,
LdapGroup existingLdapGroup)
This method compares the existing LdapGroup to how the groupCreationTemplate might have
changed due to group changes (eg, a changed group name) or due to template changes
|
Copyright © 2022 Internet2. All rights reserved.