com.ibm.itim.apps.identity
Class PersonMO

java.lang.Object
  |
  +--com.ibm.itim.apps.identity.PersonMO

public class PersonMO
extends java.lang.Object

Managed object representing a person, or identity.


Constructor Summary
PersonMO(PlatformContext platform, javax.security.auth.Subject subject, DistinguishedName name)
          Constructs the the managed object with a platform context, a subject, and the distinguished name of the object to manage.
 
Method Summary
 OrganizationalContainerMO getContainer()
          Returns the current parent container in the tree.
 Person getData()
          Returns a current snapshot of the data defining the provisionng object.
 DistinguishedName getDistinguishedName()
          Returns the distinguished name of the managed object
 java.util.Collection getRoles()
          Returns the person's roles.
 PersonMO getSponsor()
          Returns the person's sponsor (if any).
 PersonMO getSupervisor()
          Returns the person's supervisor (if any).
 Request remove(java.util.Date scheduledTime)
          Removes the person object and associated managed objects from the provisioning platform.
 Request restore(java.util.Date scheduledTime)
          Restores the person ONLY.
 Request suspend(java.util.Date scheduledTime)
          Suspends the person and associated managed objects from the provisioning platform
 Request transfer(OrganizationalContainerMO newContainer, java.util.Date scheduledTime)
          Transfers (moves) the person to another container.
 Request unManage(java.util.Date scheduledTime)
          Removes the person object ONLY from the provisioning platform.
 Request update(Person p, java.util.Date scheduledTime)
          Updates the managed object.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PersonMO

public PersonMO(PlatformContext platform,
                javax.security.auth.Subject subject,
                DistinguishedName name)
Constructs the the managed object with a platform context, a subject, and the distinguished name of the object to manage.

Parameters:
platform - PlatformContext holding platform connection information.
subject - Subject representing the authenticated caller.
name - DistinguishedName identifying the container.
Method Detail

getDistinguishedName

public DistinguishedName getDistinguishedName()
Returns the distinguished name of the managed object

Returns:
DistinguishedName of the managed object.

getData

public Person getData()
               throws java.rmi.RemoteException,
                      ApplicationException
Returns a current snapshot of the data defining the provisionng object. The amount of information returned in the Person DirectoryObject is determined by attribute-level permissions in system ACIs. Person attributes that are not allowed to be read by the user associated with the Subject used to construct the PersonMO will be removed from the Person DirectoryObject returned.

Returns:
Person object holding attribute information.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
ApplicationException - Thrown if unable to retrieve data.

getContainer

public OrganizationalContainerMO getContainer()
                                       throws java.rmi.RemoteException,
                                              ApplicationException,
                                              AuthorizationException
Returns the current parent container in the tree.

Returns:
OrganizationalContainerMO representing the parent container.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to view the container of the person.
ApplicationException - Thrown if unable to retrieve the person's container. This may possibly be caused by the person being removed by another client previous to this call.

unManage

public Request unManage(java.util.Date scheduledTime)
                 throws java.rmi.RemoteException,
                        ApplicationException,
                        AuthorizationException
Removes the person object ONLY from the provisioning platform.

Parameters:
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to remove the person.
ApplicationException - Thrown if unable to submit the request.

remove

public Request remove(java.util.Date scheduledTime)
               throws java.rmi.RemoteException,
                      ApplicationException,
                      AuthorizationException
Removes the person object and associated managed objects from the provisioning platform.

Parameters:
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to remove the person.
ApplicationException - Thrown if unable to submit the request.

update

public Request update(Person p,
                      java.util.Date scheduledTime)
               throws java.rmi.RemoteException,
                      AuthorizationException,
                      SchemaViolationException,
                      ApplicationException
Updates the managed object. A Person value object is provided with the changes to make.

Parameters:
p - Person value object with changes to make.
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to change the person. Note, even if only one of the attributes being changed is not writeable for the client, the entire request will fail and this exception will be thrown.
SchemaViolationException - Thrown if any of the attributes in the value object violate the managed object's schema.
ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the person being removed by another client previous to this call.

suspend

public Request suspend(java.util.Date scheduledTime)
                throws java.rmi.RemoteException,
                       AuthorizationException,
                       ApplicationException
Suspends the person and associated managed objects from the provisioning platform

Parameters:
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to suspend the person or their accounts (if requested).
ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the person being removed by another client previous to this call.

restore

public Request restore(java.util.Date scheduledTime)
                throws java.rmi.RemoteException,
                       AuthorizationException,
                       ApplicationException
Restores the person ONLY.

Parameters:
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to restore the person or their accounts (if requested).
ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the person being removed by another client previous to this call.

transfer

public Request transfer(OrganizationalContainerMO newContainer,
                        java.util.Date scheduledTime)
                 throws java.rmi.RemoteException,
                        AuthorizationException,
                        ApplicationException
Transfers (moves) the person to another container.

Parameters:
newContainer - OrganizationalContainerMO representing the new parent container of the person.
scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current data/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:
Request object representing the operation's status.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to transfer the person.
ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the person or container being removed by another client previous to this call.

getRoles

public java.util.Collection getRoles()
                              throws java.rmi.RemoteException,
                                     AuthorizationException,
                                     ApplicationException
Returns the person's roles. Note, only roles the client is authorized to search will be returned. If the client is not authorized to view the roles of the person at all, an AuthorizationException will be thrown. If the client can view the roles, but some of the roles are not searchable by the client, then no AuthorizationException will be thrown; only a reduced list will be returned. But if none of the roles of the person are searchable by the client then AuthorizationException will be thrown.

Returns:
Collection of RoleMO's for the person.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to view the roles of the user or none of the roles of the user are searchable by the client.
ApplicationException - Thrown if unable to retrieve the person's roles. This may possibly be caused by the person being removed by another client previous to this call.

getSupervisor

public PersonMO getSupervisor()
                       throws java.rmi.RemoteException,
                              AuthorizationException,
                              ApplicationException
Returns the person's supervisor (if any).

Returns:
PersonMO representing the person's supervisor, null if no supervisor is defined.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to view the supervisor of the person.
ApplicationException - Thrown if unable to retrieve the person's supervisor. This may possibly be caused by the person being removed by another client previous to this call.

getSponsor

public PersonMO getSponsor()
                    throws java.rmi.RemoteException,
                           AuthorizationException,
                           ApplicationException
Returns the person's sponsor (if any). Note, a sponsor is only applicable if the object represents an identity in the Business Partner category.

Returns:
PersonMO representing the person's sponsor, null if no sponsor is defined.
Throws:
java.rmi.RemoteException - Thrown if unable to communicate with platform.
AuthorizationException - Thrown if client is unauthorized to view the sponsor of the user.
ApplicationException - Thrown if unable to retrieve the person's sponsor. This may possibly be caused by the person being removed by another client previous to this call.


IBM Tivoli Identity Manager 4.6
© Copyright International Business Machines Corporation 2005. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.