com.ibm.itim.dataservices.model.domain

Class GroupSearch

  • java.lang.Object
    • com.ibm.itim.dataservices.model.domain.GroupSearch

  • public class GroupSearch
extends java.lang.Object
    This class provides an interface for searching group objects from the data store
    Since:
    Tivoli Identity Governance 5.1

    • Constructor Detail

      • GroupSearch

        public GroupSearch()
        Default constructor.

    • Method Detail

      • lookup

        public GroupEntity lookup(DistinguishedName serviceDN,
                          java.lang.String groupID)
                   throws ObjectNotFoundException,
                          ModelCommunicationException
        Retrieves the group from the data store based on the unique id of the group.
        Parameters:
        serviceDN - DistinguishedName of the service
        groupID - String of the group unique ID.
        Returns:
        GroupEntity with the corresponding group ID.
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This might be because a distinguished name is not valid, or the entity might have been removed by another client.

      • lookup

        public GroupEntity lookup(DistinguishedName serviceDN,
                          java.lang.String attributeName,
                          java.lang.String groupID)
                   throws ObjectNotFoundException,
                          ModelCommunicationException
        Retrieves the group from the data store based on the unique ID of the group.
        Parameters:
        serviceDN - The distinguished name of the service
        groupAttrName - The name of the attribute that is used in the search.
        groupID - The unique ID of the group.
        Returns:
        GroupEntity with the corresponding group ID.
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This might be because a distinguished name is not valid, or the entity might have been removed by another client.

      • lookup

        public GroupEntity lookup(DistinguishedName serviceDN,
                          java.lang.String profileName,
                          java.lang.String attributeName,
                          java.lang.String groupID)
                   throws ObjectNotFoundException,
                          ModelCommunicationException
        Retrieves the group from the data store based on the unique ID of the group.
        Parameters:
        serviceDN - The distinguished name of the service
        profileName - Name of the ObjectProfile that defines the type of group to search for. If null or empty string passed, groups of all types will be returned.
        groupAttrName - The name of the attribute that is used in the search.
        groupID - The unique ID of the group.
        Returns:
        GroupEntity with the corresponding group ID.
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This might be because a distinguished name is not valid, or the entity might have been removed by another client.

      • searchByServiceAndGroupInfo

        public SearchResults searchByServiceAndGroupInfo(DistinguishedName serviceDN,
                                                 java.lang.String profileName,
                                                 java.util.Set<java.lang.String> searchAttributes,
                                                 java.lang.String groupInfo,
                                                 SearchParameters params)
                                          throws ObjectNotFoundException,
                                                 ModelCommunicationException
        Finds groups defined for a specific service and a specific group profile. Use this method to search for service groups.
        Parameters:
        serviceDN - The distinguished name of the service
        profileName - The name of the ObjectProfile that defines the type of group to search for. If a null or empty string is passed, groups of all types will be returned.
        searchAttributes - A list of attribute to be search by group information. If searchAttributes is empty or null, the group name attribute will be used. You need to pass in the symantic attributes. The method resolves any mapped attribute.
        groupInfo - The information about the group which will be used to perform a substring matching for group name and description. If input string is null, a wildcard search is used.
        params - The search parameters that provide additional context for how the search should be performed. If the search scope is ONELEVEL_SCOPE, the search is limited only to the groups belong to the given parent (searchContext.last()). Otherwise, the whole organizational logical subtree will be searched.
        Returns:
        SearchResults of GroupEntity
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This might be because a distinguished name is not valid, or the entity might have been removed by another client.
        java.lang.IllegalArgumentException - Thrown when searchContext or profileName is null or empty.

      • searchByGroupInfo

        public SearchResults searchByGroupInfo(CompoundDN searchContext,
                                       java.lang.String profileName,
                                       java.util.Set<java.lang.String> searchAttributes,
                                       java.lang.String groupInfo,
                                       SearchParameters params)
                                throws ObjectNotFoundException,
                                       ModelCommunicationException
        Finds groups defined for a specific service and a specific group profile
        Parameters:
        searchContext - The CompoundDN that defines the base of the search. At least one element and at most three are expected:
        • searchContext.elements[0] must contain the tenant distinguished name (DN)
        • searchContext.elements[1] might contain the organization DN
        • searchContext.elements[2] might contain the parent DN. The parent DN can be the service DN for service groups
        An element cannot be skipped. For example, you can not pass the parent DN without passing the organization DN. If the profile name is null, empty, or one of the service group profiles, the search base will be the last element. For search optimization, the service DN must be the last element for service group profile.
        profileName - The name of the ObjectProfile that defines the type of group to search for. If a null or empty string is passed, groups of all types will be returned.
        searchAttributes - A list of attribute to be search by group information. If searchAttributes is empty or null, the group name attribute will be used. You need to pass in the symantic attributes. The method resolves any mapped attribute.
        groupInfo - The information about the group which will be used to perform a substring matching for group name and description. If input string is null, a wildcard search is used.
        params - The search parameters that provide additional context for how the search should be performed. If the search scope is ONELEVEL_SCOPE, the search is limited only to the groups belong to the given parent (searchContext.last()). Otherwise, the whole organizational logical subtree will be searched.
        Returns:
        SearchResults of GroupEntity
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This may be due to an invalid profile name, distinguished name, or the entity may have been removed by another client.
        java.lang.IllegalArgumentException - Thrown when searchContext is null or empty.

      • searchByAccess

        public SearchResults searchByAccess(CompoundDN searchContext,
                                    java.lang.String groupProfileName,
                                    java.lang.String accessInfo,
                                    java.lang.String accessType,
                                    SearchParameters params)
                             throws ObjectNotFoundException,
                                    ModelCommunicationException
        Finds the groups in a specific organizational container (including organization) that are enabled for user request and matches the user's search criteria. This may include groups from different services
        Parameters:
        searchContext - The CompoundDN that defines the base of the search. At least one element and at most three are expected:
        • searchContext.elements[0] must contain the tenant distinguished name (DN)
        • searchContext.elements[1] might contain the organization DN
        • searchContext.elements[2] might contain the parent DN. The parent DN can be the service DN for service groups
        An element cannot be skipped. For example, you can not pass the parent DN without passing the organization DN. If the profile name is null, empty, or one of the service group profiles, the search base will be the last element. For search optimization, the service DN must be the last element for service group profile.
        groupProfileName - The name of the ObjectProfile that defines the type of group to search for. If a null or empty string is passed, groups of all types will be returned.
        accessInfo - The information about the access that will be used to perform a substring matching for access name and access description. If input string is null, a wildcard search for name and description is used.
        accessType - Access type for the group. If input string is null, a wildcard search for access type is used.
        params - The search parameters that provide additional context for how the search should be performed. If the search scope is ONELEVEL_SCOPE, the search is limited only to the groups belong to the given parent (searchContext.last()). Otherwise, the whole organizational logical subtree will be searched.
        Returns:
        SearchResult of GroupEntity
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This may be due to an invalid profile name, distinguished name, or the entity may have been removed by another client.

      • searchByFilter

        public SearchResults searchByFilter(CompoundDN searchContext,
                                    java.lang.String filter,
                                    SearchParameters params)
                             throws ObjectNotFoundException,
                                    ModelCommunicationException
        Searches for groups of all types that meet the criteria defined within the given filter. This search is performed as a raw search against the data store without any semantic mapping.
        Parameters:
        searchContext - The CompoundDN that defines the base of the search. At least one element and at most three are expected:
        • searchContext.elements[0] must contain the tenant distinguished name (DN)
        • searchContext.elements[1] might contain the organization DN
        • searchContext.elements[2] might contain the parent DN. The parent DN can be the service DN for service groups
        An element cannot be skipped. For example, you can not pass the parent DN without passing the organization DN. If the profile name is null, empty, or one of the service group profiles, the search base will be the last element. For search optimization, the service DN must be the last element for service group profile.
        profileName - Name of the ObjectProfile that defines the type of group to search for. If null or empty string passed, groups of all types will be returned.
        filter - Filter that defines the criteria for returned groups to meet. The filter must be in the format defined by RFC2254.
        params - The search parameters that provide additional context for how the search should be performed. If the search scope is ONELEVEL_SCOPE, the search is limited only to the groups belong to the given parent (searchContext.last()). Otherwise, the whole organizational logical subtree will be searched.
        Returns:
        SearchResults holding GroupEntities for all groups that meet the search criteria.
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This may be due to an invalid profile name, distinguished name, or the entity may have been removed by another client.

      • searchByFilter

        public SearchResults searchByFilter(CompoundDN searchContext,
                                    java.lang.String profileName,
                                    java.lang.String filter,
                                    SearchParameters params)
                             throws ObjectNotFoundException,
                                    ModelCommunicationException
        Searches for groups that meet the criteria defined within the given filter. This search is performed as a raw search against the data store without any semantic mapping.
        Parameters:
        searchContext - The CompoundDN that defines the base of the search. At least one element and at most three are expected:
        • searchContext.elements[0] must contain the tenant distinguished name (DN)
        • searchContext.elements[1] might contain the organization DN
        • searchContext.elements[2] might contain the parent DN. The parent DN can be the service DN for service groups
        An element cannot be skipped. For example, you can not pass the parent DN without passing the organization DN. If the profile name is null, empty, or one of the service group profiles, the search base will be the last element. For search optimization, the service DN must be the last element for service group profile.
        profileName - Name of the ObjectProfile that defines the type of group to search for. If null or empty string passed, groups of all types will be returned.
        filter - Filter that defines the criteria for returned groups to meet. The filter must be in the format defined by RFC2254.
        params - The search parameters that provide additional context for how the search should be performed. If the search scope is ONELEVEL_SCOPE, the search is limited only to the groups belong to the given parent (searchContext.last()). Otherwise, the whole organizational logical subtree will be searched.
        Returns:
        SearchResults holding GroupEntities for all groups that meet the search criteria.
        Throws:
        ModelCommunicationException - Thrown if unable to communicate with the data store.
        ObjectNotFoundException - Thrown if unable to locate the entity in the data store. This may be due to an invalid profile name, distinguished name, or the entity may have been removed by another client.

      • createCompoundDN

        public static CompoundDN createCompoundDN(DistinguishedName objDN)
                                   throws com.ibm.itim.policy.PolicyAuthorityException
        Throws:
        com.ibm.itim.policy.PolicyAuthorityException
Skip navigation links