com.ibm.itim.dataservices.model.domain

Class Person

  • All Implemented Interfaces:
    ProtectedObject, com.ibm.itim.util.Sortable, com.ibm.itim.util.xml.objectstream.Importable, java.io.Serializable
    Direct Known Subclasses:
    ExtendedPerson

    public class Person
extends DirectoryObject
implements com.ibm.itim.util.xml.objectstream.Importable
    Value Object class that holds the attribute information of a person (identity) in the data model. Although the class name indicates human representation, this class could be used to represent any type of identity, even a computing system, which can be provisioned accounts.
    See Also:
    PersonEntity, Serialized Form

    • Field Detail

      • PERSON_ATTR_NAME

        public static java.lang.String PERSON_ATTR_NAME
        String constant for the naming attribute name.

      • PERSON_ATTR_EMAIL

        public static java.lang.String PERSON_ATTR_EMAIL
        String constant for the email attribute name.

      • PERSON_ATTR_STATUS

        public static java.lang.String PERSON_ATTR_STATUS
        String constant for the status attribute name.

      • PERSON_ATTR_SUPERVISOR

        public static java.lang.String PERSON_ATTR_SUPERVISOR
        String constant for the supervisor attribute name.

      • PERSON_ATTR_MANAGER

        public static java.lang.String PERSON_ATTR_MANAGER
        String constant for the manager attribute name.

      • PERSON_ATTR_SPONSOR

        public static java.lang.String PERSON_ATTR_SPONSOR
        String constant for the sponsor attribute name.

      • PERSON_ATTR_ROLE

        public static java.lang.String PERSON_ATTR_ROLE
        String constant for the roles attribute name.

      • PERSON_ATTR_ALIAS

        public static java.lang.String PERSON_ATTR_ALIAS
        String constant for the aliases attribute name.

      • PERSON_ATTR_SHAREDSECRET

        public static java.lang.String PERSON_ATTR_SHAREDSECRET
        String constant for the shared secret attribute name.

      • STATUS_ACTIVE

        public static int STATUS_ACTIVE
        Constant indicating "active" status

      • STATUS_INACTIVE

        public static int STATUS_INACTIVE
        Code indicating "inactive" status

      • PERSON_ATTR_DISPLAY

        public static java.lang.String PERSON_ATTR_DISPLAY
        String constant for the custom display attribute name.

      • PERSON_ATTR_LOCALE

        public static java.lang.String PERSON_ATTR_LOCALE
        String constant for the preferred locale attribute name

      • PERSON_ATTR_CREATION_DATE

        public static final java.lang.String PERSON_ATTR_CREATION_DATE
        See Also:
        Constant Field Values

      • PERSON_ATTR_STATUS_LAST_CHANGED_DATE

        public static final java.lang.String PERSON_ATTR_STATUS_LAST_CHANGED_DATE
        String constant for last status change date attribute name.
        See Also:
        Constant Field Values

      • PERSON_ATTR_LAST_CERTIFIED_DATE

        public static final java.lang.String PERSON_ATTR_LAST_CERTIFIED_DATE
        String constant for the last certified date attribute name.
        See Also:
        Constant Field Values

      • PERSON_ATTR_PASSWORD_CHANGE_DATE

        public static final java.lang.String PERSON_ATTR_PASSWORD_CHANGE_DATE
        String constant that represents the LDAP attribute for the time that the password was last changed.
        See Also:
        Constant Field Values

      • PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION

        public static final java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION
        String constant for the last recertification action attribute name for roles.
        See Also:
        Constant Field Values

      • PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION_DATE

        public static final java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION_DATE
        String constant for the attribute name of the date of the last recertification action for roles.
        See Also:
        Constant Field Values

      • PERSON_ATTR_ROLE_ASSIGNMENT_DATA

        public static final java.lang.String PERSON_ATTR_ROLE_ASSIGNMENT_DATA
        String constant for the attribute name of the role assignment data to be stored. It is also used for the checking ACI.
        Since:
        6.0
        See Also:
        Constant Field Values

      • PERSON_ATTR_SERVICE

        public static final java.lang.String PERSON_ATTR_SERVICE
        String constant for the attribute name of the identity source. All adapters that have HR_TARGET property is considered as an identity source.
        Since:
        10.0.1
        See Also:
        Constant Field Values

      • PERSON_ATTR_IMAGEURI

        public static java.lang.String PERSON_ATTR_IMAGEURI
        String constant for person's image URI
        Since:
        6.0SSE

      • ROLE_ASSIGNMENT_DATA_DELIMETER

        public static final java.lang.String ROLE_ASSIGNMENT_DATA_DELIMETER
        String constant for the attribute name of the role assignment data delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value.
        Since:
        6.0
        See Also:
        Constant Field Values

      • ROLE_ASSIGNMENT_VALUE_DELIMETER

        public static final java.lang.String ROLE_ASSIGNMENT_VALUE_DELIMETER
        String constant for the attribute name of the role assignment value delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value|$assignment-attribute-value.
        Since:
        6.0
        See Also:
        Constant Field Values

      • ADMINISTRATOR_ID

        public static final java.lang.String ADMINISTRATOR_ID
        String constant that holds global ID of ITIM Administrator.
        See Also:
        Constant Field Values

      • CERTIFIED

        public static final java.lang.String CERTIFIED
        The role is certified. Constant representing valid value for the errolerecertificationlastaction attribute.
        See Also:
        Constant Field Values

      • CERTIFIED_ADMIN

        public static final java.lang.String CERTIFIED_ADMIN
        The role is certified by an administrator. Constant representing valid value for the errolerecertificationlastaction attribute.
        See Also:
        Constant Field Values

      • REJECTED_MARK

        public static final java.lang.String REJECTED_MARK
        The role is rejected with regards to being certified and is marked. Constant representing valid value for the errolerecertificationlastaction attribute.
        See Also:
        Constant Field Values

    • Constructor Detail

      • Person

        public Person()
        Default empty constructor. At a minimum set the profile and name attribute to the object if this constructor is used to create value objects for creation in the data store.

      • Person

        public Person(Person p)
        Copy Constructor Reference copy is used for Java object except for String and other primary types

      • Person

        public Person(java.lang.String profileName,
              AttributeValues attrs)
        Deprecated. Use Person(String profileName) and setAttributes(attributes) instead
        Constructs object with profile and attribute information. Warning: the purpose of this constructor is to provide clients with the ability to create value objects for creation in the data store. Do not use this constructor to create value objects that represent existing entities. See the PersonSearch object for achieving that.
        Parameters:
        profileName - Name of the profile (Person, BPPerson, Employee, Contractor, System, etc.) identifying the type of this person (identity).
        attrs - AttributeValues holding the attributes of the person.

      • Person

        public Person(java.lang.String profileName)
        Constructs object with profile. Sets the name attribute to value of Person.PERSON_ATTR_NAME
        Warning: the purpose of this constructor is to provide clients with the ability to create value objects for creation in the data store. Do not use this constructor to create value objects that represent existing entities. See the PersonSearch object for achieving that.
        Parameters:
        profileName - Name of the profile (Person, BPPerson, Employee, Contractor, System, etc.) identifying the type of this person (identity).

      • Person

        public Person(java.lang.String profileName,
              java.lang.String nameAttribute)
        Constructs object with profile and name attribute. Warning: the purpose of this constructor is to provide clients with the ability to create value objects for creation in the data store. Do not use this constructor to create value objects that represent existing entities. See the PersonSearch object for achieving that.
        Parameters:
        profileName - Name of the profile (Person, BPPerson, Employee, Contractor, System, etc.) identifying the type of this person (identity).
        nameAttribute - The attribute name of name attribute

    • Method Detail

      • getAliases

        public java.util.Collection getAliases()
        Returns the person's aliases.
        Returns:
        Collection of person' aliases (Strings).

      • setAliases

        public void setAliases(java.util.Collection aliases)
        Changes the person's aliases. If the aliases have some duplicates, then only the unique aliases will be set.
        Parameters:
        aliases - Collection of person's new aliases (Strings).

      • getMail

        public java.lang.String getMail()
        Returns the person's email address.
        Returns:
        Person's email address.

      • getMails

        public java.util.Collection getMails()
        Returns the person's email addresses.
        Returns:
        Collection of person's email addresses (Strings).

      • setMail

        public void setMail(java.lang.String email)
        Changes the person's email address.
        Parameters:
        email - person's new email address.

      • getLocale

        public java.util.Locale getLocale()
        Returns the person's preferred locale
        Returns:
        Person's preferred locale

      • setLocale

        public void setLocale(java.util.Locale loc)
        Changes the person's preferred locale.
        Parameters:
        loc - person's preferred locale.

      • getImmediateSupervisor

        public DistinguishedName getImmediateSupervisor()
        Returns the person's immediate supervisor.
        Returns:
        DistinguishedName of the person's immediate supervisor, null if none defined.

      • setImmediateSupervisor

        public void setImmediateSupervisor(DistinguishedName supervisor)
        Changes the person's immediate supervisor.
        Parameters:
        supervisor - DistinguishedName of person's new immediate supervisor, null if no supervisor is to be defined.

      • getStatus

        public int getStatus()
        Access method for the status field.
        Returns:
        Enumeration of the person's status, ACTIVE_STATUS, INACTIVE_STATUS.

      • restore

        public void restore()
        Changes the Person's status to ACTIVE_STATUS.

      • suspend

        public void suspend()
        Changes the Person's status to INACTIVE_STATUS.

      • getSharedSecret

        public java.lang.String getSharedSecret()
        Returns the person's shared secret.
        Returns:
        Person's shared secret.

      • setSharedSecret

        public void setSharedSecret(java.lang.String sharedSecret)
        Changes the person's shared secret.
        Parameters:
        sharedSecret - New shared secret for the person.

      • getCustomAttribute

        public java.lang.String getCustomAttribute()
        Returns the person's custom display attribute.
        Returns:
        Person's custom display attribute.

      • setCustomAttribute

        public void setCustomAttribute(java.lang.String customAttribute)
        Changes the person's custom display attribute.
        Parameters:
        customAttribute - New value for the custom display attribute.

      • getRoles

        public java.util.Collection getRoles()
        Returns the person's roles.
        Returns:
        Collection of the DistinguishedNames of the person's roles).

      • setRoles

        public void setRoles(java.util.Collection roles)
        Changes the person's role membership.
        Parameters:
        roles - Collection of DistinguishedNames of person's roles.

      • addRole

        public void addRole(DistinguishedName roleDN)
        Adds the given role to the person's role membership.
        Parameters:
        roleDN - DisinguishedName of the role to add.

      • removeRole

        public void removeRole(DistinguishedName roleDN)
        Removes the given role from the person's role membership.
        Parameters:
        roleDN - DisinguishedName of the role to remove.

      • getSynchPassword

        public byte[] getSynchPassword()
        Returns the password for the person, that is used for synchronization. The password will be decrypted.
        Returns:
        byte[] holding the synchronized password or null if the password does not exist.

      • setSynchPassword

        public void setSynchPassword(byte[] pwd)
        Sets the synchronized password for a person. The password will be encrypted before it is saved in the datastore. Note that setting the synchronized password in this manner will not actually synchronize passwords across the person's existing accounts. Additionally, the synchronized password attribute (ersynchpassword) is considered hidden and cannot be directly set by an external client. External clients should instead use the synchPasswords methods on com.ibm.itim.apps.provisioning.PasswordManager, which will synchronize passwords across the person's existing accounts.
        Parameters:
        pwd - password to be used for password synchronization.

      • removeSynchPassword

        public void removeSynchPassword()
        Removes the synchronized password for a person. Note that the synchronized password attribute (ersynchpassword) is considered hidden and cannot be directly removed by an external client.

      • getCreationDate

        public java.util.Date getCreationDate()
        Returns the date and time the person was created. If the attribute does not exist then this method will return null.
        Returns:
        Date of person creation or null.

      • setLastCertifiedDate

        public void setLastCertifiedDate(java.lang.String policyId,
                                 java.util.Date certifiedDate)
        Records the date and time the specified recertification policy was last executed for this person.
        Parameters:
        policyId - global ID of the recertification policy.
        certifiedDate - date and time the policy was last executed.
        Since:
        ITIM 5.1

      • getLastCertifiedDate

        public java.util.Date getLastCertifiedDate(java.lang.String policyId)
        Returns the date and time the specified recertification policy last executed for this person.
        Parameters:
        policyId - global ID of the recertification policy.
        Returns:
        date and time the policy was last executed.
        Since:
        ITIM 5.1

      • setPasswordChangeDate

        public void setPasswordChangeDate(java.util.Date date)
        Records the timestamp that person password is set.
        Parameters:
        date - Date holding the date and time the person password is set.

      • getPasswordChangeDate

        public java.util.Date getPasswordChangeDate()
        Returns the date and time the the person was last set. If the attribute does not exist then this method will return null.
        Returns:
        Date that the person password was set or null.

      • updatePasswordChangeDate

        public void updatePasswordChangeDate()
        Updates the date and time the person password was last set to now.

      • removePasswordChangeDate

        public void removePasswordChangeDate()
        Removes the timestamp for date and time that the person password was set.

      • getLastStatusChangeDate

        public java.util.Date getLastStatusChangeDate()
        Returns the date and time the the person's status was last changed. If the attribute does not exist then this method will return null.
        Returns:
        Date of last status change or null.

      • setLastStatusChangeDate

        public void setLastStatusChangeDate(java.util.Date changeDate)
        Changes the date and time the person's status was last changed.
        Parameters:
        changeDate - Date holding the date and time the person's status was last changed.

      • getGlobalId

        public java.lang.String getGlobalId()
        Gets the pseudo-unique identifier for this Person.
        Returns:
        String version of the globalid. Will never return null.
        Since:
        ITIM 5.1

      • setLastRecertificationAction

        public void setLastRecertificationAction(java.lang.String roleName,
                                         java.lang.String action)
        Records the last recertification action taken on a role. Also updates the date of the last recertification action for the role. See constants: Person.CERTIFIED Person.CERTIFIED_ADMIN Person.REJECTED_MARK
        Parameters:
        roleName - name of the role
        action - last recertification action taken on the role, or null to remove the action for the role.
        Since:
        ITIM 5.1

      • setLastRecertificationActionDate

        public void setLastRecertificationActionDate(java.lang.String roleName,
                                             java.util.Date actionDate)
        Records the date the last recertification action was recorded for the given role name.
        Parameters:
        roleName - name of the role.
        actionDate - date and time the last action was recorded, or null to to remove the date recorded for the role.
        Since:
        ITIM 5.1

      • getLastRecertificationAction

        public java.lang.String getLastRecertificationAction(java.lang.String roleName)
        Returns the last recertification action for a role. If the attribute does not exist then this method will return null. See constants: Person.CERTIFIED Person.CERTIFIED_ADMIN Person.REJECTED_MARK
        Parameters:
        roleName - name of the role.
        Returns:
        last role recertification action or null.
        Since:
        ITIM 5.1

      • getLastRecertificationActionDate

        public java.util.Date getLastRecertificationActionDate(java.lang.String roleName)
        Returns the date and time the recertification action was last recorded for the given role. If the attribute does not exist then this method will return null.
        Parameters:
        roleName - name of the role.
        Returns:
        date and time the last recertification action was recorded.
        Since:
        ITIM 5.1
Skip navigation links