Interface UserDirectoryService
Note: The Spotfire Server also supports the System for Cross-domain Identity Management (SCIM) standard for user management across applications and services.
Authorization
- All access to this service require an access token that is issued for the
"api.soap.user-directory-service"
scope. - Modifying operations also require the calling user (the OAuth 2.0 client principal) to be a member of the Administrator group.
Important things to note
- All modifying operations are atomic unless stated otherwise.
- The domain name may be omitted where applicable, in which case the internal SPOTFIRE domain will be used instead.
- Since:
- 5.5
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
Deprecated, for removal: This API element is subject to removal in a future version.The OAuth 2.0 scope needed to access any operation in this service. -
Method Summary
Modifier and TypeMethodDescriptionvoid
addMembers
(GroupName groupName, List<PrincipalName> memberNames) Deprecated, for removal: This API element is subject to removal in a future version.Adds the given principals (users or groups) to the given group.createGroup
(String groupname, String displayName, String email) Deprecated, for removal: This API element is subject to removal in a future version.Creates a new group.Deprecated, for removal: This API element is subject to removal in a future version.Creates a new user.getAllGroups
(PrincipalName principalName) Deprecated, for removal: This API element is subject to removal in a future version.Returns the groups (immediate or inherited) that the given principal (user or group) is a member of.getGroupById
(Guid id) Deprecated, for removal: This API element is subject to removal in a future version.Returns a GroupPrincipal object representing the group with the given ID.getGroupByName
(GroupName groupName) Deprecated, for removal: This API element is subject to removal in a future version.Returns the group principal with the given name (consisting of both a name component and a domain).getImmediateGroups
(PrincipalName principalName) Deprecated, for removal: This API element is subject to removal in a future version.Returns the immediate groups that the given principal (user or group) is a member of.getMembers
(GroupName groupName) Deprecated, for removal: This API element is subject to removal in a future version.Returns the immediate members of the given group.getUserById
(Guid id) Deprecated, for removal: This API element is subject to removal in a future version.Returns the user with the given ID.getUserByName
(UserName userName) Deprecated, for removal: This API element is subject to removal in a future version.Returns the user principal with the given name (consisting of both a name component and a domain).boolean
isMember
(GroupName groupName, PrincipalName principalName) Deprecated, for removal: This API element is subject to removal in a future version.Returns true if the given principal (user or group) is a member (immediate or otherwise) of the given group.void
removeMembers
(GroupName groupName, List<PrincipalName> memberNames) Deprecated, for removal: This API element is subject to removal in a future version.Removes the given principals (users or groups) from the given group.void
removePrincipals
(List<PrincipalName> principalNames) Deprecated, for removal: This API element is subject to removal in a future version.Removes the given principals (users and groups).searchGroups
(String searchExpression, int maxResults) Deprecated, for removal: This API element is subject to removal in a future version.Returns all groups, up to the specified upper limit, with names that matches the given search expression.searchUsers
(String searchExpression, int maxResults) Deprecated, for removal: This API element is subject to removal in a future version.Returns all users, up to the specified upper limit, with names that matches the given search expression.void
setDisplayName
(PrincipalName principalName, String displayName) Deprecated, for removal: This API element is subject to removal in a future version.Sets the display name for the given principal (user or group).void
setEmail
(PrincipalName principalName, String email) Deprecated, for removal: This API element is subject to removal in a future version.Sets the e-mail address for the given principal (user or group).void
setMembers
(GroupName groupName, List<PrincipalName> memberNames) Deprecated, for removal: This API element is subject to removal in a future version.Sets the given principals (users or groups) as members of the given group.void
setName
(PrincipalName principalName, String name) Deprecated, for removal: This API element is subject to removal in a future version.Sets the name for the given principal (user or group).void
setPassword
(UserName userName, String password) Deprecated, for removal: This API element is subject to removal in a future version.Sets the password for the given user.void
setUserEnabled
(UserName userName, boolean enabled) Deprecated, for removal: This API element is subject to removal in a future version.Enables or disables the given user.
-
Field Details
-
SERVICE_SCOPE
Deprecated, for removal: This API element is subject to removal in a future version.The OAuth 2.0 scope needed to access any operation in this service.- Since:
- 7.13
- See Also:
-
-
Method Details
-
getUserByName
Deprecated, for removal: This API element is subject to removal in a future version.Returns the user principal with the given name (consisting of both a name component and a domain).- Parameters:
userName
- the name of the user, must not be null- Returns:
- the requested user, or null if no such user exists
- Throws:
UserDirectoryServiceException
- if the user name is null or if an unexpected error occurs
-
getGroupByName
Deprecated, for removal: This API element is subject to removal in a future version.Returns the group principal with the given name (consisting of both a name component and a domain).- Parameters:
groupName
- the name of the group, must not be null- Returns:
- the requested group, or null if no such group exists
- Throws:
UserDirectoryServiceException
- if the group name is null or if an unexpected error occurs
-
getUserById
Deprecated, for removal: This API element is subject to removal in a future version.Returns the user with the given ID.- Parameters:
id
- the ID of the user, must not be null- Returns:
- the requested user, or null if no such user exists
- Throws:
UserDirectoryServiceException
- if the ID is null or if an unexpected error occurs
-
getGroupById
Deprecated, for removal: This API element is subject to removal in a future version.Returns a GroupPrincipal object representing the group with the given ID.- Parameters:
id
- the ID of the group, must not be null- Returns:
- the requested group, or null if no such group exists
- Throws:
UserDirectoryServiceException
- if the ID is null or if an unexpected error occurs
-
searchUsers
List<UserPrincipal> searchUsers(String searchExpression, int maxResults) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Returns all users, up to the specified upper limit, with names that matches the given search expression.The search expression should be a user name, or part thereof, with optional '?' (matches any single character) and '*' (matches zero or more characters) wildcards.
- Parameters:
searchExpression
- the search expression to match with the users' names, must not be null or emptymaxResults
- the maximum number of users to return, or a non-positive value if no limit should be imposed- Returns:
- all users with names that matches the given search expression, in no particular order
- Throws:
UserDirectoryServiceException
- if the search expression is null or empty or if an unexpected error occurs
-
searchGroups
List<GroupPrincipal> searchGroups(String searchExpression, int maxResults) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Returns all groups, up to the specified upper limit, with names that matches the given search expression.The search expression should be a group name, or part thereof, with optional '?' (matches any single character) and '*' (matches zero or more characters) wildcards.
- Parameters:
searchExpression
- the search expression to match with the groups' namesmaxResults
- the maximum number of groups to return, or a non-positive value if no limit should be imposed- Returns:
- all groups with names that matches the given search expression, in no particular order
- Throws:
UserDirectoryServiceException
- if the search expression is null or empty or if an unexpected error occurs
-
getMembers
Deprecated, for removal: This API element is subject to removal in a future version.Returns the immediate members of the given group.- Parameters:
groupName
- the name of the group, must not be null- Returns:
- all immediate members of the group, in no particular order
- Throws:
UserDirectoryServiceException
- if no group with the given name exists or if an unexpected error occurs
-
getImmediateGroups
List<GroupPrincipal> getImmediateGroups(PrincipalName principalName) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Returns the immediate groups that the given principal (user or group) is a member of.- Parameters:
principalName
- the name of the principal, must not be null- Returns:
- all immediate groups that the given principal is a member of, in no particular order
- Throws:
UserDirectoryServiceException
- if no principal with the given type and name exists or if an unexpected error occurs
-
getAllGroups
Deprecated, for removal: This API element is subject to removal in a future version.Returns the groups (immediate or inherited) that the given principal (user or group) is a member of.- Parameters:
principalName
- the name of the principal, must not be null- Returns:
- all groups (immediate or inherited) that the given principal is a member of, in no particular order
- Throws:
UserDirectoryServiceException
- if no principal with the given type and name exists or if an unexpected error occurs
-
createUser
UserPrincipal createUser(String username, String domainName, String displayName, String email, String password) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Creates a new user. If the password is null the user will not be able to login when using Spotfire Database as authentication method.Authorization
The calling user must be a member of the Administrator group.- Parameters:
username
- the name of the user, must not be null or an empty string and must not exceed 50 charactersdomainName
- the domain name, must not be null or an empty string and must not exceed 50 charactersdisplayName
- the display name, must not be null or an empty string and must not exceed 100 charactersemail
- the e-mail address, may be null but must not be an empty string or an invalid e-mail addresspassword
- the new password, may be null but must not be an empty string- Returns:
- the newly created user
- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the user name, the display name, the e-mail address or the password is invalid, if a user with the same name already exists in the same domain or if an unexpected error occurs
-
createGroup
GroupPrincipal createGroup(String groupname, String displayName, String email) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Creates a new group. Note that groups can only be created in the internal SPOTFIRE domain using this method. Groups may belong to other domains but only when created through LDAP group synchronization.Authorization
The calling user must be a member of the Administrator group.- Parameters:
groupname
- the name of the group, must not be null or an empty string and must not exceed 50 charactersdisplayName
- the display name, must not be null or an empty string and must not exceed 100 charactersemail
- the e-mail address, may be null but must not be an empty string or an invalid e-mail address- Returns:
- the newly created group
- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the group name, the display name or the e-mail address is invalid, if a group with the same name already exists in the same domain or if an unexpected error occurs
-
removePrincipals
Deprecated, for removal: This API element is subject to removal in a future version.Removes the given principals (users and groups).Authorization
The calling user must be a member of the Administrator group.- Parameters:
principalNames
- the names of the principals to remove, may be empty in which case no changes will be made- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges or if an unexpected error occurs
-
setName
Deprecated, for removal: This API element is subject to removal in a future version.Sets the name for the given principal (user or group).Authorization
The calling user must be a member of the Administrator group.- Parameters:
principalName
- the name of the principal to set the name for, must not be nullname
- the new name, must not be null or an empty string and must not exceed 50 characters- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the principal doesn't exist, if the name is invalid, if another principal of the same type with the new name already exists in the same domain or if an unexpected error occurs
-
setDisplayName
void setDisplayName(PrincipalName principalName, String displayName) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Sets the display name for the given principal (user or group).Authorization
The calling user must be a member of the Administrator group.- Parameters:
principalName
- the name of the principal to set the display name for, must not be nulldisplayName
- the new display name, must not be null or an empty string and must not exceed 100 characters- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the principal doesn't exist, if the display name is invalid or if an unexpected error occurs
-
setEmail
Deprecated, for removal: This API element is subject to removal in a future version.Sets the e-mail address for the given principal (user or group).Authorization
The calling user must be a member of the Administrator group.- Parameters:
principalName
- the name of the principal to set the e-mail address for, must not be nullemail
- the new e-mail address, may be null but must not be an empty string or an invalid e-mail address- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the principal doesn't exist, if the e-mail address is invalid or if an unexpected error occurs
-
setPassword
Deprecated, for removal: This API element is subject to removal in a future version.Sets the password for the given user. If the password is null any existing password will be cleared and the user will not be able to login when using Spotfire Database as authentication method.Authorization
The calling user must be a member of the Administrator group.- Parameters:
userName
- the name of the user to set the password for, must not be nullpassword
- the new password, may be null but must not be an empty string- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the user doesn't exist, if the password is invalid or if an unexpected error occurs
-
setUserEnabled
Deprecated, for removal: This API element is subject to removal in a future version.Enables or disables the given user.Authorization
The calling user must be a member of the Administrator group.- Parameters:
userName
- the name of the user to set the enabled flag for, must not be nullenabled
- the new value for the enabled flag- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the user doesn't exist or if an unexpected error occurs
-
isMember
boolean isMember(GroupName groupName, PrincipalName principalName) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Returns true if the given principal (user or group) is a member (immediate or otherwise) of the given group.- Parameters:
groupName
- the name of the group to determine membership of, must not be nullprincipalName
- the name of the principal to determine membership for, must not be null- Returns:
- true if the given principal is a member of the given group and false otherwise
- Throws:
UserDirectoryServiceException
- if the group or the principal doesn't exist or if an unexpected error occurs
-
addMembers
void addMembers(GroupName groupName, List<PrincipalName> memberNames) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Adds the given principals (users or groups) to the given group.Authorization
The calling user must be a member of the Administrator group.- Parameters:
groupName
- the name of the group which the principals should be added tomemberNames
- the names of the principals that should be added to the group- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the group principal or any of the member principals doesn't exist or if an unexpected error occurs
-
removeMembers
void removeMembers(GroupName groupName, List<PrincipalName> memberNames) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Removes the given principals (users or groups) from the given group.Authorization
The calling user must be a member of the Administrator group.- Parameters:
groupName
- the name of the group which the principals should be removed frommemberNames
- the names of the principals that should be removed from the group- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the group principal doesn't exists or if an unexpected error occurs
-
setMembers
void setMembers(GroupName groupName, List<PrincipalName> memberNames) throws UserDirectoryServiceException Deprecated, for removal: This API element is subject to removal in a future version.Sets the given principals (users or groups) as members of the given group. Any existing members will be removed.Authorization
The calling user must be a member of the Administrator group.- Parameters:
groupName
- the name of the group for which the the members should be setmemberNames
- the names of the principals that should be set as members of the group- Throws:
UserDirectoryServiceException
- if the calling user doesn't have sufficient privileges, if the group principal or any of the member principals doesn't exist or if an unexpected error occurs
-