Package com.documentum.fc.client

Interface IDfUser

All Superinterfaces:
IDfPersistentObject, IDfTypedObject
public interface IDfUser extends IDfPersistentObject
This interface provides access to user-related data stored in user objects. A user object contains information about a user in a repository. The information includes the user's default permissions, electronic mail address, default folder, and inbox object identifier. You must be a system administrator or superuser to create or drop a user.

  • Field Details

  • Method Details

    • getUserName

      String getUserName() throws DfException
      Returns the user's Documentum user name.
      Throws:
      DfException - if a server error occurs

    • getUserOSName

      String getUserOSName() throws DfException
      Returns the user's operating system user name.
      Throws:
      DfException - if a server error occurs

    • getUserAddress

      String getUserAddress() throws DfException
      Returns the user's electronic mail address.
      Throws:
      DfException - if a server error occurs

    • getUserGroupName

      String getUserGroupName() throws DfException
      Returns the user's default group.
      Throws:
      DfException - if a server error occurs

    • getUserPrivileges

      int getUserPrivileges() throws DfException
      Returns the user's basic privileges.

      The following list specifies the privilege level corresponding to all possible return values: 

       public static final int PRIV_NONE=0;
 public static final int PRIV_CREATETYPE=1;
 public static final int PRIV_CREATECABINET=2;
 public static final int PRIV_CREATEGROUP=4;
 public static final int PRIV_SYSADMIN=8;
 public static final int PRIV_SUPERUSER=16;

      Refer to the Server Administrator's Guide for more information about privileges.

      Returns:
      the user's basic privileges
      Throws:
      DfException - if a server error occurs

    • isSuperUser

      boolean isSuperUser() throws DfException
      Indicates whether a user has the SUPERUSER privilege for the current repository.

      Refer to the Server Administrator's Guide for more information about the SUPERUSER privilege.

      Throws:
      DfException - if a server error occurs

    • isSystemAdmin

      boolean isSystemAdmin() throws DfException
      Indicates whether a user has the SYSADMIN privilege for the current repository.

      Refer to the Server Administrator's Guide for more information about the SYSADMIN privilege.

      Throws:
      DfException - if a server error occurs

    • getOwnerDefPermit

      int getOwnerDefPermit() throws DfException
      Returns the default owner permission assigned to objects created by a user.

      The default is used when no owner permission is explicitly assigned. Refer to the Server Fundamentals for more information about owner permissions.

      Throws:
      DfException - if a server error occurs

    • getGroupDefPermit

      int getGroupDefPermit() throws DfException
      Returns the default group permission assigned to objects created by a user.

      The default is used when no group permission is explicitly assigned. Refer to the Server Fundamentals for more information about group permissions.

      Throws:
      DfException - if a server error occurs

    • getWorldDefPermit

      int getWorldDefPermit() throws DfException
      Returns the default world permission assigned to objects created by a user.

      The default is used when no world permission is explicitly assigned. Refer to the Server Fundamentals for more information about world permissions.

      Throws:
      DfException - if a server error occurs

    • getDefaultFolder

      String getDefaultFolder() throws DfException
      Returns the default folder for a user.
      Throws:
      DfException - if a server error occurs

    • isGroup

      boolean isGroup() throws DfException
      Returns a Boolean value indicating whether a user is a group or an individual user.
      Throws:
      DfException - if a server error occurs

    • getUserDBName

      String getUserDBName() throws DfException
      Returns the user's RDBMS user name.
      Throws:
      DfException - if a server error occurs

    • getDescription

      String getDescription() throws DfException
      Returns the user-defined description for a user.
      Throws:
      DfException - if a server error occurs

    • getACLDomain

      String getACLDomain() throws DfException
      Returns the domain of the ACL associated with a user.

      The domain is the user who creates the ACL. For system-level ACLs, the owner is either the name of the repository owner or "dm_dbo", the default alias.

      Throws:
      DfException - if a server error occurs

    • getACLName

      String getACLName() throws DfException
      Returns the name of the ACL associated with a user.
      Throws:
      DfException - if a server error occurs

    • getUserOSDomain

      String getUserOSDomain() throws DfException
      Returns the user's Windows NT domain name.

      This method returns a zero-length string ("") if you are not running Documentum on Windows NT or if your Windows NT system administrator did not set the domain name for the current Documentum user.

      Returns:
      the user's Windows NT domain
      Throws:
      DfException - if a server error occurs

    • getHomeDocbase

      String getHomeDocbase() throws DfException
      Returns the user's home repository.
      Returns:
      the user's home repository
      Throws:
      DfException - if a server error occurs

    • getUserState

      int getUserState() throws DfException
      Returns the availability of a user to process workitems.

      The following list specifies the user state corresponding to all possible return values: 

       Return Value        User State
 0              Fully available
 1              Fully unavailable
      Returns:
      the availability of the user to process workitems
      Throws:
      DfException - if a server error occurs

    • isGloballyManaged

      boolean isGloballyManaged() throws DfException
      Indicates whether the ACL associated with a user is managed globally or locally.

      Global ACLs can only be modified or deleted in the governing repository. Refer to the Distributed Configuration Guide for more information on distributed repositories.

      Throws:
      DfException - if a server error occurs

    • getModifyDate

      IDfTime getModifyDate() throws DfException
      Returns the time and date that a user was last modified.

      If the user has not been modified, this method returns the user's creation date.

      Throws:
      DfException - if a server error occurs

    • getAliasSetId

      IDfId getAliasSetId() throws DfException
      Returns the object ID of the user's default alias set.
      Returns:
      the object ID of the user's default alias set.
      Throws:
      DfException - if a server error occurs

    • getAliasSet

      String getAliasSet() throws DfException
      Returns the name of the user's default alias set.
      Returns:
      the name of the user's default alias set.
      Throws:
      DfException - if a server error occurs
      DfUserAliasSetNotFoundException - if getAliasSetId returns a non-null value but the alias set is not in the repository.

    • getClientCapability

      int getClientCapability() throws DfException
      Returns the client capability as an integer.

      Each DM_USER object has an integer value attribute that indicates the user's capability. This is a single valued attribute. The value is a bit mask, which allows client capabilities to be set for more than one user role at a time: 

        0 = Server Default, Consumer
  1 = Consumer
  2 = Contributor
  4 = Coordinator
  8 = Administrator (equivalent to dmdba)

      For a description of user roles, see the chapter "Users and Groups," in the Content Server Administrator's Guide.

      Returns:
      the client capability
      Throws:
      DfException - if a server error occurs

    • getUserDelegation

      String getUserDelegation() throws DfException
      Returns the names of the user for workflow delegation.
      Throws:
      DfException - if a server error occurs

    • isWorkflowDisabled

      boolean isWorkflowDisabled() throws DfException
      Returns a boolean value indicating the user's availability for workflow.
      Returns:
      true means the user is not available; false means the user is available
      Throws:
      DfException - if a server error occurs

    • getUserSource

      int getUserSource() throws DfException
      Deprecated.
      As of DFC 5.2.5, replaced by getUserSourceAsString()
      Returns this user source. User source designates how the user should be authenticated. When the attribute is null, authentication is done via the local server. Otherwise, authentication can be performed via an LDAP server, or, if the server is running on UNIX, via a Windows domain. Using a Windows domain for UNIX authentication only works if the repository's dm_docbase_config object has its auth_protocol attribute set to "unix_domain_used".


      DF_AUTHENTICATE_USER_DEFINED = -1; // if the value is user defined. For example, plugin identifier value.
      DF_AUTHENTICATE_NONE = 0; // null
      DF_AUTHENTICATE_LDAP = 1; // ldap
      DF_AUTHENTICATE_UNIX_ONLY = 2; // unix only
      DF_AUTHENTICATE_DOMAIN_ONLY = 3; // domain only
      DF_AUTHENTICATE_UNIX_FIRST = 4; // unix first
      DF_AUTHENTICATE_DOMAIN_FIRST = 5; // domain first
      DF_AUTHENTICATE_KERBEROS = 6; // kerberos
      DF_AUTHENTICATE_OTDS = 7; // OTDS

      Throws:
      DfException
      See Also:

    • hasSession

      boolean hasSession() throws DfException
      Check to see if this user has an active repository session. It is sometimes necessary to verify that a user is not currently connected.
      Throws:
      DfException

    • getUserLoginName

      String getUserLoginName() throws DfException
      Returns the user's Documentum user login name.
      Throws:
      DfException - if a server error occurs

    • setUserLoginName

      void setUserLoginName(String userLoginName) throws DfException
      Sets the user's Documentum user login name To change the user login name of an existing user.
      Parameters:
      userLoginName - name of the this user.
      Throws:
      DfException

    • setDefaultACL

      void setDefaultACL(String aclName) throws DfException
      Sets the default ACL for this user to a system ACL (owned by the repository owner). This method will throw an exception if the ACL does not exist. If this method is not called when creating a user, a system-generated, private ACL is created with the following access: world DF_PERMIT_READ group DF_PERMIT_VERSION also EXECUTE PROCEDURE CHANGE LOCATION owner DF_PERMIT_DELETE

      If any of owner, group or world permission is set before calling this method, an exception is thrown because of contradiction.

      Parameters:
      aclName - The name of ACL to assign to the user.
      Throws:
      DfException

    • setDefaultACLEx

      void setDefaultACLEx(String domainName, String aclName) throws DfException
      Sets the default ACL for this user. This method will throw an exception if the specified ACL does not exist. If this method is not called when creating a user, a system-generated, private ACL is created with the following access: world DF_PERMIT_READ group DF_PERMIT_VERSION also EXECUTE PROCEDURE CHANGE LOCATION owner DF_PERMIT_DELETE

      If any of owner, group or world permission is set before calling this method an exception is thrown because of contradiction.

      Parameters:
      domainName - The domain of the the default ACL. To specify a private default ACL provide the user's name. To specify a system default ACL provide one of repositroy owners's name, the String 'dm_dbo' or null.
      aclName - The name of an ACL to assign to the user.
      Throws:
      DfException

    • setAliasSet

      void setAliasSet(String aliasSetName) throws DfException
      Sets the default alias set for this user. If the alias set name is invalid or the alias set does not exist in the repository, an exception is thrown.
      Parameters:
      aliasSetName - Name of the user's default alias set
      Throws:
      DfException

    • setClientCapability

      void setClientCapability(int clientCapability) throws DfException
      Sets the client capability for this user
      Parameters:
      clientCapability - value for user's capability
      Throws:
      DfException

    • setDefaultFolder

      void setDefaultFolder(String folderPath, boolean isPrivate) throws DfException
      Sets the default folder for this user. This method creates the default folder if it doesn't exist. It sets the default folder only if this user is not globally managed or the connected repository is this user's home repository. Otherwise, the default folder is /Temp. If the folder does not exist in the repository, the folder is created when a file is saved. If the login user has superuser privileges, the owner of the newly created folder is this user. Otherwise, change_owner permission is granted to this user to be allowed to change the permission later. If the folder already exists but this user doesn't have WRITE access to the folder, WRITE access is granted to this user only if the login user has superuser privileges.
      Parameters:
      folderPath - full path in the repository to the user's default folder. If this is an invalid folder path, an exception is thrown.
      isPrivate - true can only be seen by user; false can be publically viewed. This parameter only validates when the folder path does not exist in the repository and it is specified as a cabinet.
      Throws:
      DfException

    • setDescription

      void setDescription(String description) throws DfException
      Sets the default description for this user.
      Parameters:
      description - description of the user.
      Throws:
      DfException

    • setHomeDocbase

      void setHomeDocbase(String docbaseName) throws DfException
      Sets this user's home repository. This method should only be used for a new user. To change the home repository of an existing user, use changeHomeDocbase instead.
      Parameters:
      docbaseName - name for user's home repository
      Throws:
      DfException

    • changeHomeDocbase

      void changeHomeDocbase(String userName, boolean isImmediate) throws DfException
      Change the home repository of this user. If this is a new user, the attribute value is set. If this is an existing user, this method invokes a job to change the home repository.
      Parameters:
      userName - the new home repository name.
      isImmediate - Determines if the job should be run immediately or scheduled to run later.
      Throws:
      DfException

    • setUserAddress

      void setUserAddress(String userAddress) throws DfException
      Sets the user's email address.
      Parameters:
      userAddress - value for user address
      Throws:
      DfException

    • setUserDBName

      void setUserDBName(String userDBName) throws DfException
      Sets this user's RDBMS user name. This attribute holds the user's RDBMS login name. The value of this attribute is used to qualify access to registered tables that the user attempts to access. For instance, if user 'tuser1' has this attribute set to 'fred', then a DQL statement such as 'select * from fredtable' will work. If it is not set, then the user must issue 'select * from fred.fredtable'.
      Parameters:
      userDBName - name for user in the RDBMS
      Throws:
      DfException

    • setUserDelegation

      void setUserDelegation(String delegateUserName) throws DfException
      Sets the name of the user to whom to delegate work items.
      Parameters:
      delegateUserName - name for delegation
      Throws:
      DfException

    • setUserGroupName

      void setUserGroupName(String userGroupName) throws DfException
      Sets this user's default group.
      Parameters:
      userGroupName - name of the user's default group. If this is not a valid group, an exception is thrown. An exception is thrown if this is null because this is a required property.
      Throws:
      DfException

    • setUserName

      void setUserName(String userName) throws DfException
      Sets the name of this user. This method should only be used to create a new user. To change the name of an existing user, use renameUser instead.
      Parameters:
      userName - name of the this user.
      Throws:
      DfException

    • renameUser

      void renameUser(String userName, boolean isImmediate, boolean unlockObjects, boolean reportOnly) throws DfException
      Renames this user. If this is a new user, the attribute value is set. If this is an existing user, this method invokes a job to rename user.
      Parameters:
      userName - user name to be set or renamed to (existing user)
      isImmediate - Detemines if the job should be run immediately or run on schedule.
      unlockObjects - control if the objects should be unlocked when renaming user. If this is a new user, this parameter does not take any effect.
      reportOnly - control if the job created is to report or actual rename. If this is a new user, this parameter does not take any effect.
      Throws:
      DfException

    • setUserOSName

      void setUserOSName(String accountName, String domainName) throws DfException
      Sets this user's authentication information: operating system account name and domain. Domain is required only on Windows, and only if the repository is in domain required mode.
      Parameters:
      accountName - user OS account for authentication
      domainName - user domain for authentication (Windows only)
      Throws:
      DfException

    • setUserPrivileges

      void setUserPrivileges(int userPrivileges) throws DfException
      Sets this user's privileges level.
      Parameters:
      userPrivileges - privilege level for user
      Throws:
      DfException

    • setUserState

      void setUserState(int userState, boolean unlockObjects) throws DfException
      Sets this user's activation state (active/inactive).
      Parameters:
      userState - 1 user cannot log in. 0 user can log in.
      unlockObjects - to control whether this method should unlock any sysobjects locked by this user. Note: unlockObjects parameter is ignored and its value will always be true.
      Throws:
      DfException

    • setGloballyManaged

      void setGloballyManaged(boolean isGloballyManaged) throws DfException
      Sets the user as either global (managed by federation) or local.
      Parameters:
      isGloballyManaged - true if the user is managed by a Federation. false if the user is managed locally.
      Throws:
      DfException

    • setUserSource

      void setUserSource(int userSource) throws DfException
      Deprecated.
      As of DFC 5.2.5, replaced by setUserSourceAsString(String)
      Sets this user's source. User source designates how the user should be authenticated. When the attribute is null, authentication is done via the local server. Otherwise, authentication can be performed via an LDAP server, or, if the server is running on UNIX, via a Windows domain. Using a Windows domain for UNIX authentication only works if the repository's dm_docbase_config object has its auth_protocol attribute set to "unix_domain_used".
      DF_AUTHENTICATE_NONE = 0; // null
      DF_AUTHENTICATE_LDAP = 1; // ldap
      DF_AUTHENTICATE_UNIX_ONLY = 2; // unix only
      DF_AUTHENTICATE_DOMAIN_ONLY = 3; // domain only
      DF_AUTHENTICATE_UNIX_FIRST = 4; // unix first
      DF_AUTHENTICATE_DOMAIN_FIRST = 5; // domain first
      DF_AUTHENTICATE_KERBEROS = 6; // kerberos
      DF_AUTHENTICATE_OTDS = 7; // OTDS
      Parameters:
      userSource - value to which source is set
      Throws:
      DfException
      See Also:

    • setWorkflowDisabled

      void setWorkflowDisabled(boolean disabled) throws DfException
      Sets whether this user is workflow disabled.
      Parameters:
      disabled - If true, workflow is disabled. false indicates that workflow is enabled.
      Throws:
      DfException

    • setWriteFederationLogOption

      void setWriteFederationLogOption(int options) throws DfException
      Sets the options on various properties to write to the federation log when properties are changed.
      Parameters:
      options - Flags can be any combination of DF_WRITE_CLIENT_CAPABILITY_LOG, DF_WRITE_PRIVILEGES_LOG, DF_WRITE_USER_STATE_LOG and DF_WRITE_WF_DISABLED_LOG bitwise OR'ed together. It defines what you want to write in the federation log:
      Throws:
      DfException

    • setUserXPrivileges

      void setUserXPrivileges(int userXPrivileges) throws DfException
      Sets the user's extended privileges.

      Form the calling argument by adding together the constants representing the privileges you want to assign. The constants are:

       DF_XPRIVILEGE_CONFIG_AUDIT
 DF_XPRIVILEGE_PURGE_AUDIT
 DF_XPRIVILEGE_VIEW_AUDIT
      For example, to grant view and purge privileges, the calling argument should be:
      DF_XPRIVILEGE_VIEW_AUDIT + DF_XPRIVILEGE_PURGE_AUDIT
      This overrides any prior value. You cannot add privileges by making successive calls.
      Parameters:
      userXPrivileges - Extended privilege level for user
      Throws:
      DfException

    • getUserXPrivileges

      int getUserXPrivileges() throws DfException
      Returns the user's extended privileges.

      The return value is the sum of the values representing the user's privileges. The possible privileges are: 

       DF_XPRIVILEGE_CONFIG_AUDIT =  8
 DF_XPRIVILEGE_PURGE_AUDIT  = 16
 DF_XPRIVILEGE_VIEW_AUDIT   = 32

      Refer to the Server Administrator's Guide for more information about privileges.

      Returns:
      the user's extended privileges
      Throws:
      DfException - if a server error occurs

    • setFailedAuthenticationAttempts

      void setFailedAuthenticationAttempts(int failedAttempts) throws DfException
      Sets the number of failed attempts to authenticate the user.
      Parameters:
      failedAttempts - Valid values are -1 or 0. Setting to -1 would disable the failed authentication attempts feature. Setting to 0 would activate this user in the repository, if he or she were deactivated.
      Throws:
      DfException - if a server error occurs or if an invalid value is passed.
      Since:
      5.2.5

    • getFailedAuthenticationAttempts

      int getFailedAuthenticationAttempts() throws DfException
      Returns the number of failed attempts to authenticate the user.
      Throws:
      DfException - if a server error occurs.
      Since:
      5.2.5

    • getUserDistinguishedLDAPName

      String getUserDistinguishedLDAPName() throws DfException
      Returns the user's distinguished name in LDAP.
      Throws:
      DfException - if a server error occurs.
      Since:
      5.2.5

    • hasEvents

      boolean hasEvents() throws DfException
      Returns true, if the user is registered for auditable events; false otherwise.
      Throws:
      DfException - if a server error occurs.
      Since:
      5.2.5

    • getUserSourceAsString

      String getUserSourceAsString() throws DfException
      Returns this user's source. User source designates how the user should be authenticated.
      Throws:
      DfException
      Since:
      5.2.5

    • setUserSourceAsString

      void setUserSourceAsString(String userSource) throws DfException
      Sets this user's source. User source designates how the user should be authenticated. Valid values are one of the following: "LDAP", "unix only", "domain only", "unix first", "domain first" or a plugin identifier.
      Parameters:
      userSource - value to which source is set.
      Throws:
      DfException
      Since:
      5.2.5

    • getUserPassword

      String getUserPassword() throws DfException
      Gets the user password for inline users.
      Throws:
      DfException
      Since:
      6.0

    • setUserPassword

      void setUserPassword(String value) throws DfException
      Sets the user password for inline users.
      Throws:
      DfException
      Since:
      6.0