All Classes Files Functions Variables Pages
Users.idl
Go to the documentation of this file.
1 /**
2  * @file Users.idl
3  * @brief API for Kerio Control Users
4  * @version 3
5  */
6 
7 #import <kerio/web/idl/SharedStructures.idl>
8 #import <common.idl>
9 
10 module webadmin {
11 
12 enum UserConditionType {
13  AnyUser,
14  AuthenticatedUsers,
15  UnrecognizedUsers,
16  SelectedUsers,
17  Nobody
18 };
19 
20 /**
21  * Roles in webadmin correspond with user rights. If user doesn't have even
22  * read right, he can't create session, so there is no "none" in the enum
23  */
24 enum UserRoleType {
25  Auditor,
26  FullAdmin
27 };
28 
29 typedef sequence<UserRoleType> UserRoleList;
30 
31 enum AuthType {
32  Internal,
33  KerberosNt
34 };
35 
36 struct UserRights {
37  boolean readConfig;
38  boolean writeConfig;
39  boolean overrideWwwFilter;
40  boolean unlockRule;
41  boolean dialRasConnection;
42  boolean connectVpn;
43  boolean connectSslVpn;
44  boolean useP2p;
45 };
46 
47 enum QuotaType {
48  QuotaBoth,
49  QuotaDownload,
50  QuotaUpload
51 };
52 
53 struct QuotaInterval {
54  boolean enabled;
55  QuotaType type;
56  kerio::web::ByteValueWithUnits limit;
57 };
58 
59 struct Quota {
60  QuotaInterval daily;
61  QuotaInterval weekly;
62  QuotaInterval monthly;
63 
64  boolean blockTraffic;
65  boolean notifyUser;
66 };
67 
68 struct WwwFilter {
69  boolean javaApplet; /* true => HTML content is filtered (disabled) */
70  boolean embedObject;
71  boolean script;
72  boolean popup;
73  boolean referer;
74 };
75 
76 /** common user data, used in domain template */
77 struct UserData {
78  UserRights rights;
79  Quota quota;
80  WwwFilter wwwFilter;
81  string language; /** see spec id 217 */
82 };
83 
84 struct AutoLogin {
85  OptionalStringList macAddresses;
86  OptionalIpAddressList addresses;
87  kerio::web::OptionalEntity addressGroup;
88 };
89 
90 /** user or group reference, used as "member of group" in user, "have member" in group and in various policies */
91 struct UserReference {
92  kerio::web::KId id;
93  string name;
94  boolean isGroup;
95  string domainName;
96 };
97 
98 typedef sequence<UserReference> UserReferenceList;
99 
100 enum AddresseeType {
101  AddresseeEmail,
102  AddresseeUser
103 };
104 
105 struct Addressee {
106  AddresseeType type;
107  string email;
108 
109  /*@{ valid for type AddresseeUser */
110  UserReference user;
111  /*@}*/
112 };
113 
114 struct UserCondition {
115  UserConditionType type;
116  UserReferenceList users;
117 };
118 
119 struct UserSettings {
120  string calculatedLanguage;
121  string language;
122  string detectedLanguage;
123  UserRoleList roles;
124  UserReference user;
125  string fullName;
126  string email;
127 };
128 
129 struct User {
130  kerio::web::KId id;
131  CredentialsConfig credentials; /** username char[128], passwd char [128] */
132  string fullName; /** char [128] */
133  string description; /** char [128] */
134  string email; /** char [128] */
135  AuthType authType;
136  boolean localEnabled;
137  boolean adEnabled;
138  boolean useTemplate;
139  UserData data; /** if uses template, data may not be loaded from configuration */
140  AutoLogin autoLogin;
141  OptionalIpAddress vpnAddress;
142  UserReferenceList groups;
143  boolean conflictWithLocal; /** read only */
144  boolean totpConfigured; /** can be cleared, but not configured */
145 };
146 
147 typedef sequence<User> UserList;
148 
149 interface Users {
150 
151  /**
152  * Obtain list of users in given domain
153  *
154  * @param warnings - list of warnings \n
155  * 8003 Users conflict. - "Some user names are in conflict with users in the local user database." \n
156  * 8004 Authentication Error. - "Some user accounts are not functional, authentication in the directory service and/or Windows NT® domain is not active." \n
157  * @param list - list of users and it's details
158  * @param totalItems - count of all users on server (before the start/limit applied)
159  * @param query - conditions and limits
160  * @param domainId - id of domain - only users from this domain will be listed
161  * @throws kerio::web::ApiException \n
162  * -32001 Session expired. - "The user is not logged in." \n
163  * 1000 Operation failed. - "Directory service error: %1." \n
164  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
165  */
166  void get(out kerio::web::ErrorList warnings, out UserList list, out long totalItems, in kerio::web::SearchQuery query, in kerio::web::KId domainId);
167 
168  /**
169  * Add new user
170  *
171  * @param errors - list of errors \n
172  * 1000 Operation failed. - "Unable to add item." \n
173  * 1001 Already exists. - "User %1 already exists." \n
174  * 8001 Invalid params. - "Unable to add/modify user %1, wrong parameters." \n
175  * 8002 Database error. - "Unable to add/modify user %1, it may already exist." \n
176  * @param result - list of IDs assigned to each item
177  * @param users - details for new users. field id is assigned by the manager to temporary value until apply() or reset().
178  * @param domainId - id of domain - specifies domain, where user will be created (only local is supported)
179  * @throws kerio::web::ApiException \n
180  * -32001 Session expired. - "The user is not logged in." \n
181  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
182  */
183  void create(out kerio::web::ErrorList errors, out kerio::web::CreateResultList result, in UserList users, in kerio::web::KId domainId);
184 
185  /**
186  * Update users' details
187  *
188  * @param errors - list of errors \n
189  * 1001 Already exists. - "User %1 already exists." \n
190  * 8001 Invalid params. - "Unable to add/modify user %1, wrong parameters." \n
191  * 8002 Database error. - "Unable to add/modify user %1, it may already exist."
192  * @param userIds - ids of users to be updated.
193  * @param details - details for update. Field "kerio::web::KId" is ignored. Only filled details will be stored in users config defined by userIds
194  * @param domainId - id of domain - users from this domain will be updated
195  * @throws kerio::web::ApiException \n
196  * -32001 Session expired. - "The user is not logged in." \n
197  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
198  */
199  void set(out kerio::web::ErrorList errors, in kerio::web::KIdList userIds, in User details, in kerio::web::KId domainId);
200 
201  /**
202  * Delete users
203  *
204  * @param errors - list of errors \n
205  * 1000 Operation failed. - "Unable to remove item." \n
206  * 1000 Operation failed. - "Unable to delete Admin user." \n
207  * 8002 Database error. - "Unable to delete the user."
208  * @param userIds - ids of users that should be removed
209  * @param domainId - id of domain - specifies domain, where user will be removed (only local is supported)
210  * @throws kerio::web::ApiException \n
211  * -32001 Session expired. - "The user is not logged in." \n
212  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
213  */
214  void remove(out kerio::web::ErrorList errors, in kerio::web::KIdList userIds, in kerio::web::KId domainId);
215 
216  /**
217  * replace all conflicting local users with domain users in policies
218  * @param domainId - id of domain - specifies domain, from which users will be loaded
219  * @throws kerio::web::ApiException \n
220  * -32001 Session expired. - "The user is not logged in." \n
221  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
222  */
223  void convertLocalUsers(in kerio::web::KId domainId);
224 
225  /**
226  * Returns list of users suitable for import
227  *
228  * @param users - list of users and details
229  * @param domainName - name of AD domain
230  * @param server - AD server
231  * @param credentials - username and password for user with read privilegies
232  * @param ldapSecure - use secured connection
233  * @throws kerio::web::ApiException \n
234  * -32001 Session expired. - "The user is not logged in." \n
235  * 1000 Operation failed. - "Directory service error: %1." \n
236  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
237  */
238  void getAdUsers(out UserList users, in string domainName, in string server, in CredentialsConfig credentials, in boolean ldapSecure);
239 
240  /**
241  * Returns list of users suitable for import
242  *
243  * @param users - list of users and details
244  * @param domainName - name of NT domain
245  * @throws kerio::web::ApiException \n
246  * -32001 Session expired. - "The user is not logged in." \n
247  * 1000 Operation failed. - "Failed to list Windows NT domain users, error: %1." \n
248  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
249  */
250  void getNtUsers(out UserList users, in string domainName);
251 
252  /**
253  * supported languages, name like "Cestina" in utf8, value in configuration, default value is "detect"
254  *
255  * @param languages - list of languages
256  * @throws kerio::web::ApiException \n
257  * -32001 Session expired. - "The user is not logged in." \n
258  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
259  */
260  void getSupportedLanguages(out kerio::web::NamedValueList languages);
261 
262  /**
263  * Returns list of user's settings
264  *
265  * @param settings - list of all settings
266  * @throws kerio::web::ApiException \n
267  * -32001 Session expired. - "The user is not logged in." \n
268  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
269  */
270  void getMySettings(out UserSettings settings);
271 
272  /**
273  * Stores list of user's settings
274  *
275  * @param settings - list of all settings
276  * @throws kerio::web::ApiException \n
277  * -32001 Session expired. - "The user is not logged in." \n
278  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
279  */
280  void setMySettings(in UserSettings settings);
281 
282  /**
283  * Checks, if autoLogin and vpnAddress params are unique and returns appropriate warnings if so
284  *
285  * @param errors - list of all warnings
286  * @param user - user data
287  * @throws kerio::web::ApiException \n
288  * -32001 Session expired. - "The user is not logged in." \n
289  * 1004 Access denied. - "Insufficient rights to perform the requested operation."
290  */
291  void checkWarnings(out kerio::web::ErrorList errors, in User user);
292 };
293 
294 }; //webadmin
webadmin::User::totpConfigured
boolean totpConfigured
Definition: Users.idl:144
webadmin::User::email
string email
Definition: Users.idl:134
webadmin::User
Definition: Users.idl:129
common.idl
Common Kerio Control structures, enums and types.
kerio::web::SearchQuery
Definition: SharedStructures.idl:139
webadmin::UserCondition
Definition: Users.idl:114
webadmin::User::fullName
string fullName
Definition: Users.idl:132
webadmin::AutoLogin
Definition: Users.idl:84
kerio::web::ByteValueWithUnits
Definition: SharedStructures.idl:211
webadmin::WwwFilter
Definition: Users.idl:68
webadmin::UserReference
Definition: Users.idl:91
webadmin::Users
Definition: Users.idl:149
webadmin::User::authType
AuthType authType
Definition: Users.idl:135
webadmin::UserRights
Definition: Users.idl:36
webadmin::Addressee
Definition: Users.idl:105
webadmin::User::autoLogin
AutoLogin autoLogin
Definition: Users.idl:140
webadmin::CredentialsConfig
Definition: common.idl:18
webadmin::User::description
string description
Definition: Users.idl:133
webadmin::UserSettings
Definition: Users.idl:119
webadmin::OptionalStringList
Definition: common.idl:10
webadmin::QuotaInterval
Definition: Users.idl:53
kerio::web::OptionalEntity
Definition: SharedStructures.idl:307
webadmin
Definition: Accounting.idl:11
kerio::web::OptionalString
Definition: SharedStructures.idl:289
webadmin::Quota
Definition: Users.idl:59
webadmin::UserData
Definition: Users.idl:77