   * List an organization's allocation of a system entitlement.
   * @param sessionKey User's session key.
   * @param label System entitlement label.
   * @param includeUnentitled If true, the result will include both organizations that have the
   *     entitlement as well as those that do not; otherwise, the result will only include
   *     organizations that have the entitlement.
   * @return a list of Maps having the system entitlements info.
   * @since 10.4
   * @xmlrpc.doc List each organization's allocation of a system entitlement.
   * @xmlrpc.param #param("string", "sessionKey")
   * @xmlrpc.param #param("string", "label")
   * @xmlrpc.param #param_desc("boolean", "includeUnentitled", "If true, the result will include
   *     both organizations that have the entitlement as well as those that do not; otherwise, the
   *     result will only include organizations that have the entitlement.")
   * @xmlrpc.returntype #array() #struct("entitlement usage") #prop("int", "org_id") #prop("string",
   *     "org_name") #prop("int", "allocated") #prop("int", "unallocated") #prop("int", "used")
   *     #prop("int", "free") #struct_end() #array_end()
  public List<Map> listSystemEntitlements(
      String sessionKey, String label, Boolean includeUnentitled) {


    DataList<Map> result = null;
    if (includeUnentitled) {
      result = OrgManager.allOrgsSingleEntitlementWithEmptyOrgs(label);
    } else {
      result = OrgManager.allOrgsSingleEntitlement(label);

    List<Map> details = new LinkedList<Map>();
    for (Map row : result) {
      Map<String, Object> map = new HashMap<String, Object>();
      Org org = OrgFactory.lookupById((Long) row.get("orgid"));
      map.put(ORG_ID_KEY, new Integer(org.getId().intValue()));
      map.put(ORG_NAME_KEY, org.getName());
      map.put(ALLOCATED_KEY, ((Long) row.get("total")).intValue());
      map.put(USED_KEY, row.get("usage"));
      long free = (Long) row.get("total") - (Long) row.get("usage");
      map.put(FREE_KEY, free);
      long unallocated = (Long) row.get("upper") - (Long) row.get("total");
      map.put(UN_ALLOCATED_KEY, unallocated);
    return details;
  * @param sessionKey Caller's session key.
  * @param orgId the orgId of the organization to set name on
  * @param name the new name for the org.
  * @return the updated org.
  * @xmlrpc.doc Updates the name of an organization
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param("int", "orgId")
  * @xmlrpc.param #param_desc("string", "name", "Organization name. Must meet same criteria as in
  *     the web UI.")
  * @xmlrpc.returntype $OrgDtoSerializer
 public OrgDto updateName(String sessionKey, Integer orgId, String name) {
   Org org = verifyOrgExists(orgId);
   if (!org.getName().equals(name)) {
     try {
     } catch (ValidatorException ve) {
       throw new ValidationException(ve.getMessage());
   return OrgManager.toDetailsDto(org);
  private int enableAccess(User loggedInUser, String channelLabel, Integer orgId, boolean enable)
      throws FaultException {
    Channel channel = lookupChannelByLabel(loggedInUser, channelLabel);
    verifyChannelAdmin(loggedInUser, channel);

    if (!loggedInUser.getOrg().equals(channel.getOrg())) {
      // users are not allowed to alter properties for a channel that is in a
      // different org
      throw new NotPermittedByOrgException(

    // protected mode only for modifying individual orgs
    if (!channel.getAccess().equals(Channel.PROTECTED)) {
      throw new InvalidChannelAccessException(channel.getAccess());

    Org org = OrgFactory.lookupById(orgId.longValue());
    if (org == null) {
      throw new NoSuchOrgException(orgId.toString());

    // need to validate that the org provided is in the list of orgs that may
    // be granted access
    List<OrgChannelDto> orgs = OrgManager.orgChannelTrusts(channel.getId(), loggedInUser.getOrg());
    boolean orgInTrust = false;

    for (OrgChannelDto orgDto : orgs) {
      if (orgDto.getId().equals(new Long(orgId))) {
        orgInTrust = true;

    if (orgInTrust) {
      if (enable) {
      } else {
    } else {
      throw new OrgNotInTrustException(orgId);

    return 1;
  /** {@inheritDoc} */
  public ActionForward execute(
      ActionMapping mapping,
      ActionForm formIn,
      HttpServletRequest request,
      HttpServletResponse response) {

    RequestContext requestContext = new RequestContext(request);
    User user = requestContext.getLoggedInUser();
    DataList result = OrgManager.activeOrgs(user);

    request.setAttribute(ListTagHelper.PAGE_LIST, result);
    request.setAttribute(ListTagHelper.PARENT_URL, request.getRequestURI());

    return mapping.findForward("default");
   * List the organizations associated with the given channel that may be trusted.
   * @param loggedInUser The current user
   * @param channelLabel The label for the channel
   * @return List of map entries indicating the orgs available and if access is enabled.
   * @throws FaultException A FaultException is thrown if: - The sessionKey is invalid - The
   *     channelLabel is invalid - The user doesn't have channel admin permissions
   * @xmlrpc.doc List the organizations associated with the given channel that may be trusted.
   * @xmlrpc.param #session_key()
   * @xmlrpc.param #param_desc("string", "channelLabel", "label of the channel")
   * @xmlrpc.returntype #array() #struct("org") #prop("int", "org_id") #prop("string", "org_name")
   *     #prop("boolean", "access_enabled") #struct_end() #array_end()
  public List list(User loggedInUser, String channelLabel) throws FaultException {

    Channel channel = lookupChannelByLabel(loggedInUser, channelLabel);
    verifyChannelAdmin(loggedInUser, channel);

    if (!loggedInUser.getOrg().equals(channel.getOrg())) {
      // users are not allowed to access properties for a channel that is in a
      // different org
      throw new NotPermittedByOrgException(

    // retrieve the orgs available to be "trusted" for this channel
    List<OrgChannelDto> orgs = OrgManager.orgChannelTrusts(channel.getId(), loggedInUser.getOrg());
    // retrieve the orgs that are trusted for this channel
    Set<Org> trustedOrgs = channel.getTrustedOrgs();

    // populate a result that includes all orgs that could be trusted with a boolean
    // that indicates if the orgs is indeed trusted.
    List<Map<String, Object>> result = new ArrayList<Map<String, Object>>();
    for (OrgChannelDto orgDto : orgs) {
      Org org = OrgFactory.lookupById(orgDto.getId());

      if (org != null) {
        Map<String, Object> entry = new HashMap<String, Object>();

        entry.put("org_id", org.getId().intValue());
        entry.put("org_name", org.getName());
        if (trustedOrgs.contains(org)) {
          entry.put("access_enabled", Boolean.TRUE);
        } else {
          entry.put("access_enabled", Boolean.FALSE);
    return result;
   * Create a new organization.
   * @param sessionKey User's session key.
   * @param orgName Organization name. Must meet same criteria as in the web UI.
   * @param adminLogin New administrator login name for the new org.
   * @param adminPassword New administrator password.
   * @param prefix New administrator's prefix.
   * @param firstName New administrator's first name.
   * @param lastName New administrator's last name.
   * @param email New administrator's e-mail.
   * @param usePamAuth Should PAM authentication be used for new administrators account.
   * @return Newly created organization object.
   * @xmlrpc.doc Create a new organization and associated administrator account.
   * @xmlrpc.param #param("string", "sessionKey")
   * @xmlrpc.param #param_desc("string", "orgName", "Organization name. Must meet same criteria as
   *     in the web UI.")
   * @xmlrpc.param #param_desc("string", "adminLogin", "New administrator login name.")
   * @xmlrpc.param #param_desc("string", "adminPassword", "New administrator password.")
   * @xmlrpc.param #param_desc("string", "prefix", "New administrator's prefix. Must match one of
   *     the values available in the web UI. (i.e. Dr., Mr., Mrs., Sr., etc.)")
   * @xmlrpc.param #param_desc("string", "firstName", "New administrator's first name.")
   * @xmlrpc.param #param_desc("string", "lastName", "New administrator's first name.")
   * @xmlrpc.param #param_desc("string", "email", "New administrator's e-mail.")
   * @xmlrpc.param #param_desc("boolean", "usePamAuth", "True if PAM authentication should be used
   *     for the new administrator account.")
   * @xmlrpc.returntype $OrgDtoSerializer
  public OrgDto create(
      String sessionKey,
      String orgName,
      String adminLogin,
      String adminPassword,
      String prefix,
      String firstName,
      String lastName,
      String email,
      Boolean usePamAuth) {

    validateCreateOrgData(orgName, adminPassword, firstName, lastName, email, usePamAuth);

    CreateOrgCommand cmd = new CreateOrgCommand(orgName, adminLogin, adminPassword, email);

    String pamAuthService = Config.get().getString(ConfigDefaults.WEB_PAM_AUTH_SERVICE);
    if (usePamAuth) {
      if (pamAuthService != null && pamAuthService.trim().length() > 0) {
      } else {
        // The user wants to use pam authentication, but the server has not been
        // configured to use pam... Throw an error...
        throw new PamAuthNotConfiguredException();

    ValidatorError[] verrors = cmd.store();
    if (verrors != null) {
      throw new ValidationException(verrors[0].getMessage());

    return OrgManager.toDetailsDto(cmd.getNewOrg());
  * List an organization's allocations of each system entitlement.
  * @param sessionKey User's session key.
  * @param orgId Organization ID
  * @return Array of maps.
  * @xmlrpc.doc List an organization's allocation of each system entitlement.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param("int", "orgId")
  * @xmlrpc.returntype #array() $OrgEntitlementDtoSerializer #array_end()
 public List<OrgEntitlementDto> listSystemEntitlementsForOrg(String sessionKey, Integer orgId) {
   Org org = verifyOrgExists(orgId);
   return OrgManager.listEntitlementsFor(org);
  * Lists system entitlement allocation/distribution information across all organizations. User
  * needs to be a satellite administrator to get this information
  * @param sessionKey User's session key.
  * @return Array of SystemEntitlementsDtoSerializer.
  * @xmlrpc.doc Lists system entitlement allocation information across all organizations. Caller
  *     must be a satellite administrator.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.returntype #array() $SystemEntitlementsDtoSerializer #array_end()
 public List<SystemEntitlementsDto> listSystemEntitlements(String sessionKey) {
   return OrgManager.allOrgsEntitlements();
  * Returns the detailed information about an organization given the org_name.
  * @param sessionKey Caller's session key.
  * @param name the name of the organization to lookup on.
  * @return the list of users in a organization.
  * @xmlrpc.doc The detailed information about an organization given the organization name.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param("string", "name")
  * @xmlrpc.returntype $OrgDtoSerializer
 public OrgDto getDetails(String sessionKey, String name) {
   return OrgManager.toDetailsDto(verifyOrgExists(name));
  * Returns the detailed information about an organization given the org_id.
  * @param sessionKey Caller's session key.
  * @param orgId the orgId of the organization to lookup on.
  * @return the list of users in a organization.
  * @xmlrpc.doc The detailed information about an organization given the organization ID.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param("int", "orgId")
  * @xmlrpc.returntype $OrgDtoSerializer
 public OrgDto getDetails(String sessionKey, Integer orgId) {
   return OrgManager.toDetailsDto(verifyOrgExists(orgId));
  * Returns the list of active users in a given organization
  * @param sessionKey Caller's session key.
  * @param orgId the orgId of the organization to lookup on.
  * @return the list of users in a organization.
  * @xmlrpc.doc Returns the list of users in a given organization.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param("int", "orgId")
  * @xmlrpc.returntype #array() $MultiOrgUserOverviewSerializer #array_end()
 public List listUsers(String sessionKey, Integer orgId) {
   return OrgManager.activeUsers(Long.valueOf(orgId));
  * Returns the list of organizations.
  * @param sessionKey User's session key.
  * @return list of orgs.
  * @xmlrpc.doc Returns the list of organizations.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.returntype $OrgDtoSerializer
 public List<OrgDto> listOrgs(String sessionKey) {
   User user = getSatAdmin(sessionKey);
   return OrgManager.activeOrgs(user);