org.argeo.api.cms/src/org/argeo/api/cms/directory/CmsUserManager.java

   1 package org.argeo.api.cms.directory;
   2
   3 import java.time.ZonedDateTime;
   4 import java.util.List;
   5 import java.util.Map;
   6 import java.util.Set;
   7
   8 import javax.security.auth.Subject;
   9 import javax.xml.namespace.QName;
  10
  11 import org.osgi.service.useradmin.Role;
  12 import org.osgi.service.useradmin.User;
  13
  14 /**
  15  * Provide method interfaces to manage user concepts without accessing directly
  16  * the userAdmin.
  17  */
  18 public interface CmsUserManager {
  19         Map<String, String> getKnownBaseDns(boolean onlyWritable);
  20
  21         Set<UserDirectory> getUserDirectories();
  22
  23         // CurrentUser
  24         /** Returns the e-mail of the current logged in user */
  25         String getMyMail();
  26
  27         // Other users
  28         /** Returns a {@link User} given a username */
  29         CmsUser getUser(String username);
  30
  31         /** Can be a group or a user */
  32         String getUserDisplayName(String dn);
  33
  34         /** Can be a group or a user */
  35         String getUserMail(String dn);
  36
  37         /** Lists all roles of the given user */
  38         String[] getUserRoles(String dn);
  39
  40         /** Checks if the passed user belongs to the passed role */
  41         boolean isUserInRole(String userDn, String roleDn);
  42
  43         // Search
  44         /** Returns a filtered list of roles */
  45         Role[] getRoles(String filter);
  46
  47         /** Recursively lists users in a given group. */
  48         Set<CmsUser> listUsersInGroup(String groupDn, String filter);
  49
  50         /** Search among groups including system roles and users if needed */
  51         List<CmsUser> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
  52
  53 //      /**
  54 //       * Lists functional accounts, that is users with regular access to the system
  55 //       * under this functional hierarchy unit (which probably have technical direct
  56 //       * sub hierarchy units), excluding groups which are not explicitly users.
  57 //       */
  58 //      Set<User> listAccounts(HierarchyUnit hierarchyUnit, boolean deep);
  59
  60         /*
  61          * EDITION
  62          */
  63         /** Creates a new user. */
  64         CmsUser createUser(String username, Map<String, Object> properties, Map<String, Object> credentials);
  65
  66         /** Created a new group. */
  67         CmsGroup createGroup(String dn);
  68
  69         /** Creates a group. */
  70         CmsGroup getOrCreateGroup(HierarchyUnit groups, String commonName);
  71
  72         /** Creates a new system role. */
  73         CmsGroup getOrCreateSystemRole(HierarchyUnit roles, QName systemRole);
  74
  75         /** Add additional object classes to this role. */
  76         void addObjectClasses(Role role, Set<String> objectClasses, Map<String, Object> additionalProperties);
  77
  78         /** Add additional object classes to this hierarchy unit. */
  79         void addObjectClasses(HierarchyUnit hierarchyUnit, Set<String> objectClasses,
  80                         Map<String, Object> additionalProperties);
  81
  82         /** Add a member to this group. */
  83         void addMember(CmsGroup group, Role role);
  84
  85         /** Remove a member from this group. */
  86         void removeMember(CmsGroup group, Role role);
  87
  88         void edit(Runnable action);
  89
  90         /* MISCELLANEOUS */
  91         /** Returns the dn of a role given its local ID */
  92         String buildDefaultDN(String localId, int type);
  93
  94         /** Exposes the main default domain name for this instance */
  95         String getDefaultDomainName();
  96
  97         /**
  98          * Search for a {@link User} (might also be a group) whose uid or cn is equals
  99          * to localId within the various user repositories defined in the current
 100          * context.
 101          */
 102         CmsUser getUserFromLocalId(String localId);
 103
 104         void changeOwnPassword(char[] oldPassword, char[] newPassword);
 105
 106         void resetPassword(String username, char[] newPassword);
 107
 108         @Deprecated
 109         String addSharedSecret(String username, int hours);
 110
 111 //      String addSharedSecret(String username, String authInfo, String authToken);
 112
 113         void addAuthToken(String userDn, String token, Integer hours, String... roles);
 114
 115         void addAuthToken(String userDn, String token, ZonedDateTime expiryDate, String... roles);
 116
 117         void expireAuthToken(String token);
 118
 119         void expireAuthTokens(Subject subject);
 120
 121         UserDirectory getDirectory(Role role);
 122
 123         /** Create a new hierarchy unit. Does nothing if it already exists. */
 124         HierarchyUnit getOrCreateHierarchyUnit(UserDirectory directory, String path);
 125 }