]> git.argeo.org Git - lgpl/argeo-commons.git/blob - argeo/cms/CmsUserManager.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prepare next development cycle
[lgpl/argeo-commons.git] / argeo / cms / CmsUserManager.java
1 package org.argeo.cms;
2
3 import java.time.ZonedDateTime;
4 import java.util.List;
5 import java.util.Map;
6 import java.util.Set;
7
8 import javax.security.auth.Subject;
9
10 import org.argeo.cms.auth.SystemRole;
11 import org.argeo.osgi.useradmin.UserDirectory;
12 import org.argeo.util.directory.HierarchyUnit;
13 import org.osgi.framework.InvalidSyntaxException;
14 import org.osgi.service.useradmin.Group;
15 import org.osgi.service.useradmin.Role;
16 import org.osgi.service.useradmin.User;
17
18 /**
19 * Provide method interfaces to manage user concepts without accessing directly
20 * the userAdmin.
21 */
22 public interface CmsUserManager {
23 Map<String, String> getKnownBaseDns(boolean onlyWritable);
24
25 Set<UserDirectory> getUserDirectories();
26
27 // CurrentUser
28 /** Returns the e-mail of the current logged in user */
29 String getMyMail();
30
31 // Other users
32 /** Returns a {@link User} given a username */
33 User getUser(String username);
34
35 /** Can be a group or a user */
36 String getUserDisplayName(String dn);
37
38 /** Can be a group or a user */
39 String getUserMail(String dn);
40
41 /** Lists all roles of the given user */
42 String[] getUserRoles(String dn);
43
44 /** Checks if the passed user belongs to the passed role */
45 boolean isUserInRole(String userDn, String roleDn);
46
47 // Search
48 /** Returns a filtered list of roles */
49 Role[] getRoles(String filter) throws InvalidSyntaxException;
50
51 /** Recursively lists users in a given group. */
52 Set<User> listUsersInGroup(String groupDn, String filter);
53
54 /** Search among groups including system roles and users if needed */
55 List<User> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
56
57 /*
58 * EDITION
59 */
60 /** Creates a new user. */
61 User createUser(String username, Map<String, Object> properties, Map<String, Object> credentials);
62
63 /** Creates a group. */
64 Group getOrCreateGroup(HierarchyUnit groups, String commonName);
65
66 /** Creates a new system role. */
67 Group getOrCreateSystemRole(HierarchyUnit roles, SystemRole systemRole);
68
69 /** Add additional object classes to this role. */
70 void addObjectClasses(Role role, Set<String> objectClasses, Map<String, Object> additionalProperties);
71
72 /** Add a member to this group. */
73 void addMember(Group group, Role role);
74
75 /* MISCELLANEOUS */
76 /** Returns the dn of a role given its local ID */
77 String buildDefaultDN(String localId, int type);
78
79 /** Exposes the main default domain name for this instance */
80 String getDefaultDomainName();
81
82 /**
83 * Search for a {@link User} (might also be a group) whose uid or cn is equals
84 * to localId within the various user repositories defined in the current
85 * context.
86 */
87 User getUserFromLocalId(String localId);
88
89 void changeOwnPassword(char[] oldPassword, char[] newPassword);
90
91 void resetPassword(String username, char[] newPassword);
92
93 @Deprecated
94 String addSharedSecret(String username, int hours);
95
96 // String addSharedSecret(String username, String authInfo, String authToken);
97
98 void addAuthToken(String userDn, String token, Integer hours, String... roles);
99
100 void addAuthToken(String userDn, String token, ZonedDateTime expiryDate, String... roles);
101
102 void expireAuthToken(String token);
103
104 void expireAuthTokens(Subject subject);
105
106 UserDirectory getDirectory(Role role);
107
108 /** Create a new hierarchy unit. Does nothing if it already exists. */
109 HierarchyUnit getOrCreateHierarchyUnit(UserDirectory directory, String path);
110 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi