cms/CmsUserManager.java

   1 package org.argeo.cms;
   2
   3 import java.time.ZonedDateTime;
   4 import java.util.List;
   5 import java.util.Map;
   6 import java.util.Set;
   7
   8 import javax.security.auth.Subject;
   9 import javax.xml.namespace.QName;
  10
  11 import org.argeo.api.cms.directory.CmsGroup;
  12 import org.argeo.api.cms.directory.CmsUser;
  13 import org.argeo.api.cms.directory.HierarchyUnit;
  14 import org.argeo.api.cms.directory.UserDirectory;
  15 import org.osgi.framework.InvalidSyntaxException;
  16 import org.osgi.service.useradmin.Role;
  17 import org.osgi.service.useradmin.User;
  18
  19 /**
  20  * Provide method interfaces to manage user concepts without accessing directly
  21  * the userAdmin.
  22  */
  23 public interface CmsUserManager {
  24         Map<String, String> getKnownBaseDns(boolean onlyWritable);
  25
  26         Set<UserDirectory> getUserDirectories();
  27
  28         // CurrentUser
  29         /** Returns the e-mail of the current logged in user */
  30         String getMyMail();
  31
  32         // Other users
  33         /** Returns a {@link User} given a username */
  34         CmsUser getUser(String username);
  35
  36         /** Can be a group or a user */
  37         String getUserDisplayName(String dn);
  38
  39         /** Can be a group or a user */
  40         String getUserMail(String dn);
  41
  42         /** Lists all roles of the given user */
  43         String[] getUserRoles(String dn);
  44
  45         /** Checks if the passed user belongs to the passed role */
  46         boolean isUserInRole(String userDn, String roleDn);
  47
  48         // Search
  49         /** Returns a filtered list of roles */
  50         Role[] getRoles(String filter) throws InvalidSyntaxException;
  51
  52         /** Recursively lists users in a given group. */
  53         Set<CmsUser> listUsersInGroup(String groupDn, String filter);
  54
  55         /** Search among groups including system roles and users if needed */
  56         List<CmsUser> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
  57
  58 //      /**
  59 //       * Lists functional accounts, that is users with regular access to the system
  60 //       * under this functional hierarchy unit (which probably have technical direct
  61 //       * sub hierarchy units), excluding groups which are not explicitly users.
  62 //       */
  63 //      Set<User> listAccounts(HierarchyUnit hierarchyUnit, boolean deep);
  64
  65         /*
  66          * EDITION
  67          */
  68         /** Creates a new user. */
  69         CmsUser createUser(String username, Map<String, Object> properties, Map<String, Object> credentials);
  70
  71         /** Creates a group. */
  72         CmsGroup getOrCreateGroup(HierarchyUnit groups, String commonName);
  73
  74         /** Creates a new system role. */
  75         CmsGroup getOrCreateSystemRole(HierarchyUnit roles, QName systemRole);
  76
  77         /** Add additional object classes to this role. */
  78         void addObjectClasses(Role role, Set<String> objectClasses, Map<String, Object> additionalProperties);
  79
  80         /** Add additional object classes to this hierarchy unit. */
  81         void addObjectClasses(HierarchyUnit hierarchyUnit, Set<String> objectClasses,
  82                         Map<String, Object> additionalProperties);
  83
  84         /** Add a member to this group. */
  85         void addMember(CmsGroup group, Role role);
  86
  87         void edit(Runnable action);
  88
  89         /* MISCELLANEOUS */
  90         /** Returns the dn of a role given its local ID */
  91         String buildDefaultDN(String localId, int type);
  92
  93         /** Exposes the main default domain name for this instance */
  94         String getDefaultDomainName();
  95
  96         /**
  97          * Search for a {@link User} (might also be a group) whose uid or cn is equals
  98          * to localId within the various user repositories defined in the current
  99          * context.
 100          */
 101         CmsUser getUserFromLocalId(String localId);
 102
 103         void changeOwnPassword(char[] oldPassword, char[] newPassword);
 104
 105         void resetPassword(String username, char[] newPassword);
 106
 107         @Deprecated
 108         String addSharedSecret(String username, int hours);
 109
 110 //      String addSharedSecret(String username, String authInfo, String authToken);
 111
 112         void addAuthToken(String userDn, String token, Integer hours, String... roles);
 113
 114         void addAuthToken(String userDn, String token, ZonedDateTime expiryDate, String... roles);
 115
 116         void expireAuthToken(String token);
 117
 118         void expireAuthTokens(Subject subject);
 119
 120         UserDirectory getDirectory(Role role);
 121
 122         /** Create a new hierarchy unit. Does nothing if it already exists. */
 123         HierarchyUnit getOrCreateHierarchyUnit(UserDirectory directory, String path);
 124 }