+++ /dev/null
-package org.argeo.cms;
-
-import java.time.ZonedDateTime;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.xml.namespace.QName;
-
-import org.argeo.api.cms.directory.CmsGroup;
-import org.argeo.api.cms.directory.CmsUser;
-import org.argeo.api.cms.directory.HierarchyUnit;
-import org.argeo.api.cms.directory.UserDirectory;
-import org.osgi.framework.InvalidSyntaxException;
-import org.osgi.service.useradmin.Role;
-import org.osgi.service.useradmin.User;
-
-/**
- * Provide method interfaces to manage user concepts without accessing directly
- * the userAdmin.
- */
-public interface CmsUserManager {
- Map<String, String> getKnownBaseDns(boolean onlyWritable);
-
- Set<UserDirectory> getUserDirectories();
-
- // CurrentUser
- /** Returns the e-mail of the current logged in user */
- String getMyMail();
-
- // Other users
- /** Returns a {@link User} given a username */
- CmsUser getUser(String username);
-
- /** Can be a group or a user */
- String getUserDisplayName(String dn);
-
- /** Can be a group or a user */
- String getUserMail(String dn);
-
- /** Lists all roles of the given user */
- String[] getUserRoles(String dn);
-
- /** Checks if the passed user belongs to the passed role */
- boolean isUserInRole(String userDn, String roleDn);
-
- // Search
- /** Returns a filtered list of roles */
- Role[] getRoles(String filter) throws InvalidSyntaxException;
-
- /** Recursively lists users in a given group. */
- Set<CmsUser> listUsersInGroup(String groupDn, String filter);
-
- /** Search among groups including system roles and users if needed */
- List<CmsUser> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
-
-// /**
-// * Lists functional accounts, that is users with regular access to the system
-// * under this functional hierarchy unit (which probably have technical direct
-// * sub hierarchy units), excluding groups which are not explicitly users.
-// */
-// Set<User> listAccounts(HierarchyUnit hierarchyUnit, boolean deep);
-
- /*
- * EDITION
- */
- /** Creates a new user. */
- CmsUser createUser(String username, Map<String, Object> properties, Map<String, Object> credentials);
-
- /** Creates a group. */
- CmsGroup getOrCreateGroup(HierarchyUnit groups, String commonName);
-
- /** Creates a new system role. */
- CmsGroup getOrCreateSystemRole(HierarchyUnit roles, QName systemRole);
-
- /** Add additional object classes to this role. */
- void addObjectClasses(Role role, Set<String> objectClasses, Map<String, Object> additionalProperties);
-
- /** Add additional object classes to this hierarchy unit. */
- void addObjectClasses(HierarchyUnit hierarchyUnit, Set<String> objectClasses,
- Map<String, Object> additionalProperties);
-
- /** Add a member to this group. */
- void addMember(CmsGroup group, Role role);
-
- void edit(Runnable action);
-
- /* MISCELLANEOUS */
- /** Returns the dn of a role given its local ID */
- String buildDefaultDN(String localId, int type);
-
- /** Exposes the main default domain name for this instance */
- String getDefaultDomainName();
-
- /**
- * Search for a {@link User} (might also be a group) whose uid or cn is equals
- * to localId within the various user repositories defined in the current
- * context.
- */
- CmsUser getUserFromLocalId(String localId);
-
- void changeOwnPassword(char[] oldPassword, char[] newPassword);
-
- void resetPassword(String username, char[] newPassword);
-
- @Deprecated
- String addSharedSecret(String username, int hours);
-
-// String addSharedSecret(String username, String authInfo, String authToken);
-
- void addAuthToken(String userDn, String token, Integer hours, String... roles);
-
- void addAuthToken(String userDn, String token, ZonedDateTime expiryDate, String... roles);
-
- void expireAuthToken(String token);
-
- void expireAuthTokens(Subject subject);
-
- UserDirectory getDirectory(Role role);
-
- /** Create a new hierarchy unit. Does nothing if it already exists. */
- HierarchyUnit getOrCreateHierarchyUnit(UserDirectory directory, String path);
-}
\ No newline at end of file