import java.time.ZonedDateTime;
import java.util.List;
+import java.util.Map;
import java.util.Set;
-import javax.jcr.Node;
import javax.security.auth.Subject;
-import javax.transaction.UserTransaction;
+import org.argeo.cms.auth.SystemRole;
+import org.argeo.osgi.useradmin.UserDirectory;
+import org.argeo.util.directory.HierarchyUnit;
import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
-import org.osgi.service.useradmin.UserAdmin;
/**
* Provide method interfaces to manage user concepts without accessing directly
* the userAdmin.
*/
public interface CmsUserManager {
+ Map<String, String> getKnownBaseDns(boolean onlyWritable);
+
+ Set<UserDirectory> getUserDirectories();
// CurrentUser
/** Returns the e-mail of the current logged in user */
- public String getMyMail();
+ String getMyMail();
// Other users
/** Returns a {@link User} given a username */
- public User getUser(String username);
+ User getUser(String username);
/** Can be a group or a user */
- public String getUserDisplayName(String dn);
+ String getUserDisplayName(String dn);
/** Can be a group or a user */
- public String getUserMail(String dn);
+ String getUserMail(String dn);
/** Lists all roles of the given user */
- public String[] getUserRoles(String dn);
+ String[] getUserRoles(String dn);
/** Checks if the passed user belongs to the passed role */
- public boolean isUserInRole(String userDn, String roleDn);
+ boolean isUserInRole(String userDn, String roleDn);
// Search
/** Returns a filtered list of roles */
- public Role[] getRoles(String filter) throws InvalidSyntaxException;
+ Role[] getRoles(String filter) throws InvalidSyntaxException;
/** Recursively lists users in a given group. */
- public Set<User> listUsersInGroup(String groupDn, String filter);
+ Set<User> listUsersInGroup(String groupDn, String filter);
/** Search among groups including system roles and users if needed */
- public List<User> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
+ List<User> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles);
+
+// /**
+// * Lists functional accounts, that is users with regular access to the system
+// * under this functional hierarchy unit (which probably have technical direct
+// * sub hierarchy units), excluding groups which are not explicitly users.
+// */
+// Set<User> listAccounts(HierarchyUnit hierarchyUnit, boolean deep);
+
+ /*
+ * EDITION
+ */
+ /** Creates a new user. */
+ User createUser(String username, Map<String, Object> properties, Map<String, Object> credentials);
+
+ /** Creates a group. */
+ Group getOrCreateGroup(HierarchyUnit groups, String commonName);
+
+ /** Creates a new system role. */
+ Group getOrCreateSystemRole(HierarchyUnit roles, SystemRole systemRole);
+
+ /** Add additional object classes to this role. */
+ void addObjectClasses(Role role, Set<String> objectClasses, Map<String, Object> additionalProperties);
+
+ /** Add additional object classes to this hierarchy unit. */
+ void addObjectClasses(HierarchyUnit hierarchyUnit, Set<String> objectClasses,
+ Map<String, Object> additionalProperties);
+
+ /** Add a member to this group. */
+ void addMember(Group group, Role role);
+
+ void edit(Runnable action);
/* MISCELLANEOUS */
/** Returns the dn of a role given its local ID */
- public String buildDefaultDN(String localId, int type);
+ String buildDefaultDN(String localId, int type);
/** Exposes the main default domain name for this instance */
- public String getDefaultDomainName();
+ String getDefaultDomainName();
/**
* Search for a {@link User} (might also be a group) whose uid or cn is equals
* to localId within the various user repositories defined in the current
* context.
*/
- public User getUserFromLocalId(String localId);
+ User getUserFromLocalId(String localId);
void changeOwnPassword(char[] oldPassword, char[] newPassword);
void expireAuthTokens(Subject subject);
- User createUserFromPerson(Node person);
+ UserDirectory getDirectory(Role role);
- @Deprecated
- public UserAdmin getUserAdmin();
-
- @Deprecated
- public UserTransaction getUserTransaction();
+ /** Create a new hierarchy unit. Does nothing if it already exists. */
+ HierarchyUnit getOrCreateHierarchyUnit(UserDirectory directory, String path);
}
\ No newline at end of file