package org.argeo.security;
-import java.util.List;
+import java.util.Set;
+/**
+ * Access to the users and roles referential (dependent from the underlying
+ * storage, e.g. LDAP).
+ */
public interface ArgeoSecurityDao {
- public ArgeoUser getCurrentUser();
+ // public ArgeoUser getCurrentUser();
- public List<ArgeoUser> listUsers();
+ /** List all users */
+ public Set<ArgeoUser> listUsers();
- public List<String> listEditableRoles();
+ /** List roles that can be modified */
+ public Set<String> listEditableRoles();
- public void create(ArgeoUser user);
+ /**
+ * Creates a new user in the underlying storage. <b>DO NOT CALL DIRECTLY</b>
+ * use {@link ArgeoSecurityService#newUser(ArgeoUser)} instead.
+ */
+ public void createUser(ArgeoUser user);
- public void update(ArgeoUser user);
+ public void updateUser(ArgeoUser user);
- public void delete(String username);
+ public void deleteUser(String username);
+ /**
+ * Creates a new role in the underlying storage. <b>DO NOT CALL DIRECTLY</b>
+ * use {@link ArgeoSecurityService#newRole(String)} instead.
+ */
public void createRole(String role, String superuserName);
public void deleteRole(String role);
+ /** List all users having this role. */
+ public Set<ArgeoUser> listUsersInRole(String role);
+
public Boolean userExists(String username);
public ArgeoUser getUser(String username);
public ArgeoUser getUserWithPassword(String username);
+
+ public String getDefaultRole();
+
+ /** Validates a raw password against an encoded one. */
+ public Boolean isPasswordValid(String encoded, String raw);
+
+ /** Encodes a raw password. */
+ public String encodePassword(String raw);
}