First clean version of the security UI, also tested with RAP

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / ArgeoSecurityDao.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java
index f91e86748457669de1ce0cd31edcaae995f85742..de2664851a648143fd630569f9208170f496d7b3 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java
@@ -25,16 +25,26 @@ import java.util.List;
 public interface ArgeoSecurityDao {
        // public ArgeoUser getCurrentUser();
 
+       /** List all users */
        public List<ArgeoUser> listUsers();
 
+       /** List roles that can be modified */
        public List<String> listEditableRoles();
 
+       /**
+        * Creates a new user in the underlying storage. <b>DO NOT CALL DIRECTLY</b>
+        * use {@link ArgeoSecurityService#newUser(ArgeoUser)} instead.
+        */
        public void create(ArgeoUser user);
 
        public void update(ArgeoUser user);
 
        public void delete(String username);
 
+       /**
+        * Creates a new role in the underlying storage. <b>DO NOT CALL DIRECTLY</b>
+        * use {@link ArgeoSecurityService#newRole(String)} instead.
+        */
        public void createRole(String role, String superuserName);
 
        public void deleteRole(String role);
@@ -46,4 +56,10 @@ public interface ArgeoSecurityDao {
        public ArgeoUser getUserWithPassword(String username);
 
        public String getDefaultRole();
+
+       /** Validates a raw password against an encoded one. */
+       public Boolean isPasswordValid(String encoded, String raw);
+
+       /** Encodes a raw password. */
+       public String encodePassword(String raw);
 }