1 package org
.argeo
.api
.cms
.directory
;
3 import java
.time
.ZonedDateTime
;
8 import javax
.security
.auth
.Subject
;
9 import javax
.xml
.namespace
.QName
;
11 import org
.osgi
.service
.useradmin
.Role
;
12 import org
.osgi
.service
.useradmin
.User
;
15 * Provide method interfaces to manage user concepts without accessing directly
18 public interface CmsUserManager
{
19 Map
<String
, String
> getKnownBaseDns(boolean onlyWritable
);
21 Set
<UserDirectory
> getUserDirectories();
24 /** Returns the e-mail of the current logged in user */
28 /** Returns a {@link User} given a username */
29 CmsUser
getUser(String username
);
31 /** Can be a group or a user */
32 String
getUserDisplayName(String dn
);
34 /** Can be a group or a user */
35 String
getUserMail(String dn
);
37 /** Lists all roles of the given user */
38 String
[] getUserRoles(String dn
);
40 /** Checks if the passed user belongs to the passed role */
41 boolean isUserInRole(String userDn
, String roleDn
);
44 /** Returns a filtered list of roles */
45 Role
[] getRoles(String filter
);
47 /** Recursively lists users in a given group. */
48 Set
<CmsUser
> listUsersInGroup(String groupDn
, String filter
);
50 /** Search among groups including system roles and users if needed */
51 List
<CmsUser
> listGroups(String filter
, boolean includeUsers
, boolean includeSystemRoles
);
54 // * Lists functional accounts, that is users with regular access to the system
55 // * under this functional hierarchy unit (which probably have technical direct
56 // * sub hierarchy units), excluding groups which are not explicitly users.
58 // Set<User> listAccounts(HierarchyUnit hierarchyUnit, boolean deep);
63 /** Creates a new user. */
64 CmsUser
createUser(String username
, Map
<String
, Object
> properties
, Map
<String
, Object
> credentials
);
66 /** Creates a group. */
67 CmsGroup
getOrCreateGroup(HierarchyUnit groups
, String commonName
);
69 /** Creates a new system role. */
70 CmsGroup
getOrCreateSystemRole(HierarchyUnit roles
, QName systemRole
);
72 /** Add additional object classes to this role. */
73 void addObjectClasses(Role role
, Set
<String
> objectClasses
, Map
<String
, Object
> additionalProperties
);
75 /** Add additional object classes to this hierarchy unit. */
76 void addObjectClasses(HierarchyUnit hierarchyUnit
, Set
<String
> objectClasses
,
77 Map
<String
, Object
> additionalProperties
);
79 /** Add a member to this group. */
80 void addMember(CmsGroup group
, Role role
);
82 void edit(Runnable action
);
85 /** Returns the dn of a role given its local ID */
86 String
buildDefaultDN(String localId
, int type
);
88 /** Exposes the main default domain name for this instance */
89 String
getDefaultDomainName();
92 * Search for a {@link User} (might also be a group) whose uid or cn is equals
93 * to localId within the various user repositories defined in the current
96 CmsUser
getUserFromLocalId(String localId
);
98 void changeOwnPassword(char[] oldPassword
, char[] newPassword
);
100 void resetPassword(String username
, char[] newPassword
);
103 String
addSharedSecret(String username
, int hours
);
105 // String addSharedSecret(String username, String authInfo, String authToken);
107 void addAuthToken(String userDn
, String token
, Integer hours
, String
... roles
);
109 void addAuthToken(String userDn
, String token
, ZonedDateTime expiryDate
, String
... roles
);
111 void expireAuthToken(String token
);
113 void expireAuthTokens(Subject subject
);
115 UserDirectory
getDirectory(Role role
);
117 /** Create a new hierarchy unit. Does nothing if it already exists. */
118 HierarchyUnit
getOrCreateHierarchyUnit(UserDirectory directory
, String path
);