org.nuxeo.ecm.platform.usermanager
Interface MultiTenantUserManager

All Superinterfaces:

Serializable

All Known Implementing Classes:

UserManagerImpl, UserManagerWithComputedGroups

public interface MultiTenantUserManager
extends Serializable

Author:

Benjamin Jalon

Method Summary

Boolean	areGroupsReadOnly() Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
Boolean	areUsersReadOnly() Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.
DocumentModel	createGroup(DocumentModel groupModel, DocumentModel context) Creates a group from given model with the given context.
DocumentModel	createUser(DocumentModel userModel, DocumentModel context) Creates user from given model into the given context document.
void	deleteGroup(DocumentModel groupModel, DocumentModel context) Deletes group represented by given model with the given context.
void	deleteGroup(String groupId, DocumentModel context) Deletes group with given id with the given context.
void	deleteUser(DocumentModel userModel, DocumentModel context) Deletes user represented by given model into the given context document.
void	deleteUser(String userId, DocumentModel context) Deletes user with given id into the given context document.
List<String>	getGroupIds(DocumentModel context) Returns the list of all groups ids with the given context.
DocumentModel	getGroupModel(String groupName, DocumentModel context) Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
List<String>	getGroupsInGroup(String parentId, DocumentModel context) Returns the list of groups that belong to this group with the given context.
NuxeoPrincipal	getPrincipal(String username, DocumentModel context) Retrieves the principal with the given username or null if it does not exist into the given context document.
List<String>	getTopLevelGroups(DocumentModel context) Returns the list of groups that are not members of other groups with the given context.
List<String>	getUserIds(DocumentModel context) Returns the list of all user ids into the given context document.
DocumentModel	getUserModel(String userName, DocumentModel context) Returns the document model representing user with given id or null if it does not exist into the given context document.
String[]	getUsersForPermission(String perm, ACP acp, DocumentModel context) For an ACP, get the list of user that has a permission into the given context.
List<String>	getUsersInGroup(String groupId, DocumentModel context) Returns the list of users that belong to this group into the given context
List<String>	getUsersInGroupAndSubGroups(String groupId, DocumentModel context) Get users from a group and its subgroups into the given context
DocumentModelList	searchGroups(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context) Returns groups matching given criteria with the given context.
DocumentModelList	searchGroups(String pattern, DocumentModel context) Search matching groups through their defined search fields into the given context document.
DocumentModelList	searchUsers(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context) Returns users matching given criteria and with the given context.
DocumentModelList	searchUsers(String pattern, DocumentModel context) Returns users matching given pattern with the given context.
void	updateGroup(DocumentModel groupModel, DocumentModel context) Updates group represented by given model with the given context.
void	updateUser(DocumentModel userModel, DocumentModel context) Updates user represented by given model into the given context document.

Method Detail

getPrincipal

NuxeoPrincipal getPrincipal(String username,
                            DocumentModel context)
                            throws ClientException

Retrieves the principal with the given username or null if it does not exist into the given context document. The context document must be contained into the tenant

Can build principals for anonymous and virtual users as well as for users defined in the users directory.

Throws:

ClientException

Since:

5.4.3

searchGroups

DocumentModelList searchGroups(String pattern,
                               DocumentModel context)
                               throws ClientException

Search matching groups through their defined search fields into the given context document. The context document must be contained into the tenant.

Throws:

ClientException

Since:

5.4.3

getUserIds

List<String> getUserIds(DocumentModel context)
                        throws ClientException

Returns the list of all user ids into the given context document. The context document must be contained into the tenant.

Throws:

ClientException

Since:

5.4.3

createUser

DocumentModel createUser(DocumentModel userModel,
                         DocumentModel context)
                         throws ClientException,
                                UserAlreadyExistsException

Creates user from given model into the given context document. The context document must be contained into the tenant.

Throws:

ClientException

UserAlreadyExistsException

Since:

5.4.3

updateUser

void updateUser(DocumentModel userModel,
                DocumentModel context)
                throws ClientException

Updates user represented by given model into the given context document. The context document must be contained into the tenant.

Parameters:

userModel -

Throws:

ClientException

Since:

5.4.3

deleteUser

void deleteUser(DocumentModel userModel,
                DocumentModel context)
                throws ClientException

Deletes user represented by given model into the given context document. The context document must be contained into the tenant.

Throws:

DirectoryException - if given entry does not exist

ClientException

Since:

5.4.3

deleteUser

void deleteUser(String userId,
                DocumentModel context)
                throws ClientException

Deletes user with given id into the given context document. The context document must be contained into the tenant.

Throws:

DirectoryException - if given entry does not exist

ClientException

Since:

5.4.3

getUserModel

DocumentModel getUserModel(String userName,
                           DocumentModel context)
                           throws ClientException

Returns the document model representing user with given id or null if it does not exist into the given context document. The context document must be contained into the tenant.

Throws:

ClientException

Since:

5.4.3

searchUsers

DocumentModelList searchUsers(String pattern,
                              DocumentModel context)
                              throws ClientException

Returns users matching given pattern with the given context. if the Document Context have a directory local configuration, the service try to open the directory with directory suffix set into the local configuration

Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

Throws:

ClientException

Since:

5.4.3

searchUsers

DocumentModelList searchUsers(Map<String,Serializable> filter,
                              Set<String> fulltext,
                              DocumentModel context)
                              throws ClientException

Returns users matching given criteria and with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

context -

Throws:

ClientException

Since:

5.4.3

getGroupIds

List<String> getGroupIds(DocumentModel context)
                         throws ClientException

Returns the list of all groups ids with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Throws:

ClientException

Since:

5.4.3

searchGroups

DocumentModelList searchGroups(Map<String,Serializable> filter,
                               Set<String> fulltext,
                               DocumentModel context)
                               throws ClientException

Returns groups matching given criteria with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

context -

Throws:

ClientException

Since:

5.4.3

createGroup

DocumentModel createGroup(DocumentModel groupModel,
                          DocumentModel context)
                          throws ClientException,
                                 GroupAlreadyExistsException

Creates a group from given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Returns:

the created group model

Throws:

ClientException

GroupAlreadyExistsException

Since:

5.4.3

updateGroup

void updateGroup(DocumentModel groupModel,
                 DocumentModel context)
                 throws ClientException

Updates group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Throws:

DirectoryException - if given entry does not exist

ClientException

Since:

5.4.3

deleteGroup

void deleteGroup(DocumentModel groupModel,
                 DocumentModel context)
                 throws ClientException

Deletes group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Parameters:

groupModel -

Throws:

DirectoryException - if given entry does not exist

ClientException

Since:

5.4.3

deleteGroup

void deleteGroup(String groupId,
                 DocumentModel context)
                 throws ClientException

Deletes group with given id with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Parameters:

groupId -

Throws:

DirectoryException - if given entry does not exist

ClientException

Since:

5.4.3

getGroupModel

DocumentModel getGroupModel(String groupName,
                            DocumentModel context)
                            throws ClientException

Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.

Parameters:

groupName - the group identifier

Throws:

ClientException

Since:

5.4.3

getGroupsInGroup

List<String> getGroupsInGroup(String parentId,
                              DocumentModel context)
                              throws ClientException

Returns the list of groups that belong to this group with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Parameters:

parentId - the name of the parent group.

Returns:

Throws:

ClientException

Since:

5.4.3

getTopLevelGroups

List<String> getTopLevelGroups(DocumentModel context)
                               throws ClientException

Returns the list of groups that are not members of other groups with the given context.

Returns:

Throws:

ClientException

Since:

5.4.3

getUsersInGroup

List<String> getUsersInGroup(String groupId,
                             DocumentModel context)
                             throws ClientException

Returns the list of users that belong to this group into the given context

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

Since:

5.4.3

getUsersInGroupAndSubGroups

List<String> getUsersInGroupAndSubGroups(String groupId,
                                         DocumentModel context)
                                         throws ClientException

Get users from a group and its subgroups into the given context

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

Since:

5.4.3

areGroupsReadOnly

Boolean areGroupsReadOnly()
                          throws ClientException

Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.

Throws:

ClientException

Since:

5.4.3

areUsersReadOnly

Boolean areUsersReadOnly()
                         throws ClientException

Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

Throws:

ClientException

getUsersForPermission

String[] getUsersForPermission(String perm,
                               ACP acp,
                               DocumentModel context)

For an ACP, get the list of user that has a permission into the given context. This method should be use with care as it can cause performance issues while getting the list of users.

Parameters:

perm - the permission

acp - The access control policy of the document

Returns:

the list of user ids

Since:

5.4.3