Nuxeo ECM Projects 5.4.3-SNAPSHOT

org.nuxeo.ecm.platform.usermanager
Class UserManagerImpl

java.lang.Object
  extended by org.nuxeo.ecm.platform.usermanager.UserManagerImpl
All Implemented Interfaces:
Serializable, MultiTenantUserManager, UserManager, Authenticator
Direct Known Subclasses:
UserManagerWithComputedGroups

public class UserManagerImpl
extends Object
implements UserManager, MultiTenantUserManager

Standard implementation of the Nuxeo UserManager.

See Also:
Serialized Form

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager
UserManager.MatchType
 
Field Summary
static String DEFAULT_ANONYMOUS_USER_ID
           
static String GROUPCHANGED_EVENT_ID
          Used by JaasCacheFlusher.
static String GROUPCREATED_EVENT_ID
           
static String GROUPDELETED_EVENT_ID
           
static String GROUPMODIFIED_EVENT_ID
           
 UserMultiTenantManagement multiTenantManagement
           
static String USERCHANGED_EVENT_ID
          Used by JaasCacheFlusher.
static String USERCREATED_EVENT_ID
           
static String USERDELETED_EVENT_ID
           
static String USERMANAGER_TOPIC
           
static String USERMODIFIED_EVENT_ID
           
static String VIRTUAL_FIELD_FILTER_PREFIX
           
 
Constructor Summary
UserManagerImpl()
           
 
Method Summary
 Boolean areGroupsReadOnly()
          Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
 Boolean areUsersReadOnly()
          Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.
 Principal authenticate(String name, String password)
          Get a principal object for the given username if the username / password pair is valid, otherwise returns null.
 boolean checkUsernamePassword(String username, String password)
          Check the password for the given username.
 DocumentModel createGroup(DocumentModel groupModel)
          Creates a group from given model
 DocumentModel createGroup(DocumentModel groupModel, DocumentModel context)
          Creates a group from given model with the given context.
 void createGroup(NuxeoGroup group)
           
 void createPrincipal(NuxeoPrincipal principal)
           
 DocumentModel createUser(DocumentModel userModel)
          Creates user from given model.
 DocumentModel createUser(DocumentModel userModel, DocumentModel context)
          Creates user from given model into the given context document.
 void deleteGroup(DocumentModel groupModel)
          Deletes group represented by given model.
 void deleteGroup(DocumentModel groupModel, DocumentModel context)
          Deletes group represented by given model with the given context.
 void deleteGroup(NuxeoGroup group)
           
 void deleteGroup(String groupId)
          Deletes group with given id.
 void deleteGroup(String groupId, DocumentModel context)
          Deletes group with given id with the given context.
 void deletePrincipal(NuxeoPrincipal principal)
           
 void deleteUser(DocumentModel userModel)
          Deletes user represented by given model.
 void deleteUser(DocumentModel userModel, DocumentModel context)
          Deletes user represented by given model into the given context document.
 void deleteUser(String userId)
          Deletes user with given id.
 void deleteUser(String userId, DocumentModel context)
          Deletes user with given id into the given context document.
static String encodeDigestAuthPassword(String username, String realm, String password)
           
 List<String> getAdministratorsGroups()
          Returns the list of administrators groups.
 String getAnonymousUserId()
          Gets the anonymous user id.
 List<NuxeoGroup> getAvailableGroups()
           
 List<NuxeoPrincipal> getAvailablePrincipals()
           
 DocumentModel getBareGroupModel()
          Returns a bare group model.
 DocumentModel getBareUserModel()
          Returns a bare user model.
 String getDefaultGroup()
           
 String getDigestAuthDirectory()
          Gets the Digest Auth directory.
 String getDigestAuthRealm()
          Gets the Digest Auth realm.
 NuxeoGroup getGroup(String groupName)
          Returns the nuxeo group with given name or null if it does not exist.
 String getGroupDirectoryName()
          Gets the group directory name.
 String getGroupIdField()
          Returns the group directory id field.
 List<String> getGroupIds()
          Returns the list of all groups ids.
 List<String> getGroupIds(DocumentModel context)
          Returns the list of all groups ids with the given context.
 String getGroupLabelField()
          Returns the group label field.
 String getGroupListingMode()
           
 String getGroupMembersField()
          Gets the group members field.
 DocumentModel getGroupModel(String groupName)
          Return the group document model with this id or null if group does not exist.
 DocumentModel getGroupModel(String groupIdValue, DocumentModel context)
          Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
 String getGroupParentGroupsField()
          Gets the group parent-groups field.
 String getGroupSchemaName()
          Returns the group directory schema name.
 Set<String> getGroupSearchFields()
          Gets the group search fields.
 List<String> getGroupsInGroup(String parentId)
          Returns the list of groups that belong to this group.
 List<String> getGroupsInGroup(String parentId, DocumentModel context)
          Returns the list of groups that belong to this group with the given context.
 String getGroupSubGroupsField()
          Gets the group sub-groups field.
 DocumentModel getModelForUser(String name)
           
 NuxeoPrincipal getPrincipal(String username)
          Retrieves the principal with the given username or null if it does not exist.
 NuxeoPrincipal getPrincipal(String username, DocumentModel context)
          Retrieves the principal with the given username or null if it does not exist into the given context document.
 List<String> getTopLevelGroups()
          Returns the list of groups that are not members of other groups.
 List<String> getTopLevelGroups(DocumentModel context)
          Returns the list of groups that are not members of other groups with the given context.
 String getUserDirectoryName()
          Gets the user directory name.
 String getUserEmailField()
          Gets the user email field.
 String getUserIdField()
          Returns the user directory id field.
 List<String> getUserIds()
          Returns the list of all user ids.
 List<String> getUserIds(DocumentModel context)
          Returns the list of all user ids into the given context document.
 String getUserListingMode()
           
 DocumentModel getUserModel(String userName)
          Returns the document model representing user with given id or null if it does not exist.
 DocumentModel getUserModel(String userName, DocumentModel context)
          Returns the document model representing user with given id or null if it does not exist into the given context document.
 Pattern getUserPasswordPattern()
           
 String getUserSchemaName()
          Returns the user directory schema name.
 Set<String> getUserSearchFields()
          Gets the user search fields, the fields to use when a principal search is done.
 String[] getUsersForPermission(String perm, ACP acp)
          For an ACP, get the list of user that has a permission.
 String[] getUsersForPermission(String perm, ACP acp, DocumentModel context)
          For an ACP, get the list of user that has a permission into the given context.
 List<String> getUsersInGroup(String groupId)
          Returns the list of users that belong to this group.
 List<String> getUsersInGroup(String groupId, DocumentModel context)
          Returns the list of users that belong to this group into the given context
 List<String> getUsersInGroupAndSubGroups(String groupId)
          Get users from a group and its subgroups.
 List<String> getUsersInGroupAndSubGroups(String groupId, DocumentModel context)
          Get users from a group and its subgroups into the given context
 String getUserSortField()
           
 List<NuxeoPrincipal> searchByMap(Map<String,Serializable> filter, Set<String> pattern)
           
 DocumentModelList searchGroups(Map<String,Serializable> filter, Set<String> fulltext)
          Returns groups matching given criteria.
 DocumentModelList searchGroups(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context)
          Returns groups matching given criteria with the given context.
 DocumentModelList searchGroups(String pattern)
          Search matching groups through their defined search fields
 DocumentModelList searchGroups(String pattern, DocumentModel context)
          Search matching groups through their defined search fields into the given context document.
 List<NuxeoPrincipal> searchPrincipals(String pattern)
           
 DocumentModelList searchUsers(Map<String,Serializable> filter, Set<String> fulltext)
          Returns users matching given criteria.
 DocumentModelList searchUsers(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context)
          Returns users matching given criteria and with the given context.
 DocumentModelList searchUsers(Map<String,Serializable> filter, Set<String> fulltext, Map<String,String> orderBy, DocumentModel context)
          MULTI-TENANT-IMPLEMENTATION
 DocumentModelList searchUsers(String pattern)
          Returns users matching given pattern
 DocumentModelList searchUsers(String pattern, DocumentModel context)
          Returns users matching given pattern with the given context.
 void setConfiguration(UserManagerDescriptor descriptor)
          Sets the given configuration on the service.
 void updateGroup(DocumentModel groupModel)
          Updates group represented by given model.
 void updateGroup(DocumentModel groupModel, DocumentModel context)
          Updates group represented by given model with the given context.
 void updateGroup(NuxeoGroup group)
           
 void updatePrincipal(NuxeoPrincipal principal)
           
 void updateUser(DocumentModel userModel)
          Updates user represented by given model.
 void updateUser(DocumentModel userModel, DocumentModel context)
          Updates user represented by given model into the given context document.
 boolean validatePassword(String password)
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

USERMANAGER_TOPIC

public static final String USERMANAGER_TOPIC
See Also:
Constant Field Values

USERCHANGED_EVENT_ID

public static final String USERCHANGED_EVENT_ID
Used by JaasCacheFlusher.

See Also:
Constant Field Values

USERCREATED_EVENT_ID

public static final String USERCREATED_EVENT_ID
See Also:
Constant Field Values

USERDELETED_EVENT_ID

public static final String USERDELETED_EVENT_ID
See Also:
Constant Field Values

USERMODIFIED_EVENT_ID

public static final String USERMODIFIED_EVENT_ID
See Also:
Constant Field Values

GROUPCHANGED_EVENT_ID

public static final String GROUPCHANGED_EVENT_ID
Used by JaasCacheFlusher.

See Also:
Constant Field Values

GROUPCREATED_EVENT_ID

public static final String GROUPCREATED_EVENT_ID
See Also:
Constant Field Values

GROUPDELETED_EVENT_ID

public static final String GROUPDELETED_EVENT_ID
See Also:
Constant Field Values

GROUPMODIFIED_EVENT_ID

public static final String GROUPMODIFIED_EVENT_ID
See Also:
Constant Field Values

DEFAULT_ANONYMOUS_USER_ID

public static final String DEFAULT_ANONYMOUS_USER_ID
See Also:
Constant Field Values

VIRTUAL_FIELD_FILTER_PREFIX

public static final String VIRTUAL_FIELD_FILTER_PREFIX
See Also:
Constant Field Values

multiTenantManagement

public UserMultiTenantManagement multiTenantManagement
Constructor Detail

UserManagerImpl

public UserManagerImpl()
Method Detail

setConfiguration

public void setConfiguration(UserManagerDescriptor descriptor)
Description copied from interface: UserManager
Sets the given configuration on the service.

Specified by:
setConfiguration in interface UserManager
Parameters:
descriptor - the descriptor as parsed from xml, merged from the previous one if it exists.

getUserDirectoryName

public String getUserDirectoryName()
Description copied from interface: UserManager
Gets the user directory name.

Specified by:
getUserDirectoryName in interface UserManager
Returns:
the user directory name.

getUserIdField

public String getUserIdField()
                      throws ClientException
Description copied from interface: UserManager
Returns the user directory id field.

Specified by:
getUserIdField in interface UserManager
Throws:
ClientException

getUserSchemaName

public String getUserSchemaName()
                         throws ClientException
Description copied from interface: UserManager
Returns the user directory schema name.

Specified by:
getUserSchemaName in interface UserManager
Throws:
ClientException

getUserEmailField

public String getUserEmailField()
Description copied from interface: UserManager
Gets the user email field.

Specified by:
getUserEmailField in interface UserManager
Returns:
the user email field.

getUserSearchFields

public Set<String> getUserSearchFields()
Description copied from interface: UserManager
Gets the user search fields, the fields to use when a principal search is done.

Specified by:
getUserSearchFields in interface UserManager
Returns:
the search fields.

getGroupSearchFields

public Set<String> getGroupSearchFields()
Description copied from interface: UserManager
Gets the group search fields.

Specified by:
getGroupSearchFields in interface UserManager

getGroupDirectoryName

public String getGroupDirectoryName()
Description copied from interface: UserManager
Gets the group directory name.

Specified by:
getGroupDirectoryName in interface UserManager
Returns:
the group directory name.

getGroupIdField

public String getGroupIdField()
                       throws ClientException
Description copied from interface: UserManager
Returns the group directory id field.

Specified by:
getGroupIdField in interface UserManager
Throws:
ClientException

getGroupLabelField

public String getGroupLabelField()
                          throws ClientException
Description copied from interface: UserManager
Returns the group label field.

Specified by:
getGroupLabelField in interface UserManager
Throws:
ClientException

getGroupSchemaName

public String getGroupSchemaName()
                          throws ClientException
Description copied from interface: UserManager
Returns the group directory schema name.

Specified by:
getGroupSchemaName in interface UserManager
Throws:
ClientException

getGroupMembersField

public String getGroupMembersField()
Description copied from interface: UserManager
Gets the group members field.

Specified by:
getGroupMembersField in interface UserManager
Returns:
the group members field.

getGroupSubGroupsField

public String getGroupSubGroupsField()
Description copied from interface: UserManager
Gets the group sub-groups field.

Specified by:
getGroupSubGroupsField in interface UserManager
Returns:
the sub-groups field.

getGroupParentGroupsField

public String getGroupParentGroupsField()
Description copied from interface: UserManager
Gets the group parent-groups field.

Specified by:
getGroupParentGroupsField in interface UserManager
Returns:
the parent-groups field.

getUserListingMode

public String getUserListingMode()
Specified by:
getUserListingMode in interface UserManager

getGroupListingMode

public String getGroupListingMode()
Specified by:
getGroupListingMode in interface UserManager

getDefaultGroup

public String getDefaultGroup()
Specified by:
getDefaultGroup in interface UserManager

getUserPasswordPattern

public Pattern getUserPasswordPattern()
Specified by:
getUserPasswordPattern in interface UserManager

getAnonymousUserId

public String getAnonymousUserId()
Description copied from interface: UserManager
Gets the anonymous user id.

Specified by:
getAnonymousUserId in interface UserManager
Returns:
the anonymous user id, or the default one if none is defined.

checkUsernamePassword

public boolean checkUsernamePassword(String username,
                                     String password)
                              throws ClientException
Description copied from interface: Authenticator
Check the password for the given username. Returns true if the username / password pair match, false otherwise.

Specified by:
checkUsernamePassword in interface UserManager
Specified by:
checkUsernamePassword in interface Authenticator
Parameters:
username - the username
password - the password to check
Returns:
true is valid, false otherwise
Throws:
ClientException

encodeDigestAuthPassword

public static String encodeDigestAuthPassword(String username,
                                              String realm,
                                              String password)

getDigestAuthDirectory

public String getDigestAuthDirectory()
Description copied from interface: UserManager
Gets the Digest Auth directory.

Specified by:
getDigestAuthDirectory in interface UserManager

getDigestAuthRealm

public String getDigestAuthRealm()
Description copied from interface: UserManager
Gets the Digest Auth realm.

Specified by:
getDigestAuthRealm in interface UserManager

validatePassword

public boolean validatePassword(String password)
Specified by:
validatePassword in interface UserManager

getPrincipal

public NuxeoPrincipal getPrincipal(String username)
                            throws ClientException
Description copied from interface: UserManager
Retrieves the principal with the given username or null if it does not exist.

Can build principals for anonymous and virtual users as well as for users defined in the users directory.

Specified by:
getPrincipal in interface UserManager
Throws:
ClientException

getUserModel

public DocumentModel getUserModel(String userName)
                           throws ClientException
Description copied from interface: UserManager
Returns the document model representing user with given id or null if it does not exist.

Specified by:
getUserModel in interface UserManager
Throws:
ClientException

getBareUserModel

public DocumentModel getBareUserModel()
                               throws ClientException
Description copied from interface: UserManager
Returns a bare user model.

Can be used for user creation/search screens.

Specified by:
getBareUserModel in interface UserManager
Throws:
ClientException

getGroup

public NuxeoGroup getGroup(String groupName)
                    throws ClientException
Description copied from interface: UserManager
Returns the nuxeo group with given name or null if it does not exist.

Specified by:
getGroup in interface UserManager
Throws:
ClientException

getGroupModel

public DocumentModel getGroupModel(String groupName)
                            throws ClientException
Description copied from interface: UserManager
Return the group document model with this id or null if group does not exist.

Specified by:
getGroupModel in interface UserManager
Parameters:
groupName - the group identifier
Throws:
ClientException

getTopLevelGroups

public List<String> getTopLevelGroups()
                               throws ClientException
Description copied from interface: UserManager
Returns the list of groups that are not members of other groups.

Specified by:
getTopLevelGroups in interface UserManager
Returns:
Throws:
ClientException

getGroupsInGroup

public List<String> getGroupsInGroup(String parentId)
                              throws ClientException
Description copied from interface: UserManager
Returns the list of groups that belong to this group.

Specified by:
getGroupsInGroup in interface UserManager
Parameters:
parentId - the name of the parent group.
Returns:
Throws:
ClientException

getUsersInGroup

public List<String> getUsersInGroup(String groupId)
                             throws ClientException
Description copied from interface: UserManager
Returns the list of users that belong to this group.

Specified by:
getUsersInGroup in interface UserManager
Parameters:
groupId - ID of the group
Returns:
Throws:
ClientException

getUsersInGroupAndSubGroups

public List<String> getUsersInGroupAndSubGroups(String groupId)
                                         throws ClientException
Description copied from interface: UserManager
Get users from a group and its subgroups.

Specified by:
getUsersInGroupAndSubGroups in interface UserManager
Parameters:
groupId - ID of the group
Returns:
Throws:
ClientException

searchPrincipals

public List<NuxeoPrincipal> searchPrincipals(String pattern)
                                      throws ClientException
Specified by:
searchPrincipals in interface UserManager
Throws:
ClientException

searchGroups

public DocumentModelList searchGroups(String pattern)
                               throws ClientException
Description copied from interface: UserManager
Search matching groups through their defined search fields

Specified by:
searchGroups in interface UserManager
Throws:
ClientException

getUserSortField

public String getUserSortField()
Specified by:
getUserSortField in interface UserManager

areGroupsReadOnly

public Boolean areGroupsReadOnly()
                          throws ClientException
Description copied from interface: UserManager
Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.

Specified by:
areGroupsReadOnly in interface MultiTenantUserManager
Specified by:
areGroupsReadOnly in interface UserManager
Throws:
ClientException

areUsersReadOnly

public Boolean areUsersReadOnly()
                         throws ClientException
Description copied from interface: UserManager
Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

Specified by:
areUsersReadOnly in interface MultiTenantUserManager
Specified by:
areUsersReadOnly in interface UserManager
Throws:
ClientException

createGroup

public DocumentModel createGroup(DocumentModel groupModel)
                          throws ClientException
Description copied from interface: UserManager
Creates a group from given model

Specified by:
createGroup in interface UserManager
Returns:
the created group model
Throws:
ClientException
GroupAlreadyExistsException

createUser

public DocumentModel createUser(DocumentModel userModel)
                         throws ClientException
Description copied from interface: UserManager
Creates user from given model.

Specified by:
createUser in interface UserManager
Throws:
ClientException
UserAlreadyExistsException

deleteGroup

public void deleteGroup(String groupId)
                 throws ClientException
Description copied from interface: UserManager
Deletes group with given id.

Specified by:
deleteGroup in interface UserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteGroup

public void deleteGroup(DocumentModel groupModel)
                 throws ClientException
Description copied from interface: UserManager
Deletes group represented by given model.

Specified by:
deleteGroup in interface UserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteUser

public void deleteUser(String userId)
                throws ClientException
Description copied from interface: UserManager
Deletes user with given id.

Specified by:
deleteUser in interface UserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteUser

public void deleteUser(DocumentModel userModel)
                throws ClientException
Description copied from interface: UserManager
Deletes user represented by given model.

Specified by:
deleteUser in interface UserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

getGroupIds

public List<String> getGroupIds()
                         throws ClientException
Description copied from interface: UserManager
Returns the list of all groups ids.

Specified by:
getGroupIds in interface UserManager
Throws:
ClientException

getUserIds

public List<String> getUserIds()
                        throws ClientException
Description copied from interface: UserManager
Returns the list of all user ids.

Specified by:
getUserIds in interface UserManager
Throws:
ClientException

searchGroups

public DocumentModelList searchGroups(Map<String,Serializable> filter,
                                      Set<String> fulltext)
                               throws ClientException
Description copied from interface: UserManager
Returns groups matching given criteria.

Specified by:
searchGroups in interface UserManager
Parameters:
filter - filter with field names as keys
fulltext - field names used for fulltext match
Throws:
ClientException

searchUsers

public DocumentModelList searchUsers(String pattern)
                              throws ClientException
Description copied from interface: UserManager
Returns users matching given pattern

Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

Specified by:
searchUsers in interface UserManager
Throws:
ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext)
                              throws ClientException
Description copied from interface: UserManager
Returns users matching given criteria.

Specified by:
searchUsers in interface UserManager
Parameters:
filter - filter with field names as keys
fulltext - field names used for fulltext match
Throws:
ClientException

updateGroup

public void updateGroup(DocumentModel groupModel)
                 throws ClientException
Description copied from interface: UserManager
Updates group represented by given model.

Specified by:
updateGroup in interface UserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

updateUser

public void updateUser(DocumentModel userModel)
                throws ClientException
Description copied from interface: UserManager
Updates user represented by given model.

Specified by:
updateUser in interface UserManager
Throws:
ClientException

getBareGroupModel

public DocumentModel getBareGroupModel()
                                throws ClientException
Description copied from interface: UserManager
Returns a bare group model.

Can be used for group creation/search screens.

Specified by:
getBareGroupModel in interface UserManager
Throws:
ClientException

createGroup

public void createGroup(NuxeoGroup group)
                 throws ClientException
Specified by:
createGroup in interface UserManager
Throws:
ClientException

createPrincipal

public void createPrincipal(NuxeoPrincipal principal)
                     throws ClientException
Specified by:
createPrincipal in interface UserManager
Throws:
ClientException

deleteGroup

public void deleteGroup(NuxeoGroup group)
                 throws ClientException
Specified by:
deleteGroup in interface UserManager
Throws:
ClientException

deletePrincipal

public void deletePrincipal(NuxeoPrincipal principal)
                     throws ClientException
Specified by:
deletePrincipal in interface UserManager
Throws:
ClientException

getAvailableGroups

public List<NuxeoGroup> getAvailableGroups()
                                    throws ClientException
Specified by:
getAvailableGroups in interface UserManager
Throws:
ClientException

getAvailablePrincipals

public List<NuxeoPrincipal> getAvailablePrincipals()
                                            throws ClientException
Specified by:
getAvailablePrincipals in interface UserManager
Throws:
ClientException

getModelForUser

public DocumentModel getModelForUser(String name)
                              throws ClientException
Specified by:
getModelForUser in interface UserManager
Throws:
ClientException

searchByMap

public List<NuxeoPrincipal> searchByMap(Map<String,Serializable> filter,
                                        Set<String> pattern)
                                 throws ClientException
Specified by:
searchByMap in interface UserManager
Throws:
ClientException

updateGroup

public void updateGroup(NuxeoGroup group)
                 throws ClientException
Specified by:
updateGroup in interface UserManager
Throws:
ClientException

updatePrincipal

public void updatePrincipal(NuxeoPrincipal principal)
                     throws ClientException
Specified by:
updatePrincipal in interface UserManager
Throws:
ClientException

getAdministratorsGroups

public List<String> getAdministratorsGroups()
Description copied from interface: UserManager
Returns the list of administrators groups.

Specified by:
getAdministratorsGroups in interface UserManager

getUsersForPermission

public String[] getUsersForPermission(String perm,
                                      ACP acp)
Description copied from interface: UserManager
For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.

Specified by:
getUsersForPermission in interface UserManager
Parameters:
perm - the permission
acp - The access control policy of the document
Returns:
the list of user ids

authenticate

public Principal authenticate(String name,
                              String password)
                       throws ClientException
Description copied from interface: Authenticator
Get a principal object for the given username if the username / password pair is valid, otherwise returns null.

This method is doing the authentication of the given username / password pair and returns the corresponding principal object if authentication succeeded otherwise returns null.

Specified by:
authenticate in interface Authenticator
Returns:
the authenticated principal if authentication succeded otherwise null
Throws:
ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext,
                                     Map<String,String> orderBy,
                                     DocumentModel context)
                              throws ClientException
MULTI-TENANT-IMPLEMENTATION

Throws:
ClientException

getUsersInGroup

public List<String> getUsersInGroup(String groupId,
                                    DocumentModel context)
                             throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the list of users that belong to this group into the given context

Specified by:
getUsersInGroup in interface MultiTenantUserManager
Parameters:
groupId - ID of the group
Returns:
Throws:
ClientException

searchUsers

public DocumentModelList searchUsers(String pattern,
                                     DocumentModel context)
                              throws ClientException
Description copied from interface: MultiTenantUserManager
Returns users matching given pattern with the given context. if the Document Context have a directory local configuration, the service try to open the directory with directory suffix set into the local configuration

Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

Specified by:
searchUsers in interface MultiTenantUserManager
Throws:
ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext,
                                     DocumentModel context)
                              throws ClientException
Description copied from interface: MultiTenantUserManager
Returns users matching given criteria and with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:
searchUsers in interface MultiTenantUserManager
Parameters:
filter - filter with field names as keys
fulltext - field names used for fulltext match
Throws:
ClientException

getGroupIds

public List<String> getGroupIds(DocumentModel context)
                         throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the list of all groups ids with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:
getGroupIds in interface MultiTenantUserManager
Throws:
ClientException

searchGroups

public DocumentModelList searchGroups(Map<String,Serializable> filter,
                                      Set<String> fulltext,
                                      DocumentModel context)
                               throws ClientException
Description copied from interface: MultiTenantUserManager
Returns groups matching given criteria with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:
searchGroups in interface MultiTenantUserManager
Parameters:
filter - filter with field names as keys
fulltext - field names used for fulltext match
Throws:
ClientException

createGroup

public DocumentModel createGroup(DocumentModel groupModel,
                                 DocumentModel context)
                          throws ClientException,
                                 GroupAlreadyExistsException
Description copied from interface: MultiTenantUserManager
Creates a group from given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:
createGroup in interface MultiTenantUserManager
Returns:
the created group model
Throws:
ClientException
GroupAlreadyExistsException

getGroupModel

public DocumentModel getGroupModel(String groupIdValue,
                                   DocumentModel context)
                            throws ClientException
Description copied from interface: MultiTenantUserManager
Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.

Specified by:
getGroupModel in interface MultiTenantUserManager
Parameters:
groupIdValue - the group identifier
Throws:
ClientException

getUserModel

public DocumentModel getUserModel(String userName,
                                  DocumentModel context)
                           throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the document model representing user with given id or null if it does not exist into the given context document. The context document must be contained into the tenant.

Specified by:
getUserModel in interface MultiTenantUserManager
Throws:
ClientException

getPrincipal

public NuxeoPrincipal getPrincipal(String username,
                                   DocumentModel context)
                            throws ClientException
Description copied from interface: MultiTenantUserManager
Retrieves the principal with the given username or null if it does not exist into the given context document. The context document must be contained into the tenant

Can build principals for anonymous and virtual users as well as for users defined in the users directory.

Specified by:
getPrincipal in interface MultiTenantUserManager
Throws:
ClientException

searchGroups

public DocumentModelList searchGroups(String pattern,
                                      DocumentModel context)
                               throws ClientException
Description copied from interface: MultiTenantUserManager
Search matching groups through their defined search fields into the given context document. The context document must be contained into the tenant.

Specified by:
searchGroups in interface MultiTenantUserManager
Throws:
ClientException

getUserIds

public List<String> getUserIds(DocumentModel context)
                        throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the list of all user ids into the given context document. The context document must be contained into the tenant.

Specified by:
getUserIds in interface MultiTenantUserManager
Throws:
ClientException

createUser

public DocumentModel createUser(DocumentModel userModel,
                                DocumentModel context)
                         throws ClientException,
                                UserAlreadyExistsException
Description copied from interface: MultiTenantUserManager
Creates user from given model into the given context document. The context document must be contained into the tenant.

Specified by:
createUser in interface MultiTenantUserManager
Throws:
ClientException
UserAlreadyExistsException

updateUser

public void updateUser(DocumentModel userModel,
                       DocumentModel context)
                throws ClientException
Description copied from interface: MultiTenantUserManager
Updates user represented by given model into the given context document. The context document must be contained into the tenant.

Specified by:
updateUser in interface MultiTenantUserManager
Throws:
ClientException

deleteUser

public void deleteUser(DocumentModel userModel,
                       DocumentModel context)
                throws ClientException
Description copied from interface: MultiTenantUserManager
Deletes user represented by given model into the given context document. The context document must be contained into the tenant.

Specified by:
deleteUser in interface MultiTenantUserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteUser

public void deleteUser(String userId,
                       DocumentModel context)
                throws ClientException
Description copied from interface: MultiTenantUserManager
Deletes user with given id into the given context document. The context document must be contained into the tenant.

Specified by:
deleteUser in interface MultiTenantUserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

updateGroup

public void updateGroup(DocumentModel groupModel,
                        DocumentModel context)
                 throws ClientException
Description copied from interface: MultiTenantUserManager
Updates group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:
updateGroup in interface MultiTenantUserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteGroup

public void deleteGroup(DocumentModel groupModel,
                        DocumentModel context)
                 throws ClientException
Description copied from interface: MultiTenantUserManager
Deletes group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:
deleteGroup in interface MultiTenantUserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

deleteGroup

public void deleteGroup(String groupId,
                        DocumentModel context)
                 throws ClientException
Description copied from interface: MultiTenantUserManager
Deletes group with given id with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:
deleteGroup in interface MultiTenantUserManager
Throws:
DirectoryException - if given entry does not exist
ClientException

getGroupsInGroup

public List<String> getGroupsInGroup(String parentId,
                                     DocumentModel context)
                              throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the list of groups that belong to this group with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:
getGroupsInGroup in interface MultiTenantUserManager
Parameters:
parentId - the name of the parent group.
Returns:
Throws:
ClientException

getTopLevelGroups

public List<String> getTopLevelGroups(DocumentModel context)
                               throws ClientException
Description copied from interface: MultiTenantUserManager
Returns the list of groups that are not members of other groups with the given context.

Specified by:
getTopLevelGroups in interface MultiTenantUserManager
Returns:
Throws:
ClientException

getUsersInGroupAndSubGroups

public List<String> getUsersInGroupAndSubGroups(String groupId,
                                                DocumentModel context)
                                         throws ClientException
Description copied from interface: MultiTenantUserManager
Get users from a group and its subgroups into the given context

Specified by:
getUsersInGroupAndSubGroups in interface MultiTenantUserManager
Parameters:
groupId - ID of the group
Returns:
Throws:
ClientException

getUsersForPermission

public String[] getUsersForPermission(String perm,
                                      ACP acp,
                                      DocumentModel context)
Description copied from interface: MultiTenantUserManager
For an ACP, get the list of user that has a permission into the given context. This method should be use with care as it can cause performance issues while getting the list of users.

Specified by:
getUsersForPermission in interface MultiTenantUserManager
Parameters:
perm - the permission
acp - The access control policy of the document
Returns:
the list of user ids

Nuxeo ECM Projects 5.4.3-SNAPSHOT

Copyright © 2011 Nuxeo SAS. All Rights Reserved.