org.nuxeo.ecm.platform.usermanager

Class UserManagerImpl

java.lang.Object

org.nuxeo.ecm.platform.usermanager.UserManagerImpl

All Implemented Interfaces:

Serializable, MultiTenantUserManager, UserManager, Authenticator

Direct Known Subclasses:

UserManagerWithComputedGroups

public class UserManagerImpl
extends Object
implements UserManager, MultiTenantUserManager

Standard implementation of the Nuxeo UserManager.

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager

UserManager.MatchType

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_ANONYMOUS_USER_ID
static String	GROUPCHANGED_EVENT_ID Used by JaasCacheFlusher.
static String	GROUPCREATED_EVENT_ID
static String	GROUPDELETED_EVENT_ID
static String	GROUPMODIFIED_EVENT_ID
UserMultiTenantManagement	multiTenantManagement
static String	USERCHANGED_EVENT_ID Used by JaasCacheFlusher.
static String	USERCREATED_EVENT_ID
static String	USERDELETED_EVENT_ID
static String	USERMANAGER_TOPIC
static String	USERMODIFIED_EVENT_ID
static String	VIRTUAL_FIELD_FILTER_PREFIX

Constructor Summary

Constructors

Constructor and Description
UserManagerImpl()

Method Summary

Methods

Modifier and Type	Method and Description
Boolean	areGroupsReadOnly() Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
Boolean	areUsersReadOnly() Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.
Principal	authenticate(String name, String password) Get a principal object for the given username if the username / password pair is valid, otherwise returns null.
boolean	checkUsernamePassword(String username, String password) Check the password for the given username.
DocumentModel	createGroup(DocumentModel groupModel) Creates a group from given model
DocumentModel	createGroup(DocumentModel groupModel, DocumentModel context) Creates a group from given model with the given context.
void	createGroup(NuxeoGroup group)
void	createPrincipal(NuxeoPrincipal principal)
DocumentModel	createUser(DocumentModel userModel) Creates user from given model.
DocumentModel	createUser(DocumentModel userModel, DocumentModel context) Creates user from given model into the given context document.
void	deleteGroup(DocumentModel groupModel) Deletes group represented by given model.
void	deleteGroup(DocumentModel groupModel, DocumentModel context) Deletes group represented by given model with the given context.
void	deleteGroup(NuxeoGroup group)
void	deleteGroup(String groupId) Deletes group with given id.
void	deleteGroup(String groupId, DocumentModel context) Deletes group with given id with the given context.
void	deletePrincipal(NuxeoPrincipal principal)
void	deleteUser(DocumentModel userModel) Deletes user represented by given model.
void	deleteUser(DocumentModel userModel, DocumentModel context) Deletes user represented by given model into the given context document.
void	deleteUser(String userId) Deletes user with given id.
void	deleteUser(String userId, DocumentModel context) Deletes user with given id into the given context document.
static String	encodeDigestAuthPassword(String username, String realm, String password)
List<String>	getAdministratorsGroups() Returns the list of administrators groups.
String	getAnonymousUserId() Gets the anonymous user id.
List<NuxeoGroup>	getAvailableGroups()
List<NuxeoPrincipal>	getAvailablePrincipals()
DocumentModel	getBareGroupModel() Returns a bare group model.
DocumentModel	getBareUserModel() Returns a bare user model.
String	getDefaultGroup()
String	getDigestAuthDirectory() Gets the Digest Auth directory.
String	getDigestAuthRealm() Gets the Digest Auth realm.
NuxeoGroup	getGroup(String groupName) Returns the nuxeo group with given name or null if it does not exist.
String	getGroupDirectoryName() Gets the group directory name.
String	getGroupIdField() Returns the group directory id field.
List<String>	getGroupIds() Returns the list of all groups ids.
List<String>	getGroupIds(DocumentModel context) Returns the list of all groups ids with the given context.
String	getGroupLabelField() Returns the group label field.
String	getGroupListingMode()
String	getGroupMembersField() Gets the group members field.
DocumentModel	getGroupModel(String groupName) Return the group document model with this id or null if group does not exist.
DocumentModel	getGroupModel(String groupIdValue, DocumentModel context) Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
String	getGroupParentGroupsField() Gets the group parent-groups field.
String	getGroupSchemaName() Returns the group directory schema name.
Set<String>	getGroupSearchFields() Gets the group search fields.
List<String>	getGroupsInGroup(String parentId) Returns the list of groups that belong to this group.
List<String>	getGroupsInGroup(String parentId, DocumentModel context) Returns the list of groups that belong to this group with the given context.
String	getGroupSubGroupsField() Gets the group sub-groups field.
DocumentModel	getModelForUser(String name)
NuxeoPrincipal	getPrincipal(String username) Retrieves the principal with the given username or null if it does not exist.
NuxeoPrincipal	getPrincipal(String username, DocumentModel context) Retrieves the principal with the given username or null if it does not exist into the given context document.
List<String>	getTopLevelGroups() Returns the list of groups that are not members of other groups.
List<String>	getTopLevelGroups(DocumentModel context) Returns the list of groups that are not members of other groups with the given context.
String	getUserDirectoryName() Gets the user directory name.
String	getUserEmailField() Gets the user email field.
String	getUserIdField() Returns the user directory id field.
List<String>	getUserIds() Returns the list of all user ids.
List<String>	getUserIds(DocumentModel context) Returns the list of all user ids into the given context document.
String	getUserListingMode()
DocumentModel	getUserModel(String userName) Returns the document model representing user with given id or null if it does not exist.
DocumentModel	getUserModel(String userName, DocumentModel context) Returns the document model representing user with given id or null if it does not exist into the given context document.
Pattern	getUserPasswordPattern()
String	getUserSchemaName() Returns the user directory schema name.
Set<String>	getUserSearchFields() Gets the user search fields, the fields to use when a principal search is done.
String[]	getUsersForPermission(String perm, ACP acp) For an ACP, get the list of user that has a permission.
String[]	getUsersForPermission(String perm, ACP acp, DocumentModel context) For an ACP, get the list of user that has a permission into the given context.
List<String>	getUsersInGroup(String groupId) Returns the list of users that belong to this group.
List<String>	getUsersInGroup(String groupId, DocumentModel context) Returns the list of users that belong to this group into the given context
List<String>	getUsersInGroupAndSubGroups(String groupId) Get users from a group and its subgroups.
List<String>	getUsersInGroupAndSubGroups(String groupId, DocumentModel context) Get users from a group and its subgroups into the given context
String	getUserSortField()
List<NuxeoPrincipal>	searchByMap(Map<String,Serializable> filter, Set<String> pattern)
DocumentModelList	searchGroups(Map<String,Serializable> filter, Set<String> fulltext) Returns groups matching given criteria.
DocumentModelList	searchGroups(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context) Returns groups matching given criteria with the given context.
DocumentModelList	searchGroups(String pattern) Search matching groups through their defined search fields
DocumentModelList	searchGroups(String pattern, DocumentModel context) Search matching groups through their defined search fields into the given context document.
List<NuxeoPrincipal>	searchPrincipals(String pattern)
DocumentModelList	searchUsers(Map<String,Serializable> filter, Set<String> fulltext) Returns users matching given criteria.
DocumentModelList	searchUsers(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context) Returns users matching given criteria and with the given context.
DocumentModelList	searchUsers(Map<String,Serializable> filter, Set<String> fulltext, Map<String,String> orderBy, DocumentModel context) MULTI-TENANT-IMPLEMENTATION
DocumentModelList	searchUsers(String pattern) Returns users matching given pattern
DocumentModelList	searchUsers(String pattern, DocumentModel context) Returns users matching given pattern with the given context.
void	setConfiguration(UserManagerDescriptor descriptor) Sets the given configuration on the service.
void	updateGroup(DocumentModel groupModel) Updates group represented by given model.
void	updateGroup(DocumentModel groupModel, DocumentModel context) Updates group represented by given model with the given context.
void	updateGroup(NuxeoGroup group)
void	updatePrincipal(NuxeoPrincipal principal)
void	updateUser(DocumentModel userModel) Updates user represented by given model.
void	updateUser(DocumentModel userModel, DocumentModel context) Updates user represented by given model into the given context document.
boolean	validatePassword(String password)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USERMANAGER_TOPIC

public static final String USERMANAGER_TOPIC

See Also:

Constant Field Values

USERCHANGED_EVENT_ID

public static final String USERCHANGED_EVENT_ID

Used by JaasCacheFlusher.

See Also:

Constant Field Values

USERCREATED_EVENT_ID

public static final String USERCREATED_EVENT_ID

See Also:

Constant Field Values

USERDELETED_EVENT_ID

public static final String USERDELETED_EVENT_ID

See Also:

Constant Field Values

USERMODIFIED_EVENT_ID

public static final String USERMODIFIED_EVENT_ID

See Also:

Constant Field Values

GROUPCHANGED_EVENT_ID

public static final String GROUPCHANGED_EVENT_ID

Used by JaasCacheFlusher.

See Also:

Constant Field Values

GROUPCREATED_EVENT_ID

public static final String GROUPCREATED_EVENT_ID

See Also:

Constant Field Values

GROUPDELETED_EVENT_ID

public static final String GROUPDELETED_EVENT_ID

See Also:

Constant Field Values

GROUPMODIFIED_EVENT_ID

public static final String GROUPMODIFIED_EVENT_ID

See Also:

Constant Field Values

DEFAULT_ANONYMOUS_USER_ID

public static final String DEFAULT_ANONYMOUS_USER_ID

See Also:

Constant Field Values

VIRTUAL_FIELD_FILTER_PREFIX

public static final String VIRTUAL_FIELD_FILTER_PREFIX

See Also:

Constant Field Values

multiTenantManagement

public UserMultiTenantManagement multiTenantManagement

Constructor Detail

UserManagerImpl

public UserManagerImpl()

Method Detail

setConfiguration

public void setConfiguration(UserManagerDescriptor descriptor)
                      throws ClientException

Description copied from interface: UserManager

Sets the given configuration on the service.

Specified by:

setConfiguration in interface UserManager

Parameters:

descriptor - the descriptor as parsed from xml, merged from the previous one if it exists.

Throws:

ClientException

getUserDirectoryName

public String getUserDirectoryName()

Description copied from interface: UserManager

Gets the user directory name.

Specified by:

getUserDirectoryName in interface UserManager

Returns:

the user directory name.

getUserIdField

public String getUserIdField()
                      throws ClientException

Description copied from interface: UserManager

Returns the user directory id field.

Specified by:

getUserIdField in interface UserManager

Throws:

ClientException

getUserSchemaName

public String getUserSchemaName()
                         throws ClientException

Description copied from interface: UserManager

Returns the user directory schema name.

Specified by:

getUserSchemaName in interface UserManager

Throws:

ClientException

getUserEmailField

public String getUserEmailField()

Description copied from interface: UserManager

Gets the user email field.

Specified by:

getUserEmailField in interface UserManager

Returns:

the user email field.

getUserSearchFields

public Set<String> getUserSearchFields()

Description copied from interface: UserManager

Gets the user search fields, the fields to use when a principal search is done.

Specified by:

getUserSearchFields in interface UserManager

Returns:

the search fields.

getGroupSearchFields

public Set<String> getGroupSearchFields()

Description copied from interface: UserManager

Gets the group search fields.

Specified by:

getGroupSearchFields in interface UserManager

getGroupDirectoryName

public String getGroupDirectoryName()

Description copied from interface: UserManager

Gets the group directory name.

Specified by:

getGroupDirectoryName in interface UserManager

Returns:

the group directory name.

getGroupIdField

public String getGroupIdField()
                       throws ClientException

Description copied from interface: UserManager

Returns the group directory id field.

Specified by:

getGroupIdField in interface UserManager

Throws:

ClientException

getGroupLabelField

public String getGroupLabelField()
                          throws ClientException

Description copied from interface: UserManager

Returns the group label field.

Specified by:

getGroupLabelField in interface UserManager

Throws:

ClientException

getGroupSchemaName

public String getGroupSchemaName()
                          throws ClientException

Description copied from interface: UserManager

Returns the group directory schema name.

Specified by:

getGroupSchemaName in interface UserManager

Throws:

ClientException

getGroupMembersField

public String getGroupMembersField()

Description copied from interface: UserManager

Gets the group members field.

Specified by:

getGroupMembersField in interface UserManager

Returns:

the group members field.

getGroupSubGroupsField

public String getGroupSubGroupsField()

Description copied from interface: UserManager

Gets the group sub-groups field.

Specified by:

getGroupSubGroupsField in interface UserManager

Returns:

the sub-groups field.

getGroupParentGroupsField

public String getGroupParentGroupsField()

Description copied from interface: UserManager

Gets the group parent-groups field.

Specified by:

getGroupParentGroupsField in interface UserManager

Returns:

the parent-groups field.

getUserListingMode

public String getUserListingMode()

Specified by:

getUserListingMode in interface UserManager

getGroupListingMode

public String getGroupListingMode()

Specified by:

getGroupListingMode in interface UserManager

getDefaultGroup

public String getDefaultGroup()

Specified by:

getDefaultGroup in interface UserManager

getUserPasswordPattern

public Pattern getUserPasswordPattern()

Specified by:

getUserPasswordPattern in interface UserManager

getAnonymousUserId

public String getAnonymousUserId()

Description copied from interface: UserManager

Gets the anonymous user id.

Specified by:

getAnonymousUserId in interface UserManager

Returns:

the anonymous user id, or the default one if none is defined.

checkUsernamePassword

public boolean checkUsernamePassword(String username,
                            String password)
                              throws ClientException

Description copied from interface: Authenticator

Check the password for the given username. Returns true if the username / password pair match, false otherwise.

Specified by:

checkUsernamePassword in interface UserManager

Specified by:

checkUsernamePassword in interface Authenticator

Parameters:

username - the username

password - the password to check

Returns:

true is valid, false otherwise

Throws:

ClientException

encodeDigestAuthPassword

public static String encodeDigestAuthPassword(String username,
                              String realm,
                              String password)

getDigestAuthDirectory

public String getDigestAuthDirectory()

Description copied from interface: UserManager

Gets the Digest Auth directory.

Specified by:

getDigestAuthDirectory in interface UserManager

getDigestAuthRealm

public String getDigestAuthRealm()

Description copied from interface: UserManager

Gets the Digest Auth realm.

Specified by:

getDigestAuthRealm in interface UserManager

validatePassword

public boolean validatePassword(String password)

Specified by:

validatePassword in interface UserManager

getPrincipal

public NuxeoPrincipal getPrincipal(String username)
                            throws ClientException

Description copied from interface: UserManager

Retrieves the principal with the given username or null if it does not exist.

Can build principals for anonymous and virtual users as well as for users defined in the users directory.

Specified by:

getPrincipal in interface UserManager

Throws:

ClientException

getUserModel

public DocumentModel getUserModel(String userName)
                           throws ClientException

Description copied from interface: UserManager

Returns the document model representing user with given id or null if it does not exist.

Specified by:

getUserModel in interface UserManager

Throws:

ClientException

getBareUserModel

public DocumentModel getBareUserModel()
                               throws ClientException

Description copied from interface: UserManager

Returns a bare user model.

Can be used for user creation/search screens.

Specified by:

getBareUserModel in interface UserManager

Throws:

ClientException

getGroup

public NuxeoGroup getGroup(String groupName)
                    throws ClientException

Description copied from interface: UserManager

Returns the nuxeo group with given name or null if it does not exist.

Specified by:

getGroup in interface UserManager

Throws:

ClientException

getGroupModel

public DocumentModel getGroupModel(String groupName)
                            throws ClientException

Description copied from interface: UserManager

Return the group document model with this id or null if group does not exist.

Specified by:

getGroupModel in interface UserManager

Parameters:

groupName - the group identifier

Throws:

ClientException

getTopLevelGroups

public List<String> getTopLevelGroups()
                               throws ClientException

Description copied from interface: UserManager

Returns the list of groups that are not members of other groups.

Specified by:

getTopLevelGroups in interface UserManager

Returns:

Throws:

ClientException

getGroupsInGroup

public List<String> getGroupsInGroup(String parentId)
                              throws ClientException

Description copied from interface: UserManager

Returns the list of groups that belong to this group.

Specified by:

getGroupsInGroup in interface UserManager

Parameters:

parentId - the name of the parent group.

Returns:

Throws:

ClientException

getUsersInGroup

public List<String> getUsersInGroup(String groupId)
                             throws ClientException

Description copied from interface: UserManager

Returns the list of users that belong to this group.

Specified by:

getUsersInGroup in interface UserManager

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

getUsersInGroupAndSubGroups

public List<String> getUsersInGroupAndSubGroups(String groupId)
                                         throws ClientException

Description copied from interface: UserManager

Get users from a group and its subgroups.

Specified by:

getUsersInGroupAndSubGroups in interface UserManager

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

searchPrincipals

public List<NuxeoPrincipal> searchPrincipals(String pattern)
                                      throws ClientException

Specified by:

searchPrincipals in interface UserManager

Throws:

ClientException

searchGroups

public DocumentModelList searchGroups(String pattern)
                               throws ClientException

Description copied from interface: UserManager

Search matching groups through their defined search fields

Specified by:

searchGroups in interface UserManager

Throws:

ClientException

getUserSortField

public String getUserSortField()

Specified by:

getUserSortField in interface UserManager

areGroupsReadOnly

public Boolean areGroupsReadOnly()
                          throws ClientException

Description copied from interface: UserManager

Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.

Specified by:

areGroupsReadOnly in interface MultiTenantUserManager

Specified by:

areGroupsReadOnly in interface UserManager

Throws:

ClientException

areUsersReadOnly

public Boolean areUsersReadOnly()
                         throws ClientException

Description copied from interface: UserManager

Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

Specified by:

areUsersReadOnly in interface MultiTenantUserManager

Specified by:

areUsersReadOnly in interface UserManager

Throws:

ClientException

createGroup

public DocumentModel createGroup(DocumentModel groupModel)
                          throws ClientException

Description copied from interface: UserManager

Creates a group from given model

Specified by:

createGroup in interface UserManager

Returns:

the created group model

Throws:

ClientException

GroupAlreadyExistsException

createUser

public DocumentModel createUser(DocumentModel userModel)
                         throws ClientException

Description copied from interface: UserManager

Creates user from given model.

Specified by:

createUser in interface UserManager

Throws:

ClientException

UserAlreadyExistsException

deleteGroup

public void deleteGroup(String groupId)
                 throws ClientException

Description copied from interface: UserManager

Deletes group with given id.

Specified by:

deleteGroup in interface UserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteGroup

public void deleteGroup(DocumentModel groupModel)
                 throws ClientException

Description copied from interface: UserManager

Deletes group represented by given model.

Specified by:

deleteGroup in interface UserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteUser

public void deleteUser(String userId)
                throws ClientException

Description copied from interface: UserManager

Deletes user with given id.

Specified by:

deleteUser in interface UserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteUser

public void deleteUser(DocumentModel userModel)
                throws ClientException

Description copied from interface: UserManager

Deletes user represented by given model.

Specified by:

deleteUser in interface UserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

getGroupIds

public List<String> getGroupIds()
                         throws ClientException

Description copied from interface: UserManager

Returns the list of all groups ids.

Specified by:

getGroupIds in interface UserManager

Throws:

ClientException

getUserIds

public List<String> getUserIds()
                        throws ClientException

Description copied from interface: UserManager

Returns the list of all user ids.

Specified by:

getUserIds in interface UserManager

Throws:

ClientException

searchGroups

public DocumentModelList searchGroups(Map<String,Serializable> filter,
                             Set<String> fulltext)
                               throws ClientException

Description copied from interface: UserManager

Returns groups matching given criteria.

Specified by:

searchGroups in interface UserManager

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

Throws:

ClientException

searchUsers

public DocumentModelList searchUsers(String pattern)
                              throws ClientException

Description copied from interface: UserManager

Returns users matching given pattern

Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

Specified by:

searchUsers in interface UserManager

Throws:

ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                            Set<String> fulltext)
                              throws ClientException

Description copied from interface: UserManager

Returns users matching given criteria.

Specified by:

searchUsers in interface UserManager

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

Throws:

ClientException

updateGroup

public void updateGroup(DocumentModel groupModel)
                 throws ClientException

Description copied from interface: UserManager

Updates group represented by given model.

Specified by:

updateGroup in interface UserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

updateUser

public void updateUser(DocumentModel userModel)
                throws ClientException

Description copied from interface: UserManager

Updates user represented by given model.

Specified by:

updateUser in interface UserManager

Throws:

ClientException

getBareGroupModel

public DocumentModel getBareGroupModel()
                                throws ClientException

Description copied from interface: UserManager

Returns a bare group model.

Can be used for group creation/search screens.

Specified by:

getBareGroupModel in interface UserManager

Throws:

ClientException

createGroup

public void createGroup(NuxeoGroup group)
                 throws ClientException

Specified by:

createGroup in interface UserManager

Throws:

ClientException

createPrincipal

public void createPrincipal(NuxeoPrincipal principal)
                     throws ClientException

Specified by:

createPrincipal in interface UserManager

Throws:

ClientException

deleteGroup

public void deleteGroup(NuxeoGroup group)
                 throws ClientException

Specified by:

deleteGroup in interface UserManager

Throws:

ClientException

deletePrincipal

public void deletePrincipal(NuxeoPrincipal principal)
                     throws ClientException

Specified by:

deletePrincipal in interface UserManager

Throws:

ClientException

getAvailableGroups

public List<NuxeoGroup> getAvailableGroups()
                                    throws ClientException

Specified by:

getAvailableGroups in interface UserManager

Throws:

ClientException

getAvailablePrincipals

public List<NuxeoPrincipal> getAvailablePrincipals()
                                            throws ClientException

Specified by:

getAvailablePrincipals in interface UserManager

Throws:

ClientException

getModelForUser

public DocumentModel getModelForUser(String name)
                              throws ClientException

Specified by:

getModelForUser in interface UserManager

Throws:

ClientException

searchByMap

public List<NuxeoPrincipal> searchByMap(Map<String,Serializable> filter,
                               Set<String> pattern)
                                 throws ClientException

Specified by:

searchByMap in interface UserManager

Throws:

ClientException

updateGroup

public void updateGroup(NuxeoGroup group)
                 throws ClientException

Specified by:

updateGroup in interface UserManager

Throws:

ClientException

updatePrincipal

public void updatePrincipal(NuxeoPrincipal principal)
                     throws ClientException

Specified by:

updatePrincipal in interface UserManager

Throws:

ClientException

getAdministratorsGroups

public List<String> getAdministratorsGroups()

Description copied from interface: UserManager

Returns the list of administrators groups.

Specified by:

getAdministratorsGroups in interface UserManager

getUsersForPermission

public String[] getUsersForPermission(String perm,
                             ACP acp)

Description copied from interface: UserManager

For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.

Specified by:

getUsersForPermission in interface UserManager

Parameters:

perm - the permission

acp - The access control policy of the document

Returns:

the list of user ids

authenticate

public Principal authenticate(String name,
                     String password)
                       throws ClientException

Description copied from interface: Authenticator

Get a principal object for the given username if the username / password pair is valid, otherwise returns null.

This method is doing the authentication of the given username / password pair and returns the corresponding principal object if authentication succeeded otherwise returns null.

Specified by:

authenticate in interface Authenticator

Returns:

the authenticated principal if authentication succeded otherwise null

Throws:

ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                            Set<String> fulltext,
                            Map<String,String> orderBy,
                            DocumentModel context)
                              throws ClientException

MULTI-TENANT-IMPLEMENTATION

Throws:

ClientException

getUsersInGroup

public List<String> getUsersInGroup(String groupId,
                           DocumentModel context)
                             throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the list of users that belong to this group into the given context

Specified by:

getUsersInGroup in interface MultiTenantUserManager

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

searchUsers

public DocumentModelList searchUsers(String pattern,
                            DocumentModel context)
                              throws ClientException

Description copied from interface: MultiTenantUserManager

Returns users matching given pattern with the given context. if the Document Context have a directory local configuration, the service try to open the directory with directory suffix set into the local configuration

Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

Specified by:

searchUsers in interface MultiTenantUserManager

Throws:

ClientException

searchUsers

public DocumentModelList searchUsers(Map<String,Serializable> filter,
                            Set<String> fulltext,
                            DocumentModel context)
                              throws ClientException

Description copied from interface: MultiTenantUserManager

Returns users matching given criteria and with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:

searchUsers in interface MultiTenantUserManager

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

Throws:

ClientException

getGroupIds

public List<String> getGroupIds(DocumentModel context)
                         throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the list of all groups ids with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:

getGroupIds in interface MultiTenantUserManager

Throws:

ClientException

searchGroups

public DocumentModelList searchGroups(Map<String,Serializable> filter,
                             Set<String> fulltext,
                             DocumentModel context)
                               throws ClientException

Description copied from interface: MultiTenantUserManager

Returns groups matching given criteria with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration

Specified by:

searchGroups in interface MultiTenantUserManager

Parameters:

filter - filter with field names as keys

fulltext - field names used for fulltext match

Throws:

ClientException

createGroup

public DocumentModel createGroup(DocumentModel groupModel,
                        DocumentModel context)
                          throws ClientException,
                                 GroupAlreadyExistsException

Description copied from interface: MultiTenantUserManager

Creates a group from given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:

createGroup in interface MultiTenantUserManager

Returns:

the created group model

Throws:

ClientException

GroupAlreadyExistsException

getGroupModel

public DocumentModel getGroupModel(String groupIdValue,
                          DocumentModel context)
                            throws ClientException

Description copied from interface: MultiTenantUserManager

Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.

Specified by:

getGroupModel in interface MultiTenantUserManager

Parameters:

groupIdValue - the group identifier

Throws:

ClientException

getUserModel

public DocumentModel getUserModel(String userName,
                         DocumentModel context)
                           throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the document model representing user with given id or null if it does not exist into the given context document. The context document must be contained into the tenant.

Specified by:

getUserModel in interface MultiTenantUserManager

Throws:

ClientException

getPrincipal

public NuxeoPrincipal getPrincipal(String username,
                          DocumentModel context)
                            throws ClientException

Description copied from interface: MultiTenantUserManager

Retrieves the principal with the given username or null if it does not exist into the given context document. The context document must be contained into the tenant

Can build principals for anonymous and virtual users as well as for users defined in the users directory.

Specified by:

getPrincipal in interface MultiTenantUserManager

Throws:

ClientException

searchGroups

public DocumentModelList searchGroups(String pattern,
                             DocumentModel context)
                               throws ClientException

Description copied from interface: MultiTenantUserManager

Search matching groups through their defined search fields into the given context document. The context document must be contained into the tenant.

Specified by:

searchGroups in interface MultiTenantUserManager

Throws:

ClientException

getUserIds

public List<String> getUserIds(DocumentModel context)
                        throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the list of all user ids into the given context document. The context document must be contained into the tenant.

Specified by:

getUserIds in interface MultiTenantUserManager

Throws:

ClientException

createUser

public DocumentModel createUser(DocumentModel userModel,
                       DocumentModel context)
                         throws ClientException,
                                UserAlreadyExistsException

Description copied from interface: MultiTenantUserManager

Creates user from given model into the given context document. The context document must be contained into the tenant.

Specified by:

createUser in interface MultiTenantUserManager

Throws:

ClientException

UserAlreadyExistsException

updateUser

public void updateUser(DocumentModel userModel,
              DocumentModel context)
                throws ClientException

Description copied from interface: MultiTenantUserManager

Updates user represented by given model into the given context document. The context document must be contained into the tenant.

Specified by:

updateUser in interface MultiTenantUserManager

Throws:

ClientException

deleteUser

public void deleteUser(DocumentModel userModel,
              DocumentModel context)
                throws ClientException

Description copied from interface: MultiTenantUserManager

Deletes user represented by given model into the given context document. The context document must be contained into the tenant.

Specified by:

deleteUser in interface MultiTenantUserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteUser

public void deleteUser(String userId,
              DocumentModel context)
                throws ClientException

Description copied from interface: MultiTenantUserManager

Deletes user with given id into the given context document. The context document must be contained into the tenant.

Specified by:

deleteUser in interface MultiTenantUserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

updateGroup

public void updateGroup(DocumentModel groupModel,
               DocumentModel context)
                 throws ClientException

Description copied from interface: MultiTenantUserManager

Updates group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:

updateGroup in interface MultiTenantUserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteGroup

public void deleteGroup(DocumentModel groupModel,
               DocumentModel context)
                 throws ClientException

Description copied from interface: MultiTenantUserManager

Deletes group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:

deleteGroup in interface MultiTenantUserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

deleteGroup

public void deleteGroup(String groupId,
               DocumentModel context)
                 throws ClientException

Description copied from interface: MultiTenantUserManager

Deletes group with given id with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:

deleteGroup in interface MultiTenantUserManager

Throws:

DirectoryException - if given entry does not exist

ClientException

getGroupsInGroup

public List<String> getGroupsInGroup(String parentId,
                            DocumentModel context)
                              throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the list of groups that belong to this group with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.

Specified by:

getGroupsInGroup in interface MultiTenantUserManager

Parameters:

parentId - the name of the parent group.

Returns:

Throws:

ClientException

getTopLevelGroups

public List<String> getTopLevelGroups(DocumentModel context)
                               throws ClientException

Description copied from interface: MultiTenantUserManager

Returns the list of groups that are not members of other groups with the given context.

Specified by:

getTopLevelGroups in interface MultiTenantUserManager

Returns:

Throws:

ClientException

getUsersInGroupAndSubGroups

public List<String> getUsersInGroupAndSubGroups(String groupId,
                                       DocumentModel context)
                                         throws ClientException

Description copied from interface: MultiTenantUserManager

Get users from a group and its subgroups into the given context

Specified by:

getUsersInGroupAndSubGroups in interface MultiTenantUserManager

Parameters:

groupId - ID of the group

Returns:

Throws:

ClientException

getUsersForPermission

public String[] getUsersForPermission(String perm,
                             ACP acp,
                             DocumentModel context)

Description copied from interface: MultiTenantUserManager

For an ACP, get the list of user that has a permission into the given context. This method should be use with care as it can cause performance issues while getting the list of users.

Specified by:

getUsersForPermission in interface MultiTenantUserManager

Parameters:

perm - the permission

acp - The access control policy of the document

Returns:

the list of user ids