UserManagerImpl (Nuxeo ECM Projects 10.10 API)

java.lang.Object
- org.nuxeo.ecm.platform.usermanager.UserManagerImpl

All Implemented Interfaces:

Serializable, AdministratorGroupsProvider, MultiTenantUserManager, UserManager, Authenticator, EventListener

Direct Known Subclasses:

UserManagerWithComputedGroups
```
public class UserManagerImpl
extends Object
implements UserManager, MultiTenantUserManager, AdministratorGroupsProvider
```
Standard implementation of the Nuxeo UserManager.

See Also:

Serialized Form

Nested Class Summary
- Nested classes/interfaces inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager
  UserManager.MatchType

Field Summary

Fields
Modifier and Type	Field and Description
`protected List<String>`	`administratorGroups`
`protected List<String>`	`administratorIds`
`static String`	`ANCESTOR_GROUPS_PROPERTY_KEY` Key for the ancestor group names of a group in a core event context.
`protected VirtualUser`	`anonymousUser`
`protected CacheService`	`cacheService`
`static String`	`DEFAULT_ANONYMOUS_USER_ID`
`protected String`	`defaultGroup`
`protected String`	`digestAuthDirectory`
`protected String`	`digestAuthRealm`
`protected DirectoryService`	`dirService`
`protected Boolean`	`disableDefaultAdministratorsGroup`
`static String`	`GROUPCHANGED_EVENT_ID` Used by JaasCacheFlusher.
`protected GroupConfig`	`groupConfig`
`static String`	`GROUPCREATED_EVENT_ID`
`static String`	`GROUPDELETED_EVENT_ID`
`protected String`	`groupDirectoryName`
`protected String`	`groupIdField`
`protected String`	`groupLabelField`
`protected String`	`groupListingMode`
`protected String`	`groupMembersField`
`static String`	`GROUPMODIFIED_EVENT_ID`
`protected String`	`groupParentGroupsField`
`protected String`	`groupSchemaName`
`protected Map<String,UserManager.MatchType>`	`groupSearchFields`
`protected String`	`groupSortField`
`protected String`	`groupSubGroupsField`
`static String`	`ID_PROPERTY_KEY` Key for the id of a user or a group in a core event context.
`static String`	`INVALIDATE_ALL_PRINCIPALS_EVENT_ID`
`static String`	`INVALIDATE_PRINCIPAL_EVENT_ID`
`UserMultiTenantManagement`	`multiTenantManagement`
`protected Cache`	`principalCache`
`static String`	`USER_GROUP_CATEGORY` Possible value for the `DocumentEventContext.CATEGORY_PROPERTY_KEY` key of a core event context.
`static String`	`USERCHANGED_EVENT_ID` Used by JaasCacheFlusher.
`protected UserConfig`	`userConfig` A structure used to inject field name configuration of users schema into a NuxeoPrincipalImpl instance.
`static String`	`USERCREATED_EVENT_ID`
`static String`	`USERDELETED_EVENT_ID`
`protected String`	`userDirectoryName`
`protected String`	`userEmailField`
`protected String`	`userIdField`
`protected String`	`userListingMode`
`static String`	`USERMANAGER_TOPIC`
`static String`	`USERMODIFIED_EVENT_ID`
`protected Pattern`	`userPasswordPattern`
`protected String`	`userSchemaName`
`protected Map<String,UserManager.MatchType>`	`userSearchFields`
`protected String`	`userSortField`
`static String`	`VIRTUAL_FIELD_FILTER_PREFIX`
`protected Map<String,VirtualUserDescriptor>`	`virtualUsers`

Constructor Summary

Constructors
Constructor and Description

UserManagerImpl()

Constructors
Constructor and Description
`UserManagerImpl()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`appendSubgroups(String groupId, Set<String> groups, DocumentModel context)`
`Boolean`	`areGroupsReadOnly()` Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
`Boolean`	`areUsersReadOnly()` Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.
`Principal`	`authenticate(String name, String password)` Get a principal object for the given username if the username / password pair is valid, otherwise returns null.
`protected void`	`checkGrouId(DocumentModel groupModel)`
`protected void`	`checkGroupsExistence(DocumentModel userModel, String schema, DocumentModel context)`
`protected void`	`checkPasswordValidity(DocumentModel userModel)`
`protected void`	`checkUserId(DocumentModel userModel)`
`boolean`	`checkUsernamePassword(String username, String password)` Check the password for the given username.
`protected Map<String,Serializable>`	`cloneMap(Map<String,Serializable> map)`
`protected HashSet<String>`	`cloneSet(Set<String> set)`
`DocumentModel`	`createGroup(DocumentModel groupModel)` Creates a group from given model
`DocumentModel`	`createGroup(DocumentModel groupModel, DocumentModel context)` Creates a group from given model with the given context.
`DocumentModel`	`createUser(DocumentModel userModel)` Creates user from given model.
`DocumentModel`	`createUser(DocumentModel userModel, DocumentModel context)` Creates user from given model into the given context document.
`void`	`deleteGroup(DocumentModel groupModel)` Deletes group represented by given model.
`void`	`deleteGroup(DocumentModel groupModel, DocumentModel context)` Deletes group represented by given model with the given context.
`void`	`deleteGroup(String groupId)` Deletes group with given id.
`void`	`deleteGroup(String groupId, DocumentModel context)` Deletes group with given id with the given context.
`void`	`deleteUser(DocumentModel userModel)` Deletes user represented by given model.
`void`	`deleteUser(DocumentModel userModel, DocumentModel context)` Deletes user represented by given model into the given context document.
`void`	`deleteUser(String userId)` Deletes user with given id.
`void`	`deleteUser(String userId, DocumentModel context)` Deletes user with given id into the given context document.
`static String`	`encodeDigestAuthPassword(String username, String realm, String password)`
`List<String>`	`getAdministratorsGroups()` Returns the list of administrators groups.
`List<String>`	`getAncestorGroups(String groupId)` Returns the ancestor groups of the group with the given id.
`String`	`getAnonymousUserId()` Gets the anonymous user id.
`DocumentModel`	`getBareGroupModel()` Returns a bare group model.
`DocumentModel`	`getBareUserModel()` Returns a bare user model.
`String`	`getDefaultGroup()`
`String`	`getDigestAuthDirectory()` Gets the Digest Auth directory.
`protected DocumentModel`	`getDigestAuthModel()`
`String`	`getDigestAuthRealm()` Gets the Digest Auth realm.
`protected Map<String,String>`	`getDirectorySortMap(String descriptorSortField, String fallBackField)`
`NuxeoGroup`	`getGroup(String groupName)` Returns the nuxeo group with given name or null if it does not exist.
`protected NuxeoGroup`	`getGroup(String groupName, DocumentModel context)`
`GroupConfig`	`getGroupConfig()` Returns the contributed `GroupConfig`.
`String`	`getGroupDirectoryName()` Gets the group directory name.
`protected String`	`getGroupId(DocumentModel groupModel)`
`String`	`getGroupIdField()` Returns the group directory id field.
`List<String>`	`getGroupIds()` Returns the list of all groups ids.
`List<String>`	`getGroupIds(DocumentModel context)` Returns the list of all groups ids with the given context.
`String`	`getGroupLabelField()` Returns the group label field.
`String`	`getGroupListingMode()`
`String`	`getGroupMembersField()` Gets the group members field.
`DocumentModel`	`getGroupModel(String groupName)` Return the group document model with this id or null if group does not exist.
`DocumentModel`	`getGroupModel(String groupIdValue, DocumentModel context)` Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
`protected OrderByExpr`	`getGroupOrderBy()`
`String`	`getGroupParentGroupsField()` Gets the group parent-groups field.
`String`	`getGroupSchemaName()` Returns the group directory schema name.
`Set<String>`	`getGroupSearchFields()` Gets the group search fields.
`List<String>`	`getGroupsInGroup(String parentId)` Returns the list of groups that belong to this group.
`List<String>`	`getGroupsInGroup(String parentId, DocumentModel context)` Returns the list of groups that belong to this group with the given context.
`protected Map<String,String>`	`getGroupSortMap()`
`String`	`getGroupSubGroupsField()` Gets the group sub-groups field.
`protected List<String>`	`getLeafPermissions(String perm)`
`NuxeoPrincipal`	`getPrincipal(String username)` Retrieves the principal with the given username or null if it does not exist.
`NuxeoPrincipal`	`getPrincipal(String username, DocumentModel context)` Retrieves the principal with the given username or null if it does not exist into the given context document.
`protected NuxeoPrincipal`	`getPrincipalUsingCache(String username)`
`protected QueryBuilder`	`getQueryForPattern(String pattern, String dirName, Map<String,UserManager.MatchType> searchFields, OrderByExpr orderBy)`
`List<String>`	`getTopLevelGroups()` Returns the list of groups that are not members of other groups.
`List<String>`	`getTopLevelGroups(DocumentModel context)` Returns the list of groups that are not members of other groups with the given context.
`String`	`getUserDirectoryName()` Gets the user directory name.
`String`	`getUserEmailField()` Gets the user email field.
`protected String`	`getUserId(DocumentModel userModel)`
`String`	`getUserIdField()` Returns the user directory id field.
`List<String>`	`getUserIds()` Returns the list of all user ids.
`List<String>`	`getUserIds(DocumentModel context)` Returns the list of all user ids into the given context document.
`String`	`getUserListingMode()`
`DocumentModel`	`getUserModel(String userName)` Returns the document model representing user with given id or null if it does not exist.
`DocumentModel`	`getUserModel(String userName, DocumentModel context)` Returns the document model representing user with given id or null if it does not exist into the given context document.
`protected OrderByExpr`	`getUserOrderBy()`
`Pattern`	`getUserPasswordPattern()`
`String`	`getUserSchemaName()` Returns the user directory schema name.
`Set<String>`	`getUserSearchFields()` Gets the user search fields, the fields to use when a principal search is done.
`String[]`	`getUsersForPermission(String perm, ACP acp)` For an ACP, get the list of user that has a permission.
`String[]`	`getUsersForPermission(String perm, ACP acp, DocumentModel context)` For an ACP, get the list of user that has a permission into the given context.
`List<String>`	`getUsersInGroup(String groupId)` Returns the list of users that belong to this group.
`List<String>`	`getUsersInGroup(String groupId, DocumentModel context)` Returns the list of users that belong to this group into the given context
`List<String>`	`getUsersInGroupAndSubGroups(String groupId)` Get users from a group and its subgroups.
`List<String>`	`getUsersInGroupAndSubGroups(String groupId, DocumentModel context)` Get users from a group and its subgroups into the given context
`String`	`getUserSortField()`
`protected Map<String,String>`	`getUserSortMap()`
`void`	`handleEvent(Event event)` An event was received.
`protected void`	`invalidateAllPrincipals()`
`protected void`	`invalidatePrincipal(String userName)`
`protected boolean`	`isAnonymousMatching(Map<String,Serializable> filter, Set<String> fulltext)`
`protected boolean`	`isAnonymousMatching(QueryBuilder queryBuilder, Directory dir)`
`protected NuxeoPrincipal`	`makeAnonymousPrincipal()`
`protected NuxeoGroup`	`makeGroup(DocumentModel groupEntry)`
`protected NuxeoPrincipal`	`makePrincipal(DocumentModel userEntry)`
`protected NuxeoPrincipal`	`makePrincipal(DocumentModel userEntry, boolean anonymous, boolean isTransient, List<String> groups)`
`protected NuxeoPrincipal`	`makePrincipal(DocumentModel userEntry, boolean anonymous, List<String> groups)`
`protected NuxeoPrincipal`	`makeTransientPrincipal(String username)`
`protected NuxeoPrincipal`	`makeVirtualPrincipal(VirtualUser user)`
`protected DocumentModel`	`makeVirtualUserEntry(String id, VirtualUser user)`
`protected void`	`notifyCore(String userOrGroupId, String eventId)`
`protected void`	`notifyCore(String userOrGroupId, String eventId, List<String> ancestorGroupIds)`
`void`	`notifyGroupChanged(String groupName, String eventId, List<String> ancestorGroupNames)` Notifies that the given group has changed with the given event: At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset. At the core level, passing the `groupName` as the `"id"` property of the fired event.
`protected void`	`notifyRuntime(String userOrGroupName, String eventId)`
`void`	`notifyUserChanged(String userName, String eventId)` Notifies that the given user has changed with the given event: At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset. At the core level, passing the `userName` as the `"id"` property of the fired event.
`protected void`	`populateAncestorGroups(String groupId, List<String> ancestorGroups)`
`protected DocumentModelList`	`queryWithVirtualEntries(Session session, QueryBuilder queryBuilder, List<DocumentModel> virtualEntries)` Executes a query then adds virtual entries (already supposed to match the query).
`protected void`	`removeVirtualFilters(Map<String,Serializable> filter)`
`DocumentModelList`	`searchGroups(Map<String,Serializable> filter, Set<String> fulltext)` Returns groups matching given criteria.
`DocumentModelList`	`searchGroups(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context)` Returns groups matching given criteria with the given context.
`DocumentModelList`	`searchGroups(QueryBuilder queryBuilder)` Returns groups matching the given query.
`DocumentModelList`	`searchGroups(QueryBuilder queryBuilder, DocumentModel context)` Returns groups matching the given query, within the given context.
`DocumentModelList`	`searchGroups(String pattern)` Search matching groups through their defined search fields
`DocumentModelList`	`searchGroups(String pattern, DocumentModel context)` Search matching groups through their defined search fields into the given context document.
`List<NuxeoPrincipal>`	`searchPrincipals(String pattern)`
`DocumentModelList`	`searchUsers(Map<String,Serializable> filter, Set<String> fulltext)` Returns users matching given criteria.
`DocumentModelList`	`searchUsers(Map<String,Serializable> filter, Set<String> fulltext, DocumentModel context)` Returns users matching given criteria and with the given context.
`DocumentModelList`	`searchUsers(Map<String,Serializable> filter, Set<String> fulltext, Map<String,String> orderBy, DocumentModel context)` MULTI-TENANT-IMPLEMENTATION
`DocumentModelList`	`searchUsers(QueryBuilder queryBuilder)` Returns users matching the given query.
`DocumentModelList`	`searchUsers(QueryBuilder queryBuilder, DocumentModel context)` Returns users matching the given query, within the given context.
`DocumentModelList`	`searchUsers(String pattern)` Returns users matching given pattern
`DocumentModelList`	`searchUsers(String pattern, DocumentModel context)` Returns users matching given pattern with the given context.
`void`	`setConfiguration(UserManagerDescriptor descriptor)` Sets the given configuration on the service.
`protected void`	`setGroupDirectoryName(String groupDirectoryName)`
`protected void`	`setUserDirectoryName(String userDirectoryName)`
`protected void`	`setVirtualUsers(Map<String,VirtualUserDescriptor> virtualUsers)`
`protected void`	`syncDigestAuthPassword(String username, String password)`
`void`	`updateGroup(DocumentModel groupModel)` Updates group represented by given model.
`void`	`updateGroup(DocumentModel groupModel, DocumentModel context)` Updates group represented by given model with the given context.
`void`	`updateUser(DocumentModel userModel)` Updates user represented by given model.
`void`	`updateUser(DocumentModel userModel, DocumentModel context)` Updates user represented by given model into the given context document.
`protected boolean`	`useCache()`
`boolean`	`validatePassword(String password)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager
notifyGroupChanged

- Field Detail
  - USERMANAGER_TOPIC
```
public static final String USERMANAGER_TOPIC
```
    See Also:
    
    Constant Field Values
  - USERCHANGED_EVENT_ID
```
public static final String USERCHANGED_EVENT_ID
```
    Used by JaasCacheFlusher.
    
    See Also:
    
    Constant Field Values
  - USERCREATED_EVENT_ID
```
public static final String USERCREATED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - USERDELETED_EVENT_ID
```
public static final String USERDELETED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - USERMODIFIED_EVENT_ID
```
public static final String USERMODIFIED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - GROUPCHANGED_EVENT_ID
```
public static final String GROUPCHANGED_EVENT_ID
```
    Used by JaasCacheFlusher.
    
    See Also:
    
    Constant Field Values
  - GROUPCREATED_EVENT_ID
```
public static final String GROUPCREATED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - GROUPDELETED_EVENT_ID
```
public static final String GROUPDELETED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - GROUPMODIFIED_EVENT_ID
```
public static final String GROUPMODIFIED_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - DEFAULT_ANONYMOUS_USER_ID
```
public static final String DEFAULT_ANONYMOUS_USER_ID
```
    See Also:
    
    Constant Field Values
  - VIRTUAL_FIELD_FILTER_PREFIX
```
public static final String VIRTUAL_FIELD_FILTER_PREFIX
```
    See Also:
    
    Constant Field Values
  - INVALIDATE_PRINCIPAL_EVENT_ID
```
public static final String INVALIDATE_PRINCIPAL_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - INVALIDATE_ALL_PRINCIPALS_EVENT_ID
```
public static final String INVALIDATE_ALL_PRINCIPALS_EVENT_ID
```
    See Also:
    
    Constant Field Values
  - USER_GROUP_CATEGORY
```
public static final String USER_GROUP_CATEGORY
```
    Possible value for the DocumentEventContext.CATEGORY_PROPERTY_KEY key of a core event context.
    
    Since:
    
    9.2
    
    See Also:
    
    Constant Field Values
  - ID_PROPERTY_KEY
```
public static final String ID_PROPERTY_KEY
```
    Key for the id of a user or a group in a core event context.
    
    Since:
    
    9.2
    
    See Also:
    
    Constant Field Values
  - ANCESTOR_GROUPS_PROPERTY_KEY
```
public static final String ANCESTOR_GROUPS_PROPERTY_KEY
```
    Key for the ancestor group names of a group in a core event context.
    
    Since:
    
    9.2
    
    See Also:
    
    Constant Field Values
  - dirService
```
protected final DirectoryService dirService
```
  - cacheService
```
protected final CacheService cacheService
```
  - principalCache
```
protected Cache principalCache
```
  - multiTenantManagement
```
public UserMultiTenantManagement multiTenantManagement
```
  - userConfig
```
protected UserConfig userConfig
```
    A structure used to inject field name configuration of users schema into a NuxeoPrincipalImpl instance. TODO not all fields inside are configurable for now - they will use default values
  - groupConfig
```
protected GroupConfig groupConfig
```
    Since:
    
    9.3
  - userDirectoryName
```
protected String userDirectoryName
```
  - userSchemaName
```
protected String userSchemaName
```
  - userIdField
```
protected String userIdField
```
  - userEmailField
```
protected String userEmailField
```
  - userSearchFields
```
protected Map<String,UserManager.MatchType> userSearchFields
```
  - groupDirectoryName
```
protected String groupDirectoryName
```
  - groupSchemaName
```
protected String groupSchemaName
```
  - groupIdField
```
protected String groupIdField
```
  - groupLabelField
```
protected String groupLabelField
```
  - groupMembersField
```
protected String groupMembersField
```
  - groupSubGroupsField
```
protected String groupSubGroupsField
```
  - groupParentGroupsField
```
protected String groupParentGroupsField
```
  - groupSortField
```
protected String groupSortField
```
  - groupSearchFields
```
protected Map<String,UserManager.MatchType> groupSearchFields
```
  - defaultGroup
```
protected String defaultGroup
```
  - administratorIds
```
protected List<String> administratorIds
```
  - administratorGroups
```
protected List<String> administratorGroups
```
  - disableDefaultAdministratorsGroup
```
protected Boolean disableDefaultAdministratorsGroup
```
  - userSortField
```
protected String userSortField
```
  - userListingMode
```
protected String userListingMode
```
  - groupListingMode
```
protected String groupListingMode
```
  - userPasswordPattern
```
protected Pattern userPasswordPattern
```
  - anonymousUser
```
protected VirtualUser anonymousUser
```
  - digestAuthDirectory
```
protected String digestAuthDirectory
```
  - digestAuthRealm
```
protected String digestAuthRealm
```
  - virtualUsers
```
protected final Map<String,VirtualUserDescriptor> virtualUsers
```
- Constructor Detail
  - UserManagerImpl
```
public UserManagerImpl()
```
- Method Detail
  - setConfiguration
```
public void setConfiguration(UserManagerDescriptor descriptor)
```
    Description copied from interface: UserManager
    
    Sets the given configuration on the service.
    
    Specified by:
    
    setConfiguration in interface UserManager
    
    Parameters:
    
    descriptor - the descriptor as parsed from xml, merged from the previous one if it exists.
  - setUserDirectoryName
```
protected void setUserDirectoryName(String userDirectoryName)
```
  - getUserDirectoryName
```
public String getUserDirectoryName()
```
    Description copied from interface: UserManager
    
    Gets the user directory name.
    
    Specified by:
    
    getUserDirectoryName in interface UserManager
    
    Returns:
    
    the user directory name.
  - getUserIdField
```
public String getUserIdField()
```
    Description copied from interface: UserManager
    
    Returns the user directory id field.
    
    Specified by:
    
    getUserIdField in interface UserManager
  - getUserSchemaName
```
public String getUserSchemaName()
```
    Description copied from interface: UserManager
    
    Returns the user directory schema name.
    
    Specified by:
    
    getUserSchemaName in interface UserManager
  - getUserEmailField
```
public String getUserEmailField()
```
    Description copied from interface: UserManager
    
    Gets the user email field.
    
    Specified by:
    
    getUserEmailField in interface UserManager
    
    Returns:
    
    the user email field.
  - getUserSearchFields
```
public Set<String> getUserSearchFields()
```
    Description copied from interface: UserManager
    
    Gets the user search fields, the fields to use when a principal search is done.
    
    Specified by:
    
    getUserSearchFields in interface UserManager
    
    Returns:
    
    the search fields.
  - getGroupSearchFields
```
public Set<String> getGroupSearchFields()
```
    Description copied from interface: UserManager
    
    Gets the group search fields.
    
    Specified by:
    
    getGroupSearchFields in interface UserManager
  - setGroupDirectoryName
```
protected void setGroupDirectoryName(String groupDirectoryName)
```
  - getGroupDirectoryName
```
public String getGroupDirectoryName()
```
    Description copied from interface: UserManager
    
    Gets the group directory name.
    
    Specified by:
    
    getGroupDirectoryName in interface UserManager
    
    Returns:
    
    the group directory name.
  - getGroupIdField
```
public String getGroupIdField()
```
    Description copied from interface: UserManager
    
    Returns the group directory id field.
    
    Specified by:
    
    getGroupIdField in interface UserManager
  - getGroupLabelField
```
public String getGroupLabelField()
```
    Description copied from interface: UserManager
    
    Returns the group label field.
    
    Specified by:
    
    getGroupLabelField in interface UserManager
  - getGroupSchemaName
```
public String getGroupSchemaName()
```
    Description copied from interface: UserManager
    
    Returns the group directory schema name.
    
    Specified by:
    
    getGroupSchemaName in interface UserManager
  - getGroupMembersField
```
public String getGroupMembersField()
```
    Description copied from interface: UserManager
    
    Gets the group members field.
    
    Specified by:
    
    getGroupMembersField in interface UserManager
    
    Returns:
    
    the group members field.
  - getGroupSubGroupsField
```
public String getGroupSubGroupsField()
```
    Description copied from interface: UserManager
    
    Gets the group sub-groups field.
    
    Specified by:
    
    getGroupSubGroupsField in interface UserManager
    
    Returns:
    
    the sub-groups field.
  - getGroupParentGroupsField
```
public String getGroupParentGroupsField()
```
    Description copied from interface: UserManager
    
    Gets the group parent-groups field.
    
    Specified by:
    
    getGroupParentGroupsField in interface UserManager
    
    Returns:
    
    the parent-groups field.
  - getUserListingMode
```
public String getUserListingMode()
```
    Specified by:
    
    getUserListingMode in interface UserManager
  - getGroupListingMode
```
public String getGroupListingMode()
```
    Specified by:
    
    getGroupListingMode in interface UserManager
  - getDefaultGroup
```
public String getDefaultGroup()
```
    Specified by:
    
    getDefaultGroup in interface UserManager
  - getUserPasswordPattern
```
public Pattern getUserPasswordPattern()
```
    Specified by:
    
    getUserPasswordPattern in interface UserManager
  - getAnonymousUserId
```
public String getAnonymousUserId()
```
    Description copied from interface: UserManager
    
    Gets the anonymous user id.
    
    Specified by:
    
    getAnonymousUserId in interface UserManager
    
    Returns:
    
    the anonymous user id, or the default one if none is defined.
  - setVirtualUsers
```
protected void setVirtualUsers(Map<String,VirtualUserDescriptor> virtualUsers)
```
  - checkUsernamePassword
```
public boolean checkUsernamePassword(String username,
                                     String password)
```
    Description copied from interface: Authenticator
    
    Check the password for the given username. Returns true if the username / password pair match, false otherwise.
    
    Specified by:
    
    checkUsernamePassword in interface UserManager
    
    Specified by:
    
    checkUsernamePassword in interface Authenticator
    
    Parameters:
    
    username - the username
    
    password - the password to check
    
    Returns:
    
    true is valid, false otherwise
  - syncDigestAuthPassword
```
protected void syncDigestAuthPassword(String username,
                                      String password)
```
  - getDigestAuthModel
```
protected DocumentModel getDigestAuthModel()
```
  - encodeDigestAuthPassword
```
public static String encodeDigestAuthPassword(String username,
                                              String realm,
                                              String password)
```
  - getDigestAuthDirectory
```
public String getDigestAuthDirectory()
```
    Description copied from interface: UserManager
    
    Gets the Digest Auth directory.
    
    Specified by:
    
    getDigestAuthDirectory in interface UserManager
  - getDigestAuthRealm
```
public String getDigestAuthRealm()
```
    Description copied from interface: UserManager
    
    Gets the Digest Auth realm.
    
    Specified by:
    
    getDigestAuthRealm in interface UserManager
  - validatePassword
```
public boolean validatePassword(String password)
```
    Specified by:
    
    validatePassword in interface UserManager
  - makeAnonymousPrincipal
```
protected NuxeoPrincipal makeAnonymousPrincipal()
```
  - makeVirtualPrincipal
```
protected NuxeoPrincipal makeVirtualPrincipal(VirtualUser user)
```
  - makeTransientPrincipal
```
protected NuxeoPrincipal makeTransientPrincipal(String username)
```
  - makeVirtualUserEntry
```
protected DocumentModel makeVirtualUserEntry(String id,
                                             VirtualUser user)
```
  - makePrincipal
```
protected NuxeoPrincipal makePrincipal(DocumentModel userEntry)
```
  - makePrincipal
```
protected NuxeoPrincipal makePrincipal(DocumentModel userEntry,
                                       boolean anonymous,
                                       List<String> groups)
```
  - makePrincipal
```
protected NuxeoPrincipal makePrincipal(DocumentModel userEntry,
                                       boolean anonymous,
                                       boolean isTransient,
                                       List<String> groups)
```
  - useCache
```
protected boolean useCache()
```
  - getPrincipal
```
public NuxeoPrincipal getPrincipal(String username)
```
    Description copied from interface: UserManager
    
    Retrieves the principal with the given username or null if it does not exist.
    Can build principals for anonymous and virtual users as well as for users defined in the users directory.
    
    Specified by:
    
    getPrincipal in interface UserManager
  - getPrincipalUsingCache
```
protected NuxeoPrincipal getPrincipalUsingCache(String username)
```
  - getUserModel
```
public DocumentModel getUserModel(String userName)
```
    Description copied from interface: UserManager
    
    Returns the document model representing user with given id or null if it does not exist.
    
    Specified by:
    
    getUserModel in interface UserManager
  - getBareUserModel
```
public DocumentModel getBareUserModel()
```
    Description copied from interface: UserManager
    
    Returns a bare user model.
    Can be used for user creation/search screens.
    
    Specified by:
    
    getBareUserModel in interface UserManager
  - getGroup
```
public NuxeoGroup getGroup(String groupName)
```
    Description copied from interface: UserManager
    
    Returns the nuxeo group with given name or null if it does not exist.
    
    Specified by:
    
    getGroup in interface UserManager
  - getGroup
```
protected NuxeoGroup getGroup(String groupName,
                              DocumentModel context)
```
  - getGroupModel
```
public DocumentModel getGroupModel(String groupName)
```
    Description copied from interface: UserManager
    
    Return the group document model with this id or null if group does not exist.
    
    Specified by:
    
    getGroupModel in interface UserManager
    
    Parameters:
    
    groupName - the group identifier
  - makeGroup
```
protected NuxeoGroup makeGroup(DocumentModel groupEntry)
```
  - getTopLevelGroups
```
public List<String> getTopLevelGroups()
```
    Description copied from interface: UserManager
    
    Returns the list of groups that are not members of other groups.
    
    Specified by:
    
    getTopLevelGroups in interface UserManager
  - getGroupsInGroup
```
public List<String> getGroupsInGroup(String parentId)
```
    Description copied from interface: UserManager
    
    Returns the list of groups that belong to this group.
    
    Specified by:
    
    getGroupsInGroup in interface UserManager
    
    Parameters:
    
    parentId - the name of the parent group.
  - getUsersInGroup
```
public List<String> getUsersInGroup(String groupId)
```
    Description copied from interface: UserManager
    
    Returns the list of users that belong to this group.
    
    Specified by:
    
    getUsersInGroup in interface UserManager
    
    Parameters:
    
    groupId - ID of the group
  - getUsersInGroupAndSubGroups
```
public List<String> getUsersInGroupAndSubGroups(String groupId)
```
    Description copied from interface: UserManager
    
    Get users from a group and its subgroups.
    
    Specified by:
    
    getUsersInGroupAndSubGroups in interface UserManager
    
    Parameters:
    
    groupId - ID of the group
  - appendSubgroups
```
protected void appendSubgroups(String groupId,
                               Set<String> groups,
                               DocumentModel context)
```
  - isAnonymousMatching
```
protected boolean isAnonymousMatching(Map<String,Serializable> filter,
                                      Set<String> fulltext)
```
  - isAnonymousMatching
```
protected boolean isAnonymousMatching(QueryBuilder queryBuilder,
                                      Directory dir)
```
  - searchPrincipals
```
public List<NuxeoPrincipal> searchPrincipals(String pattern)
```
    Specified by:
    
    searchPrincipals in interface UserManager
  - searchGroups
```
public DocumentModelList searchGroups(String pattern)
```
    Description copied from interface: UserManager
    
    Search matching groups through their defined search fields
    
    Specified by:
    
    searchGroups in interface UserManager
  - getUserSortField
```
public String getUserSortField()
```
    Specified by:
    
    getUserSortField in interface UserManager
  - getUserSortMap
```
protected Map<String,String> getUserSortMap()
```
  - getUserOrderBy
```
protected OrderByExpr getUserOrderBy()
```
  - getGroupSortMap
```
protected Map<String,String> getGroupSortMap()
```
  - getGroupOrderBy
```
protected OrderByExpr getGroupOrderBy()
```
  - getDirectorySortMap
```
protected Map<String,String> getDirectorySortMap(String descriptorSortField,
                                                 String fallBackField)
```
  - notifyCore
```
protected void notifyCore(String userOrGroupId,
                          String eventId)
```
    Since:
    
    8.2
  - notifyCore
```
protected void notifyCore(String userOrGroupId,
                          String eventId,
                          List<String> ancestorGroupIds)
```
    Since:
    
    9.2
  - notifyRuntime
```
protected void notifyRuntime(String userOrGroupName,
                             String eventId)
```
  - notifyUserChanged
```
public void notifyUserChanged(String userName,
                              String eventId)
```
    Description copied from interface: UserManager
    Notifies that the given user has changed with the given event:
    - At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
    - At the core level, passing the userName as the "id" property of the fired event.
    Specified by:
    
    notifyUserChanged in interface UserManager
  - invalidatePrincipal
```
protected void invalidatePrincipal(String userName)
```
  - notifyGroupChanged
```
public void notifyGroupChanged(String groupName,
                               String eventId,
                               List<String> ancestorGroupNames)
```
    Description copied from interface: UserManager
    Notifies that the given group has changed with the given event:
    - At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
    - At the core level, passing the groupName as the "id" property of the fired event.
    The ancestorGroupNames list must contain the ancestor groups of the given group. It can be computed by calling UserManager.getAncestorGroups(String). It will be passed as the "ancestorGroups" property of the fired core event.
    Specified by:
    
    notifyGroupChanged in interface UserManager
  - invalidateAllPrincipals
```
protected void invalidateAllPrincipals()
```
  - areGroupsReadOnly
```
public Boolean areGroupsReadOnly()
```
    Description copied from interface: UserManager
    
    Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
    
    Specified by:
    
    areGroupsReadOnly in interface MultiTenantUserManager
    
    Specified by:
    
    areGroupsReadOnly in interface UserManager
  - areUsersReadOnly
```
public Boolean areUsersReadOnly()
```
    Description copied from interface: UserManager
    
    Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.
    
    Specified by:
    
    areUsersReadOnly in interface MultiTenantUserManager
    
    Specified by:
    
    areUsersReadOnly in interface UserManager
  - checkGrouId
```
protected void checkGrouId(DocumentModel groupModel)
```
  - getGroupId
```
protected String getGroupId(DocumentModel groupModel)
```
  - checkUserId
```
protected void checkUserId(DocumentModel userModel)
```
  - getUserId
```
protected String getUserId(DocumentModel userModel)
```
  - createGroup
```
public DocumentModel createGroup(DocumentModel groupModel)
```
    Description copied from interface: UserManager
    
    Creates a group from given model
    
    Specified by:
    
    createGroup in interface UserManager
    
    Returns:
    
    the created group model
  - createUser
```
public DocumentModel createUser(DocumentModel userModel)
```
    Description copied from interface: UserManager
    
    Creates user from given model.
    
    Specified by:
    
    createUser in interface UserManager
  - deleteGroup
```
public void deleteGroup(String groupId)
```
    Description copied from interface: UserManager
    
    Deletes group with given id.
    
    Specified by:
    
    deleteGroup in interface UserManager
  - deleteGroup
```
public void deleteGroup(DocumentModel groupModel)
```
    Description copied from interface: UserManager
    
    Deletes group represented by given model.
    
    Specified by:
    
    deleteGroup in interface UserManager
  - deleteUser
```
public void deleteUser(String userId)
```
    Description copied from interface: UserManager
    
    Deletes user with given id.
    
    Specified by:
    
    deleteUser in interface UserManager
  - deleteUser
```
public void deleteUser(DocumentModel userModel)
```
    Description copied from interface: UserManager
    
    Deletes user represented by given model.
    
    Specified by:
    
    deleteUser in interface UserManager
  - getGroupIds
```
public List<String> getGroupIds()
```
    Description copied from interface: UserManager
    
    Returns the list of all groups ids.
    
    Specified by:
    
    getGroupIds in interface UserManager
  - getUserIds
```
public List<String> getUserIds()
```
    Description copied from interface: UserManager
    
    Returns the list of all user ids.
    
    Specified by:
    
    getUserIds in interface UserManager
  - removeVirtualFilters
```
protected void removeVirtualFilters(Map<String,Serializable> filter)
```
  - getQueryForPattern
```
protected QueryBuilder getQueryForPattern(String pattern,
                                          String dirName,
                                          Map<String,UserManager.MatchType> searchFields,
                                          OrderByExpr orderBy)
```
  - searchGroups
```
public DocumentModelList searchGroups(Map<String,Serializable> filter,
                                      Set<String> fulltext)
```
    Description copied from interface: UserManager
    
    Returns groups matching given criteria.
    
    Specified by:
    
    searchGroups in interface UserManager
    
    Parameters:
    
    filter - filter with field names as keys
    
    fulltext - field names used for fulltext match
  - searchGroups
```
public DocumentModelList searchGroups(QueryBuilder queryBuilder)
```
    Description copied from interface: UserManager
    
    Returns groups matching the given query.
    
    Specified by:
    
    searchGroups in interface UserManager
    
    Parameters:
    
    queryBuilder - the query to use, including limit, offset, ordering and countTotal
  - searchUsers
```
public DocumentModelList searchUsers(String pattern)
```
    Description copied from interface: UserManager
    
    Returns users matching given pattern
    Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).
    
    Specified by:
    
    searchUsers in interface UserManager
  - searchUsers
```
public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext)
```
    Description copied from interface: UserManager
    
    Returns users matching given criteria.
    
    Specified by:
    
    searchUsers in interface UserManager
    
    Parameters:
    
    filter - filter with field names as keys
    
    fulltext - field names used for fulltext match
  - searchUsers
```
public DocumentModelList searchUsers(QueryBuilder queryBuilder)
```
    Description copied from interface: UserManager
    
    Returns users matching the given query.
    
    Specified by:
    
    searchUsers in interface UserManager
    
    Parameters:
    
    queryBuilder - the query to use, including limit, offset, ordering and countTotal
  - updateGroup
```
public void updateGroup(DocumentModel groupModel)
```
    Description copied from interface: UserManager
    
    Updates group represented by given model.
    
    Specified by:
    
    updateGroup in interface UserManager
  - updateUser
```
public void updateUser(DocumentModel userModel)
```
    Description copied from interface: UserManager
    
    Updates user represented by given model.
    
    Specified by:
    
    updateUser in interface UserManager
  - getBareGroupModel
```
public DocumentModel getBareGroupModel()
```
    Description copied from interface: UserManager
    
    Returns a bare group model.
    Can be used for group creation/search screens.
    
    Specified by:
    
    getBareGroupModel in interface UserManager
  - getAdministratorsGroups
```
public List<String> getAdministratorsGroups()
```
    Description copied from interface: UserManager
    
    Returns the list of administrators groups.
    
    Specified by:
    
    getAdministratorsGroups in interface AdministratorGroupsProvider
    
    Specified by:
    
    getAdministratorsGroups in interface UserManager
  - getLeafPermissions
```
protected List<String> getLeafPermissions(String perm)
```
  - getUsersForPermission
```
public String[] getUsersForPermission(String perm,
                                      ACP acp)
```
    Description copied from interface: UserManager
    
    For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.
    
    Specified by:
    
    getUsersForPermission in interface UserManager
    
    Parameters:
    
    perm - the permission
    
    acp - The access control policy of the document
    
    Returns:
    
    the list of user ids
  - authenticate
```
public Principal authenticate(String name,
                              String password)
```
    Description copied from interface: Authenticator
    
    Get a principal object for the given username if the username / password pair is valid, otherwise returns null.
    This method is doing the authentication of the given username / password pair and returns the corresponding principal object if authentication succeeded otherwise returns null.
    
    Specified by:
    
    authenticate in interface Authenticator
    
    Returns:
    
    the authenticated principal if authentication succeded otherwise null
  - searchUsers
```
public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext,
                                     Map<String,String> orderBy,
                                     DocumentModel context)
```
    MULTI-TENANT-IMPLEMENTATION
  - getUsersInGroup
```
public List<String> getUsersInGroup(String groupId,
                                    DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the list of users that belong to this group into the given context
    
    Specified by:
    
    getUsersInGroup in interface MultiTenantUserManager
    
    Parameters:
    
    groupId - ID of the group
    
    Returns:
  - searchUsers
```
public DocumentModelList searchUsers(String pattern,
                                     DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns users matching given pattern with the given context. if the Document Context have a directory local configuration, the service try to open the directory with directory suffix set into the local configuration
    Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).
    
    Specified by:
    
    searchUsers in interface MultiTenantUserManager
  - searchUsers
```
public DocumentModelList searchUsers(QueryBuilder queryBuilder,
                                     DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns users matching the given query, within the given context.
    
    Specified by:
    
    searchUsers in interface MultiTenantUserManager
    
    Parameters:
    
    queryBuilder - the query to use, including limit, offset, ordering and countTotal
    
    context - the context for the tenant, or null
  - queryWithVirtualEntries
```
protected DocumentModelList queryWithVirtualEntries(Session session,
                                                    QueryBuilder queryBuilder,
                                                    List<DocumentModel> virtualEntries)
```
    Executes a query then adds virtual entries (already supposed to match the query). Then does limit/offset/order/countTotal.
    
    Since:
    
    10.3
  - searchUsers
```
public DocumentModelList searchUsers(Map<String,Serializable> filter,
                                     Set<String> fulltext,
                                     DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns users matching given criteria and with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
    
    Specified by:
    
    searchUsers in interface MultiTenantUserManager
    
    Parameters:
    
    filter - filter with field names as keys
    
    fulltext - field names used for fulltext match
  - getGroupIds
```
public List<String> getGroupIds(DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the list of all groups ids with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
    
    Specified by:
    
    getGroupIds in interface MultiTenantUserManager
  - searchGroups
```
public DocumentModelList searchGroups(Map<String,Serializable> filter,
                                      Set<String> fulltext,
                                      DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns groups matching given criteria with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
    
    Specified by:
    
    searchGroups in interface MultiTenantUserManager
    
    Parameters:
    
    filter - filter with field names as keys
    
    fulltext - field names used for fulltext match
  - searchGroups
```
public DocumentModelList searchGroups(QueryBuilder queryBuilder,
                                      DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns groups matching the given query, within the given context.
    
    Specified by:
    
    searchGroups in interface MultiTenantUserManager
    
    Parameters:
    
    queryBuilder - the query to use, including limit, offset, ordering and countTotal
    
    context - the context for the tenant, or null
  - createGroup
```
public DocumentModel createGroup(DocumentModel groupModel,
                                 DocumentModel context)
                          throws GroupAlreadyExistsException
```
    Description copied from interface: MultiTenantUserManager
    
    Creates a group from given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
    
    Specified by:
    
    createGroup in interface MultiTenantUserManager
    
    Returns:
    
    the created group model
    
    Throws:
    
    GroupAlreadyExistsException
  - getGroupModel
```
public DocumentModel getGroupModel(String groupIdValue,
                                   DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
    
    Specified by:
    
    getGroupModel in interface MultiTenantUserManager
    
    Parameters:
    
    groupIdValue - the group identifier
  - getUserModel
```
public DocumentModel getUserModel(String userName,
                                  DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the document model representing user with given id or null if it does not exist into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    getUserModel in interface MultiTenantUserManager
  - cloneMap
```
protected Map<String,Serializable> cloneMap(Map<String,Serializable> map)
```
  - cloneSet
```
protected HashSet<String> cloneSet(Set<String> set)
```
  - getPrincipal
```
public NuxeoPrincipal getPrincipal(String username,
                                   DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Retrieves the principal with the given username or null if it does not exist into the given context document. The context document must be contained into the tenant
    Can build principals for anonymous and virtual users as well as for users defined in the users directory.
    
    Specified by:
    
    getPrincipal in interface MultiTenantUserManager
  - searchGroups
```
public DocumentModelList searchGroups(String pattern,
                                      DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Search matching groups through their defined search fields into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    searchGroups in interface MultiTenantUserManager
  - getUserIds
```
public List<String> getUserIds(DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the list of all user ids into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    getUserIds in interface MultiTenantUserManager
  - createUser
```
public DocumentModel createUser(DocumentModel userModel,
                                DocumentModel context)
                         throws UserAlreadyExistsException
```
    Description copied from interface: MultiTenantUserManager
    
    Creates user from given model into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    createUser in interface MultiTenantUserManager
    
    Throws:
    
    UserAlreadyExistsException
  - checkGroupsExistence
```
protected void checkGroupsExistence(DocumentModel userModel,
                                    String schema,
                                    DocumentModel context)
```
  - checkPasswordValidity
```
protected void checkPasswordValidity(DocumentModel userModel)
                              throws InvalidPasswordException
```
    Throws:
    
    InvalidPasswordException
  - updateUser
```
public void updateUser(DocumentModel userModel,
                       DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Updates user represented by given model into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    updateUser in interface MultiTenantUserManager
  - deleteUser
```
public void deleteUser(DocumentModel userModel,
                       DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Deletes user represented by given model into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    deleteUser in interface MultiTenantUserManager
  - deleteUser
```
public void deleteUser(String userId,
                       DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Deletes user with given id into the given context document. The context document must be contained into the tenant.
    
    Specified by:
    
    deleteUser in interface MultiTenantUserManager
  - updateGroup
```
public void updateGroup(DocumentModel groupModel,
                        DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Updates group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
    
    Specified by:
    
    updateGroup in interface MultiTenantUserManager
  - deleteGroup
```
public void deleteGroup(DocumentModel groupModel,
                        DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Deletes group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
    
    Specified by:
    
    deleteGroup in interface MultiTenantUserManager
  - deleteGroup
```
public void deleteGroup(String groupId,
                        DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Deletes group with given id with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
    
    Specified by:
    
    deleteGroup in interface MultiTenantUserManager
  - getGroupsInGroup
```
public List<String> getGroupsInGroup(String parentId,
                                     DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the list of groups that belong to this group with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
    
    Specified by:
    
    getGroupsInGroup in interface MultiTenantUserManager
    
    Parameters:
    
    parentId - the name of the parent group.
    
    Returns:
  - getTopLevelGroups
```
public List<String> getTopLevelGroups(DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Returns the list of groups that are not members of other groups with the given context.
    
    Specified by:
    
    getTopLevelGroups in interface MultiTenantUserManager
    
    Returns:
  - getUsersInGroupAndSubGroups
```
public List<String> getUsersInGroupAndSubGroups(String groupId,
                                                DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    Get users from a group and its subgroups into the given context
    
    Specified by:
    
    getUsersInGroupAndSubGroups in interface MultiTenantUserManager
    
    Parameters:
    
    groupId - ID of the group
    
    Returns:
  - getUsersForPermission
```
public String[] getUsersForPermission(String perm,
                                      ACP acp,
                                      DocumentModel context)
```
    Description copied from interface: MultiTenantUserManager
    
    For an ACP, get the list of user that has a permission into the given context. This method should be use with care as it can cause performance issues while getting the list of users.
    
    Specified by:
    
    getUsersForPermission in interface MultiTenantUserManager
    
    Parameters:
    
    perm - the permission
    
    acp - The access control policy of the document
    
    Returns:
    
    the list of user ids
  - getAncestorGroups
```
public List<String> getAncestorGroups(String groupId)
```
    Description copied from interface: UserManager
    
    Returns the ancestor groups of the group with the given id.
    
    Specified by:
    
    getAncestorGroups in interface UserManager
  - populateAncestorGroups
```
protected void populateAncestorGroups(String groupId,
                                      List<String> ancestorGroups)
```
  - getGroupConfig
```
public GroupConfig getGroupConfig()
```
    Description copied from interface: UserManager
    
    Returns the contributed GroupConfig.
    
    Specified by:
    
    getGroupConfig in interface UserManager
  - handleEvent
```
public void handleEvent(Event event)
```
    Description copied from interface: EventListener
    
    An event was received.
    
    Specified by:
    
    handleEvent in interface EventListener

Class UserManagerImpl

Nested Class Summary

Nested classes/interfaces inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.nuxeo.ecm.platform.usermanager.UserManager

Field Detail

USERMANAGER_TOPIC

USERCHANGED_EVENT_ID

USERCREATED_EVENT_ID

USERDELETED_EVENT_ID

USERMODIFIED_EVENT_ID

GROUPCHANGED_EVENT_ID

GROUPCREATED_EVENT_ID

GROUPDELETED_EVENT_ID

GROUPMODIFIED_EVENT_ID

DEFAULT_ANONYMOUS_USER_ID

VIRTUAL_FIELD_FILTER_PREFIX

INVALIDATE_PRINCIPAL_EVENT_ID

INVALIDATE_ALL_PRINCIPALS_EVENT_ID

USER_GROUP_CATEGORY

ID_PROPERTY_KEY

ANCESTOR_GROUPS_PROPERTY_KEY

dirService

cacheService

principalCache

multiTenantManagement

userConfig

groupConfig

userDirectoryName

userSchemaName

userIdField

userEmailField

userSearchFields

groupDirectoryName

groupSchemaName

groupIdField

groupLabelField

groupMembersField

groupSubGroupsField

groupParentGroupsField

groupSortField

groupSearchFields

defaultGroup

administratorIds

administratorGroups

disableDefaultAdministratorsGroup

userSortField

userListingMode

groupListingMode

userPasswordPattern

anonymousUser

digestAuthDirectory

digestAuthRealm

virtualUsers

Constructor Detail

UserManagerImpl

Method Detail

setConfiguration

setUserDirectoryName

getUserDirectoryName

getUserIdField

getUserSchemaName

getUserEmailField

getUserSearchFields

getGroupSearchFields

setGroupDirectoryName

getGroupDirectoryName

getGroupIdField

getGroupLabelField

getGroupSchemaName

getGroupMembersField

getGroupSubGroupsField

getGroupParentGroupsField

getUserListingMode

getGroupListingMode

getDefaultGroup

getUserPasswordPattern