Package org.nuxeo.ecm.platform.usermanager

Interface MultiTenantUserManager

    • Method Detail

      • getPrincipal

        NuxeoPrincipal getPrincipal​(String username,
                            DocumentModel context)
        Retrieves the principal with the given username or null if it does not exist into the given context document. The context document must be contained into the tenant

        Can build principals for anonymous and virtual users as well as for users defined in the users directory.

        Since:
        5.5

      • searchGroups

        DocumentModelList searchGroups​(String pattern,
                               DocumentModel context)
        Search matching groups through their defined search fields into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • searchGroups

        DocumentModelList searchGroups​(QueryBuilder queryBuilder,
                               DocumentModel context)
        Returns groups matching the given query, within the given context.
        Parameters:
        queryBuilder - the query to use, including limit, offset, ordering and countTotal
        context - the context for the tenant, or null
        Since:
        10.3

      • getUserIds

        List<String> getUserIds​(DocumentModel context)
        Returns the list of all user ids into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • updateUser

        void updateUser​(DocumentModel userModel,
                DocumentModel context)
        Updates user represented by given model into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • deleteUser

        void deleteUser​(DocumentModel userModel,
                DocumentModel context)
        Deletes user represented by given model into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • deleteUser

        void deleteUser​(String userId,
                DocumentModel context)
        Deletes user with given id into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • getUserModel

        DocumentModel getUserModel​(String userName,
                           DocumentModel context)
        Returns the document model representing user with given id or null if it does not exist into the given context document. The context document must be contained into the tenant.
        Since:
        5.5

      • searchUsers

        DocumentModelList searchUsers​(String pattern,
                              DocumentModel context)
        Returns users matching given pattern with the given context. if the Document Context have a directory local configuration, the service try to open the directory with directory suffix set into the local configuration

        Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

        Since:
        5.5

      • searchUsers

        DocumentModelList searchUsers​(QueryBuilder queryBuilder,
                              DocumentModel context)
        Returns users matching the given query, within the given context.
        Parameters:
        queryBuilder - the query to use, including limit, offset, ordering and countTotal
        context - the context for the tenant, or null
        Since:
        10.3

      • searchUsers

        DocumentModelList searchUsers​(Map<String,​Serializable> filter,
                              Set<String> fulltext,
                              DocumentModel context)
        Returns users matching given criteria and with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
        Parameters:
        filter - filter with field names as keys
        fulltext - field names used for fulltext match
        Since:
        5.5

      • getGroupIds

        List<String> getGroupIds​(DocumentModel context)
        Returns the list of all groups ids with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
        Since:
        5.5

      • searchGroups

        DocumentModelList searchGroups​(Map<String,​Serializable> filter,
                               Set<String> fulltext,
                               DocumentModel context)
        Returns groups matching given criteria with the given context. if the Document Context have a directory local configuration, the service try to open the user directory with directory suffix set into the local configuration
        Parameters:
        filter - filter with field names as keys
        fulltext - field names used for fulltext match
        Since:
        5.5

      • updateGroup

        void updateGroup​(DocumentModel groupModel,
                 DocumentModel context)
        Updates group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
        Since:
        5.5

      • deleteGroup

        void deleteGroup​(DocumentModel groupModel,
                 DocumentModel context)
        Deletes group represented by given model with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
        Since:
        5.5

      • deleteGroup

        void deleteGroup​(String groupId,
                 DocumentModel context)
        Deletes group with given id with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
        Since:
        5.5

      • getGroupModel

        DocumentModel getGroupModel​(String groupName,
                            DocumentModel context)
        Return the group document model with this id concatenated with the directory local config (if not null) or null if group does not exist.
        Parameters:
        groupName - the group identifier
        Since:
        5.5

      • getGroupsInGroup

        List<String> getGroupsInGroup​(String parentId,
                              DocumentModel context)
        Returns the list of groups that belong to this group with the given context. If the Document Context have a directory local configuration, the service will append at the end of the groupname the directory suffix set into the local configuration of the context document.
        Parameters:
        parentId - the name of the parent group.
        Since:
        5.5

      • getTopLevelGroups

        List<String> getTopLevelGroups​(DocumentModel context)
        Returns the list of groups that are not members of other groups with the given context.
        Since:
        5.5

      • getUsersInGroup

        List<String> getUsersInGroup​(String groupId,
                             DocumentModel context)
        Returns the list of users that belong to this group into the given context
        Parameters:
        groupId - ID of the group
        Since:
        5.5

      • getUsersInGroupAndSubGroups

        List<String> getUsersInGroupAndSubGroups​(String groupId,
                                         DocumentModel context)
        Get users from a group and its subgroups into the given context
        Parameters:
        groupId - ID of the group
        Since:
        5.5

      • areGroupsReadOnly

        Boolean areGroupsReadOnly()
        Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.
        Since:
        5.5

      • areUsersReadOnly

        Boolean areUsersReadOnly()
        Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

      • getUsersForPermission

        String[] getUsersForPermission​(String perm,
                               ACP acp,
                               DocumentModel context)
        For an ACP, get the list of user that has a permission into the given context. This method should be use with care as it can cause performance issues while getting the list of users.
        Parameters:
        perm - the permission
        acp - The access control policy of the document
        Returns:
        the list of user ids
        Since:
        5.5