Package org.nuxeo.ecm.platform.usermanager

Interface UserManager

    • Method Detail

      • checkUsernamePassword

        boolean checkUsernamePassword​(String username,
                              String password)
        Description copied from interface: Authenticator
        Check the password for the given username. Returns true if the username / password pair match, false otherwise.
        Specified by:
        checkUsernamePassword in interface Authenticator
        Parameters:
        username - the username
        password - the password to check
        Returns:
        true is valid, false otherwise

      • validatePassword

        boolean validatePassword​(String password)

      • getPrincipal

        NuxeoPrincipal getPrincipal​(String username,
                            boolean fetchReferences)
        Retrieves the principal with the given username or null if it does not exist.

        Can build principals for anonymous and virtual users as well as for users defined in the users directory.

        Parameters:
        username - is the name of the entry in the user directory
        fetchReferences - controls if the references (groups) of the user will be fetched
        Since:
        11.1

      • getGroup

        NuxeoGroup getGroup​(String groupName)
        Returns the nuxeo group with given name or null if it does not exist.

      • searchGroups

        DocumentModelList searchGroups​(String pattern)
        Search matching groups through their defined search fields
        Since:
        5.5

      • getUserIds

        List<String> getUserIds()
        Returns the list of all user ids.
        Since:
        5.2M4

      • updateUser

        void updateUser​(DocumentModel userModel)
        Updates user represented by given model.
        Since:
        5.2M4

      • deleteUser

        void deleteUser​(DocumentModel userModel)
        Deletes user represented by given model.
        Since:
        5.2M4

      • deleteUser

        void deleteUser​(String userId)
        Deletes user with given id.
        Since:
        5.2M4

      • getBareUserModel

        DocumentModel getBareUserModel()
        Returns a bare user model.

        Can be used for user creation/search screens.

        Since:
        5.2M4

      • getUserModel

        DocumentModel getUserModel​(String userName)
        Returns the document model representing user with given id or null if it does not exist.
        Since:
        5.2M4

      • searchUsers

        DocumentModelList searchUsers​(String pattern)
        Returns users matching given pattern

        Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

        Since:
        5.2M4

      • searchUsers

        DocumentModelList searchUsers​(Map<String,​Serializable> filter,
                              Set<String> fulltext)
        Returns users matching given criteria.
        Parameters:
        filter - filter with field names as keys
        fulltext - field names used for fulltext match
        Since:
        5.2M4

      • searchUsers

        DocumentModelList searchUsers​(QueryBuilder queryBuilder)
        Returns users matching the given query.
        Parameters:
        queryBuilder - the query to use, including limit, offset, ordering and countTotal
        Since:
        10.3

      • getUserListingMode

        String getUserListingMode()

      • getUserSortField

        String getUserSortField()

      • getUserPasswordPattern

        Pattern getUserPasswordPattern()

      • getGroupIds

        List<String> getGroupIds()
        Returns the list of all groups ids.
        Since:
        5.2M4

      • searchGroups

        DocumentModelList searchGroups​(Map<String,​Serializable> filter,
                               Set<String> fulltext)
        Returns groups matching given criteria.
        Parameters:
        filter - filter with field names as keys
        fulltext - field names used for fulltext match
        Since:
        5.2M4

      • searchGroups

        DocumentModelList searchGroups​(QueryBuilder queryBuilder)
        Returns groups matching the given query.
        Parameters:
        queryBuilder - the query to use, including limit, offset, ordering and countTotal
        Since:
        10.3

      • updateGroup

        void updateGroup​(DocumentModel groupModel)
        Updates group represented by given model.
        Since:
        5.2M4

      • deleteGroup

        void deleteGroup​(DocumentModel groupModel)
        Deletes group represented by given model.
        Since:
        5.2M4

      • deleteGroup

        void deleteGroup​(String groupId)
        Deletes group with given id.
        Since:
        5.2M4

      • getBareGroupModel

        DocumentModel getBareGroupModel()
        Returns a bare group model.

        Can be used for group creation/search screens.

        Since:
        5.2M4

      • getGroupModel

        DocumentModel getGroupModel​(String groupName)
        Return the group document model with this id or null if group does not exist.
        Parameters:
        groupName - the group identifier
        Since:
        5.2M4

      • getDefaultGroup

        String getDefaultGroup()

      • getGroupListingMode

        String getGroupListingMode()

      • getGroupsInGroup

        List<String> getGroupsInGroup​(String parentId)
        Returns the list of groups that belong to this group.
        Parameters:
        parentId - the name of the parent group.

      • getTopLevelGroups

        List<String> getTopLevelGroups()
        Returns the list of groups that are not members of other groups.

      • getUsersInGroup

        List<String> getUsersInGroup​(String groupId)
        Returns the list of users that belong to this group.
        Parameters:
        groupId - ID of the group

      • getUsersInGroupAndSubGroups

        List<String> getUsersInGroupAndSubGroups​(String groupId)
        Get users from a group and its subgroups.
        Parameters:
        groupId - ID of the group

      • areGroupsReadOnly

        Boolean areGroupsReadOnly()
        Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.

      • areUsersReadOnly

        Boolean areUsersReadOnly()
        Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

      • getUserDirectoryName

        String getUserDirectoryName()
        Gets the user directory name.
        Returns:
        the user directory name.

      • getUserSchemaName

        String getUserSchemaName()
        Returns the user directory schema name.
        Since:
        5.2M4

      • getUserIdField

        String getUserIdField()
        Returns the user directory id field.
        Since:
        5.2M4

      • getUserEmailField

        String getUserEmailField()
        Gets the user email field.
        Returns:
        the user email field.

      • getUserSearchFields

        Set<String> getUserSearchFields()
        Gets the user search fields, the fields to use when a principal search is done.
        Returns:
        the search fields.

      • getGroupSearchFields

        Set<String> getGroupSearchFields()
        Gets the group search fields.

      • getGroupDirectoryName

        String getGroupDirectoryName()
        Gets the group directory name.
        Returns:
        the group directory name.

      • getGroupSchemaName

        String getGroupSchemaName()
        Returns the group directory schema name.
        Since:
        5.2M4

      • getGroupIdField

        String getGroupIdField()
        Returns the group directory id field.
        Since:
        5.2M4

      • getGroupLabelField

        String getGroupLabelField()
        Returns the group label field.
        Since:
        5.5

      • getGroupMembersField

        String getGroupMembersField()
        Gets the group members field.
        Returns:
        the group members field.

      • getGroupSubGroupsField

        String getGroupSubGroupsField()
        Gets the group sub-groups field.
        Returns:
        the sub-groups field.

      • getGroupParentGroupsField

        String getGroupParentGroupsField()
        Gets the group parent-groups field.
        Returns:
        the parent-groups field.

      • getAnonymousUserId

        String getAnonymousUserId()
        Gets the anonymous user id.
        Returns:
        the anonymous user id, or the default one if none is defined.

      • getDigestAuthDirectory

        String getDigestAuthDirectory()
        Gets the Digest Auth directory.

      • getDigestAuthRealm

        String getDigestAuthRealm()
        Gets the Digest Auth realm.

      • setConfiguration

        void setConfiguration​(UserManagerDescriptor descriptor)
        Sets the given configuration on the service.
        Parameters:
        descriptor - the descriptor as parsed from xml, merged from the previous one if it exists.

      • getAdministratorsGroups

        List<String> getAdministratorsGroups()
        Returns the list of administrators groups.
        Since:
        5.3 GA

      • getUsersForPermission

        String[] getUsersForPermission​(String perm,
                               ACP acp)
        For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.
        Parameters:
        perm - the permission
        acp - The access control policy of the document
        Returns:
        the list of user ids
        Since:
        5.4.2

      • getAncestorGroups

        List<String> getAncestorGroups​(String groupId)
        Returns the ancestor groups of the group with the given id.
        Since:
        9.2

      • getDescendantGroups

        List<String> getDescendantGroups​(String groupId)
        Returns the descendant groups of the group with the given id.
        Since:
        11.4

      • notifyUserChanged

        void notifyUserChanged​(String userName,
                       String eventId)
        Notifies that the given user has changed with the given event:
        • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
        • At the core level, passing the userName as the "id" property of the fired event.
        Since:
        9.2

      • notifyGroupChanged

        default void notifyGroupChanged​(String groupName,
                                String eventId)
        Notifies that the given group has changed with the given event:
        • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
        • At the core level, passing the groupName as the "id" property of the fired event.
        Since:
        9.2

      • notifyGroupChanged

        void notifyGroupChanged​(String groupName,
                        String eventId,
                        List<String> ancestorGroupNames)
        Notifies that the given group has changed with the given event:
        • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
        • At the core level, passing the groupName as the "id" property of the fired event.

        The ancestorGroupNames list must contain the ancestor groups of the given group. It can be computed by calling getAncestorGroups(String). It will be passed as the "ancestorGroups" property of the fired core event.

        Since:
        9.2