Package org.nuxeo.ecm.platform.usermanager

Interface UserManager

All Superinterfaces:
Authenticator, EventListener, Serializable
All Known Implementing Classes:
FakeUserManagerImpl, MultiTenantUserManager, UserManagerImpl, UserManagerWithComputedGroups
public interface UserManager extends Authenticator, EventListener, Serializable
Author:
Anahide Tchertchian, Sun Seng David TAN, Benjamin Jalon

  • Method Details

    • checkUsernamePassword

      boolean checkUsernamePassword(String username, String password)
      Description copied from interface: Authenticator
      Check the password for the given username. Returns true if the username / password pair match, false otherwise.
      Specified by:
      checkUsernamePassword in interface Authenticator
      Parameters:
      username - the username
      password - the password to check
      Returns:
      true is valid, false otherwise

    • validatePassword

      boolean validatePassword(String password)

    • getPrincipal

      default NuxeoPrincipal getPrincipal(String username)
      Calls getPrincipal(String, boolean) to retrieve a principal and its references, given its username

    • getPrincipal

      NuxeoPrincipal getPrincipal(String username, boolean fetchReferences)
      Retrieves the principal with the given username or null if it does not exist.

      Can build principals for anonymous and virtual users as well as for users defined in the users directory.

      Parameters:
      username - is the name of the entry in the user directory
      fetchReferences - controls if the references (groups) of the user will be fetched
      Since:
      11.1

    • getGroup

      NuxeoGroup getGroup(String groupName)
      Returns the nuxeo group with given name or null if it does not exist.

    • searchPrincipals

      @Deprecated List<NuxeoPrincipal> searchPrincipals(String pattern)
      Deprecated.
      see searchUsers(String)

    • searchGroups

      DocumentModelList searchGroups(String pattern)
      Search matching groups through their defined search fields
      Since:
      5.5

    • getUserIds

      List<String> getUserIds()
      Returns the list of all user ids.
      Since:
      5.2M4

    • createUser

      DocumentModel createUser(DocumentModel userModel) throws UserAlreadyExistsException
      Creates user from given model.
      Throws:
      UserAlreadyExistsException
      Since:
      5.2M4

    • updateUser

      void updateUser(DocumentModel userModel)
      Updates user represented by given model.
      Since:
      5.2M4

    • deleteUser

      void deleteUser(DocumentModel userModel)
      Deletes user represented by given model.
      Since:
      5.2M4

    • deleteUser

      void deleteUser(String userId)
      Deletes user with given id.
      Since:
      5.2M4

    • getBareUserModel

      DocumentModel getBareUserModel()
      Returns a bare user model.

      Can be used for user creation/search screens.

      Since:
      5.2M4

    • getUserModel

      DocumentModel getUserModel(String userName)
      Returns the document model representing user with given id or null if it does not exist.
      Since:
      5.2M4

    • searchUsers

      DocumentModelList searchUsers(String pattern)
      Returns users matching given pattern

      Pattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).

      Since:
      5.2M4

    • searchUsers

      DocumentModelList searchUsers(Map<String,Serializable> filter, Set<String> fulltext)
      Returns users matching given criteria.
      Parameters:
      filter - filter with field names as keys
      fulltext - field names used for fulltext match
      Since:
      5.2M4

    • searchUsers

      DocumentModelList searchUsers(QueryBuilder queryBuilder)
      Returns users matching the given query.
      Parameters:
      queryBuilder - the query to use, including limit, offset, ordering and countTotal
      Since:
      10.3

    • getUserListingMode

      String getUserListingMode()

    • getUserSortField

      String getUserSortField()

    • getUserPasswordPattern

      Pattern getUserPasswordPattern()

    • getGroupIds

      List<String> getGroupIds()
      Returns the list of all groups ids.
      Since:
      5.2M4

    • searchGroups

      DocumentModelList searchGroups(Map<String,Serializable> filter, Set<String> fulltext)
      Returns groups matching given criteria.
      Parameters:
      filter - filter with field names as keys
      fulltext - field names used for fulltext match
      Since:
      5.2M4

    • searchGroups

      DocumentModelList searchGroups(QueryBuilder queryBuilder)
      Returns groups matching the given query.
      Parameters:
      queryBuilder - the query to use, including limit, offset, ordering and countTotal
      Since:
      10.3

    • createGroup

      DocumentModel createGroup(DocumentModel groupModel) throws GroupAlreadyExistsException
      Creates a group from given model
      Returns:
      the created group model
      Throws:
      GroupAlreadyExistsException
      Since:
      5.2M4

    • updateGroup

      void updateGroup(DocumentModel groupModel)
      Updates group represented by given model.
      Since:
      5.2M4

    • deleteGroup

      void deleteGroup(DocumentModel groupModel)
      Deletes group represented by given model.
      Since:
      5.2M4

    • deleteGroup

      void deleteGroup(String groupId)
      Deletes group with given id.
      Since:
      5.2M4

    • getBareGroupModel

      DocumentModel getBareGroupModel()
      Returns a bare group model.

      Can be used for group creation/search screens.

      Since:
      5.2M4

    • getGroupModel

      DocumentModel getGroupModel(String groupName)
      Return the group document model with this id or null if group does not exist.
      Parameters:
      groupName - the group identifier
      Since:
      5.2M4

    • getDefaultGroup

      String getDefaultGroup()

    • getGroupListingMode

      String getGroupListingMode()

    • getGroupsInGroup

      List<String> getGroupsInGroup(String parentId)
      Returns the list of groups that belong to this group.
      Parameters:
      parentId - the name of the parent group.

    • getTopLevelGroups

      List<String> getTopLevelGroups()
      Returns the list of groups that are not members of other groups.

    • getUsersInGroup

      List<String> getUsersInGroup(String groupId)
      Returns the list of users that belong to this group.
      Parameters:
      groupId - ID of the group

    • getUsersInGroupAndSubGroups

      List<String> getUsersInGroupAndSubGroups(String groupId)
      Get users from a group and its subgroups.
      Parameters:
      groupId - ID of the group

    • areGroupsReadOnly

      Boolean areGroupsReadOnly()
      Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.

    • areUsersReadOnly

      Boolean areUsersReadOnly()
      Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.

    • getUserDirectoryName

      String getUserDirectoryName()
      Gets the user directory name.
      Returns:
      the user directory name.

    • getUserSchemaName

      String getUserSchemaName()
      Returns the user directory schema name.
      Since:
      5.2M4

    • getUserIdField

      String getUserIdField()
      Returns the user directory id field.
      Since:
      5.2M4

    • getUserEmailField

      String getUserEmailField()
      Gets the user email field.
      Returns:
      the user email field.

    • getUserSearchFields

      Set<String> getUserSearchFields()
      Gets the user search fields, the fields to use when a principal search is done.
      Returns:
      the search fields.

    • getGroupSearchFields

      Set<String> getGroupSearchFields()
      Gets the group search fields.

    • getGroupDirectoryName

      String getGroupDirectoryName()
      Gets the group directory name.
      Returns:
      the group directory name.

    • getGroupSchemaName

      String getGroupSchemaName()
      Returns the group directory schema name.
      Since:
      5.2M4

    • getGroupIdField

      String getGroupIdField()
      Returns the group directory id field.
      Since:
      5.2M4

    • getGroupLabelField

      String getGroupLabelField()
      Returns the group label field.
      Since:
      5.5

    • getGroupMembersField

      String getGroupMembersField()
      Gets the group members field.
      Returns:
      the group members field.

    • getGroupSubGroupsField

      String getGroupSubGroupsField()
      Gets the group sub-groups field.
      Returns:
      the sub-groups field.

    • getGroupParentGroupsField

      String getGroupParentGroupsField()
      Gets the group parent-groups field.
      Returns:
      the parent-groups field.

    • getAnonymousUserId

      String getAnonymousUserId()
      Gets the anonymous user id.
      Returns:
      the anonymous user id, or the default one if none is defined.

    • getDigestAuthDirectory

      String getDigestAuthDirectory()
      Gets the Digest Auth directory.

    • getDigestAuthRealm

      String getDigestAuthRealm()
      Gets the Digest Auth realm.

    • setConfiguration

      void setConfiguration(UserManagerDescriptor descriptor)
      Sets the given configuration on the service.
      Parameters:
      descriptor - the descriptor as parsed from xml, merged from the previous one if it exists.

    • getAdministratorsGroups

      List<String> getAdministratorsGroups()
      Returns the list of administrators groups.
      Since:
      5.3 GA

    • getUsersForPermission

      String[] getUsersForPermission(String perm, ACP acp)
      For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.
      Parameters:
      perm - the permission
      acp - The access control policy of the document
      Returns:
      the list of user ids
      Since:
      5.4.2

    • getAncestorGroups

      List<String> getAncestorGroups(String groupId)
      Returns the ancestor groups of the group with the given id.
      Since:
      9.2

    • getDescendantGroups

      List<String> getDescendantGroups(String groupId)
      Returns the descendant groups of the group with the given id.
      Since:
      11.4

    • getGroupConfig

      GroupConfig getGroupConfig()
      Returns the contributed GroupConfig.
      Since:
      9.3

    • notifyUserChanged

      void notifyUserChanged(String userName, String eventId)
      Notifies that the given user has changed with the given event:
      • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
      • At the core level, passing the userName as the "id" property of the fired event.
      Since:
      9.2

    • notifyGroupChanged

      default void notifyGroupChanged(String groupName, String eventId)
      Notifies that the given group has changed with the given event:
      • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
      • At the core level, passing the groupName as the "id" property of the fired event.
      Since:
      9.2

    • notifyGroupChanged

      void notifyGroupChanged(String groupName, String eventId, List<String> ancestorGroupNames)
      Notifies that the given group has changed with the given event:
      • At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
      • At the core level, passing the groupName as the "id" property of the fired event.

      The ancestorGroupNames list must contain the ancestor groups of the given group. It can be computed by calling getAncestorGroups(String). It will be passed as the "ancestorGroups" property of the fired core event.

      Since:
      9.2