Interface UserManager
- All Superinterfaces:
Authenticator
,EventListener
,Serializable
- All Known Implementing Classes:
FakeUserManagerImpl
,MultiTenantUserManager
,UserManagerImpl
,UserManagerWithComputedGroups
- Author:
- Anahide Tchertchian, Sun Seng David TAN, Benjamin Jalon
-
Nested Class Summary
-
Method Summary
Modifier and TypeMethodDescriptionReturns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users.Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups.boolean
checkUsernamePassword
(String username, String password) Check the password for the given username.createGroup
(DocumentModel groupModel) Creates a group from given modelcreateUser
(DocumentModel userModel) Creates user from given model.void
deleteGroup
(String groupId) Deletes group with given id.void
deleteGroup
(DocumentModel groupModel) Deletes group represented by given model.void
deleteUser
(String userId) Deletes user with given id.void
deleteUser
(DocumentModel userModel) Deletes user represented by given model.Returns the list of administrators groups.getAncestorGroups
(String groupId) Returns the ancestor groups of the group with the given id.Gets the anonymous user id.Returns a bare group model.Returns a bare user model.getDescendantGroups
(String groupId) Returns the descendant groups of the group with the given id.Gets the Digest Auth directory.Gets the Digest Auth realm.Returns the nuxeo group with given name or null if it does not exist.Returns the contributedGroupConfig
.Gets the group directory name.Returns the group directory id field.Returns the list of all groups ids.Returns the group label field.Gets the group members field.getGroupModel
(String groupName) Return the group document model with this id or null if group does not exist.Gets the group parent-groups field.Returns the group directory schema name.Gets the group search fields.getGroupsInGroup
(String parentId) Returns the list of groups that belong to this group.Gets the group sub-groups field.default NuxeoPrincipal
getPrincipal
(String username) CallsgetPrincipal(String, boolean)
to retrieve a principal and its references, given its usernamegetPrincipal
(String username, boolean fetchReferences) Retrieves the principal with the given username or null if it does not exist.Returns the list of groups that are not members of other groups.Gets the user directory name.Gets the user email field.Returns the user directory id field.Returns the list of all user ids.getUserModel
(String userName) Returns the document model representing user with given id or null if it does not exist.Returns the user directory schema name.Gets the user search fields, the fields to use when a principal search is done.String[]
getUsersForPermission
(String perm, ACP acp) For an ACP, get the list of user that has a permission.getUsersInGroup
(String groupId) Returns the list of users that belong to this group.getUsersInGroupAndSubGroups
(String groupId) Get users from a group and its subgroups.default void
notifyGroupChanged
(String groupName, String eventId) Notifies that the given group has changed with the given event: At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset. At the core level, passing thegroupName
as the"id"
property of the fired event.void
notifyGroupChanged
(String groupName, String eventId, List<String> ancestorGroupNames) Notifies that the given group has changed with the given event: At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset. At the core level, passing thegroupName
as the"id"
property of the fired event.void
notifyUserChanged
(String userName, String eventId) Notifies that the given user has changed with the given event: At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset. At the core level, passing theuserName
as the"id"
property of the fired event.searchGroups
(String pattern) Search matching groups through their defined search fieldssearchGroups
(Map<String, Serializable> filter, Set<String> fulltext) Returns groups matching given criteria.searchGroups
(QueryBuilder queryBuilder) Returns groups matching the given query.searchPrincipals
(String pattern) Deprecated.searchUsers
(String pattern) Returns users matching given patternsearchUsers
(Map<String, Serializable> filter, Set<String> fulltext) Returns users matching given criteria.searchUsers
(QueryBuilder queryBuilder) Returns users matching the given query.void
setConfiguration
(UserManagerDescriptor descriptor) Sets the given configuration on the service.void
updateGroup
(DocumentModel groupModel) Updates group represented by given model.void
updateUser
(DocumentModel userModel) Updates user represented by given model.boolean
validatePassword
(String password) Methods inherited from interface org.nuxeo.runtime.api.login.Authenticator
authenticate
Methods inherited from interface org.nuxeo.runtime.services.event.EventListener
handleEvent
-
Method Details
-
checkUsernamePassword
Description copied from interface:Authenticator
Check the password for the given username. Returns true if the username / password pair match, false otherwise.- Specified by:
checkUsernamePassword
in interfaceAuthenticator
- Parameters:
username
- the usernamepassword
- the password to check- Returns:
- true is valid, false otherwise
-
validatePassword
-
getPrincipal
CallsgetPrincipal(String, boolean)
to retrieve a principal and its references, given its username -
getPrincipal
Retrieves the principal with the given username or null if it does not exist.Can build principals for anonymous and virtual users as well as for users defined in the users directory.
- Parameters:
username
- is the name of the entry in the user directoryfetchReferences
- controls if the references (groups) of the user will be fetched- Since:
- 11.1
-
getGroup
Returns the nuxeo group with given name or null if it does not exist. -
searchPrincipals
Deprecated. -
searchGroups
Search matching groups through their defined search fields- Since:
- 5.5
-
getUserIds
Returns the list of all user ids.- Since:
- 5.2M4
-
createUser
Creates user from given model.- Throws:
UserAlreadyExistsException
- Since:
- 5.2M4
-
updateUser
Updates user represented by given model.- Since:
- 5.2M4
-
deleteUser
Deletes user represented by given model.- Since:
- 5.2M4
-
deleteUser
Deletes user with given id.- Since:
- 5.2M4
-
getBareUserModel
DocumentModel getBareUserModel()Returns a bare user model.Can be used for user creation/search screens.
- Since:
- 5.2M4
-
getUserModel
Returns the document model representing user with given id or null if it does not exist.- Since:
- 5.2M4
-
searchUsers
Returns users matching given patternPattern is used to fill a filter and fulltext map according to users search fields configuration. Search is performed on each of these fields (OR).
- Since:
- 5.2M4
-
searchUsers
Returns users matching given criteria.- Parameters:
filter
- filter with field names as keysfulltext
- field names used for fulltext match- Since:
- 5.2M4
-
searchUsers
Returns users matching the given query.- Parameters:
queryBuilder
- the query to use, including limit, offset, ordering and countTotal- Since:
- 10.3
-
getUserListingMode
String getUserListingMode() -
getUserSortField
String getUserSortField() -
getUserPasswordPattern
Pattern getUserPasswordPattern() -
getGroupIds
Returns the list of all groups ids.- Since:
- 5.2M4
-
searchGroups
Returns groups matching given criteria.- Parameters:
filter
- filter with field names as keysfulltext
- field names used for fulltext match- Since:
- 5.2M4
-
searchGroups
Returns groups matching the given query.- Parameters:
queryBuilder
- the query to use, including limit, offset, ordering and countTotal- Since:
- 10.3
-
createGroup
Creates a group from given model- Returns:
- the created group model
- Throws:
GroupAlreadyExistsException
- Since:
- 5.2M4
-
updateGroup
Updates group represented by given model.- Since:
- 5.2M4
-
deleteGroup
Deletes group represented by given model.- Since:
- 5.2M4
-
deleteGroup
Deletes group with given id.- Since:
- 5.2M4
-
getBareGroupModel
DocumentModel getBareGroupModel()Returns a bare group model.Can be used for group creation/search screens.
- Since:
- 5.2M4
-
getGroupModel
Return the group document model with this id or null if group does not exist.- Parameters:
groupName
- the group identifier- Since:
- 5.2M4
-
getDefaultGroup
String getDefaultGroup() -
getGroupListingMode
String getGroupListingMode() -
getGroupsInGroup
Returns the list of groups that belong to this group.- Parameters:
parentId
- the name of the parent group.
-
getTopLevelGroups
Returns the list of groups that are not members of other groups. -
getUsersInGroup
Returns the list of users that belong to this group.- Parameters:
groupId
- ID of the group
-
getUsersInGroupAndSubGroups
Get users from a group and its subgroups.- Parameters:
groupId
- ID of the group
-
areGroupsReadOnly
Boolean areGroupsReadOnly()Returns true is users referential is read only (ie : LDAP) -> can not add users -> can not delete users. -
areUsersReadOnly
Boolean areUsersReadOnly()Returns true is groups referential is read only (ie : LDAP) -> can not add groups -> can not delete groups. -
getUserDirectoryName
String getUserDirectoryName()Gets the user directory name.- Returns:
- the user directory name.
-
getUserSchemaName
String getUserSchemaName()Returns the user directory schema name.- Since:
- 5.2M4
-
getUserIdField
String getUserIdField()Returns the user directory id field.- Since:
- 5.2M4
-
getUserEmailField
String getUserEmailField()Gets the user email field.- Returns:
- the user email field.
-
getUserSearchFields
Gets the user search fields, the fields to use when a principal search is done.- Returns:
- the search fields.
-
getGroupSearchFields
Gets the group search fields. -
getGroupDirectoryName
String getGroupDirectoryName()Gets the group directory name.- Returns:
- the group directory name.
-
getGroupSchemaName
String getGroupSchemaName()Returns the group directory schema name.- Since:
- 5.2M4
-
getGroupIdField
String getGroupIdField()Returns the group directory id field.- Since:
- 5.2M4
-
getGroupLabelField
String getGroupLabelField()Returns the group label field.- Since:
- 5.5
-
getGroupMembersField
String getGroupMembersField()Gets the group members field.- Returns:
- the group members field.
-
getGroupSubGroupsField
String getGroupSubGroupsField()Gets the group sub-groups field.- Returns:
- the sub-groups field.
-
getGroupParentGroupsField
String getGroupParentGroupsField()Gets the group parent-groups field.- Returns:
- the parent-groups field.
-
getAnonymousUserId
String getAnonymousUserId()Gets the anonymous user id.- Returns:
- the anonymous user id, or the default one if none is defined.
-
getDigestAuthDirectory
String getDigestAuthDirectory()Gets the Digest Auth directory. -
getDigestAuthRealm
String getDigestAuthRealm()Gets the Digest Auth realm. -
setConfiguration
Sets the given configuration on the service.- Parameters:
descriptor
- the descriptor as parsed from xml, merged from the previous one if it exists.
-
getAdministratorsGroups
Returns the list of administrators groups.- Since:
- 5.3 GA
-
getUsersForPermission
For an ACP, get the list of user that has a permission. This method should be use with care as it can cause performance issues while getting the list of users.- Parameters:
perm
- the permissionacp
- The access control policy of the document- Returns:
- the list of user ids
- Since:
- 5.4.2
-
getAncestorGroups
Returns the ancestor groups of the group with the given id.- Since:
- 9.2
-
getDescendantGroups
Returns the descendant groups of the group with the given id.- Since:
- 11.4
-
getGroupConfig
GroupConfig getGroupConfig()Returns the contributedGroupConfig
.- Since:
- 9.3
-
notifyUserChanged
Notifies that the given user has changed with the given event:- At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
- At the core level, passing the
userName
as the"id"
property of the fired event.
- Since:
- 9.2
-
notifyGroupChanged
Notifies that the given group has changed with the given event:- At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
- At the core level, passing the
groupName
as the"id"
property of the fired event.
- Since:
- 9.2
-
notifyGroupChanged
Notifies that the given group has changed with the given event:- At the runtime level so that the JaasCacheFlusher listener can make sure the principal cache is reset.
- At the core level, passing the
groupName
as the"id"
property of the fired event.
The
ancestorGroupNames
list must contain the ancestor groups of the given group. It can be computed by callinggetAncestorGroups(String)
. It will be passed as the"ancestorGroups"
property of the fired core event.- Since:
- 9.2
-
searchUsers(String)