Package com.adobe.granite.security.user
Interface UserPropertiesManager
-
@ProviderType public interface UserPropertiesManager
TheUserPropertiesManager
interface provides access toUserProperties
associated with a given authorizable.
-
-
Field Summary
Fields Modifier and Type Field Description static int
DEFAULT_RANKING
Constant for the ranking property.static java.util.Comparator<javax.jcr.Node>
DESCENDING_RANKING_COMPARATOR
Comparator used to sort UserProperties by descending ranking.static java.lang.String
GRANITE_RANKING
Constant for the ranking property name.static java.lang.String
JCR_TITLE
Constant for the UserProperties name.
-
Method Summary
All Methods Instance Methods Abstract Methods Deprecated Methods Modifier and Type Method Description boolean
addReaders(@NotNull UserProperties userProperties, @NotNull java.security.Principal... principals)
Grant read permission on the UserProperties to the given Principal.@NotNull UserPropertiesQueryParams
createQueryParams()
Creates a new instance ofUserPropertiesQueryParams
that can be used during a call toquery(UserPropertiesQueryParams, String)
.@Nullable UserProperties
createUserProperties(@NotNull java.lang.String authorizableId, @NotNull java.lang.String relPath)
Create a new instance ofUserProperties
.@NotNull java.util.Iterator<UserProperties>
getMemberOfUserProperties(@NotNull java.lang.String authorizableId, @NotNull java.lang.String relPath, boolean declaredOnly)
Returns an iterator over the properties of all groups that the authorizable withauthorizableId
is a member of.@NotNull java.util.Iterator<UserProperties>
getMemberUserProperties(@NotNull Group group, @NotNull java.lang.String relPath, boolean declaredOnly)
Returns an iterator over the user properties of all members of the given group.@Nullable UserProperties
getUserProperties(@NotNull java.lang.String authorizableId, @Nullable java.lang.String relPath)
Retrieve the user properties identified by the given relative path and the specified authorizable ID.@NotNull UserProperties
getUserProperties(@NotNull java.lang.String authorizableId, @Nullable java.lang.String relRootPath, @NotNull java.util.Comparator<javax.jcr.Node> comparator)
Retrieves with the given session a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
.@NotNull UserProperties
getUserProperties(@NotNull javax.jcr.Node userPropertiesNode)
Retrieve the user properties identified by the given node.@Nullable UserProperties
getUserProperties(@NotNull Authorizable authorizable, @Nullable java.lang.String relPath)
Retrieve the user properties identified by the given relative path and the specified authorizable.@NotNull UserPropertiesComposite
getUserPropertiesComposite(@NotNull java.lang.String authorizableId, @Nullable java.lang.String relRootPath)
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.@NotNull UserPropertiesComposite
getUserPropertiesComposite(@NotNull java.lang.String authorizableId, @Nullable java.lang.String relRootPath, @NotNull java.util.Comparator<javax.jcr.Node> comparator)
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.UserPropertiesComposite
getUserPropertiesComposite(java.lang.String authorizableId, UserPropertiesFilter filter)
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.UserPropertiesComposite
getUserPropertiesComposite(java.lang.String authorizableId, java.lang.String[] relPaths)
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.@NotNull java.util.Iterator<UserProperties>
query(@NotNull UserPropertiesQueryParams params, @NotNull java.lang.String relPath)
Searches the user properties matching the given query parameters.boolean
removeReaders(@NotNull UserProperties userProperties, @NotNull java.security.Principal... principals)
Remove read permission granted on the UserProperties to the given Principal.
-
-
-
Field Detail
-
JCR_TITLE
static final java.lang.String JCR_TITLE
Constant for the UserProperties name.- See Also:
- Constant Field Values
-
GRANITE_RANKING
static final java.lang.String GRANITE_RANKING
Constant for the ranking property name.- See Also:
- Constant Field Values
-
DEFAULT_RANKING
static final int DEFAULT_RANKING
Constant for the ranking property.- See Also:
- Constant Field Values
-
DESCENDING_RANKING_COMPARATOR
static final java.util.Comparator<javax.jcr.Node> DESCENDING_RANKING_COMPARATOR
Comparator used to sort UserProperties by descending ranking.
-
-
Method Detail
-
createUserProperties
@Nullable @Nullable UserProperties createUserProperties(@NotNull @NotNull java.lang.String authorizableId, @NotNull @NotNull java.lang.String relPath) throws javax.jcr.RepositoryException
Create a new instance ofUserProperties
. Please note thatSession.save()
must be called by the editing JCR session in order to persist the new user properties.- Parameters:
authorizableId
- The ID of the associated authorizable.relPath
- A name or relative path identifying the new user properties.- Returns:
- A new
UserProperties
instance. Note that the associated JCR node will beNEW
untilSession.save
is called to persist the changes. - Throws:
javax.jcr.RepositoryException
- If an error occurs or the specified relative path is invalid.
-
getUserProperties
@Nullable @Nullable UserProperties getUserProperties(@NotNull @NotNull java.lang.String authorizableId, @Nullable @Nullable java.lang.String relPath) throws javax.jcr.RepositoryException
Retrieve the user properties identified by the given relative path and the specified authorizable ID.- Parameters:
authorizableId
- Identifier of the target authorizable.relPath
- A name or relative path identifying the user properties.- Returns:
- An instance of
UserProperties
ornull
if the authorizable does not exist or it has no user properties at the specified relative path. - Throws:
javax.jcr.RepositoryException
- If an error occurs or the specified relative path is invalid.
-
getUserProperties
@Nullable @Nullable UserProperties getUserProperties(@NotNull @NotNull Authorizable authorizable, @Nullable @Nullable java.lang.String relPath) throws javax.jcr.RepositoryException
Retrieve the user properties identified by the given relative path and the specified authorizable.- Parameters:
authorizable
- The target authorizable.relPath
- A name or relative path identifying the user properties.- Returns:
- An instance of
UserProperties
ornull
if the authorizable has no user properties at the specified relative path. - Throws:
javax.jcr.RepositoryException
- If an error occurs or the specified relative path is invalid.
-
getUserProperties
@NotNull @NotNull UserProperties getUserProperties(@NotNull @NotNull javax.jcr.Node userPropertiesNode) throws javax.jcr.RepositoryException
Retrieve the user properties identified by the given node.- Parameters:
userPropertiesNode
- The node representing the user properties.- Returns:
- The user properties identified by the given node.
- Throws:
javax.jcr.RepositoryException
- If an exception occurs or if the given node does not represent valid user properties (e.g. not associated with an authorizable).
-
getUserProperties
@NotNull @NotNull UserProperties getUserProperties(@NotNull @NotNull java.lang.String authorizableId, @Nullable @Nullable java.lang.String relRootPath, @NotNull @NotNull java.util.Comparator<javax.jcr.Node> comparator) throws javax.jcr.RepositoryException
Retrieves with the given session a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
. TheUserProperties
are ordered using the givenComparator
prior to be aggregated. See example ingetUserPropertiesComposite(String, String)
.- Parameters:
authorizableId
- The ID of theAuthorizable
for which to retrieve the user properties composite.relRootPath
- relative root path for the properties to be obtained; ifnull
UserPropertiesService.PROFILES_ROOT
will be used as default.comparator
- The comparator used to sort candidates in a specific order- Returns:
- A
UserProperties
aggregating the properties contained belowrelRootPath
ordered using the givencomparator
. - Throws:
javax.jcr.RepositoryException
- If an error occurs during repository access or no authorizable was found with the givenauthorizableId
.
-
getUserPropertiesComposite
UserPropertiesComposite getUserPropertiesComposite(java.lang.String authorizableId, java.lang.String[] relPaths) throws javax.jcr.RepositoryException
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.Retrieves a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
and corresponding to and in the order of the givenrelPaths
. The ordering is relevant for e.g. accessing a property found on multiple user property nodes, in which case it is inherited according to the order (last has precedence).- Parameters:
authorizableId
- The ID of theAuthorizable
for which to retrieve the user properties composite.relPaths
- An array of strings denoting the desired relative paths of the user property nodes and their order in which to be included in the composite.- Returns:
- A composite of
UserProperties
. - Throws:
javax.jcr.RepositoryException
- If an error occurs during repository access or no authorizable was found with the givenauthorizableId
.
-
getUserPropertiesComposite
UserPropertiesComposite getUserPropertiesComposite(java.lang.String authorizableId, UserPropertiesFilter filter) throws javax.jcr.RepositoryException
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.Retrieves a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
and included by the givenfilter
.- Parameters:
authorizableId
- The ID of theAuthorizable
for which to retrieve the user properties composite.filter
- AUserPropertiesFilter
by which user properties are included or excluded.- Returns:
- A
UserPropertiesComposite
containing theUserProperties
included by the filter. - Throws:
javax.jcr.RepositoryException
- If an error occurs during repository access or no authorizable was found with the givenauthorizableId
.
-
getUserPropertiesComposite
@NotNull @NotNull UserPropertiesComposite getUserPropertiesComposite(@NotNull @NotNull java.lang.String authorizableId, @Nullable @Nullable java.lang.String relRootPath) throws javax.jcr.RepositoryException
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.Retrieves a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
. TheUserProperties
are retrieved with theSession
passed to the @{link UserPropertiesManager}, then are ordered by descending ranking usingDESCENDING_RANKING_COMPARATOR
prior to being aggregated. The table below illustrates this behavior.Profile 1 value Profile 2 value Profile 3 value Value returns by UserPropertiesComposite Is Readable by user session No Yes Yes - Ranking 700 500 100 - Name Robert Jnr Robert Bob Robert Age (undefined) (undefined) 25 25 email robert.private@example.com (undefined) (undefined) (undefined) - Parameters:
authorizableId
- The ID of theAuthorizable
for which to retrieve the user properties composite.relRootPath
- relative root path of theUserProperties
to be aggregated- Returns:
- A
UserPropertiesComposite
containing theUserProperties
- Throws:
javax.jcr.RepositoryException
- If an error occurs during repository access or no authorizable was found with the givenauthorizableId
.
-
getUserPropertiesComposite
@NotNull @NotNull UserPropertiesComposite getUserPropertiesComposite(@NotNull @NotNull java.lang.String authorizableId, @Nullable @Nullable java.lang.String relRootPath, @NotNull @NotNull java.util.Comparator<javax.jcr.Node> comparator) throws javax.jcr.RepositoryException
Deprecated.UsegetUserProperties(String, String, Comparator)
instead.Retrieves with the given session a composite (aggregation) ofUserProperties
associated with the authorizable identified by the givenauthorizableId
. TheUserProperties
are ordered using the givenComparator
prior to be aggregated. TheUserPropertiesComposite
will contain the most private properties accessible by the user session. See example ingetUserPropertiesComposite(String, String)
.- Parameters:
authorizableId
- The ID of theAuthorizable
for which to retrieve the user properties composite.relRootPath
- relative root pathcomparator
- The comparator used to sort candidates in a specific order- Returns:
- A
UserPropertiesComposite
containing theUserProperties
. - Throws:
javax.jcr.RepositoryException
- If an error occurs during repository access or no authorizable was found with the givenauthorizableId
.
-
getMemberOfUserProperties
@NotNull @NotNull java.util.Iterator<UserProperties> getMemberOfUserProperties(@NotNull @NotNull java.lang.String authorizableId, @NotNull @NotNull java.lang.String relPath, boolean declaredOnly) throws javax.jcr.RepositoryException
Returns an iterator over the properties of all groups that the authorizable withauthorizableId
is a member of. please note that only groups are included of which the underlying session has read access to.- Parameters:
authorizableId
- the id of the authorizablerelPath
- the relative path to build the user properties fromdeclaredOnly
- iftrue
only declared groups are included- Returns:
- an iterator of user properties
- Throws:
javax.jcr.RepositoryException
- if an error occurs- See Also:
Authorizable.memberOf()
,Authorizable.declaredMemberOf()
-
getMemberUserProperties
@NotNull @NotNull java.util.Iterator<UserProperties> getMemberUserProperties(@NotNull @NotNull Group group, @NotNull @NotNull java.lang.String relPath, boolean declaredOnly) throws javax.jcr.RepositoryException
Returns an iterator over the user properties of all members of the given group.- Parameters:
group
- the group to retrieve the members fromrelPath
- the relative path to build the user properties fromdeclaredOnly
- iftrue
only declared members are included- Returns:
- an iterator of user properties
- Throws:
javax.jcr.RepositoryException
- if an error occurs- See Also:
Group.getMembers()
,Group.getDeclaredMembers()
-
addReaders
boolean addReaders(@NotNull @NotNull UserProperties userProperties, @NotNull @NotNull java.security.Principal... principals) throws javax.jcr.RepositoryException
Grant read permission on the UserProperties to the given Principal. The permissions are set using the session provided while obtaining theUserPropertiesManager
instance. Principal can be retrieved withPrincipalManager.getPrincipal(String)
. Similarly Everyone Principal can be retrieved withPrincipalManager.getEveryone()
.- Parameters:
userProperties
- user properties to which readers should be addedprincipals
- Principal to which read access must be granted- Returns:
- true if permissions have been modified
- Throws:
javax.jcr.RepositoryException
- if an error occurs or the editing session is not allowed to modify access control
-
removeReaders
boolean removeReaders(@NotNull @NotNull UserProperties userProperties, @NotNull @NotNull java.security.Principal... principals) throws javax.jcr.RepositoryException
Remove read permission granted on the UserProperties to the given Principal. The permissions are updated using the session provided while obtaining theUserPropertiesManager
instance. Note that the Authorizable may keep having read access to the UserProperties if inherited from group membership or glob permissions.- Parameters:
userProperties
- user properties to which readers should be removedprincipals
- Principal to which read access must be revoked- Returns:
- true if permissions have been modified
- Throws:
javax.jcr.RepositoryException
- if an error occurs or the editing session is not allowed to modify access control
-
createQueryParams
@NotNull @NotNull UserPropertiesQueryParams createQueryParams()
Creates a new instance ofUserPropertiesQueryParams
that can be used during a call toquery(UserPropertiesQueryParams, String)
.- Returns:
- a new instance of
UserPropertiesQueryParams
.
-
query
@NotNull @NotNull java.util.Iterator<UserProperties> query(@NotNull @NotNull UserPropertiesQueryParams params, @NotNull @NotNull java.lang.String relPath) throws javax.jcr.RepositoryException
Searches the user properties matching the given query parameters.Performance
The client of this method is responsible to review the underlying query performance related to the given
relPath
. Typically this is about creating an appropriate Oak index.For example, inspect the
authorizable
index. See/oak:index/authorizables/
in yourcrx/de
instance.Also the user has to have
jcr:read
access to the node denoted byrelPath
.- Parameters:
params
- the parameters of the query. If the AuthorizableTypes criterion from the parameters is not specified, all the authorizable types will be included in the query result.relPath
- the name or relative path identifying the user properties, such asprofile
.- Returns:
- the iterator of
UserProperties
as the result of the query. - Throws:
javax.jcr.RepositoryException
- when there is an exception when accessing the repository.
-
-