Interface UserManager
-
@ProviderType public interface UserManager
TheUserManager
provides access to and means to maintainauthorizable objects
i.e.users
andgroups
. TheUserManager
is bound to a particularSession
.Note that all
create
calls will modify the session associated with the UserManager (whether this is the current session or not depends on the repository configuration). If the user manager is not in auto-save mode (seeisAutoSave()
), problems like overlapping creation of intermediate nodes may only surface upon a subsequentSession.save()
operation; callers should be prepared to repeat them in case this happens.
-
-
Field Summary
Fields Modifier and Type Field Description static int
SEARCH_TYPE_AUTHORIZABLE
Filter flag indicating that allAuthorizable
s should be searched.static int
SEARCH_TYPE_GROUP
Filter flag indicating that onlyGroup
s should be searched and returned.static int
SEARCH_TYPE_USER
Filter flag indicating that onlyUser
s should be searched and returned.
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
autoSave(boolean enable)
Changes the auto save behavior of thisUserManager
.@NotNull Group
createGroup(@NotNull java.lang.String groupID)
Creates a Group for the given groupID, which must not benull
.@NotNull Group
createGroup(@NotNull java.lang.String groupID, @NotNull java.security.Principal principal, @Nullable java.lang.String intermediatePath)
Creates a newGroup
that is based on the given id, principal and the specifiedintermediatePath
hint.@NotNull Group
createGroup(@NotNull java.security.Principal principal)
Creates a newGroup
that is based on the given principal.@NotNull Group
createGroup(@NotNull java.security.Principal principal, @Nullable java.lang.String intermediatePath)
Same ascreateGroup(String, Principal, String)
where the name of the specified principal is used to create the group's ID.@NotNull User
createSystemUser(@NotNull java.lang.String userID, @Nullable java.lang.String intermediatePath)
Create a new system user for the specifieduserID
.@NotNull User
createUser(@NotNull java.lang.String userID, @Nullable java.lang.String password)
Creates an User for the given userID / password pair; neither of the specified parameters can benull
.
Same ascreateUser(String,String,Principal,String)
where the specified userID is equal to the principal name and the intermediate path isnull
.@NotNull User
createUser(@NotNull java.lang.String userID, @Nullable java.lang.String password, @NotNull java.security.Principal principal, @Nullable java.lang.String intermediatePath)
Creates an User for the given parameters.@NotNull java.util.Iterator<Authorizable>
findAuthorizables(@NotNull java.lang.String relPath, @Nullable java.lang.String value)
Returns allAuthorizable
s that have aproperty
with the given relative path (or name) that matches the specified value.@NotNull java.util.Iterator<Authorizable>
findAuthorizables(@NotNull java.lang.String relPath, @Nullable java.lang.String value, int searchType)
Returns allAuthorizable
s that have aproperty
with the given relative path (or name) that matches the specified value.@NotNull java.util.Iterator<Authorizable>
findAuthorizables(@NotNull Query query)
ReturnAuthorizable
s that match a specificQuery
.@Nullable Authorizable
getAuthorizable(@NotNull java.lang.String id)
Get the Authorizable by its id.<T extends Authorizable>
TgetAuthorizable(@NotNull java.lang.String id, @NotNull java.lang.Class<T> authorizableClass)
Get the Authorizable of a specific type by its id.@Nullable Authorizable
getAuthorizable(@NotNull java.security.Principal principal)
Get the Authorizable by its Principal.@Nullable Authorizable
getAuthorizableByPath(@NotNull java.lang.String path)
In accordance toAuthorizable.getPath()
this method allows to retrieve an given authorizable by it's path.boolean
isAutoSave()
If any write operations executed through the User API are automatically persisted this method returnstrue
.
-
-
-
Field Detail
-
SEARCH_TYPE_USER
static final int SEARCH_TYPE_USER
Filter flag indicating that onlyUser
s should be searched and returned.- See Also:
- Constant Field Values
-
SEARCH_TYPE_GROUP
static final int SEARCH_TYPE_GROUP
Filter flag indicating that onlyGroup
s should be searched and returned.- See Also:
- Constant Field Values
-
SEARCH_TYPE_AUTHORIZABLE
static final int SEARCH_TYPE_AUTHORIZABLE
Filter flag indicating that allAuthorizable
s should be searched.- See Also:
- Constant Field Values
-
-
Method Detail
-
getAuthorizable
@Nullable @Nullable Authorizable getAuthorizable(@NotNull @NotNull java.lang.String id) throws RepositoryException
Get the Authorizable by its id.- Parameters:
id
- The user or group id.- Returns:
- Authorizable or
null
, if not present. - Throws:
RepositoryException
- If an error occurs.- See Also:
Authorizable.getID()
-
getAuthorizable
@Nullable <T extends Authorizable> T getAuthorizable(@NotNull @NotNull java.lang.String id, @NotNull @NotNull java.lang.Class<T> authorizableClass) throws AuthorizableTypeException, RepositoryException
Get the Authorizable of a specific type by its id.- Type Parameters:
T
- the required Authorizable type.- Parameters:
id
- the user or group id.authorizableClass
- the class of the type of Authorizable required; must not benull
.- Returns:
- Authorizable or
null
, if not present. - Throws:
AuthorizableTypeException
- If an authorizable exists but is not of the requested type.RepositoryException
- If an error occurs
-
getAuthorizable
@Nullable @Nullable Authorizable getAuthorizable(@NotNull @NotNull java.security.Principal principal) throws RepositoryException
Get the Authorizable by its Principal.- Parameters:
principal
- The principal of the authorizable to retrieve.- Returns:
- Authorizable or
null
, if not present. - Throws:
RepositoryException
- If an error occurs.
-
getAuthorizableByPath
@Nullable @Nullable Authorizable getAuthorizableByPath(@NotNull @NotNull java.lang.String path) throws UnsupportedRepositoryOperationException, RepositoryException
In accordance toAuthorizable.getPath()
this method allows to retrieve an given authorizable by it's path.- Parameters:
path
- The path to an authorizable.- Returns:
- Authorizable or
null
, if not present. - Throws:
UnsupportedRepositoryOperationException
- If this implementation does support to retrieve authorizables by path.RepositoryException
- If another error occurs.- See Also:
Authorizable.getPath()
-
findAuthorizables
@NotNull @NotNull java.util.Iterator<Authorizable> findAuthorizables(@NotNull @NotNull java.lang.String relPath, @Nullable @Nullable java.lang.String value) throws RepositoryException
Returns allAuthorizable
s that have aproperty
with the given relative path (or name) that matches the specified value.If a relative path with more than one segment is specified only properties exactly matching that patch will be returned. If, however, a name is specified all properties that may be retrieved using
Authorizable.getProperty(String)
will be searched for a match.- Parameters:
relPath
- A relative property path or name.value
- A string value to match.- Returns:
- All
Authorizable
s that have a property with the given name exactly matching the given value. - Throws:
RepositoryException
- If an error occurs.- See Also:
Authorizable.getProperty(String)
-
findAuthorizables
@NotNull @NotNull java.util.Iterator<Authorizable> findAuthorizables(@NotNull @NotNull java.lang.String relPath, @Nullable @Nullable java.lang.String value, int searchType) throws RepositoryException
Returns allAuthorizable
s that have aproperty
with the given relative path (or name) that matches the specified value. In contrast tofindAuthorizables(String, String)
the type of authorizable is respected while executing the search.If a relative path with more than one segment is specified only properties exactly matching that path will be returned. If, however, a name is specified all properties that may be retrieved using
Authorizable.getProperty(String)
will be searched for a match.- Parameters:
relPath
- A relative property path or name.value
- A string value to match.searchType
- Any of the following constants:- Returns:
- An iterator of
Authorizable
. - Throws:
RepositoryException
- If an error occurs.
-
findAuthorizables
@NotNull @NotNull java.util.Iterator<Authorizable> findAuthorizables(@NotNull @NotNull Query query) throws RepositoryException
ReturnAuthorizable
s that match a specificQuery
.- Parameters:
query
- A query- Returns:
- Iterator of authorizables witch match the
query
. - Throws:
RepositoryException
- If an error occurs.
-
createUser
@NotNull @NotNull User createUser(@NotNull @NotNull java.lang.String userID, @Nullable @Nullable java.lang.String password) throws AuthorizableExistsException, RepositoryException
Creates an User for the given userID / password pair; neither of the specified parameters can benull
.
Same ascreateUser(String,String,Principal,String)
where the specified userID is equal to the principal name and the intermediate path isnull
.- Parameters:
userID
- The ID of the new user.password
- The initial password of this user.- Returns:
- The new
User
. - Throws:
AuthorizableExistsException
- in case the given userID is already in use or another Authorizable with the same principal name exists.RepositoryException
- If another error occurs.
-
createUser
@NotNull @NotNull User createUser(@NotNull @NotNull java.lang.String userID, @Nullable @Nullable java.lang.String password, @NotNull @NotNull java.security.Principal principal, @Nullable @Nullable java.lang.String intermediatePath) throws AuthorizableExistsException, RepositoryException
Creates an User for the given parameters. If the implementation is not able to deal with theintermediatePath
that parameter should be ignored. Except for theintermediatePath
, neither of the specified parameters can benull
.- Parameters:
userID
- The ID of the new user.password
- The initial password of the new user.principal
- The principal of the new user.intermediatePath
- An optional intermediate path used to create the new user. If the intermediate path isnull
an internal, implementation specific structure will be used.- Returns:
- The new
User
. - Throws:
AuthorizableExistsException
- in case the given userID is already in use or another Authorizable with the same principal name exists.RepositoryException
- If the current Session is not allowed to create users or some another error occurs.
-
createSystemUser
@NotNull @NotNull User createSystemUser(@NotNull @NotNull java.lang.String userID, @Nullable @Nullable java.lang.String intermediatePath) throws AuthorizableExistsException, RepositoryException
Create a new system user for the specifieduserID
. The new authorizable is required to have the following characteristics:User.isSystemUser()
returnstrue
.- The system user doesn't have a password set and doesn't allow change the password.
- The principal name is generated by the system; it may be the same as
userID
. - A given implementation may choose to keep system users in a dedicated
location and thus may impose restrictions on the
intermediatePath
.
- Parameters:
userID
- A valid userID.intermediatePath
- An optional intermediate path to create the new system user. The implemenation may decide to reject intermediate paths if they violate an implementation specific requirement with respect to the location where systems users are being held. If the intermediate path isnull
an internal implementation specific structure will be used.- Returns:
- The new system user.
- Throws:
AuthorizableExistsException
- if an Authorizable with this id already exists.RepositoryException
- If another error occurs.
-
createGroup
@NotNull @NotNull Group createGroup(@NotNull @NotNull java.lang.String groupID) throws AuthorizableExistsException, RepositoryException
Creates a Group for the given groupID, which must not benull
.
Same ascreateGroup(String, Principal,String)
where the specified groupID is the name of thePrincipal
the intermediate path isnull
.- Parameters:
groupID
- The ID of the new group; must not benull
.- Returns:
- The new
Group
. - Throws:
AuthorizableExistsException
- in case the given groupID is already in use or anotherAuthorizable
with the sameID
or principal name already exists.RepositoryException
- If another error occurs.
-
createGroup
@NotNull @NotNull Group createGroup(@NotNull @NotNull java.security.Principal principal) throws AuthorizableExistsException, RepositoryException
Creates a newGroup
that is based on the given principal. Note that the group's ID is implementation specific. The implementation may take the principal name as ID hint but must in any case assert that it is unique among the IDs known to this manager.- Parameters:
principal
- A non-nullPrincipal
- Returns:
- The new
Group
. - Throws:
AuthorizableExistsException
- in case the given principal is already in use with another Authorizable.RepositoryException
- If another error occurs.
-
createGroup
@NotNull @NotNull Group createGroup(@NotNull @NotNull java.security.Principal principal, @Nullable @Nullable java.lang.String intermediatePath) throws AuthorizableExistsException, RepositoryException
Same ascreateGroup(String, Principal, String)
where the name of the specified principal is used to create the group's ID.- Parameters:
principal
- The principal associated with the new group.intermediatePath
- An optional intermediate path used to create the new group. If the intermediate path isnull
an internal, implementation specific structure will be used.- Returns:
- The new
Group
. - Throws:
AuthorizableExistsException
- in case the given principal is already in use with another Authorizable.RepositoryException
- If another error occurs.
-
createGroup
@NotNull @NotNull Group createGroup(@NotNull @NotNull java.lang.String groupID, @NotNull @NotNull java.security.Principal principal, @Nullable @Nullable java.lang.String intermediatePath) throws AuthorizableExistsException, RepositoryException
Creates a newGroup
that is based on the given id, principal and the specifiedintermediatePath
hint. If the implementation is not able to deal with theintermediatePath
this parameter should be ignored.- Parameters:
groupID
- The ID of the new group.principal
- The principal of the new group.intermediatePath
- An optional intermediate path used to create the new group. If the intermediate path isnull
an internal, implementation specific structure will be used.- Returns:
- The new
Group
. - Throws:
AuthorizableExistsException
- in case the given principal is already in use with another Authorizable.RepositoryException
- If another error occurs.
-
isAutoSave
boolean isAutoSave()
If any write operations executed through the User API are automatically persisted this method returnstrue
. In this case there are no pending transient changes left and there is no need to explicitly callSession.save()
. If this method returnsfalse
any changes must be completed by an extra save call on theSession
associated with thisUserManager
.- Returns:
true
if changes are automatically persisted;false
if changes made through this API (including method calls onAuthorizable
and subclasses are only transient and must be persisted usingSession.save()
.- See Also:
autoSave(boolean)
-
autoSave
void autoSave(boolean enable) throws UnsupportedRepositoryOperationException, RepositoryException
Changes the auto save behavior of thisUserManager
.Note, that this shouldn't be allowed in cases where the associated session is different from the original session accessing the user manager.
- Parameters:
enable
- Iftrue
changes made through this API will be automatically saved; otherwise an explicit call toSession.save()
is required in order to persist changes.- Throws:
UnsupportedRepositoryOperationException
- If the implementation does not allow to change the auto save behavior.RepositoryException
- If some other error occurs.
-
-