public interface IdentityService
Modifier and Type | Method and Description |
---|---|
boolean |
checkPassword(String userId,
String password)
Checks if the password is valid for the given user.
|
PasswordPolicyResult |
checkPasswordAgainstPolicy(PasswordPolicy policy,
String password)
Check a given password against a given
PasswordPolicy . |
PasswordPolicyResult |
checkPasswordAgainstPolicy(PasswordPolicy policy,
String candidatePassword,
User user)
Check a given password against a given
PasswordPolicy . |
PasswordPolicyResult |
checkPasswordAgainstPolicy(String password)
Check a given password against the configured
PasswordPolicy . |
PasswordPolicyResult |
checkPasswordAgainstPolicy(String candidatePassword,
User user)
Check a given password against the configured
PasswordPolicy . |
void |
clearAuthentication()
Allows clearing the current authentication.
|
GroupQuery |
createGroupQuery()
Creates a
GroupQuery thats allows to programmatically query the groups. |
void |
createMembership(String userId,
String groupId) |
NativeUserQuery |
createNativeUserQuery()
Creates a
NativeUserQuery that allows to select users with native queries. |
void |
createTenantGroupMembership(String tenantId,
String groupId)
Creates a new membership between the given group and tenant.
|
TenantQuery |
createTenantQuery()
Creates a
TenantQuery thats allows to programmatically query the
tenants. |
void |
createTenantUserMembership(String tenantId,
String userId)
Creates a new membership between the given user and tenant.
|
UserQuery |
createUserQuery()
Creates a
UserQuery that allows to programmatically query the users. |
void |
deleteGroup(String groupId)
Deletes the group.
|
void |
deleteMembership(String userId,
String groupId)
Delete the membership of the user in the group.
|
void |
deleteTenant(String tenantId)
Deletes the tenant.
|
void |
deleteTenantGroupMembership(String tenantId,
String groupId)
Deletes the membership between the given group and tenant.
|
void |
deleteTenantUserMembership(String tenantId,
String userId)
Deletes the membership between the given user and tenant.
|
void |
deleteUser(String userId) |
void |
deleteUserAccount(String userId,
String accountName)
Deprecated.
|
void |
deleteUserInfo(String userId,
String key)
Delete an entry of the generic extensibility key-value pairs associated with a user
|
void |
deleteUserPicture(String userId)
Deletes the picture for a given user.
|
Authentication |
getCurrentAuthentication() |
PasswordPolicy |
getPasswordPolicy()
Returns the
PasswordPolicy that is currently configured in the
engine. |
Account |
getUserAccount(String userId,
String userPassword,
String accountName)
Deprecated.
|
List<String> |
getUserAccountNames(String userId)
Deprecated.
|
String |
getUserInfo(String userId,
String key)
Generic extensibility key-value pairs associated with a user
|
List<String> |
getUserInfoKeys(String userId)
Generic extensibility keys associated with a user
|
Picture |
getUserPicture(String userId)
Retrieves the picture for a given user.
|
boolean |
isReadOnly()
Allows to inquire whether this identity service implementation provides
read-only access to the user repository, false otherwise.
|
Group |
newGroup(String groupId)
Creates a new group.
|
Tenant |
newTenant(String tenantId)
Creates a new tenant.
|
User |
newUser(String userId)
Creates a new user.
|
void |
saveGroup(Group group)
Saves the group.
|
void |
saveTenant(Tenant tenant)
Saves the tenant.
|
void |
saveUser(User user)
Saves the user.
|
void |
setAuthenticatedUserId(String authenticatedUserId)
Passes the authenticated user id for this thread.
|
void |
setAuthentication(Authentication currentAuthentication) |
void |
setAuthentication(String userId,
List<String> groups)
Passes the authenticated user id and groupIds for this thread.
|
void |
setAuthentication(String userId,
List<String> groups,
List<String> tenantIds)
Passes the authenticated user id, group ids and tenant ids for this thread.
|
void |
setUserAccount(String userId,
String userPassword,
String accountName,
String accountUsername,
String accountPassword,
Map<String,String> accountDetails)
Deprecated.
|
void |
setUserInfo(String userId,
String key,
String value)
Generic extensibility key-value pairs associated with a user
|
void |
setUserPicture(String userId,
Picture picture)
Sets the picture for a given user.
|
void |
unlockUser(String userId) |
boolean isReadOnly()
Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.
Read only identity service implementations do not support the following methods:newUser(String)
saveUser(User)
deleteUser(String)
newGroup(String)
saveGroup(Group)
deleteGroup(String)
newTenant(String)
saveTenant(Tenant)
deleteTenant(String)
createMembership(String, String)
deleteMembership(String, String)
createTenantUserMembership(String, String)
createTenantGroupMembership(String, String)
deleteTenantUserMembership(String, String)
deleteTenantGroupMembership(String, String)
If these methods are invoked on a read-only identity service implementation,
the invocation will throw an UnsupportedOperationException
.
User newUser(String userId)
saveUser(User)
.userId
- id for the new user, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on Resources.USER
.void saveUser(User user)
user
- user to save, cannot be null.ProcessEngineException
- when ProcessEngineConfiguration.enablePasswordPolicy
is true
and password violates password policyProcessEngineException
- when user id violates:
RuntimeException
- when a user with the same name already exists.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.UPDATE
permissions on Resources.USER
(update existing user)
or if user has no Permissions.CREATE
permissions on Resources.USER
(save new user).UserQuery createUserQuery()
UserQuery
that allows to programmatically query the users.void deleteUser(String userId)
userId
- id of user to delete, cannot be null. When an id is passed
for an unexisting user, this operation is ignored.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on Resources.USER
.void unlockUser(String userId)
Group newGroup(String groupId)
saveGroup(Group)
.groupId
- id for the new group, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on Resources.GROUP
.NativeUserQuery createNativeUserQuery()
NativeUserQuery
that allows to select users with native queries.GroupQuery createGroupQuery()
GroupQuery
thats allows to programmatically query the groups.void saveGroup(Group group)
group
- group to save. Cannot be null.ProcessEngineException
- when group id violates:
RuntimeException
- when a group with the same name already exists.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.UPDATE
permissions on Resources.GROUP
(update existing group)
or if user has no Permissions.CREATE
permissions on Resources.GROUP
(save new group).void deleteGroup(String groupId)
groupId
- id of the group that should be deleted, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on Resources.GROUP
.void createMembership(String userId, String groupId)
userId
- the userId, cannot be null.groupId
- the groupId, cannot be null.RuntimeException
- when the given user or group doesn't exist or when the user
is already member of the group.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on Resources.GROUP_MEMBERSHIP
.void deleteMembership(String userId, String groupId)
userId
- the user's id, cannot be null.groupId
- the group's id, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on Resources.GROUP_MEMBERSHIP
.Tenant newTenant(String tenantId)
saveTenant(Tenant)
.tenantId
- id for the new tenant, cannot be null
.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on
Resources.TENANT
.TenantQuery createTenantQuery()
TenantQuery
thats allows to programmatically query the
tenants.void saveTenant(Tenant tenant)
tenant
- the tenant to save. Cannot be null
.ProcessEngineException
- when tenant id violates:
RuntimeException
- when a tenant with the same name already exists.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.UPDATE
permissions on
Resources.TENANT
(update existing tenant) or if user has
no Permissions.CREATE
permissions on
Resources.TENANT
(save new tenant).void deleteTenant(String tenantId)
tenantId
- id of the tenant that should be deleted, cannot be
null
.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on
Resources.TENANT
.void createTenantUserMembership(String tenantId, String userId)
tenantId
- the id of the tenant, cannot be null.userId
- the id of the user, cannot be null.RuntimeException
- when the given tenant or user doesn't exist or the user is
already a member of this tenant.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on
Resources.TENANT_MEMBERSHIP
.void createTenantGroupMembership(String tenantId, String groupId)
tenantId
- the id of the tenant, cannot be null.groupId
- the id of the group, cannot be null.RuntimeException
- when the given tenant or group doesn't exist or when the group
is already a member of this tenant.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.CREATE
permissions on
Resources.TENANT_MEMBERSHIP
.void deleteTenantUserMembership(String tenantId, String userId)
tenantId
- the id of the tenant, cannot be null.userId
- the id of the user, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on
Resources.TENANT_MEMBERSHIP
.void deleteTenantGroupMembership(String tenantId, String groupId)
tenantId
- the id of the tenant, cannot be null.groupId
- the id of the group, cannot be null.UnsupportedOperationException
- if identity service implementation is read only. See
isReadOnly()
AuthorizationException
- if the user has no Permissions.DELETE
permissions on
Resources.TENANT_MEMBERSHIP
.boolean checkPassword(String userId, String password)
PasswordPolicyResult checkPasswordAgainstPolicy(String password)
PasswordPolicy
. The result
is returned as PasswordPolicyResult
which contains all
passed and violated rules as well as a flag indicating if the password is
valid.password
- the password that should be testedPasswordPolicyResult
containing passed and
failed rulesPasswordPolicyResult checkPasswordAgainstPolicy(String candidatePassword, User user)
PasswordPolicy
. The result
is returned as PasswordPolicyResult
which contains all
passed and violated rules as well as a flag indicating if the password is
valid.candidatePassword
- which is checked against a password policyuser
- to be taken into account when checking the candidate passwordPasswordPolicyResult
containing passed and
failed rulesPasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy, String password)
PasswordPolicy
. The result
is returned as PasswordPolicyResult
which contains all
passed and violated rules as well as a flag indicating if the password is
valid.policy
- the PasswordPolicy
against which the password is testedpassword
- the password that should be testedPasswordPolicyResult
containing passed and
failed rulesPasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user)
PasswordPolicy
. The result
is returned as PasswordPolicyResult
which contains all
passed and violated rules as well as a flag indicating if the password is
valid.policy
- the PasswordPolicy
against which the password is testedcandidatePassword
- which is checked against a password policyuser
- to be taken into account when checking the candidate passwordPasswordPolicyResult
containing passed and
failed rulesPasswordPolicy getPasswordPolicy()
PasswordPolicy
that is currently configured in the
engine.PasswordPolicy
or null
if no
policy is set or the configured policy is disabled.void setAuthenticatedUserId(String authenticatedUserId)
clearAuthentication()
once the interaction is terminated.authenticatedUserId
- the id of the current user.void setAuthentication(String userId, List<String> groups)
clearAuthentication()
once the interaction is terminated.authenticatedUserId
- the id of the current user.groups
- the groups of the current user.void setAuthentication(String userId, List<String> groups, List<String> tenantIds)
clearAuthentication()
once the interaction is terminated.userId
- the id of the current user.groups
- the groups of the current user.tenantIds
- the tenants of the current user.void setAuthentication(Authentication currentAuthentication)
currentAuthentication
- Authentication getCurrentAuthentication()
void clearAuthentication()
void setUserPicture(String userId, Picture picture)
picture
- can be null to delete the picture.ProcessEngineException
- if the user doesn't exist.Picture getUserPicture(String userId)
ProcessEngineException
- if the user doesn't exist.void deleteUserPicture(String userId)
ProcessEngineException
- if the user doesn't exist.void setUserInfo(String userId, String key, String value)
String getUserInfo(String userId, String key)
List<String> getUserInfoKeys(String userId)
void deleteUserInfo(String userId, String key)
@Deprecated void setUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String,String> accountDetails)
@Deprecated List<String> getUserAccountNames(String userId)
@Deprecated Account getUserAccount(String userId, String userPassword, String accountName)
@Deprecated void deleteUserAccount(String userId, String accountName)
Copyright © 2022. All rights reserved.