org.camunda.bpm.engine.impl

Class IdentityServiceImpl

java.lang.Object

org.camunda.bpm.engine.impl.ServiceImpl

org.camunda.bpm.engine.impl.IdentityServiceImpl

All Implemented Interfaces:

IdentityService

public class IdentityServiceImpl
extends ServiceImpl
implements IdentityService

Author:

Tom Baeyens

Field Summary

Fields inherited from class org.camunda.bpm.engine.impl.ServiceImpl

commandExecutor

Constructor Summary

Constructors

Constructor and Description
IdentityServiceImpl()

Method Summary

Modifier and Type	Method and Description
boolean	checkPassword(String userId, String password) Checks if the password is valid for the given user.
PasswordPolicyResult	checkPasswordAgainstPolicy(PasswordPolicy policy, String password) Check a given password against a given PasswordPolicy.
PasswordPolicyResult	checkPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user) Check a given password against a given PasswordPolicy.
PasswordPolicyResult	checkPasswordAgainstPolicy(String password) Check a given password against the configured PasswordPolicy.
PasswordPolicyResult	checkPasswordAgainstPolicy(String candidatePassword, User user) Check a given password against the configured PasswordPolicy.
void	clearAuthentication() Allows clearing the current authentication.
GroupQuery	createGroupQuery() Creates a GroupQuery thats allows to programmatically query the groups.
void	createMembership(String userId, String groupId)
NativeUserQuery	createNativeUserQuery() Creates a NativeUserQuery that allows to select users with native queries.
void	createTenantGroupMembership(String tenantId, String groupId) Creates a new membership between the given group and tenant.
TenantQuery	createTenantQuery() Creates a TenantQuery thats allows to programmatically query the tenants.
void	createTenantUserMembership(String tenantId, String userId) Creates a new membership between the given user and tenant.
UserQuery	createUserQuery() Creates a UserQuery that allows to programmatically query the users.
void	deleteGroup(String groupId) Deletes the group.
void	deleteMembership(String userId, String groupId) Delete the membership of the user in the group.
void	deleteTenant(String tenantId) Deletes the tenant.
void	deleteTenantGroupMembership(String tenantId, String groupId) Deletes the membership between the given group and tenant.
void	deleteTenantUserMembership(String tenantId, String userId) Deletes the membership between the given user and tenant.
void	deleteUser(String userId)
void	deleteUserAccount(String userId, String accountName) Delete an entry of the generic extensibility key-value pairs associated with a user
void	deleteUserInfo(String userId, String key) Delete an entry of the generic extensibility key-value pairs associated with a user
void	deleteUserPicture(String userId) Deletes the picture for a given user.
Authentication	getCurrentAuthentication()
PasswordPolicy	getPasswordPolicy() Returns the PasswordPolicy that is currently configured in the engine.
Account	getUserAccount(String userId, String userPassword, String accountName) Get account information associated with a user
List<String>	getUserAccountNames(String userId) Get account names associated with the given user
String	getUserInfo(String userId, String key) Generic extensibility key-value pairs associated with a user
List<String>	getUserInfoKeys(String userId) Generic extensibility keys associated with a user
Picture	getUserPicture(String userId) Retrieves the picture for a given user.
boolean	isReadOnly() Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.
Group	newGroup(String groupId) Creates a new group.
Tenant	newTenant(String tenantId) Creates a new tenant.
User	newUser(String userId) Creates a new user.
void	saveGroup(Group group) Saves the group.
void	saveTenant(Tenant tenant) Saves the tenant.
void	saveUser(User user) Saves the user.
void	saveUser(User user, boolean skipPasswordPolicy)
void	setAuthenticatedUserId(String authenticatedUserId) Passes the authenticated user id for this thread.
void	setAuthentication(Authentication auth)
void	setAuthentication(String userId, List<String> groups) Passes the authenticated user id and groupIds for this thread.
void	setAuthentication(String userId, List<String> groups, List<String> tenantIds) Passes the authenticated user id, group ids and tenant ids for this thread.
void	setUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String,String> accountDetails) Store account information for a remote system
void	setUserInfo(String userId, String key, String value) Generic extensibility key-value pairs associated with a user
void	setUserPicture(String userId, Picture picture) Sets the picture for a given user.
void	unlockUser(String userId)

Methods inherited from class org.camunda.bpm.engine.impl.ServiceImpl

getCommandExecutor, setCommandExecutor

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IdentityServiceImpl

public IdentityServiceImpl()

Method Detail

isReadOnly

public boolean isReadOnly()

Description copied from interface: IdentityService

Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.

Read only identity service implementations do not support the following methods:

• IdentityService.newUser(String)
• IdentityService.saveUser(User)
• IdentityService.deleteUser(String)
• IdentityService.newGroup(String)
• IdentityService.saveGroup(Group)
• IdentityService.deleteGroup(String)
• IdentityService.newTenant(String)
• IdentityService.saveTenant(Tenant)
• IdentityService.deleteTenant(String)
• IdentityService.createMembership(String, String)
• IdentityService.deleteMembership(String, String)
• IdentityService.createTenantUserMembership(String, String)
• IdentityService.createTenantGroupMembership(String, String)
• IdentityService.deleteTenantUserMembership(String, String)
• IdentityService.deleteTenantGroupMembership(String, String)

If these methods are invoked on a read-only identity service implementation, the invocation will throw an UnsupportedOperationException.

Specified by:

isReadOnly in interface IdentityService

Returns:

true if this identity service implementation provides read-only access to the user repository, false otherwise.

newGroup

public Group newGroup(String groupId)

Description copied from interface: IdentityService

Creates a new group. The group is transient and must be saved using IdentityService.saveGroup(Group).

Specified by:

newGroup in interface IdentityService

Parameters:

groupId - id for the new group, cannot be null.

newUser

public User newUser(String userId)

Description copied from interface: IdentityService

Creates a new user. The user is transient and must be saved using IdentityService.saveUser(User).

Specified by:

newUser in interface IdentityService

Parameters:

userId - id for the new user, cannot be null.

newTenant

public Tenant newTenant(String tenantId)

Description copied from interface: IdentityService

Creates a new tenant. The tenant is transient and must be saved using IdentityService.saveTenant(Tenant).

Specified by:

newTenant in interface IdentityService

Parameters:

tenantId - id for the new tenant, cannot be null.

saveGroup

public void saveGroup(Group group)

Description copied from interface: IdentityService

Saves the group. If the group already existed, the group is updated.

Specified by:

saveGroup in interface IdentityService

Parameters:

group - group to save. Cannot be null.

saveUser

public void saveUser(User user)

Description copied from interface: IdentityService

Saves the user. If the user already existed, the user is updated.

Specified by:

saveUser in interface IdentityService

Parameters:

user - user to save, cannot be null.

saveUser

public void saveUser(User user,
                     boolean skipPasswordPolicy)

saveTenant

public void saveTenant(Tenant tenant)

Description copied from interface: IdentityService

Saves the tenant. If the tenant already existed, it is updated.

Specified by:

saveTenant in interface IdentityService

Parameters:

tenant - the tenant to save. Cannot be null.

createUserQuery

public UserQuery createUserQuery()

Description copied from interface: IdentityService

Creates a UserQuery that allows to programmatically query the users.

Specified by:

createUserQuery in interface IdentityService

createNativeUserQuery

public NativeUserQuery createNativeUserQuery()

Description copied from interface: IdentityService

Creates a NativeUserQuery that allows to select users with native queries.

Specified by:

createNativeUserQuery in interface IdentityService

Returns:

NativeUserQuery

createGroupQuery

public GroupQuery createGroupQuery()

Description copied from interface: IdentityService

Creates a GroupQuery thats allows to programmatically query the groups.

Specified by:

createGroupQuery in interface IdentityService

createTenantQuery

public TenantQuery createTenantQuery()

Description copied from interface: IdentityService

Creates a TenantQuery thats allows to programmatically query the tenants.

Specified by:

createTenantQuery in interface IdentityService

createMembership

public void createMembership(String userId,
                             String groupId)

Specified by:

createMembership in interface IdentityService

Parameters:

userId - the userId, cannot be null.

groupId - the groupId, cannot be null.

deleteGroup

public void deleteGroup(String groupId)

Description copied from interface: IdentityService

Deletes the group. When no group exists with the given id, this operation is ignored.

Specified by:

deleteGroup in interface IdentityService

Parameters:

groupId - id of the group that should be deleted, cannot be null.

deleteMembership

public void deleteMembership(String userId,
                             String groupId)

Description copied from interface: IdentityService

Delete the membership of the user in the group. When the group or user don't exist or when the user is not a member of the group, this operation is ignored.

Specified by:

deleteMembership in interface IdentityService

Parameters:

userId - the user's id, cannot be null.

groupId - the group's id, cannot be null.

checkPassword

public boolean checkPassword(String userId,
                             String password)

Description copied from interface: IdentityService

Checks if the password is valid for the given user. Arguments userId and password are nullsafe.

Specified by:

checkPassword in interface IdentityService

checkPasswordAgainstPolicy

public PasswordPolicyResult checkPasswordAgainstPolicy(String candidatePassword,
                                                       User user)

Description copied from interface: IdentityService

Check a given password against the configured PasswordPolicy. The result is returned as PasswordPolicyResult which contains all passed and violated rules as well as a flag indicating if the password is valid.

Specified by:

checkPasswordAgainstPolicy in interface IdentityService

Parameters:

candidatePassword - which is checked against a password policy

user - to be taken into account when checking the candidate password

Returns:

a PasswordPolicyResult containing passed and failed rules

checkPasswordAgainstPolicy

public PasswordPolicyResult checkPasswordAgainstPolicy(String password)

Description copied from interface: IdentityService

Check a given password against the configured PasswordPolicy. The result is returned as PasswordPolicyResult which contains all passed and violated rules as well as a flag indicating if the password is valid.

Specified by:

checkPasswordAgainstPolicy in interface IdentityService

Parameters:

password - the password that should be tested

Returns:

a PasswordPolicyResult containing passed and failed rules

checkPasswordAgainstPolicy

public PasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy,
                                                       String candidatePassword,
                                                       User user)

Description copied from interface: IdentityService

Check a given password against a given PasswordPolicy. The result is returned as PasswordPolicyResult which contains all passed and violated rules as well as a flag indicating if the password is valid.

Specified by:

checkPasswordAgainstPolicy in interface IdentityService

Parameters:

policy - the PasswordPolicy against which the password is tested

candidatePassword - which is checked against a password policy

user - to be taken into account when checking the candidate password

Returns:

a PasswordPolicyResult containing passed and failed rules

checkPasswordAgainstPolicy

public PasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy,
                                                       String password)

Description copied from interface: IdentityService

Check a given password against a given PasswordPolicy. The result is returned as PasswordPolicyResult which contains all passed and violated rules as well as a flag indicating if the password is valid.

Specified by:

checkPasswordAgainstPolicy in interface IdentityService

Parameters:

policy - the PasswordPolicy against which the password is tested

password - the password that should be tested

Returns:

a PasswordPolicyResult containing passed and failed rules

getPasswordPolicy

public PasswordPolicy getPasswordPolicy()

Description copied from interface: IdentityService

Returns the PasswordPolicy that is currently configured in the engine.

Specified by:

getPasswordPolicy in interface IdentityService

Returns:

the current PasswordPolicy or null if no policy is set or the configured policy is disabled.

unlockUser

public void unlockUser(String userId)

Specified by:

unlockUser in interface IdentityService

deleteUser

public void deleteUser(String userId)

Specified by:

deleteUser in interface IdentityService

Parameters:

userId - id of user to delete, cannot be null. When an id is passed for an unexisting user, this operation is ignored.

deleteTenant

public void deleteTenant(String tenantId)

Description copied from interface: IdentityService

Deletes the tenant. When no tenant exists with the given id, this operation is ignored.

Specified by:

deleteTenant in interface IdentityService

Parameters:

tenantId - id of the tenant that should be deleted, cannot be null.

setUserPicture

public void setUserPicture(String userId,
                           Picture picture)

Description copied from interface: IdentityService

Sets the picture for a given user.

Specified by:

setUserPicture in interface IdentityService

picture - can be null to delete the picture.

getUserPicture

public Picture getUserPicture(String userId)

Description copied from interface: IdentityService

Retrieves the picture for a given user.

Specified by:

getUserPicture in interface IdentityService

deleteUserPicture

public void deleteUserPicture(String userId)

Description copied from interface: IdentityService

Deletes the picture for a given user. If the user does not have a picture or if the user doesn't exists the call is ignored.

Specified by:

deleteUserPicture in interface IdentityService

setAuthenticatedUserId

public void setAuthenticatedUserId(String authenticatedUserId)

Description copied from interface: IdentityService

Passes the authenticated user id for this thread. All service method (from any service) invocations done by the same thread will have access to this authenticatedUserId. Should be followed by a call to IdentityService.clearAuthentication() once the interaction is terminated.

Specified by:

setAuthenticatedUserId in interface IdentityService

Parameters:

authenticatedUserId - the id of the current user.

setAuthentication

public void setAuthentication(Authentication auth)

Specified by:

setAuthentication in interface IdentityService

setAuthentication

public void setAuthentication(String userId,
                              List<String> groups)

Description copied from interface: IdentityService

Passes the authenticated user id and groupIds for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call to IdentityService.clearAuthentication() once the interaction is terminated.

Specified by:

setAuthentication in interface IdentityService

groups - the groups of the current user.

setAuthentication

public void setAuthentication(String userId,
                              List<String> groups,
                              List<String> tenantIds)

Description copied from interface: IdentityService

Passes the authenticated user id, group ids and tenant ids for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call to IdentityService.clearAuthentication() once the interaction is terminated.

Specified by:

setAuthentication in interface IdentityService

Parameters:

userId - the id of the current user.

groups - the groups of the current user.

tenantIds - the tenants of the current user.

clearAuthentication

public void clearAuthentication()

Description copied from interface: IdentityService

Allows clearing the current authentication. Does not throw exception if no authentication exists.

Specified by:

clearAuthentication in interface IdentityService

getCurrentAuthentication

public Authentication getCurrentAuthentication()

Specified by:

getCurrentAuthentication in interface IdentityService

Returns:

the current authentication for this process engine.

getUserInfo

public String getUserInfo(String userId,
                          String key)

Description copied from interface: IdentityService

Generic extensibility key-value pairs associated with a user

Specified by:

getUserInfo in interface IdentityService

getUserInfoKeys

public List<String> getUserInfoKeys(String userId)

Description copied from interface: IdentityService

Generic extensibility keys associated with a user

Specified by:

getUserInfoKeys in interface IdentityService

getUserAccountNames

public List<String> getUserAccountNames(String userId)

Description copied from interface: IdentityService

Get account names associated with the given user

Specified by:

getUserAccountNames in interface IdentityService

setUserInfo

public void setUserInfo(String userId,
                        String key,
                        String value)

Description copied from interface: IdentityService

Generic extensibility key-value pairs associated with a user

Specified by:

setUserInfo in interface IdentityService

deleteUserInfo

public void deleteUserInfo(String userId,
                           String key)

Description copied from interface: IdentityService

Delete an entry of the generic extensibility key-value pairs associated with a user

Specified by:

deleteUserInfo in interface IdentityService

deleteUserAccount

public void deleteUserAccount(String userId,
                              String accountName)

Description copied from interface: IdentityService

Delete an entry of the generic extensibility key-value pairs associated with a user

Specified by:

deleteUserAccount in interface IdentityService

getUserAccount

public Account getUserAccount(String userId,
                              String userPassword,
                              String accountName)

Description copied from interface: IdentityService

Get account information associated with a user

Specified by:

getUserAccount in interface IdentityService

setUserAccount

public void setUserAccount(String userId,
                           String userPassword,
                           String accountName,
                           String accountUsername,
                           String accountPassword,
                           Map<String,String> accountDetails)

Description copied from interface: IdentityService

Store account information for a remote system

Specified by:

setUserAccount in interface IdentityService

createTenantUserMembership

public void createTenantUserMembership(String tenantId,
                                       String userId)

Description copied from interface: IdentityService

Creates a new membership between the given user and tenant.

Specified by:

createTenantUserMembership in interface IdentityService

Parameters:

tenantId - the id of the tenant, cannot be null.

userId - the id of the user, cannot be null.

createTenantGroupMembership

public void createTenantGroupMembership(String tenantId,
                                        String groupId)

Description copied from interface: IdentityService

Creates a new membership between the given group and tenant.

Specified by:

createTenantGroupMembership in interface IdentityService

Parameters:

tenantId - the id of the tenant, cannot be null.

groupId - the id of the group, cannot be null.

deleteTenantUserMembership

public void deleteTenantUserMembership(String tenantId,
                                       String userId)

Description copied from interface: IdentityService

Deletes the membership between the given user and tenant. The operation is ignored when the given user, tenant or membership don't exist.

Specified by:

deleteTenantUserMembership in interface IdentityService

Parameters:

tenantId - the id of the tenant, cannot be null.

userId - the id of the user, cannot be null.

deleteTenantGroupMembership

public void deleteTenantGroupMembership(String tenantId,
                                        String groupId)

Description copied from interface: IdentityService

Deletes the membership between the given group and tenant. The operation is ignored when the given group, tenant or membership don't exist.

Specified by:

deleteTenantGroupMembership in interface IdentityService

Parameters:

tenantId - the id of the tenant, cannot be null.

groupId - the id of the group, cannot be null.