Package org.camunda.bpm.engine.impl
Class IdentityServiceImpl
- java.lang.Object
-
- org.camunda.bpm.engine.impl.ServiceImpl
-
- org.camunda.bpm.engine.impl.IdentityServiceImpl
-
- All Implemented Interfaces:
IdentityService
public class IdentityServiceImpl extends ServiceImpl implements IdentityService
- Author:
- Tom Baeyens
-
-
Field Summary
-
Fields inherited from class org.camunda.bpm.engine.impl.ServiceImpl
commandExecutor
-
-
Constructor Summary
Constructors Constructor Description IdentityServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleancheckPassword(String userId, String password)Checks if the password is valid for the given user.PasswordPolicyResultcheckPasswordAgainstPolicy(String password)Check a given password against the configuredPasswordPolicy.PasswordPolicyResultcheckPasswordAgainstPolicy(String candidatePassword, User user)Check a given password against the configuredPasswordPolicy.PasswordPolicyResultcheckPasswordAgainstPolicy(PasswordPolicy policy, String password)Check a given password against a givenPasswordPolicy.PasswordPolicyResultcheckPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user)Check a given password against a givenPasswordPolicy.voidclearAuthentication()Allows clearing the current authentication.GroupQuerycreateGroupQuery()Creates aGroupQuerythats allows to programmatically query the groups.voidcreateMembership(String userId, String groupId)NativeUserQuerycreateNativeUserQuery()Creates aNativeUserQuerythat allows to select users with native queries.voidcreateTenantGroupMembership(String tenantId, String groupId)Creates a new membership between the given group and tenant.TenantQuerycreateTenantQuery()Creates aTenantQuerythats allows to programmatically query the tenants.voidcreateTenantUserMembership(String tenantId, String userId)Creates a new membership between the given user and tenant.UserQuerycreateUserQuery()Creates aUserQuerythat allows to programmatically query the users.voiddeleteGroup(String groupId)Deletes the group.voiddeleteMembership(String userId, String groupId)Delete the membership of the user in the group.voiddeleteTenant(String tenantId)Deletes the tenant.voiddeleteTenantGroupMembership(String tenantId, String groupId)Deletes the membership between the given group and tenant.voiddeleteTenantUserMembership(String tenantId, String userId)Deletes the membership between the given user and tenant.voiddeleteUser(String userId)voiddeleteUserAccount(String userId, String accountName)Delete an entry of the generic extensibility key-value pairs associated with a uservoiddeleteUserInfo(String userId, String key)Delete an entry of the generic extensibility key-value pairs associated with a uservoiddeleteUserPicture(String userId)Deletes the picture for a given user.AuthenticationgetCurrentAuthentication()PasswordPolicygetPasswordPolicy()Returns thePasswordPolicythat is currently configured in the engine.AccountgetUserAccount(String userId, String userPassword, String accountName)Get account information associated with a userList<String>getUserAccountNames(String userId)Get account names associated with the given userStringgetUserInfo(String userId, String key)Generic extensibility key-value pairs associated with a userList<String>getUserInfoKeys(String userId)Generic extensibility keys associated with a userPicturegetUserPicture(String userId)Retrieves the picture for a given user.booleanisReadOnly()Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.GroupnewGroup(String groupId)Creates a new group.TenantnewTenant(String tenantId)Creates a new tenant.UsernewUser(String userId)Creates a new user.voidsaveGroup(Group group)Saves the group.voidsaveTenant(Tenant tenant)Saves the tenant.voidsaveUser(User user)Saves the user.voidsaveUser(User user, boolean skipPasswordPolicy)voidsetAuthenticatedUserId(String authenticatedUserId)Passes the authenticated user id for this thread.voidsetAuthentication(String userId, List<String> groups)Passes the authenticated user id and groupIds for this thread.voidsetAuthentication(String userId, List<String> groups, List<String> tenantIds)Passes the authenticated user id, group ids and tenant ids for this thread.voidsetAuthentication(Authentication auth)voidsetUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String,String> accountDetails)Store account information for a remote systemvoidsetUserInfo(String userId, String key, String value)Generic extensibility key-value pairs associated with a uservoidsetUserPicture(String userId, Picture picture)Sets the picture for a given user.voidunlockUser(String userId)-
Methods inherited from class org.camunda.bpm.engine.impl.ServiceImpl
getCommandExecutor, setCommandExecutor
-
-
-
-
Method Detail
-
isReadOnly
public boolean isReadOnly()
Description copied from interface:IdentityServiceAllows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.
Read only identity service implementations do not support the following methods:-
IdentityService.newUser(String) -
IdentityService.saveUser(User) -
IdentityService.deleteUser(String) -
IdentityService.newGroup(String) -
IdentityService.saveGroup(Group) -
IdentityService.deleteGroup(String) -
IdentityService.newTenant(String) -
IdentityService.saveTenant(Tenant) -
IdentityService.deleteTenant(String) -
IdentityService.createMembership(String, String) -
IdentityService.deleteMembership(String, String) -
IdentityService.createTenantUserMembership(String, String) -
IdentityService.createTenantGroupMembership(String, String) -
IdentityService.deleteTenantUserMembership(String, String) -
IdentityService.deleteTenantGroupMembership(String, String)
If these methods are invoked on a read-only identity service implementation, the invocation will throw an
UnsupportedOperationException.- Specified by:
isReadOnlyin interfaceIdentityService- Returns:
- true if this identity service implementation provides read-only access to the user repository, false otherwise.
-
-
newGroup
public Group newGroup(String groupId)
Description copied from interface:IdentityServiceCreates a new group. The group is transient and must be saved usingIdentityService.saveGroup(Group).- Specified by:
newGroupin interfaceIdentityService- Parameters:
groupId- id for the new group, cannot be null.
-
newUser
public User newUser(String userId)
Description copied from interface:IdentityServiceCreates a new user. The user is transient and must be saved usingIdentityService.saveUser(User).- Specified by:
newUserin interfaceIdentityService- Parameters:
userId- id for the new user, cannot be null.
-
newTenant
public Tenant newTenant(String tenantId)
Description copied from interface:IdentityServiceCreates a new tenant. The tenant is transient and must be saved usingIdentityService.saveTenant(Tenant).- Specified by:
newTenantin interfaceIdentityService- Parameters:
tenantId- id for the new tenant, cannot benull.
-
saveGroup
public void saveGroup(Group group)
Description copied from interface:IdentityServiceSaves the group. If the group already existed, the group is updated.- Specified by:
saveGroupin interfaceIdentityService- Parameters:
group- group to save. Cannot be null.
-
saveUser
public void saveUser(User user)
Description copied from interface:IdentityServiceSaves the user. If the user already existed, the user is updated.- Specified by:
saveUserin interfaceIdentityService- Parameters:
user- user to save, cannot be null.
-
saveUser
public void saveUser(User user, boolean skipPasswordPolicy)
-
saveTenant
public void saveTenant(Tenant tenant)
Description copied from interface:IdentityServiceSaves the tenant. If the tenant already existed, it is updated.- Specified by:
saveTenantin interfaceIdentityService- Parameters:
tenant- the tenant to save. Cannot benull.
-
createUserQuery
public UserQuery createUserQuery()
Description copied from interface:IdentityServiceCreates aUserQuerythat allows to programmatically query the users.- Specified by:
createUserQueryin interfaceIdentityService
-
createNativeUserQuery
public NativeUserQuery createNativeUserQuery()
Description copied from interface:IdentityServiceCreates aNativeUserQuerythat allows to select users with native queries.- Specified by:
createNativeUserQueryin interfaceIdentityService- Returns:
- NativeUserQuery
-
createGroupQuery
public GroupQuery createGroupQuery()
Description copied from interface:IdentityServiceCreates aGroupQuerythats allows to programmatically query the groups.- Specified by:
createGroupQueryin interfaceIdentityService
-
createTenantQuery
public TenantQuery createTenantQuery()
Description copied from interface:IdentityServiceCreates aTenantQuerythats allows to programmatically query the tenants.- Specified by:
createTenantQueryin interfaceIdentityService
-
createMembership
public void createMembership(String userId, String groupId)
- Specified by:
createMembershipin interfaceIdentityService- Parameters:
userId- the userId, cannot be null.groupId- the groupId, cannot be null.
-
deleteGroup
public void deleteGroup(String groupId)
Description copied from interface:IdentityServiceDeletes the group. When no group exists with the given id, this operation is ignored.- Specified by:
deleteGroupin interfaceIdentityService- Parameters:
groupId- id of the group that should be deleted, cannot be null.
-
deleteMembership
public void deleteMembership(String userId, String groupId)
Description copied from interface:IdentityServiceDelete the membership of the user in the group. When the group or user don't exist or when the user is not a member of the group, this operation is ignored.- Specified by:
deleteMembershipin interfaceIdentityService- Parameters:
userId- the user's id, cannot be null.groupId- the group's id, cannot be null.
-
checkPassword
public boolean checkPassword(String userId, String password)
Description copied from interface:IdentityServiceChecks if the password is valid for the given user. Arguments userId and password are nullsafe.- Specified by:
checkPasswordin interfaceIdentityService
-
checkPasswordAgainstPolicy
public PasswordPolicyResult checkPasswordAgainstPolicy(String candidatePassword, User user)
Description copied from interface:IdentityServiceCheck a given password against the configuredPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
candidatePassword- which is checked against a password policyuser- to be taken into account when checking the candidate password- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
public PasswordPolicyResult checkPasswordAgainstPolicy(String password)
Description copied from interface:IdentityServiceCheck a given password against the configuredPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
password- the password that should be tested- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
public PasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user)
Description copied from interface:IdentityServiceCheck a given password against a givenPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
policy- thePasswordPolicyagainst which the password is testedcandidatePassword- which is checked against a password policyuser- to be taken into account when checking the candidate password- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
public PasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy, String password)
Description copied from interface:IdentityServiceCheck a given password against a givenPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
policy- thePasswordPolicyagainst which the password is testedpassword- the password that should be tested- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
getPasswordPolicy
public PasswordPolicy getPasswordPolicy()
Description copied from interface:IdentityServiceReturns thePasswordPolicythat is currently configured in the engine.- Specified by:
getPasswordPolicyin interfaceIdentityService- Returns:
- the current
PasswordPolicyornullif no policy is set or the configured policy is disabled.
-
unlockUser
public void unlockUser(String userId)
- Specified by:
unlockUserin interfaceIdentityService
-
deleteUser
public void deleteUser(String userId)
- Specified by:
deleteUserin interfaceIdentityService- Parameters:
userId- id of user to delete, cannot be null. When an id is passed for an unexisting user, this operation is ignored.
-
deleteTenant
public void deleteTenant(String tenantId)
Description copied from interface:IdentityServiceDeletes the tenant. When no tenant exists with the given id, this operation is ignored.- Specified by:
deleteTenantin interfaceIdentityService- Parameters:
tenantId- id of the tenant that should be deleted, cannot benull.
-
setUserPicture
public void setUserPicture(String userId, Picture picture)
Description copied from interface:IdentityServiceSets the picture for a given user.- Specified by:
setUserPicturein interfaceIdentityServicepicture- can be null to delete the picture.
-
getUserPicture
public Picture getUserPicture(String userId)
Description copied from interface:IdentityServiceRetrieves the picture for a given user.- Specified by:
getUserPicturein interfaceIdentityService
-
deleteUserPicture
public void deleteUserPicture(String userId)
Description copied from interface:IdentityServiceDeletes the picture for a given user. If the user does not have a picture or if the user doesn't exists the call is ignored.- Specified by:
deleteUserPicturein interfaceIdentityService
-
setAuthenticatedUserId
public void setAuthenticatedUserId(String authenticatedUserId)
Description copied from interface:IdentityServicePasses the authenticated user id for this thread. All service method (from any service) invocations done by the same thread will have access to this authenticatedUserId. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticatedUserIdin interfaceIdentityService- Parameters:
authenticatedUserId- the id of the current user.
-
setAuthentication
public void setAuthentication(Authentication auth)
- Specified by:
setAuthenticationin interfaceIdentityService
-
setAuthentication
public void setAuthentication(String userId, List<String> groups)
Description copied from interface:IdentityServicePasses the authenticated user id and groupIds for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticationin interfaceIdentityServicegroups- the groups of the current user.
-
setAuthentication
public void setAuthentication(String userId, List<String> groups, List<String> tenantIds)
Description copied from interface:IdentityServicePasses the authenticated user id, group ids and tenant ids for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticationin interfaceIdentityService- Parameters:
userId- the id of the current user.groups- the groups of the current user.tenantIds- the tenants of the current user.
-
clearAuthentication
public void clearAuthentication()
Description copied from interface:IdentityServiceAllows clearing the current authentication. Does not throw exception if no authentication exists.- Specified by:
clearAuthenticationin interfaceIdentityService
-
getCurrentAuthentication
public Authentication getCurrentAuthentication()
- Specified by:
getCurrentAuthenticationin interfaceIdentityService- Returns:
- the current authentication for this process engine.
-
getUserInfo
public String getUserInfo(String userId, String key)
Description copied from interface:IdentityServiceGeneric extensibility key-value pairs associated with a user- Specified by:
getUserInfoin interfaceIdentityService
-
getUserInfoKeys
public List<String> getUserInfoKeys(String userId)
Description copied from interface:IdentityServiceGeneric extensibility keys associated with a user- Specified by:
getUserInfoKeysin interfaceIdentityService
-
getUserAccountNames
public List<String> getUserAccountNames(String userId)
Description copied from interface:IdentityServiceGet account names associated with the given user- Specified by:
getUserAccountNamesin interfaceIdentityService
-
setUserInfo
public void setUserInfo(String userId, String key, String value)
Description copied from interface:IdentityServiceGeneric extensibility key-value pairs associated with a user- Specified by:
setUserInfoin interfaceIdentityService
-
deleteUserInfo
public void deleteUserInfo(String userId, String key)
Description copied from interface:IdentityServiceDelete an entry of the generic extensibility key-value pairs associated with a user- Specified by:
deleteUserInfoin interfaceIdentityService
-
deleteUserAccount
public void deleteUserAccount(String userId, String accountName)
Description copied from interface:IdentityServiceDelete an entry of the generic extensibility key-value pairs associated with a user- Specified by:
deleteUserAccountin interfaceIdentityService
-
getUserAccount
public Account getUserAccount(String userId, String userPassword, String accountName)
Description copied from interface:IdentityServiceGet account information associated with a user- Specified by:
getUserAccountin interfaceIdentityService
-
setUserAccount
public void setUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String,String> accountDetails)
Description copied from interface:IdentityServiceStore account information for a remote system- Specified by:
setUserAccountin interfaceIdentityService
-
createTenantUserMembership
public void createTenantUserMembership(String tenantId, String userId)
Description copied from interface:IdentityServiceCreates a new membership between the given user and tenant.- Specified by:
createTenantUserMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.userId- the id of the user, cannot be null.
-
createTenantGroupMembership
public void createTenantGroupMembership(String tenantId, String groupId)
Description copied from interface:IdentityServiceCreates a new membership between the given group and tenant.- Specified by:
createTenantGroupMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.groupId- the id of the group, cannot be null.
-
deleteTenantUserMembership
public void deleteTenantUserMembership(String tenantId, String userId)
Description copied from interface:IdentityServiceDeletes the membership between the given user and tenant. The operation is ignored when the given user, tenant or membership don't exist.- Specified by:
deleteTenantUserMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.userId- the id of the user, cannot be null.
-
deleteTenantGroupMembership
public void deleteTenantGroupMembership(String tenantId, String groupId)
Description copied from interface:IdentityServiceDeletes the membership between the given group and tenant. The operation is ignored when the given group, tenant or membership don't exist.- Specified by:
deleteTenantGroupMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.groupId- the id of the group, cannot be null.
-
-