Class DbIdentityServiceProvider
- java.lang.Object
-
- org.camunda.bpm.engine.impl.persistence.AbstractManager
-
- org.camunda.bpm.engine.impl.identity.db.DbReadOnlyIdentityServiceProvider
-
- org.camunda.bpm.engine.impl.identity.db.DbIdentityServiceProvider
-
- All Implemented Interfaces:
ReadOnlyIdentityProvider
,WritableIdentityProvider
,Session
public class DbIdentityServiceProvider extends DbReadOnlyIdentityServiceProvider implements WritableIdentityProvider
WritableIdentityProvider
implementation backed by a database. This implementation is used for the built-in user management.- Author:
- Daniel Meyer
-
-
Field Summary
Fields Modifier and Type Field Description protected static IndentityLogger
LOG
-
Constructor Summary
Constructors Constructor Description DbIdentityServiceProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
checkPassword(String userId, String password)
protected void
createDefaultAuthorizations(Group group)
protected void
createDefaultAuthorizations(Tenant tenant)
protected void
createDefaultAuthorizations(UserEntity userEntity)
protected void
createDefaultMembershipAuthorizations(String userId, String groupId)
protected void
createDefaultTenantMembershipAuthorizations(Tenant tenant, Group group)
protected void
createDefaultTenantMembershipAuthorizations(Tenant tenant, User user)
IdentityOperationResult
createMembership(String userId, String groupId)
Creates a membership relation between a user and a group.GroupEntity
createNewGroup(String groupId)
Returns a new (transient)Group
object.Tenant
createNewTenant(String tenantId)
Returns a new (transient)Tenant
object.UserEntity
createNewUser(String userId)
Returns a new (transient)User
object.IdentityOperationResult
createTenantGroupMembership(String tenantId, String groupId)
Creates a membership relation between a tenant and a group.IdentityOperationResult
createTenantUserMembership(String tenantId, String userId)
Creates a membership relation between a tenant and a user.IdentityOperationResult
deleteGroup(String groupId)
Allows deleting a persistentGroup
object.IdentityOperationResult
deleteMembership(String userId, String groupId)
Deletes a membership relation between a user and a group.protected void
deleteMembershipsByGroupId(String groupId)
protected void
deleteMembershipsByUserId(String userId)
IdentityOperationResult
deleteTenant(String tenantId)
Allows deleting a persistentTenant
object.IdentityOperationResult
deleteTenantGroupMembership(String tenantId, String groupId)
Deletes a membership relation between a tenant and a group.protected void
deleteTenantMembershipsOfGroup(String groupId)
protected void
deleteTenantMembershipsOfTenant(String tenant)
protected void
deleteTenantMembershipsOfUser(String userId)
IdentityOperationResult
deleteTenantUserMembership(String tenantId, String userId)
Deletes a membership relation between a tenant and a user.IdentityOperationResult
deleteUser(String userId)
Allows deleting a persistentUser
object.protected boolean
isUserLocked(UserEntity user)
protected void
lockUser(UserEntity user)
IdentityOperationResult
saveGroup(Group group)
Allows saving aGroup
object which is not yet persistent.IdentityOperationResult
saveTenant(Tenant tenant)
Allows saving aTenant
object which is not yet persistent.IdentityOperationResult
saveUser(User user)
Allows saving or updates aUser
objectIdentityOperationResult
unlockUser(String userId)
Allows unlocking aUser
object.protected IdentityOperationResult
unlockUser(UserEntity user)
-
Methods inherited from class org.camunda.bpm.engine.impl.identity.db.DbReadOnlyIdentityServiceProvider
checkAuthorization, configureQuery, createGroupQuery, createGroupQuery, createNativeUserQuery, createTenantQuery, createTenantQuery, createUserQuery, createUserQuery, existsMembership, existsTenantMembership, findGroupById, findGroupByQueryCriteria, findGroupCountByQueryCriteria, findTenantById, findTenantByQueryCriteria, findTenantCountByQueryCriteria, findUserById, findUserByNativeQuery, findUserByQueryCriteria, findUserCountByNativeQuery, findUserCountByQueryCriteria, matchPassword
-
Methods inherited from class org.camunda.bpm.engine.impl.persistence.AbstractManager
close, delete, deleteAuthorizations, deleteAuthorizationsForGroup, deleteAuthorizationsForUser, deleteDefaultAuthorizations, flush, getAttachmentManager, getAuthorizationManager, getBatchManager, getByteArrayManager, getCamundaFormDefinitionManager, getCaseDefinitionManager, getCaseExecutionManager, getCaseInstanceManager, getCommandContext, getCurrentAuthentication, getDbEntityManager, getDbSqlSession, getDecisionDefinitionManager, getDecisionRequirementsDefinitionManager, getDeploymentManager, getEventSubscriptionManager, getHistoricActivityInstanceManager, getHistoricBatchManager, getHistoricCaseActivityInstanceManager, getHistoricCaseInstanceManager, getHistoricDecisionInstanceManager, getHistoricDetailManager, getHistoricExternalTaskLogManager, getHistoricIdentityLinkManager, getHistoricIncidentManager, getHistoricJobLogManager, getHistoricProcessInstanceManager, getHistoricReportManager, getHistoricTaskInstanceManager, getHistoricVariableInstanceManager, getIdentityInfoManager, getIdentityLinkManager, getJobDefinitionManager, getJobManager, getProcessDefinitionManager, getProcessInstanceManager, getResourceAuthorizationProvider, getResourceManager, getSession, getTaskManager, getTaskReportManager, getTenantManager, getUserOperationLogManager, getVariableInstanceManager, insert, isAuthorizationEnabled, saveDefaultAuthorizations
-
-
-
-
Field Detail
-
LOG
protected static final IndentityLogger LOG
-
-
Method Detail
-
createNewUser
public UserEntity createNewUser(String userId)
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
User
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveUser(User)
method.NOTE: the implementation does not validate the uniqueness of the userId parameter at this time.
- Specified by:
createNewUser
in interfaceWritableIdentityProvider
- Returns:
- an non-persistent user object.
-
saveUser
public IdentityOperationResult saveUser(User user)
Description copied from interface:WritableIdentityProvider
Allows saving or updates aUser
object- Specified by:
saveUser
in interfaceWritableIdentityProvider
- Parameters:
user
- a User object.- Returns:
- the operation result object.
-
deleteUser
public IdentityOperationResult deleteUser(String userId)
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentUser
object.- Specified by:
deleteUser
in interfaceWritableIdentityProvider
- Returns:
- the operation result object.
-
checkPassword
public boolean checkPassword(String userId, String password)
- Specified by:
checkPassword
in interfaceReadOnlyIdentityProvider
- Overrides:
checkPassword
in classDbReadOnlyIdentityServiceProvider
- Returns:
- 'true' if the password matches the
-
isUserLocked
protected boolean isUserLocked(UserEntity user)
-
lockUser
protected void lockUser(UserEntity user)
-
unlockUser
public IdentityOperationResult unlockUser(String userId)
Description copied from interface:WritableIdentityProvider
Allows unlocking aUser
object.- Specified by:
unlockUser
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the User object to delete.- Returns:
- the operation result object.
-
unlockUser
protected IdentityOperationResult unlockUser(UserEntity user)
-
createNewGroup
public GroupEntity createNewGroup(String groupId)
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
Group
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveGroup(Group)
method.NOTE: the implementation does not validate the uniqueness of the groupId parameter at this time.
- Specified by:
createNewGroup
in interfaceWritableIdentityProvider
- Returns:
- an non-persistent group object.
-
saveGroup
public IdentityOperationResult saveGroup(Group group)
Description copied from interface:WritableIdentityProvider
Allows saving aGroup
object which is not yet persistent.- Specified by:
saveGroup
in interfaceWritableIdentityProvider
- Parameters:
group
- a group object.- Returns:
- the operation result object.
-
deleteGroup
public IdentityOperationResult deleteGroup(String groupId)
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentGroup
object.- Specified by:
deleteGroup
in interfaceWritableIdentityProvider
- Parameters:
groupId
- the id of the group object to delete.- Returns:
- the operation result object.
-
createNewTenant
public Tenant createNewTenant(String tenantId)
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
Tenant
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveTenant(Tenant)
method.NOTE: the implementation does not validate the uniqueness of the tenantId parameter at this time.
- Specified by:
createNewTenant
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the new tenant- Returns:
- an non-persistent tenant object.
-
saveTenant
public IdentityOperationResult saveTenant(Tenant tenant)
Description copied from interface:WritableIdentityProvider
Allows saving aTenant
object which is not yet persistent.- Specified by:
saveTenant
in interfaceWritableIdentityProvider
- Parameters:
tenant
- the tenant object to save.- Returns:
- the operation result object.
-
deleteTenant
public IdentityOperationResult deleteTenant(String tenantId)
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentTenant
object.- Specified by:
deleteTenant
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenant object to delete.- Returns:
- the operation result object.
-
createMembership
public IdentityOperationResult createMembership(String userId, String groupId)
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a user and a group. If the user is already part of that group, IdentityProviderException is thrown.- Specified by:
createMembership
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the usergroupId
- id of the group- Returns:
- the operation result object.
-
deleteMembership
public IdentityOperationResult deleteMembership(String userId, String groupId)
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a user and a group.- Specified by:
deleteMembership
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the usergroupId
- id of the group- Returns:
- the operation result object.
-
deleteMembershipsByUserId
protected void deleteMembershipsByUserId(String userId)
-
deleteMembershipsByGroupId
protected void deleteMembershipsByGroupId(String groupId)
-
createTenantUserMembership
public IdentityOperationResult createTenantUserMembership(String tenantId, String userId)
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a tenant and a user.- Specified by:
createTenantUserMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantuserId
- the id of the user- Returns:
- the operation result object.
-
createTenantGroupMembership
public IdentityOperationResult createTenantGroupMembership(String tenantId, String groupId)
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a tenant and a group.- Specified by:
createTenantGroupMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantgroupId
- the id of the group- Returns:
- the operation result object.
-
deleteTenantUserMembership
public IdentityOperationResult deleteTenantUserMembership(String tenantId, String userId)
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a tenant and a user.- Specified by:
deleteTenantUserMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantuserId
- the id of the user- Returns:
- the operation result object
-
deleteTenantGroupMembership
public IdentityOperationResult deleteTenantGroupMembership(String tenantId, String groupId)
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a tenant and a group.- Specified by:
deleteTenantGroupMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantgroupId
- the id of the group- Returns:
- the operation result object.
-
deleteTenantMembershipsOfUser
protected void deleteTenantMembershipsOfUser(String userId)
-
deleteTenantMembershipsOfGroup
protected void deleteTenantMembershipsOfGroup(String groupId)
-
deleteTenantMembershipsOfTenant
protected void deleteTenantMembershipsOfTenant(String tenant)
-
createDefaultAuthorizations
protected void createDefaultAuthorizations(UserEntity userEntity)
-
createDefaultAuthorizations
protected void createDefaultAuthorizations(Group group)
-
createDefaultAuthorizations
protected void createDefaultAuthorizations(Tenant tenant)
-
createDefaultMembershipAuthorizations
protected void createDefaultMembershipAuthorizations(String userId, String groupId)
-
createDefaultTenantMembershipAuthorizations
protected void createDefaultTenantMembershipAuthorizations(Tenant tenant, User user)
-
-