Package org.camunda.bpm.engine.impl
Class IdentityServiceImpl
java.lang.Object
org.camunda.bpm.engine.impl.ServiceImpl
org.camunda.bpm.engine.impl.IdentityServiceImpl
- All Implemented Interfaces:
IdentityService
- Author:
- Tom Baeyens
-
Field Summary
Fields inherited from class org.camunda.bpm.engine.impl.ServiceImpl
commandExecutor -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleancheckPassword(String userId, String password) Checks if the password is valid for the given user.checkPasswordAgainstPolicy(String password) Check a given password against the configuredPasswordPolicy.checkPasswordAgainstPolicy(String candidatePassword, User user) Check a given password against the configuredPasswordPolicy.checkPasswordAgainstPolicy(PasswordPolicy policy, String password) Check a given password against a givenPasswordPolicy.checkPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user) Check a given password against a givenPasswordPolicy.voidAllows clearing the current authentication.Creates aGroupQuerythats allows to programmatically query the groups.voidcreateMembership(String userId, String groupId) Creates aNativeUserQuerythat allows to select users with native queries.voidcreateTenantGroupMembership(String tenantId, String groupId) Creates a new membership between the given group and tenant.Creates aTenantQuerythats allows to programmatically query the tenants.voidcreateTenantUserMembership(String tenantId, String userId) Creates a new membership between the given user and tenant.Creates aUserQuerythat allows to programmatically query the users.voiddeleteGroup(String groupId) Deletes the group.voiddeleteMembership(String userId, String groupId) Delete the membership of the user in the group.voiddeleteTenant(String tenantId) Deletes the tenant.voiddeleteTenantGroupMembership(String tenantId, String groupId) Deletes the membership between the given group and tenant.voiddeleteTenantUserMembership(String tenantId, String userId) Deletes the membership between the given user and tenant.voiddeleteUser(String userId) voiddeleteUserAccount(String userId, String accountName) Delete an entry of the generic extensibility key-value pairs associated with a uservoiddeleteUserInfo(String userId, String key) Delete an entry of the generic extensibility key-value pairs associated with a uservoiddeleteUserPicture(String userId) Deletes the picture for a given user.Returns thePasswordPolicythat is currently configured in the engine.getUserAccount(String userId, String userPassword, String accountName) Get account information associated with a usergetUserAccountNames(String userId) Get account names associated with the given usergetUserInfo(String userId, String key) Generic extensibility key-value pairs associated with a usergetUserInfoKeys(String userId) Generic extensibility keys associated with a usergetUserPicture(String userId) Retrieves the picture for a given user.booleanAllows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.Creates a new group.Creates a new tenant.Creates a new user.voidSaves the group.voidsaveTenant(Tenant tenant) Saves the tenant.voidSaves the user.voidvoidsetAuthenticatedUserId(String authenticatedUserId) Passes the authenticated user id for this thread.voidsetAuthentication(String userId, List<String> groups) Passes the authenticated user id and groupIds for this thread.voidPasses the authenticated user id, group ids and tenant ids for this thread.voidvoidsetUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String, String> accountDetails) Store account information for a remote systemvoidsetUserInfo(String userId, String key, String value) Generic extensibility key-value pairs associated with a uservoidsetUserPicture(String userId, Picture picture) Sets the picture for a given user.voidunlockUser(String userId) Methods inherited from class org.camunda.bpm.engine.impl.ServiceImpl
getCommandExecutor, setCommandExecutor
-
Constructor Details
-
IdentityServiceImpl
public IdentityServiceImpl()
-
-
Method Details
-
isReadOnly
public boolean isReadOnly()Description copied from interface:IdentityServiceAllows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.
Read only identity service implementations do not support the following methods:-
IdentityService.newUser(String) -
IdentityService.saveUser(User) -
IdentityService.deleteUser(String) -
IdentityService.newGroup(String) -
IdentityService.saveGroup(Group) -
IdentityService.deleteGroup(String) -
IdentityService.newTenant(String) -
IdentityService.saveTenant(Tenant) -
IdentityService.deleteTenant(String) -
IdentityService.createMembership(String, String) -
IdentityService.deleteMembership(String, String) -
IdentityService.createTenantUserMembership(String, String) -
IdentityService.createTenantGroupMembership(String, String) -
IdentityService.deleteTenantUserMembership(String, String) -
IdentityService.deleteTenantGroupMembership(String, String)
If these methods are invoked on a read-only identity service implementation, the invocation will throw an
UnsupportedOperationException.- Specified by:
isReadOnlyin interfaceIdentityService- Returns:
- true if this identity service implementation provides read-only access to the user repository, false otherwise.
-
-
newGroup
Description copied from interface:IdentityServiceCreates a new group. The group is transient and must be saved usingIdentityService.saveGroup(Group).- Specified by:
newGroupin interfaceIdentityService- Parameters:
groupId- id for the new group, cannot be null.
-
newUser
Description copied from interface:IdentityServiceCreates a new user. The user is transient and must be saved usingIdentityService.saveUser(User).- Specified by:
newUserin interfaceIdentityService- Parameters:
userId- id for the new user, cannot be null.
-
newTenant
Description copied from interface:IdentityServiceCreates a new tenant. The tenant is transient and must be saved usingIdentityService.saveTenant(Tenant).- Specified by:
newTenantin interfaceIdentityService- Parameters:
tenantId- id for the new tenant, cannot benull.
-
saveGroup
Description copied from interface:IdentityServiceSaves the group. If the group already existed, the group is updated.- Specified by:
saveGroupin interfaceIdentityService- Parameters:
group- group to save. Cannot be null.
-
saveUser
Description copied from interface:IdentityServiceSaves the user. If the user already existed, the user is updated.- Specified by:
saveUserin interfaceIdentityService- Parameters:
user- user to save, cannot be null.
-
saveUser
-
saveTenant
Description copied from interface:IdentityServiceSaves the tenant. If the tenant already existed, it is updated.- Specified by:
saveTenantin interfaceIdentityService- Parameters:
tenant- the tenant to save. Cannot benull.
-
createUserQuery
Description copied from interface:IdentityServiceCreates aUserQuerythat allows to programmatically query the users.- Specified by:
createUserQueryin interfaceIdentityService
-
createNativeUserQuery
Description copied from interface:IdentityServiceCreates aNativeUserQuerythat allows to select users with native queries.- Specified by:
createNativeUserQueryin interfaceIdentityService- Returns:
- NativeUserQuery
-
createGroupQuery
Description copied from interface:IdentityServiceCreates aGroupQuerythats allows to programmatically query the groups.- Specified by:
createGroupQueryin interfaceIdentityService
-
createTenantQuery
Description copied from interface:IdentityServiceCreates aTenantQuerythats allows to programmatically query the tenants.- Specified by:
createTenantQueryin interfaceIdentityService
-
createMembership
- Specified by:
createMembershipin interfaceIdentityService- Parameters:
userId- the userId, cannot be null.groupId- the groupId, cannot be null.
-
deleteGroup
Description copied from interface:IdentityServiceDeletes the group. When no group exists with the given id, this operation is ignored.- Specified by:
deleteGroupin interfaceIdentityService- Parameters:
groupId- id of the group that should be deleted, cannot be null.
-
deleteMembership
Description copied from interface:IdentityServiceDelete the membership of the user in the group. When the group or user don't exist or when the user is not a member of the group, this operation is ignored.- Specified by:
deleteMembershipin interfaceIdentityService- Parameters:
userId- the user's id, cannot be null.groupId- the group's id, cannot be null.
-
checkPassword
Description copied from interface:IdentityServiceChecks if the password is valid for the given user. Arguments userId and password are nullsafe.- Specified by:
checkPasswordin interfaceIdentityService
-
checkPasswordAgainstPolicy
Description copied from interface:IdentityServiceCheck a given password against the configuredPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
candidatePassword- which is checked against a password policyuser- to be taken into account when checking the candidate password- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
Description copied from interface:IdentityServiceCheck a given password against the configuredPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
password- the password that should be tested- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
public PasswordPolicyResult checkPasswordAgainstPolicy(PasswordPolicy policy, String candidatePassword, User user) Description copied from interface:IdentityServiceCheck a given password against a givenPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
policy- thePasswordPolicyagainst which the password is testedcandidatePassword- which is checked against a password policyuser- to be taken into account when checking the candidate password- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
checkPasswordAgainstPolicy
Description copied from interface:IdentityServiceCheck a given password against a givenPasswordPolicy. The result is returned asPasswordPolicyResultwhich contains all passed and violated rules as well as a flag indicating if the password is valid.- Specified by:
checkPasswordAgainstPolicyin interfaceIdentityService- Parameters:
policy- thePasswordPolicyagainst which the password is testedpassword- the password that should be tested- Returns:
- a
PasswordPolicyResultcontaining passed and failed rules
-
getPasswordPolicy
Description copied from interface:IdentityServiceReturns thePasswordPolicythat is currently configured in the engine.- Specified by:
getPasswordPolicyin interfaceIdentityService- Returns:
- the current
PasswordPolicyornullif no policy is set or the configured policy is disabled.
-
unlockUser
- Specified by:
unlockUserin interfaceIdentityService
-
deleteUser
- Specified by:
deleteUserin interfaceIdentityService- Parameters:
userId- id of user to delete, cannot be null. When an id is passed for an unexisting user, this operation is ignored.
-
deleteTenant
Description copied from interface:IdentityServiceDeletes the tenant. When no tenant exists with the given id, this operation is ignored.- Specified by:
deleteTenantin interfaceIdentityService- Parameters:
tenantId- id of the tenant that should be deleted, cannot benull.
-
setUserPicture
Description copied from interface:IdentityServiceSets the picture for a given user.- Specified by:
setUserPicturein interfaceIdentityServicepicture- can be null to delete the picture.
-
getUserPicture
Description copied from interface:IdentityServiceRetrieves the picture for a given user.- Specified by:
getUserPicturein interfaceIdentityService
-
deleteUserPicture
Description copied from interface:IdentityServiceDeletes the picture for a given user. If the user does not have a picture or if the user doesn't exists the call is ignored.- Specified by:
deleteUserPicturein interfaceIdentityService
-
setAuthenticatedUserId
Description copied from interface:IdentityServicePasses the authenticated user id for this thread. All service method (from any service) invocations done by the same thread will have access to this authenticatedUserId. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticatedUserIdin interfaceIdentityService- Parameters:
authenticatedUserId- the id of the current user.
-
setAuthentication
- Specified by:
setAuthenticationin interfaceIdentityService
-
setAuthentication
Description copied from interface:IdentityServicePasses the authenticated user id and groupIds for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticationin interfaceIdentityServicegroups- the groups of the current user.
-
setAuthentication
Description copied from interface:IdentityServicePasses the authenticated user id, group ids and tenant ids for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call toIdentityService.clearAuthentication()once the interaction is terminated.- Specified by:
setAuthenticationin interfaceIdentityService- Parameters:
userId- the id of the current user.groups- the groups of the current user.tenantIds- the tenants of the current user.
-
clearAuthentication
public void clearAuthentication()Description copied from interface:IdentityServiceAllows clearing the current authentication. Does not throw exception if no authentication exists.- Specified by:
clearAuthenticationin interfaceIdentityService
-
getCurrentAuthentication
- Specified by:
getCurrentAuthenticationin interfaceIdentityService- Returns:
- the current authentication for this process engine.
-
getUserInfo
Description copied from interface:IdentityServiceGeneric extensibility key-value pairs associated with a user- Specified by:
getUserInfoin interfaceIdentityService
-
getUserInfoKeys
Description copied from interface:IdentityServiceGeneric extensibility keys associated with a user- Specified by:
getUserInfoKeysin interfaceIdentityService
-
getUserAccountNames
Description copied from interface:IdentityServiceGet account names associated with the given user- Specified by:
getUserAccountNamesin interfaceIdentityService
-
setUserInfo
Description copied from interface:IdentityServiceGeneric extensibility key-value pairs associated with a user- Specified by:
setUserInfoin interfaceIdentityService
-
deleteUserInfo
Description copied from interface:IdentityServiceDelete an entry of the generic extensibility key-value pairs associated with a user- Specified by:
deleteUserInfoin interfaceIdentityService
-
deleteUserAccount
Description copied from interface:IdentityServiceDelete an entry of the generic extensibility key-value pairs associated with a user- Specified by:
deleteUserAccountin interfaceIdentityService
-
getUserAccount
Description copied from interface:IdentityServiceGet account information associated with a user- Specified by:
getUserAccountin interfaceIdentityService
-
setUserAccount
public void setUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String, String> accountDetails) Description copied from interface:IdentityServiceStore account information for a remote system- Specified by:
setUserAccountin interfaceIdentityService
-
createTenantUserMembership
Description copied from interface:IdentityServiceCreates a new membership between the given user and tenant.- Specified by:
createTenantUserMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.userId- the id of the user, cannot be null.
-
createTenantGroupMembership
Description copied from interface:IdentityServiceCreates a new membership between the given group and tenant.- Specified by:
createTenantGroupMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.groupId- the id of the group, cannot be null.
-
deleteTenantUserMembership
Description copied from interface:IdentityServiceDeletes the membership between the given user and tenant. The operation is ignored when the given user, tenant or membership don't exist.- Specified by:
deleteTenantUserMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.userId- the id of the user, cannot be null.
-
deleteTenantGroupMembership
Description copied from interface:IdentityServiceDeletes the membership between the given group and tenant. The operation is ignored when the given group, tenant or membership don't exist.- Specified by:
deleteTenantGroupMembershipin interfaceIdentityService- Parameters:
tenantId- the id of the tenant, cannot be null.groupId- the id of the group, cannot be null.
-