Class DbIdentityServiceProvider
- All Implemented Interfaces:
ReadOnlyIdentityProvider
,WritableIdentityProvider
,Session
- Direct Known Subclasses:
OAuth2IdentityProvider
WritableIdentityProvider
implementation backed by a
database. This implementation is used for the built-in user management.
- Author:
- Daniel Meyer
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
checkPassword
(String userId, String password) protected void
createDefaultAuthorizations
(Group group) protected void
createDefaultAuthorizations
(Tenant tenant) protected void
createDefaultAuthorizations
(UserEntity userEntity) protected void
createDefaultMembershipAuthorizations
(String userId, String groupId) protected void
createDefaultTenantMembershipAuthorizations
(Tenant tenant, Group group) protected void
createDefaultTenantMembershipAuthorizations
(Tenant tenant, User user) createMembership
(String userId, String groupId) Creates a membership relation between a user and a group.createNewGroup
(String groupId) Returns a new (transient)Group
object.createNewTenant
(String tenantId) Returns a new (transient)Tenant
object.createNewUser
(String userId) Returns a new (transient)User
object.createTenantGroupMembership
(String tenantId, String groupId) Creates a membership relation between a tenant and a group.createTenantUserMembership
(String tenantId, String userId) Creates a membership relation between a tenant and a user.deleteGroup
(String groupId) Allows deleting a persistentGroup
object.deleteMembership
(String userId, String groupId) Deletes a membership relation between a user and a group.protected void
deleteMembershipsByGroupId
(String groupId) protected void
deleteMembershipsByUserId
(String userId) deleteTenant
(String tenantId) Allows deleting a persistentTenant
object.deleteTenantGroupMembership
(String tenantId, String groupId) Deletes a membership relation between a tenant and a group.protected void
deleteTenantMembershipsOfGroup
(String groupId) protected void
protected void
deleteTenantMembershipsOfUser
(String userId) deleteTenantUserMembership
(String tenantId, String userId) Deletes a membership relation between a tenant and a user.deleteUser
(String userId) Allows deleting a persistentUser
object.protected boolean
isUserLocked
(UserEntity user) protected void
lockUser
(UserEntity user) Allows saving aGroup
object which is not yet persistent.saveTenant
(Tenant tenant) Allows saving aTenant
object which is not yet persistent.Allows saving or updates aUser
objectunlockUser
(String userId) Allows unlocking aUser
object.protected IdentityOperationResult
unlockUser
(UserEntity user) Methods inherited from class org.camunda.bpm.engine.impl.identity.db.DbReadOnlyIdentityServiceProvider
checkAuthorization, configureQuery, createGroupQuery, createGroupQuery, createNativeUserQuery, createTenantQuery, createTenantQuery, createUserQuery, createUserQuery, existsMembership, existsTenantMembership, findGroupById, findGroupByQueryCriteria, findGroupCountByQueryCriteria, findTenantById, findTenantByQueryCriteria, findTenantCountByQueryCriteria, findUserById, findUserByNativeQuery, findUserByQueryCriteria, findUserCountByNativeQuery, findUserCountByQueryCriteria, matchPassword
Methods inherited from class org.camunda.bpm.engine.impl.persistence.AbstractManager
close, delete, deleteAuthorizations, deleteAuthorizationsForGroup, deleteAuthorizationsForUser, deleteDefaultAuthorizations, flush, getAttachmentManager, getAuthorizationManager, getBatchManager, getByteArrayManager, getCamundaFormDefinitionManager, getCaseDefinitionManager, getCaseExecutionManager, getCaseInstanceManager, getCommandContext, getCurrentAuthentication, getDbEntityManager, getDbSqlSession, getDecisionDefinitionManager, getDecisionRequirementsDefinitionManager, getDeploymentManager, getEventSubscriptionManager, getHistoricActivityInstanceManager, getHistoricBatchManager, getHistoricCaseActivityInstanceManager, getHistoricCaseInstanceManager, getHistoricDecisionInstanceManager, getHistoricDetailManager, getHistoricExternalTaskLogManager, getHistoricIdentityLinkManager, getHistoricIncidentManager, getHistoricJobLogManager, getHistoricProcessInstanceManager, getHistoricReportManager, getHistoricTaskInstanceManager, getHistoricVariableInstanceManager, getIdentityInfoManager, getIdentityLinkManager, getJobDefinitionManager, getJobManager, getProcessDefinitionManager, getProcessInstanceManager, getResourceAuthorizationProvider, getResourceManager, getSession, getTaskManager, getTaskReportManager, getTenantManager, getUserOperationLogManager, getVariableInstanceManager, insert, isAuthorizationEnabled, saveDefaultAuthorizations
-
Field Details
-
LOG
-
-
Constructor Details
-
DbIdentityServiceProvider
public DbIdentityServiceProvider()
-
-
Method Details
-
createNewUser
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
User
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveUser(User)
method.NOTE: the implementation does not validate the uniqueness of the userId parameter at this time.
- Specified by:
createNewUser
in interfaceWritableIdentityProvider
- Returns:
- an non-persistent user object.
-
saveUser
Description copied from interface:WritableIdentityProvider
Allows saving or updates aUser
object- Specified by:
saveUser
in interfaceWritableIdentityProvider
- Parameters:
user
- a User object.- Returns:
- the operation result object.
-
deleteUser
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentUser
object.- Specified by:
deleteUser
in interfaceWritableIdentityProvider
- Returns:
- the operation result object.
-
checkPassword
- Specified by:
checkPassword
in interfaceReadOnlyIdentityProvider
- Overrides:
checkPassword
in classDbReadOnlyIdentityServiceProvider
- Returns:
- 'true' if the password matches the
-
isUserLocked
-
lockUser
-
unlockUser
Description copied from interface:WritableIdentityProvider
Allows unlocking aUser
object.- Specified by:
unlockUser
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the User object to delete.- Returns:
- the operation result object.
-
unlockUser
-
createNewGroup
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
Group
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveGroup(Group)
method.NOTE: the implementation does not validate the uniqueness of the groupId parameter at this time.
- Specified by:
createNewGroup
in interfaceWritableIdentityProvider
- Returns:
- an non-persistent group object.
-
saveGroup
Description copied from interface:WritableIdentityProvider
Allows saving aGroup
object which is not yet persistent.- Specified by:
saveGroup
in interfaceWritableIdentityProvider
- Parameters:
group
- a group object.- Returns:
- the operation result object.
-
deleteGroup
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentGroup
object.- Specified by:
deleteGroup
in interfaceWritableIdentityProvider
- Parameters:
groupId
- the id of the group object to delete.- Returns:
- the operation result object.
-
createNewTenant
Description copied from interface:WritableIdentityProvider
Returns a new (transient)
Tenant
object. The Object is not yet persistent and must be saved using theWritableIdentityProvider.saveTenant(Tenant)
method.NOTE: the implementation does not validate the uniqueness of the tenantId parameter at this time.
- Specified by:
createNewTenant
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the new tenant- Returns:
- an non-persistent tenant object.
-
saveTenant
Description copied from interface:WritableIdentityProvider
Allows saving aTenant
object which is not yet persistent.- Specified by:
saveTenant
in interfaceWritableIdentityProvider
- Parameters:
tenant
- the tenant object to save.- Returns:
- the operation result object.
-
deleteTenant
Description copied from interface:WritableIdentityProvider
Allows deleting a persistentTenant
object.- Specified by:
deleteTenant
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenant object to delete.- Returns:
- the operation result object.
-
createMembership
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a user and a group. If the user is already part of that group, IdentityProviderException is thrown.- Specified by:
createMembership
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the usergroupId
- id of the group- Returns:
- the operation result object.
-
deleteMembership
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a user and a group.- Specified by:
deleteMembership
in interfaceWritableIdentityProvider
- Parameters:
userId
- the id of the usergroupId
- id of the group- Returns:
- the operation result object.
-
deleteMembershipsByUserId
-
deleteMembershipsByGroupId
-
createTenantUserMembership
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a tenant and a user.- Specified by:
createTenantUserMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantuserId
- the id of the user- Returns:
- the operation result object.
-
createTenantGroupMembership
Description copied from interface:WritableIdentityProvider
Creates a membership relation between a tenant and a group.- Specified by:
createTenantGroupMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantgroupId
- the id of the group- Returns:
- the operation result object.
-
deleteTenantUserMembership
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a tenant and a user.- Specified by:
deleteTenantUserMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantuserId
- the id of the user- Returns:
- the operation result object
-
deleteTenantGroupMembership
Description copied from interface:WritableIdentityProvider
Deletes a membership relation between a tenant and a group.- Specified by:
deleteTenantGroupMembership
in interfaceWritableIdentityProvider
- Parameters:
tenantId
- the id of the tenantgroupId
- the id of the group- Returns:
- the operation result object.
-
deleteTenantMembershipsOfUser
-
deleteTenantMembershipsOfGroup
-
deleteTenantMembershipsOfTenant
-
createDefaultAuthorizations
-
createDefaultAuthorizations
-
createDefaultAuthorizations
-
createDefaultMembershipAuthorizations
-
createDefaultTenantMembershipAuthorizations
-
createDefaultTenantMembershipAuthorizations
-