Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.camunda.bpm.engine
Interface IdentityService

All Known Implementing Classes:
IdentityServiceImpl
public interface IdentityService

Service to manage Users and Groups.

Author:
Tom Baeyens, Daniel Meyer

Method Summary
 boolean checkPassword(String userId, String password)
          Checks if the password is valid for the given user.
 void clearAuthentication()
          Allows clearing the current authentication.
 GroupQuery createGroupQuery()
          Creates a GroupQuery thats allows to programmatically query the groups.
 void createMembership(String userId, String groupId)
           
 NativeUserQuery createNativeUserQuery()
          Creates a NativeUserQuery that allows to select users with native queries.
 void createTenantGroupMembership(String tenantId, String groupId)
          Creates a new membership between the given group and tenant.
 TenantQuery createTenantQuery()
          Creates a TenantQuery thats allows to programmatically query the tenants.
 void createTenantUserMembership(String tenantId, String userId)
          Creates a new membership between the given user and tenant.
 UserQuery createUserQuery()
          Creates a UserQuery that allows to programmatically query the users.
 void deleteGroup(String groupId)
          Deletes the group.
 void deleteMembership(String userId, String groupId)
          Delete the membership of the user in the group.
 void deleteTenant(String tenantId)
          Deletes the tenant.
 void deleteTenantGroupMembership(String tenantId, String groupId)
          Deletes the membership between the given group and tenant.
 void deleteTenantUserMembership(String tenantId, String userId)
          Deletes the membership between the given user and tenant.
 void deleteUser(String userId)
           
 void deleteUserAccount(String userId, String accountName)
          Deprecated. 
 void deleteUserInfo(String userId, String key)
          Delete an entry of the generic extensibility key-value pairs associated with a user
 void deleteUserPicture(String userId)
          Deletes the picture for a given user.
 Authentication getCurrentAuthentication()
           
 Account getUserAccount(String userId, String userPassword, String accountName)
          Deprecated. 
 List<String> getUserAccountNames(String userId)
          Deprecated. 
 String getUserInfo(String userId, String key)
          Generic extensibility key-value pairs associated with a user
 List<String> getUserInfoKeys(String userId)
          Generic extensibility keys associated with a user
 Picture getUserPicture(String userId)
          Retrieves the picture for a given user.
 boolean isReadOnly()
          Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.
 Group newGroup(String groupId)
          Creates a new group.
 Tenant newTenant(String tenantId)
          Creates a new tenant.
 User newUser(String userId)
          Creates a new user.
 void saveGroup(Group group)
          Saves the group.
 void saveTenant(Tenant tenant)
          Saves the tenant.
 void saveUser(User user)
          Saves the user.
 void setAuthenticatedUserId(String authenticatedUserId)
          Passes the authenticated user id for this thread.
 void setAuthentication(Authentication currentAuthentication)
           
 void setAuthentication(String userId, List<String> groups)
          Passes the authenticated user id and groupIds for this thread.
 void setAuthentication(String userId, List<String> groups, List<String> tenantIds)
          Passes the authenticated user id, group ids and tenant ids for this thread.
 void setUserAccount(String userId, String userPassword, String accountName, String accountUsername, String accountPassword, Map<String,String> accountDetails)
          Deprecated. 
 void setUserInfo(String userId, String key, String value)
          Generic extensibility key-value pairs associated with a user
 void setUserPicture(String userId, Picture picture)
          Sets the picture for a given user.
 

Method Detail

isReadOnly

boolean isReadOnly()

Allows to inquire whether this identity service implementation provides read-only access to the user repository, false otherwise.

Read only identity service implementations do not support the following methods:

If these methods are invoked on a read-only identity service implementation, the invocation will throw an UnsupportedOperationException.

Returns:
true if this identity service implementation provides read-only access to the user repository, false otherwise.

newUser

User newUser(String userId)
Creates a new user. The user is transient and must be saved using saveUser(User).

Parameters:
userId - id for the new user, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.USER.

saveUser

void saveUser(User user)
Saves the user. If the user already existed, the user is updated.

Parameters:
user - user to save, cannot be null.
Throws:
RuntimeException - when a user with the same name already exists.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.UPDATE permissions on Resources.USER (update existing user) or if user has no Permissions.CREATE permissions on Resources.USER (save new user).

createUserQuery

UserQuery createUserQuery()
Creates a UserQuery that allows to programmatically query the users.

deleteUser

void deleteUser(String userId)
Parameters:
userId - id of user to delete, cannot be null. When an id is passed for an unexisting user, this operation is ignored.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.USER.

newGroup

Group newGroup(String groupId)
Creates a new group. The group is transient and must be saved using saveGroup(Group).

Parameters:
groupId - id for the new group, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.GROUP.

createNativeUserQuery

NativeUserQuery createNativeUserQuery()
Creates a NativeUserQuery that allows to select users with native queries.

Returns:
NativeUserQuery

createGroupQuery

GroupQuery createGroupQuery()
Creates a GroupQuery thats allows to programmatically query the groups.

saveGroup

void saveGroup(Group group)
Saves the group. If the group already existed, the group is updated.

Parameters:
group - group to save. Cannot be null.
Throws:
RuntimeException - when a group with the same name already exists.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.UPDATE permissions on Resources.GROUP (update existing group) or if user has no Permissions.CREATE permissions on Resources.GROUP (save new group).

deleteGroup

void deleteGroup(String groupId)
Deletes the group. When no group exists with the given id, this operation is ignored.

Parameters:
groupId - id of the group that should be deleted, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.GROUP.

createMembership

void createMembership(String userId,
                      String groupId)
Parameters:
userId - the userId, cannot be null.
groupId - the groupId, cannot be null.
Throws:
RuntimeException - when the given user or group doesn't exist or when the user is already member of the group.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.GROUP_MEMBERSHIP.

deleteMembership

void deleteMembership(String userId,
                      String groupId)
Delete the membership of the user in the group. When the group or user don't exist or when the user is not a member of the group, this operation is ignored.

Parameters:
userId - the user's id, cannot be null.
groupId - the group's id, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.GROUP_MEMBERSHIP.

newTenant

Tenant newTenant(String tenantId)
Creates a new tenant. The tenant is transient and must be saved using saveTenant(Tenant).

Parameters:
tenantId - id for the new tenant, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.TENANT.

createTenantQuery

TenantQuery createTenantQuery()
Creates a TenantQuery thats allows to programmatically query the tenants.

saveTenant

void saveTenant(Tenant tenant)
Saves the tenant. If the tenant already existed, it is updated.

Parameters:
tenant - the tenant to save. Cannot be null.
Throws:
RuntimeException - when a tenant with the same name already exists.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.UPDATE permissions on Resources.TENANT (update existing tenant) or if user has no Permissions.CREATE permissions on Resources.TENANT (save new tenant).

deleteTenant

void deleteTenant(String tenantId)
Deletes the tenant. When no tenant exists with the given id, this operation is ignored.

Parameters:
tenantId - id of the tenant that should be deleted, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.TENANT.

createTenantUserMembership

void createTenantUserMembership(String tenantId,
                                String userId)
Creates a new membership between the given user and tenant.

Parameters:
tenantId - the id of the tenant, cannot be null.
userId - the id of the user, cannot be null.
Throws:
RuntimeException - when the given tenant or user doesn't exist or the user is already a member of this tenant.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.TENANT_MEMBERSHIP.

createTenantGroupMembership

void createTenantGroupMembership(String tenantId,
                                 String groupId)
Creates a new membership between the given group and tenant.

Parameters:
tenantId - the id of the tenant, cannot be null.
groupId - the id of the group, cannot be null.
Throws:
RuntimeException - when the given tenant or group doesn't exist or when the group is already a member of this tenant.
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.CREATE permissions on Resources.TENANT_MEMBERSHIP.

deleteTenantUserMembership

void deleteTenantUserMembership(String tenantId,
                                String userId)
Deletes the membership between the given user and tenant. The operation is ignored when the given user, tenant or membership don't exist.

Parameters:
tenantId - the id of the tenant, cannot be null.
userId - the id of the user, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.TENANT_MEMBERSHIP.

deleteTenantGroupMembership

void deleteTenantGroupMembership(String tenantId,
                                 String groupId)
Deletes the membership between the given group and tenant. The operation is ignored when the given group, tenant or membership don't exist.

Parameters:
tenantId - the id of the tenant, cannot be null.
groupId - the id of the group, cannot be null.
Throws:
UnsupportedOperationException - if identity service implementation is read only. See isReadOnly()
AuthorizationException - if the user has no Permissions.DELETE permissions on Resources.TENANT_MEMBERSHIP.

checkPassword

boolean checkPassword(String userId,
                      String password)
Checks if the password is valid for the given user. Arguments userId and password are nullsafe.

setAuthenticatedUserId

void setAuthenticatedUserId(String authenticatedUserId)
Passes the authenticated user id for this thread. All service method (from any service) invocations done by the same thread will have access to this authenticatedUserId. Should be followed by a call to clearAuthentication() once the interaction is terminated.

Parameters:
authenticatedUserId - the id of the current user.

setAuthentication

void setAuthentication(String userId,
                       List<String> groups)
Passes the authenticated user id and groupIds for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call to clearAuthentication() once the interaction is terminated.

Parameters:
authenticatedUserId - the id of the current user.
groups - the groups of the current user.

setAuthentication

void setAuthentication(String userId,
                       List<String> groups,
                       List<String> tenantIds)
Passes the authenticated user id, group ids and tenant ids for this thread. All service method (from any service) invocations done by the same thread will have access to this authentication. Should be followed by a call to clearAuthentication() once the interaction is terminated.

Parameters:
userId - the id of the current user.
groups - the groups of the current user.
tenantIds - the tenants of the current user.

setAuthentication

void setAuthentication(Authentication currentAuthentication)
Parameters:
currentAuthentication -

getCurrentAuthentication

Authentication getCurrentAuthentication()
Returns:
the current authentication for this process engine.

clearAuthentication

void clearAuthentication()
Allows clearing the current authentication. Does not throw exception if no authentication exists.

setUserPicture

void setUserPicture(String userId,
                    Picture picture)
Sets the picture for a given user.

Parameters:
picture - can be null to delete the picture.
Throws:
ProcessEngineException - if the user doesn't exist.

getUserPicture

Picture getUserPicture(String userId)
Retrieves the picture for a given user.

Throws:
ProcessEngineException - if the user doesn't exist.

deleteUserPicture

void deleteUserPicture(String userId)
Deletes the picture for a given user. If the user does not have a picture or if the user doesn't exists the call is ignored.

Throws:
ProcessEngineException - if the user doesn't exist.

setUserInfo

void setUserInfo(String userId,
                 String key,
                 String value)
Generic extensibility key-value pairs associated with a user

getUserInfo

String getUserInfo(String userId,
                   String key)
Generic extensibility key-value pairs associated with a user

getUserInfoKeys

List<String> getUserInfoKeys(String userId)
Generic extensibility keys associated with a user

deleteUserInfo

void deleteUserInfo(String userId,
                    String key)
Delete an entry of the generic extensibility key-value pairs associated with a user

setUserAccount

@Deprecated
void setUserAccount(String userId,
                               String userPassword,
                               String accountName,
                               String accountUsername,
                               String accountPassword,
                               Map<String,String> accountDetails)
Deprecated. 

Store account information for a remote system

getUserAccountNames

@Deprecated
List<String> getUserAccountNames(String userId)
Deprecated. 

Get account names associated with the given user

getUserAccount

@Deprecated
Account getUserAccount(String userId,
                                  String userPassword,
                                  String accountName)
Deprecated. 

Get account information associated with a user

deleteUserAccount

@Deprecated
void deleteUserAccount(String userId,
                                  String accountName)
Deprecated. 

Delete an entry of the generic extensibility key-value pairs associated with a user

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2017 camunda services GmbH. All rights reserved.