org.olat.basesecurity
Interface Manager

All Known Implementing Classes:

PersistingManager

public interface Manager

Description:
TODO: Class Description

Author:

Felix Jost

Method Summary

void	addIdentityToSecurityGroup(Identity identity, SecurityGroup secGroup)
int	countIdentitiesOfSecurityGroup(SecurityGroup secGroup)
java.lang.Long	countUniqueUserLoginsSince(java.util.Date lastLoginLimit) get number of users with last login greater than lastLoginLimit
Authentication	createAndPersistAuthentication(Identity identity, java.lang.String provider, java.lang.String authUsername, java.lang.String credential)
Identity	createAndPersistIdentity(java.lang.String username, User user, java.lang.String provider, java.lang.String authusername, java.lang.String credential)
Identity	createAndPersistIdentityAndUser(java.lang.String username, User user, java.lang.String provider, java.lang.String authusername, java.lang.String credential)
SecurityGroup	createAndPersistNamedSecurityGroup(java.lang.String groupName) create only makes no sense, since there are no attibutes to set
Policy	createAndPersistPolicy(SecurityGroup secGroup, java.lang.String permission, OLATResourceable olatResourceable) the olatResourceable is not required to have some persisted implementation, but the manager will use the OLATResource to persist it.
Policy	createAndPersistPolicyWithResource(SecurityGroup secGroup, java.lang.String permission, OLATResource olatResource) Creates and persist a policy for certain OLAT-resource (instead of OLAT-resourceable)
SecurityGroup	createAndPersistSecurityGroup() create only makes no sense, since there are no attibutes to set
void	deleteAuthentication(Authentication authentication)
void	deletePolicy(SecurityGroup secGroup, java.lang.String permission, OLATResourceable olatResourceable)
void	deleteSecurityGroup(SecurityGroup secGroup) removes the group with all the idendities contained in it, the idenities itself are of course not deleted.
Authentication	findAuthentication(Identity identity, java.lang.String provider)
Authentication	findAuthenticationByAuthusername(java.lang.String authusername, java.lang.String provider)
Identity	findIdentityByName(java.lang.String identityName) Find an identity by its name.
SecurityGroup	findSecurityGroupByName(java.lang.String securityGroupName)
Identity	getAndUpdateAnonymousUserForLanguage(java.util.Locale locale) Returns the anonymous identity for a given locale, normally used to log in as guest user
java.util.List<Authentication>	getAuthentications(Identity identity) Return the List of associated Authentications.
java.util.List<SecurityGroup>	getGroupsWithPermissionOnOlatResourceable(java.lang.String permission, OLATResourceable olatResourceable) use for testing ONLY.
java.util.List<Identity>	getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup)
java.util.List<java.lang.Object[]>	getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup, boolean sortedByAddDate)
java.util.List<Identity>	getIdentitiesByPowerSearch(java.lang.String login, java.util.Map<java.lang.String,java.lang.String> userProperties, boolean userPropertiesAsIntersectionSearch, SecurityGroup[] groups, PermissionOnResourceable[] permissionOnResources, java.lang.String[] authProviders, java.util.Date createdAfter, java.util.Date createdBefore, java.lang.Integer status) Get a list of identities that match the following conditions.
java.util.List<Identity>	getIdentitiesOfSecurityGroup(SecurityGroup secGroup) search
java.util.List<Identity>	getIdentitiesWithPermissionOnOlatResourceable(java.lang.String permission, OLATResourceable olatResourceable) use for testing ONLY.
java.util.List<Identity>	getPoliciesOfIdentity(Identity identity) for debugging and info by the olat admins:
java.util.List<Policy>	getPoliciesOfSecurityGroup(SecurityGroup secGroup)
Roles	getRoles(Identity identity) Get the identity's roles
java.util.Date	getSecurityGroupJoinDateForIdentity(SecurityGroup secGroup, Identity identity) Get date where identity joined a security group
java.util.List	getSecurityGroupsForIdentity(Identity identity) Get all SecurtityGroups an Identity is in
java.util.List<Identity>	getVisibleIdentitiesByPowerSearch(java.lang.String login, java.util.Map<java.lang.String,java.lang.String> userProperties, boolean userPropertiesAsIntersectionSearch, SecurityGroup[] groups, PermissionOnResourceable[] permissionOnResources, java.lang.String[] authProviders, java.util.Date createdAfter, java.util.Date createdBefore) Get a list of identities that match the following conditions.
void	init()
boolean	isIdentityInSecurityGroup(Identity identity, SecurityGroup secGroup) use only if really needed.
boolean	isIdentityPermittedOnResourceable(Identity identity, java.lang.String permission, OLATResourceable olatResourceable) is allowed to....
boolean	isIdentityPermittedOnResourceable(Identity identity, java.lang.String permission, OLATResourceable olatResourceable, boolean checkTypeRight)
boolean	isIdentityVisible(java.lang.String identityName) Check if identity is visible.
Identity	loadIdentityByKey(java.lang.Long identityKey) find an identity by the key instead of the username.
Identity	loadIdentityByKey(java.lang.Long identityKey, boolean strict) find an identity by the key.
void	removeIdentityFromSecurityGroup(Identity identity, SecurityGroup secGroup) Removes the identity from this security group or does nothing if the identity is not in the group at all.
void	saveIdentityStatus(Identity identity, java.lang.Integer status) Save an identity

Method Detail

init

void init()

isIdentityPermittedOnResourceable

boolean isIdentityPermittedOnResourceable(Identity identity,
                                          java.lang.String permission,
                                          OLATResourceable olatResourceable)

is allowed to....

Parameters:

identity -

permission -

olatResourceable -

Returns:

true if permitted

getRoles

Roles getRoles(Identity identity)

Get the identity's roles

Parameters:

identity -

Returns:

The roles of the identity

isIdentityPermittedOnResourceable

boolean isIdentityPermittedOnResourceable(Identity identity,
                                          java.lang.String permission,
                                          OLATResourceable olatResourceable,
                                          boolean checkTypeRight)

Parameters:

identity -

permission -

olatResourceable -

checkTypeRight -

Returns:

true if permitted

isIdentityInSecurityGroup

boolean isIdentityInSecurityGroup(Identity identity,
                                  SecurityGroup secGroup)

use only if really needed. Normally better use isIdentityPermittedOnResourceable!

Parameters:

identity -

secGroup -

Returns:

true if the identity is in the group

getIdentitiesOfSecurityGroup

java.util.List<Identity> getIdentitiesOfSecurityGroup(SecurityGroup secGroup)

search

Parameters:

secGroup -

Returns:

list of Identities

getIdentitiesAndDateOfSecurityGroup

java.util.List<Identity> getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup)

Parameters:

secGroup -

Returns:

a List of Object[] with the array[0] = Identity, array[1] = addedToGroupTimestamp

getIdentitiesAndDateOfSecurityGroup

java.util.List<java.lang.Object[]> getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup,
                                                                       boolean sortedByAddDate)

Parameters:

sortedByAddDate - true= return list of idenities sorted by added date

See Also:

getIdentitiesAndDateOfSecurityGroup(org.olat.basesecurity.SecurityGroup)

getSecurityGroupJoinDateForIdentity

java.util.Date getSecurityGroupJoinDateForIdentity(SecurityGroup secGroup,
                                                   Identity identity)

Get date where identity joined a security group

Parameters:

secGroup -

identity -

Returns:

joindate of given securityGroup. May return null if group doesn't exist or user isn't in this group

findSecurityGroupByName

SecurityGroup findSecurityGroupByName(java.lang.String securityGroupName)

Parameters:

securityGroupName -

Returns:

the securitygroup

findIdentityByName

Identity findIdentityByName(java.lang.String identityName)

Find an identity by its name. This is an exact match. Use the getIdentititesByPowerSearch() method if you also want to find substrings.

Be aware that this method does not check the identities status! This method returns identities with any state, also deleted identities!

Parameters:

identityName -

Returns:

the identity or null if not found

loadIdentityByKey

Identity loadIdentityByKey(java.lang.Long identityKey)

find an identity by the key instead of the username. Prefer this method as findByName will become deprecated soon.

Parameters:

identityKey - the key of the identity to load; may not be null or zero

Returns:

the identity or null

loadIdentityByKey

Identity loadIdentityByKey(java.lang.Long identityKey,
                           boolean strict)

find an identity by the key.

Parameters:

identityKey - the key of the identity to load; may not be null or zero

strict - if true equivalent to @see org.olat.basesecurity.Manager#loadIdentityByKey(java.lang.Long), if false return null if not found

Returns:

the identity or null

countUniqueUserLoginsSince

java.lang.Long countUniqueUserLoginsSince(java.util.Date lastLoginLimit)

get number of users with last login greater than lastLoginLimit

Parameters:

lastLoginLimit -

Returns:

countIdentitiesOfSecurityGroup

int countIdentitiesOfSecurityGroup(SecurityGroup secGroup)

Parameters:

secGroup -

Returns:

nr of members in the securitygroup

createAndPersistIdentity

Identity createAndPersistIdentity(java.lang.String username,
                                  User user,
                                  java.lang.String provider,
                                  java.lang.String authusername,
                                  java.lang.String credential)

Parameters:

username - the username

user - the unpresisted User

provider - the provider of the authentication ("OLAT" or "AAI"). If null, no authentication token is generated.

authusername - the username used as authentication credential (=username for provider "OLAT")

credential - the credentials or null if not used

Returns:

the new identity

createAndPersistIdentityAndUser

Identity createAndPersistIdentityAndUser(java.lang.String username,
                                         User user,
                                         java.lang.String provider,
                                         java.lang.String authusername,
                                         java.lang.String credential)

Parameters:

username - the username

user - the unpresisted User

provider - the provider of the authentication ("OLAT" or "AAI"). If null, no authentication token is generated.

authusername - the username used as authentication credential (=username for provider "OLAT")

credential - the credentials or null if not used

Returns:

the new identity

getAuthentications

java.util.List<Authentication> getAuthentications(Identity identity)

Return the List of associated Authentications.

Parameters:

identity -

Returns:

a list of Authentication

findAuthentication

Authentication findAuthentication(Identity identity,
                                  java.lang.String provider)

Parameters:

identity -

provider -

Returns:

Authentication for this identitity and provider or NULL if not found

createAndPersistAuthentication

Authentication createAndPersistAuthentication(Identity identity,
                                              java.lang.String provider,
                                              java.lang.String authUsername,
                                              java.lang.String credential)

Parameters:

identity -

provider -

authUsername -

credential -

Returns:

an Authentication

deleteAuthentication

void deleteAuthentication(Authentication authentication)

Parameters:

authentication -

createAndPersistSecurityGroup

SecurityGroup createAndPersistSecurityGroup()

create only makes no sense, since there are no attibutes to set

Returns:

a new persisted SecurityGroup or throws an Exception

createAndPersistNamedSecurityGroup

SecurityGroup createAndPersistNamedSecurityGroup(java.lang.String groupName)

create only makes no sense, since there are no attibutes to set

Parameters:

groupName -

Returns:

the newly created securitygroup

deleteSecurityGroup

void deleteSecurityGroup(SecurityGroup secGroup)

removes the group with all the idendities contained in it, the idenities itself are of course not deleted.

Parameters:

secGroup -

addIdentityToSecurityGroup

void addIdentityToSecurityGroup(Identity identity,
                                SecurityGroup secGroup)

Parameters:

identity -

secGroup -

removeIdentityFromSecurityGroup

void removeIdentityFromSecurityGroup(Identity identity,
                                     SecurityGroup secGroup)

Removes the identity from this security group or does nothing if the identity is not in the group at all.

Parameters:

identity -

secGroup -

createAndPersistPolicy

Policy createAndPersistPolicy(SecurityGroup secGroup,
                              java.lang.String permission,
                              OLATResourceable olatResourceable)

the olatResourceable is not required to have some persisted implementation, but the manager will use the OLATResource to persist it. If the olatResourceable used OLATResource as its persister, then the same OLATResource (same row in table) will be used by the manager use as internal reference in the Policy table

Parameters:

secGroup -

permission -

olatResourceable -

Returns:

the newly created policy

createAndPersistPolicyWithResource

Policy createAndPersistPolicyWithResource(SecurityGroup secGroup,
                                          java.lang.String permission,
                                          OLATResource olatResource)

Creates and persist a policy for certain OLAT-resource (instead of OLAT-resourceable)

Parameters:

secGroup -

permission -

olatResource -

Returns:

the newly created policy

deletePolicy

void deletePolicy(SecurityGroup secGroup,
                  java.lang.String permission,
                  OLATResourceable olatResourceable)

Parameters:

secGroup -

permission -

olatResourceable -

getPoliciesOfSecurityGroup

java.util.List<Policy> getPoliciesOfSecurityGroup(SecurityGroup secGroup)

Parameters:

secGroup -

Returns:

a list of Policy objects

getGroupsWithPermissionOnOlatResourceable

java.util.List<SecurityGroup> getGroupsWithPermissionOnOlatResourceable(java.lang.String permission,
                                                                        OLATResourceable olatResourceable)

use for testing ONLY.

Parameters:

permission -

olatResourceable -

Returns:

a list of SecurityGroup objects

getIdentitiesWithPermissionOnOlatResourceable

java.util.List<Identity> getIdentitiesWithPermissionOnOlatResourceable(java.lang.String permission,
                                                                       OLATResourceable olatResourceable)

use for testing ONLY.

Parameters:

permission -

olatResourceable -

Returns:

a list of Identity objects

getPoliciesOfIdentity

java.util.List<Identity> getPoliciesOfIdentity(Identity identity)

for debugging and info by the olat admins:

Parameters:

identity -

Returns:

scalar query return list of object[] with SecurityGroupImpl, PolicyImpl, OLATResourceImpl

findAuthenticationByAuthusername

Authentication findAuthenticationByAuthusername(java.lang.String authusername,
                                                java.lang.String provider)

Parameters:

authusername -

provider -

Returns:

Authentication for this authusername and provider or NULL if not found

getVisibleIdentitiesByPowerSearch

java.util.List<Identity> getVisibleIdentitiesByPowerSearch(java.lang.String login,
                                                           java.util.Map<java.lang.String,java.lang.String> userProperties,
                                                           boolean userPropertiesAsIntersectionSearch,
                                                           SecurityGroup[] groups,
                                                           PermissionOnResourceable[] permissionOnResources,
                                                           java.lang.String[] authProviders,
                                                           java.util.Date createdAfter,
                                                           java.util.Date createdBefore)

Get a list of identities that match the following conditions. All parameters are additive. NULL values mean "no constraints" (e.g. all parameters NULL would result in a list with all identities of the entire system)

Parameters:

login -

userPropertyHandlers - Map of user properties that needs to be matched.

userPropertiesAsIntersectionSearch - true: user properties and login name are combined with an AND query; false: user properties and login name are combined with an OR query

groups - Array of SecurityGroups the user participates in. Search machtches if user is in any of the groups (OR query)

permissionOnResources - Array of resource permissions the user has. Search machtches if user has any of the permissions (OR query)

authProviders - Array of authenticaton providers the user has. Search machtches if user has any of the authProviders (OR query)

createdAfter - date after which the user has been created

createdBefore - date before which the user has been created

Returns:

List of identities

getIdentitiesByPowerSearch

java.util.List<Identity> getIdentitiesByPowerSearch(java.lang.String login,
                                                    java.util.Map<java.lang.String,java.lang.String> userProperties,
                                                    boolean userPropertiesAsIntersectionSearch,
                                                    SecurityGroup[] groups,
                                                    PermissionOnResourceable[] permissionOnResources,
                                                    java.lang.String[] authProviders,
                                                    java.util.Date createdAfter,
                                                    java.util.Date createdBefore,
                                                    java.lang.Integer status)

Get a list of identities that match the following conditions. All parameters are additive. NULL values mean "no constraints" (e.g. all parameters NULL would result in a list with all identities of the entire system)

Parameters:

login -

userPropertyHandlers - Map of user properties that needs to be matched.

userPropertiesAsIntersectionSearch - true: user properties and login name are combined with an AND query; false: user properties and login name are combined with an OR query

groups - Array of SecurityGroups the user participates in. Search machtches if user is in any of the groups (OR query)

permissionOnResources - Array of resource permissions the user has. Search machtches if user has any of the permissions (OR query)

authProviders - Array of authenticaton providers the user has. Search machtches if user has any of the authProviders (OR query)

createdAfter - date after which the user has been created

createdBefore - date before which the user has been created

status - identity status, define in interface Identity e.g. ACTIV, LOGIN_DENIED, DELETED

Returns:

List of identities

saveIdentityStatus

void saveIdentityStatus(Identity identity,
                        java.lang.Integer status)

Save an identity

Parameters:

identity - Save this identity

isIdentityVisible

boolean isIdentityVisible(java.lang.String identityName)

Check if identity is visible. Deleted or login-denied users are not visible.

Parameters:

identityName -

Returns:

getSecurityGroupsForIdentity

java.util.List getSecurityGroupsForIdentity(Identity identity)

Get all SecurtityGroups an Identity is in

Parameters:

identity -

Returns:

List with SecurityGroups

getAndUpdateAnonymousUserForLanguage

Identity getAndUpdateAnonymousUserForLanguage(java.util.Locale locale)

Returns the anonymous identity for a given locale, normally used to log in as guest user

Parameters:

locale -

Returns:

The identity