com.atlassian.crowd.directory

Class InternalDirectory

java.lang.Object

com.atlassian.crowd.directory.AbstractInternalDirectory

com.atlassian.crowd.directory.InternalDirectory

All Implemented Interfaces:

FastEntityCountProvider, InternalRemoteDirectory, MultiValuesQueriesSupport, RemoteDirectory, Attributes

Direct Known Subclasses:

InternalDirectoryForDelegation

public class InternalDirectory
extends AbstractInternalDirectory

Internal directory connector. Stores all entity information to the database used by the Crowd Server. Note that this implementation is used for an Actual InternalDirectory, and there is a related class CachingDirectory that does local caching of remote objects.

Field Summary

Fields inherited from class com.atlassian.crowd.directory.AbstractInternalDirectory

ATTRIBUTE_PASSWORD_COMPLEXITY_MESSAGE, ATTRIBUTE_PASSWORD_EXPIRATION_NOTIFICATION_PERIODS, ATTRIBUTE_PASSWORD_HISTORY_COUNT, ATTRIBUTE_PASSWORD_MAX_ATTEMPTS, ATTRIBUTE_PASSWORD_MAX_CHANGE_TIME, ATTRIBUTE_PASSWORD_MINIMUM_LENGTH, ATTRIBUTE_PASSWORD_MINIMUM_SCORE, ATTRIBUTE_PASSWORD_REGEX, ATTRIBUTE_USER_ENCRYPTION_METHOD, attributes, DESCRIPTIVE_NAME, directoryDao, directoryId, groupDao, internalDirectoryUtils, membershipDao, passwordEncoderFactory, tombstoneDao, userDao

Constructor Summary

Constructors

Constructor and Description
InternalDirectory(InternalDirectoryUtils internalDirectoryUtils, PasswordEncoderFactory passwordEncoderFactory, DirectoryDao directoryDao, UserDao userDao, GroupDao groupDao, InternalMembershipDao membershipDao, TombstoneDao tombstoneDao, PasswordConstraintsLoader passwordConstraints)

Method Summary

Modifier and Type	Method and Description
BatchResult<Group>	addAllGroups(Set<GroupTemplate> groups) Adds a collection of groups to the directory.
BatchResult<User>	addAllUsers(Set<UserTemplateWithCredentialAndAttributes> users) Adds a collection of users to the directory.
BatchResult<String>	addAllUsersToGroup(Set<String> userNames, String groupName) Adds a collection of users to a group.
Group	addLocalGroup(GroupTemplate group) Adds a "local" group to the directory.
User	addUser(UserTemplate user, PasswordCredential credential) Adds a user to the directory store.
UserWithAttributes	addUser(UserTemplateWithAttributes user, PasswordCredential credential) Adds a user and the following custom attributes: - RemotePrincipalConstants.PASSWORD_LASTCHANGED set to the current time.
boolean	isLocalUserStatusEnabled() Internal directories never support local user statuses.
protected boolean	isUserExternalIdReadOnly() When an InternalDirectory is used as an internal directory, it must manage the values of the external_id column.
User	updateUser(UserTemplate user) Updates the user.

Methods inherited from class com.atlassian.crowd.directory.AbstractInternalDirectory

addGroup, addGroupToGroup, addUserToGroup, addUserToGroups, authenticate, calculatePostPasswordUpdateAttributes, countDirectMembersOfGroup, currentPrincipalInvalidPasswordAttempts, encryptedCredential, expireAllPasswords, findGroupByName, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, forceRenameUser, getAllUserExternalIds, getAuthoritativeDirectory, getDescriptiveName, getDirectoryId, getEncoder, getGroupCount, getKeys, getMemberships, getPasswordConstraints, getUserAvatarByName, getUserCount, getValue, getValues, isEmpty, isGroupDirectGroupMember, isRolesDisabled, isUserDirectGroupMember, removeAllGroups, removeAllUsers, removeGroup, removeGroupAttributes, removeGroupFromGroup, removeUser, removeUserAttributes, removeUserFromGroup, renameGroup, renameUser, requiresPasswordChange, searchGroupRelationships, searchGroupRelationshipsGroupedByName, searchGroups, searchUsers, setAttributes, setDirectoryId, storeGroupAttributes, storeUserAttributes, supportsInactiveAccounts, supportsNestedGroups, supportsPasswordExpiration, supportsSettingEncryptedCredential, testConnection, updateGroup, updateUserCredential, userAuthenticated

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.atlassian.crowd.directory.RemoteDirectory

getLocallyFilteredGroupNames, updateUserFromRemoteDirectory

Constructor Detail

InternalDirectory

public InternalDirectory(InternalDirectoryUtils internalDirectoryUtils,
                         PasswordEncoderFactory passwordEncoderFactory,
                         DirectoryDao directoryDao,
                         UserDao userDao,
                         GroupDao groupDao,
                         InternalMembershipDao membershipDao,
                         TombstoneDao tombstoneDao,
                         PasswordConstraintsLoader passwordConstraints)

Method Detail

addUser

public User addUser(UserTemplate user,
                    PasswordCredential credential)
             throws InvalidCredentialException,
                    InvalidUserException,
                    UserAlreadyExistsException,
                    OperationFailedException

Description copied from interface: RemoteDirectory

Adds a user to the directory store.

Parameters:

user - template of the user to add.

credential - a password, or PasswordCredential.NONE for an account that cannot login with any password

Returns:

the added user retrieved from the underlying store.

Throws:

InvalidCredentialException - The supplied credential is invalid.

InvalidUserException - The supplied user is invalid.

UserAlreadyExistsException - The user already exists

OperationFailedException - underlying directory implementation failed to execute the operation.

See Also:

RemoteDirectory.supportsSettingEncryptedCredential()

addUser

public UserWithAttributes addUser(UserTemplateWithAttributes user,
                                  PasswordCredential credential)
                           throws InvalidCredentialException,
                                  InvalidUserException,
                                  UserAlreadyExistsException,
                                  OperationFailedException

Adds a user and the following custom attributes: - RemotePrincipalConstants.PASSWORD_LASTCHANGED set to the current time. - RemotePrincipalConstants.REQUIRES_PASSWORD_CHANGE set to false.

Specified by:

addUser in interface RemoteDirectory

Specified by:

addUser in class AbstractInternalDirectory

Parameters:

user - template of the user to add.

credential - password. May be null, since JIRA creates a user in two steps

Returns:

added user.

Throws:

InvalidCredentialException - the password does not match the regular expression standard defined by the directory.

InvalidUserException - The supplied user is invalid.

UserAlreadyExistsException - The user already exists

OperationFailedException - underlying directory implementation failed to execute the operation.

See Also:

RemoteDirectory.supportsSettingEncryptedCredential()

addLocalGroup

public Group addLocalGroup(GroupTemplate group)
                    throws OperationFailedException

Description copied from interface: InternalRemoteDirectory

Adds a "local" group to the directory.

This method can be used to store groups that aren't clones of "external" groups. For example, if an LDAP directory is cloned in an internal directory, it's possible to define "local" groups that exist internally but not in LDAP.

This functionality was added to meet the functionality that Confluence provided.

Specified by:

addLocalGroup in interface InternalRemoteDirectory

Specified by:

addLocalGroup in class AbstractInternalDirectory

Parameters:

group - template of the group to add.

Returns:

the added group retrieved from the underlying store.

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

addAllUsers

public BatchResult<User> addAllUsers(Set<UserTemplateWithCredentialAndAttributes> users)

Description copied from interface: InternalRemoteDirectory

Adds a collection of users to the directory.

The bulk adding of users may be significantly faster than adding users one-by-one for large collections.

Caller must ensure that the users don't already exist.

Parameters:

users - templates of users to add.

Returns:

result containing both successful and failed users

addAllGroups

public BatchResult<Group> addAllGroups(Set<GroupTemplate> groups)

Description copied from interface: InternalRemoteDirectory

Adds a collection of groups to the directory.

The bulk adding of groups may be significantly faster than adding groups one-by-one for large collections.

Caller must ensure that the users don't already exist.

Parameters:

groups - templates of groups to add.

Returns:

result containing both successful and failed groups

addAllUsersToGroup

public BatchResult<String> addAllUsersToGroup(Set<String> userNames,
                                              String groupName)
                                       throws GroupNotFoundException

Description copied from interface: InternalRemoteDirectory

Adds a collection of users to a group.

Caller must ensure that the memberships don't already exist.

Parameters:

userNames - names of users to add to group.

groupName - name of group to add users to.

Returns:

result containing both successful and failed users

Throws:

GroupNotFoundException - group with supplied groupName does not exist.

updateUser

public User updateUser(UserTemplate user)
                throws InvalidUserException,
                       UserNotFoundException

Description copied from interface: RemoteDirectory

Updates the user.

Parameters:

user - The user to update.

Returns:

the updated user retrieved from the underlying store.

Throws:

InvalidUserException - the supplied user is invalid.

UserNotFoundException - the user does not exist in the directory store.

isLocalUserStatusEnabled

public boolean isLocalUserStatusEnabled()

Internal directories never support local user statuses.

Returns:

false

isUserExternalIdReadOnly

protected boolean isUserExternalIdReadOnly()

When an InternalDirectory is used as an internal directory, it must manage the values of the external_id column. However, when it is used as the front-end in a delegating directory, the values of the column are dictated by the remote LDAP directory and are subject to change. This method makes it possible to switch between these two behaviours.

Returns:

true in this class because it manages the external_id values and does not allow mutability.