Class AbstractInternalDirectory
- All Implemented Interfaces:
FastEntityCountProvider,InternalRemoteDirectory,MultiValuesQueriesSupport,RemoteDirectory,Attributes
- Direct Known Subclasses:
CachingDirectory,InternalDirectory
InternalDirectory and CachingDirectory.-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringThe minimum password score allowed for new passwords for users in this directory, stored asPasswordScore.getRanking().static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringprotected AttributeValuesHolderstatic final Stringprotected final DirectoryDaoprotected longprotected final GroupDaoprotected final InternalDirectoryUtilsprotected final MembershipDaoprotected final PasswordEncoderFactoryprotected final TombstoneDaoprotected final UserDao -
Constructor Summary
ConstructorsConstructorDescriptionAbstractInternalDirectory(InternalDirectoryUtils internalDirectoryUtils, PasswordEncoderFactory passwordEncoderFactory, DirectoryDao directoryDao, UserDao userDao, GroupDao groupDao, MembershipDao membershipDao, TombstoneDao tombstoneDao, PasswordConstraintsLoader passwordConstraints) -
Method Summary
Modifier and TypeMethodDescriptionaddAllGroupsToGroup(Collection<String> childGroupNames, String groupName) Adds a collection of child groups to a group.addGroup(GroupTemplate group) Adds agroupto the directory store.voidaddGroupToGroup(String childGroup, String parentGroup) Adds a group as a member of a parent group.abstract GroupaddLocalGroup(GroupTemplate group) Adds a "local" group to the directory.abstract UserWithAttributesaddUser(UserTemplateWithAttributes user, PasswordCredential credential) Adds auserto the directory store.voidaddUserToGroup(String username, String groupName) Adds a user as a member of a group.addUserToGroups(String username, Set<String> groupNames) Adds a user to many groups.authenticate(UserAuthenticationContext userAuthenticationContext) Authenticates auserwith the directory store.authenticate(String name, PasswordCredential credential) Authenticates auserwith the directory store.Generate the list of default attributes and values relating to passwords, for use when creating or resetting a passwordcountDirectMembersOfGroup(String groupName, int querySizeHint) Count the direct members of a group in the remote directory.protected longprotected PasswordCredentialencryptedCredential(PasswordCredential passwordCredential) voidSets theUserConstants.REQUIRES_PASSWORD_CHANGEattribute to true for all users in the directory using bulk operationsfindGroupByName(String name) Finds thegroupthat matches the suppliedname.Finds thegroupthat matches the suppliedname.findUserByExternalId(String externalId) Finds the user that matches the suppliedexternalId.findUserByName(String name) Finds theuserthat matches the suppliedname.Finds theuserthat matches the suppliedname.forceRenameUser(User oldUser, String newName) Forces a rename on the given user in this directory.Retrieves all users externalIds found in this directory.Returns a descriptive name for the type of directory.longGets the internal uniquedirectoryIdof the directory store.protected PasswordEncoderlonggetKeys()Gets all the keys of the attributes.Get an iterable view of the available group memberships.protected final Set<PasswordConstraint>getUserAvatarByName(String username, int sizeHint) Return an avatar, if available, for the named user.longReturns any value associated with the given key, returnsnullif there is no value.Get all the values associated with a given key.booleanisEmpty()booleanisGroupDirectGroupMember(String childGroup, String parentGroup) Determines if a group is a direct member of another group.booleanExpose whether the directory has roles disabled.booleanisUserDirectGroupMember(String username, String groupName) Determines if a user is a direct member of a group.removeAllGroups(Set<String> groupNames) Removes all groups from the directory.removeAllUsers(Set<String> userNames) Removes all users from the directory.voidremoveGroup(String name) Removes thegroupthat matches the suppliedname.voidremoveGroupAttributes(String groupName, String attributeName) Removes all the values for a single attribute key for a group.voidremoveGroupFromGroup(String childGroup, String parentGroup) Removes a group as a member of a parent group.removeGroupsFromGroup(Collection<String> childGroupNames, String groupName) Removes a collection of child groups from a group.voidremoveUser(String name) Removes theuserthat matches the suppliedname.voidremoveUserAttributes(String username, String attributeName) Removes all the values for a single attribute key for a user.voidremoveUserFromGroup(String username, String groupName) Removes a user as a member of a group.removeUsersFromGroup(Set<String> usernames, String groupName) Removes a collection of users from a group.renameGroup(String oldName, String newName) Renames agroup.renameUser(String oldName, String newName) Renames auser.protected boolean<T> List<T>searchGroupRelationships(MembershipQuery<T> query) Searches for membership information.Searches forgroupsthat match the supplied query criteria.<T> List<T>searchGroups(EntityQuery<T> query) Searches forgroupsthat match the supplied query criteria.<T> List<T>searchUsers(EntityQuery<T> query) Searches forusersthat match the supplied query criteria.voidsetAttributes(Map<String, String> attributes) Called by theDirectoryInstanceLoaderafter constructing an InternalDirectory.voidsetDirectoryId(long id) Called by theDirectoryInstanceLoaderafter constructing an InternalDirectory.voidAdds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed indirectoryId.voidAdds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed indirectoryId.booleanInternal directories always support inactive accounts.booleanAllows us to only display nested-group related UI for directories that support it.booleanInternal Directories always support expiring passwordsbooleanInternal directories always support setting passwords by hash.voidDoes nothing, connection is determined by the ability to communicate with the database.updateGroup(GroupTemplate group) Updates thegroup.voidupdateUserCredential(String name, PasswordCredential newCredential) userAuthenticated(String username) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.atlassian.crowd.directory.InternalRemoteDirectory
addAllGroups, addAllUsers, addAllUsersToGroup, isLocalUserStatusEnabledMethods inherited from interface com.atlassian.crowd.directory.RemoteDirectory
addUser, getLocallyFilteredGroupNames, updateUser, updateUserFromRemoteDirectory
-
Field Details
-
DESCRIPTIVE_NAME
- See Also:
-
ATTRIBUTE_PASSWORD_REGEX
- See Also:
-
ATTRIBUTE_PASSWORD_POLICY_PRESET
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_LENGTH
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_UPPERCASE
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_LOWERCASE
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_DIGITS
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_SPECIAL_CHARACTERS
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_RULES_MATCHED
- See Also:
-
ATTRIBUTE_PASSWORD_COMPLEXITY_MESSAGE
- See Also:
-
ATTRIBUTE_PASSWORD_MAX_ATTEMPTS
- See Also:
-
ATTRIBUTE_PASSWORD_HISTORY_COUNT
- See Also:
-
ATTRIBUTE_USER_ENCRYPTION_METHOD
- See Also:
-
ATTRIBUTE_PASSWORD_MAX_CHANGE_TIME
- See Also:
-
ATTRIBUTE_PASSWORD_EXPIRATION_NOTIFICATION_PERIODS
- See Also:
-
ATTRIBUTE_PASSWORD_MINIMUM_SCORE
The minimum password score allowed for new passwords for users in this directory, stored asPasswordScore.getRanking().- See Also:
-
CHARACTER_CLASS_CONSTRAINT_ATTRIBUTES
-
directoryId
protected long directoryId -
attributes
-
passwordEncoderFactory
-
directoryDao
-
userDao
-
groupDao
-
membershipDao
-
tombstoneDao
-
internalDirectoryUtils
-
-
Constructor Details
-
AbstractInternalDirectory
public AbstractInternalDirectory(InternalDirectoryUtils internalDirectoryUtils, PasswordEncoderFactory passwordEncoderFactory, DirectoryDao directoryDao, UserDao userDao, GroupDao groupDao, MembershipDao membershipDao, TombstoneDao tombstoneDao, PasswordConstraintsLoader passwordConstraints)
-
-
Method Details
-
getDirectoryId
public long getDirectoryId()Description copied from interface:RemoteDirectoryGets the internal uniquedirectoryIdof the directory store.- Specified by:
getDirectoryIdin interfaceRemoteDirectory- Returns:
- The
directoryId.
-
setDirectoryId
public void setDirectoryId(long id) Called by theDirectoryInstanceLoaderafter constructing an InternalDirectory.- Specified by:
setDirectoryIdin interfaceRemoteDirectory- Parameters:
id- The uniqueidof the Directory stored in the database.
-
setAttributes
Called by theDirectoryInstanceLoaderafter constructing an InternalDirectory.- Specified by:
setAttributesin interfaceRemoteDirectory- Parameters:
attributes- attributes map.
-
getValues
Description copied from interface:AttributesGet all the values associated with a given key. Duplicate values are not allowed, and this should be enforced case-insensitively to match the behaviour of LDAP servers. Will return null if the key does not exist.- Specified by:
getValuesin interfaceAttributes- Parameters:
name- the key to retrieve the values for- Returns:
- the values associated with the given key. It may return null or empty set if the key does not exist.
-
getValue
Description copied from interface:AttributesReturns any value associated with the given key, returnsnullif there is no value.- Specified by:
getValuein interfaceAttributes- Parameters:
name- the key to retrieve the value for- Returns:
- any value associated with the given key, or
nullif there is no value
-
getKeys
Description copied from interface:AttributesGets all the keys of the attributes. Warning: case-insensitive keys are currently no enforced, however this is the case for LDAP, so this may be implemented in the future.- Specified by:
getKeysin interfaceAttributes- Returns:
- a set of all the keys.
-
isEmpty
public boolean isEmpty()- Specified by:
isEmptyin interfaceAttributes- Returns:
trueif there are no attributes
-
getDescriptiveName
Description copied from interface:RemoteDirectoryReturns a descriptive name for the type of directory.- Specified by:
getDescriptiveNamein interfaceRemoteDirectory- Returns:
- descriptive name.
-
findUserByName
Description copied from interface:RemoteDirectoryFinds theuserthat matches the suppliedname.- Specified by:
findUserByNamein interfaceInternalRemoteDirectory- Specified by:
findUserByNamein interfaceRemoteDirectory- Parameters:
name- the name of the user (username).- Returns:
TimestampedUserentity.- Throws:
UserNotFoundException- a user with the supplied name does not exist.
-
findUserByExternalId
Description copied from interface:RemoteDirectoryFinds the user that matches the suppliedexternalId. This is an optional method that may not be implemented on all directory types. Currently it is implemented for LDAP and Internal directories but not Crowd directories.- Specified by:
findUserByExternalIdin interfaceInternalRemoteDirectory- Specified by:
findUserByExternalIdin interfaceRemoteDirectory- Parameters:
externalId- the externalId of the user- Returns:
TimestampedUserentity.- Throws:
UserNotFoundException- a user with the supplied externalId does not exist.- See Also:
-
findUserWithAttributesByName
Description copied from interface:RemoteDirectoryFinds theuserthat matches the suppliedname.- Specified by:
findUserWithAttributesByNamein interfaceRemoteDirectory- Parameters:
name- the name of the user (username).- Returns:
- user entity with attributes.
- Throws:
UserNotFoundException- a user with the supplied name does not exist.
-
authenticate
public User authenticate(String name, PasswordCredential credential) throws InactiveAccountException, InvalidAuthenticationException, ExpiredCredentialException, UserNotFoundException Description copied from interface:RemoteDirectoryAuthenticates auserwith the directory store.- Specified by:
authenticatein interfaceRemoteDirectory- Parameters:
name- The name of the user (username).credential- The supplied credentials (password).- Returns:
- user entity.
- Throws:
InactiveAccountException- The supplied user is inactive.InvalidAuthenticationException- Authentication with the provided credentials failed OR the user has exceeded the maximum number of failed authentication attempts.UserNotFoundException- The user wth the supplied name does not exist.ExpiredCredentialException- The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
-
authenticate
public User authenticate(UserAuthenticationContext userAuthenticationContext) throws UserNotFoundException, InactiveAccountException, InvalidAuthenticationException, ExpiredCredentialException, OperationFailedException Description copied from interface:RemoteDirectoryAuthenticates auserwith the directory store.- Specified by:
authenticatein interfaceRemoteDirectory- Parameters:
userAuthenticationContext- the authentication details for the user- Returns:
- The populated user if the authentication is valid.
- Throws:
UserNotFoundException- The user with the supplied name does not exist.InactiveAccountException- The supplied user is inactive.InvalidAuthenticationException- Authentication with the provided credentials failed.ExpiredCredentialException- The user's credentials have expired. The user must change their credentials in order to successfully authenticate.OperationFailedException- underlying directory implementation failed to execute the operation.
-
userAuthenticated
public User userAuthenticated(String username) throws OperationFailedException, UserNotFoundException, InactiveAccountException - Specified by:
userAuthenticatedin interfaceRemoteDirectory- Throws:
OperationFailedExceptionUserNotFoundExceptionInactiveAccountException
-
currentPrincipalInvalidPasswordAttempts
- Parameters:
user- user with attributes.- Returns:
- long value of the invalid password attempts attribute on the user.
-
requiresPasswordChange
- Parameters:
user- user with attributes.- Returns:
trueif the requires password change attribute on the user is set to true, or if the password last changed attribute on the user exceeds the password max change time attribute on the directory (ie. password timeout).
-
addUser
public abstract UserWithAttributes addUser(UserTemplateWithAttributes user, PasswordCredential credential) throws InvalidCredentialException, InvalidUserException, UserAlreadyExistsException, OperationFailedException Description copied from interface:RemoteDirectoryAdds auserto the directory store.- Specified by:
addUserin interfaceRemoteDirectory- Parameters:
user- template of the user to add.credential- a password, orPasswordCredential.NONEfor an account that cannot login with any password- Returns:
- the added user retrieved from the underlying store.
- Throws:
InvalidCredentialException- The supplied credential is invalid.InvalidUserException- The supplied user is invalid.UserAlreadyExistsException- The user already existsOperationFailedException- underlying directory implementation failed to execute the operation.- See Also:
-
encryptedCredential
-
getEncoder
-
updateUserCredential
public void updateUserCredential(String name, PasswordCredential newCredential) throws InvalidCredentialException, UserNotFoundException Description copied from interface:RemoteDirectory- Specified by:
updateUserCredentialin interfaceRemoteDirectory- Parameters:
name- The name of the user (username).newCredential- The new credential (password).- Throws:
InvalidCredentialException- The supplied credential is invalid.UserNotFoundException- The user does not exist.- See Also:
-
calculatePostPasswordUpdateAttributes
Generate the list of default attributes and values relating to passwords, for use when creating or resetting a password- Returns:
- A map containing the values to then be stored
-
renameUser
public User renameUser(String oldName, String newName) throws InvalidUserException, UserNotFoundException, UserAlreadyExistsException Description copied from interface:RemoteDirectoryRenames auser.- Specified by:
renameUserin interfaceRemoteDirectory- Parameters:
oldName- name of existing user.newName- desired name of user.- Returns:
- renamed user.
- Throws:
InvalidUserException- if the new username is invalid.UserNotFoundException- if the user with the existing name does not exist.UserAlreadyExistsException- if the newName already exists.
-
forceRenameUser
public User forceRenameUser(@Nonnull User oldUser, @Nonnull String newName) throws UserNotFoundException Description copied from interface:InternalRemoteDirectoryForces a rename on the given user in this directory. This works likeRemoteDirectory.renameUser(String, String), except it will still do the rename even if there is an existing user under the newName. In this case, it will first rename that existing user to a name that is known not to exist in this directory.- Specified by:
forceRenameUserin interfaceInternalRemoteDirectory- Parameters:
oldUser- the existing user.newName- desired name of user.- Returns:
- renamed user.
- Throws:
UserNotFoundException- if the "oldUser" does not exist.- See Also:
-
getPasswordConstraints
-
getAllUserExternalIds
Description copied from interface:InternalRemoteDirectoryRetrieves all users externalIds found in this directory.- Specified by:
getAllUserExternalIdsin interfaceInternalRemoteDirectory- Returns:
- set of all users externalIds
- Throws:
OperationFailedException- underlying directory implementation failed to execute the operation.
-
getUserCount
- Specified by:
getUserCountin interfaceFastEntityCountProvider- Returns:
- number of users found in this directory.
- Throws:
OperationFailedException- underlying directory implementation failed to execute the operation.
-
getGroupCount
- Specified by:
getGroupCountin interfaceFastEntityCountProvider- Returns:
- number of groups found in this directory.
- Throws:
OperationFailedException- underlying directory implementation failed to execute the operation.
-
storeUserAttributes
public void storeUserAttributes(String username, Map<String, Set<String>> attributes) throws UserNotFoundException, OperationFailedExceptionDescription copied from interface:RemoteDirectoryAdds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed indirectoryId.The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing
Attributes with values of empty sets are not added (these attributes are effectively removed).
- Specified by:
storeUserAttributesin interfaceRemoteDirectory- Parameters:
username- name of user to update.attributes- new or updated attributes (attributes that don't need changing should not appear in this Map).- Throws:
UserNotFoundException- user with supplied username does not exist.OperationFailedException- underlying directory implementation failed to execute the operation.
-
removeUserAttributes
public void removeUserAttributes(String username, String attributeName) throws UserNotFoundException Description copied from interface:RemoteDirectoryRemoves all the values for a single attribute key for a user. If the attribute key does not exist nothing will happen.- Specified by:
removeUserAttributesin interfaceRemoteDirectory- Parameters:
username- name of the user to update.attributeName- name of attribute to remove.- Throws:
UserNotFoundException- user with supplied username does not exist.
-
removeUser
Description copied from interface:RemoteDirectoryRemoves theuserthat matches the suppliedname.- Specified by:
removeUserin interfaceRemoteDirectory- Parameters:
name- The name of the user (username).- Throws:
UserNotFoundException- The user does not exist.
-
removeAllUsers
Description copied from interface:InternalRemoteDirectoryRemoves all users from the directory.If a user with the supplied username does not exist in the directory, the username will be ignored.
- Specified by:
removeAllUsersin interfaceInternalRemoteDirectory- Parameters:
userNames- usernames of users to remove.- Returns:
- batch result containing successes (removed users) and failures (users which were not removed)
-
removeAllGroups
Description copied from interface:InternalRemoteDirectoryRemoves all groups from the directory.If a group with the supplied group name does not exist in the directory, the group name will be ignored.
- Specified by:
removeAllGroupsin interfaceInternalRemoteDirectory- Parameters:
groupNames- names of groups to remove.- Returns:
- batch result containing successes (removed groups) and failures (groups which were not removed)
-
searchUsers
Description copied from interface:RemoteDirectorySearches forusersthat match the supplied query criteria.The users will be returned in a stable order including across pagination boundaries (excluding modification).
- Specified by:
searchUsersin interfaceRemoteDirectory- Parameters:
query- EntityQuery for Entity.USER.- Returns:
List<orUser>List<of users/usernames matching the search criteria. An emptyString>Listwill be returned if no users matching the criteria are found.
-
findGroupByName
Description copied from interface:RemoteDirectoryFinds thegroupthat matches the suppliedname.- Specified by:
findGroupByNamein interfaceInternalRemoteDirectory- Specified by:
findGroupByNamein interfaceRemoteDirectory- Parameters:
name- the name of the group.- Returns:
InternalDirectoryGroupentity.- Throws:
GroupNotFoundException- a group with the supplied name does not exist.
-
findGroupWithAttributesByName
Description copied from interface:RemoteDirectoryFinds thegroupthat matches the suppliedname.- Specified by:
findGroupWithAttributesByNamein interfaceRemoteDirectory- Parameters:
name- the name of the group.- Returns:
- group entity with attributes.
- Throws:
GroupNotFoundException- a group with the supplied name does not exist.
-
addGroup
Description copied from interface:RemoteDirectoryAdds agroupto the directory store.- Specified by:
addGroupin interfaceRemoteDirectory- Parameters:
group- template of the group to add.- Returns:
- the added group retrieved from the underlying store.
- Throws:
InvalidGroupException- The supplied group is invalid or it already exists in the directory.OperationFailedException- underlying directory implementation failed to execute the operation.
-
addLocalGroup
public abstract Group addLocalGroup(GroupTemplate group) throws InvalidGroupException, OperationFailedException Description copied from interface:InternalRemoteDirectoryAdds a "local" group to the directory.This method can be used to store groups that aren't clones of "external" groups. For example, if an LDAP directory is cloned in an internal directory, it's possible to define "local" groups that exist internally but not in LDAP.
This functionality was added to meet the functionality that Confluence provided.
- Specified by:
addLocalGroupin interfaceInternalRemoteDirectory- Parameters:
group- template of the group to add.- Returns:
- the added group retrieved from the underlying store.
- Throws:
InvalidGroupException- The supplied group is invalid.OperationFailedException- underlying directory implementation failed to execute the operation.
-
updateGroup
Description copied from interface:RemoteDirectoryUpdates thegroup.- Specified by:
updateGroupin interfaceRemoteDirectory- Parameters:
group- The group to update.- Returns:
- the updated group retrieved from the underlying store.
- Throws:
InvalidGroupException- the supplied group is invalid.GroupNotFoundException- the group does not exist in the directory store.
-
renameGroup
public Group renameGroup(String oldName, String newName) throws InvalidGroupException, GroupNotFoundException Description copied from interface:RemoteDirectoryRenames agroup.- Specified by:
renameGroupin interfaceRemoteDirectory- Parameters:
oldName- name of existing group.newName- desired name of group.- Returns:
- renamed group.
- Throws:
InvalidGroupException- if the new group name is invalid or already exists in the directory.GroupNotFoundException- if the group with the existing name does not exist.
-
storeGroupAttributes
public void storeGroupAttributes(String groupName, Map<String, Set<String>> attributes) throws GroupNotFoundExceptionDescription copied from interface:RemoteDirectoryAdds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed indirectoryId.The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing
Attributes with values of empty sets are not added (these attributes are effectively removed).
- Specified by:
storeGroupAttributesin interfaceRemoteDirectory- Parameters:
groupName- name of group to update.attributes- new or updated attributes (attributes that don't need changing should not appear in this Map).- Throws:
GroupNotFoundException- group with supplied groupName does not exist.
-
removeGroupAttributes
public void removeGroupAttributes(String groupName, String attributeName) throws GroupNotFoundException Description copied from interface:RemoteDirectoryRemoves all the values for a single attribute key for a group.- Specified by:
removeGroupAttributesin interfaceRemoteDirectory- Parameters:
groupName- name of the group to update.attributeName- name of attribute to remove.- Throws:
GroupNotFoundException- group with supplied groupName does not exist.
-
removeGroup
Description copied from interface:RemoteDirectoryRemoves thegroupthat matches the suppliedname.- Specified by:
removeGroupin interfaceRemoteDirectory- Parameters:
name- The name of the group.- Throws:
GroupNotFoundException- The group does not exist.
-
searchGroups
Description copied from interface:RemoteDirectorySearches forgroupsthat match the supplied query criteria.The groups will be returned in a stable order including across pagination boundaries (excluding modification).
- Specified by:
searchGroupsin interfaceRemoteDirectory- Parameters:
query- EntityQuery for Entity.GROUP.- Returns:
List<Group>orList<String>of groups/groupnames matching the search criteria. An emptyListwill be returned if no groups matching the criteria are found.
-
isUserDirectGroupMember
Description copied from interface:RemoteDirectoryDetermines if a user is a direct member of a group. The directory is NOT expected to resolve any transitive group relationships.- Specified by:
isUserDirectGroupMemberin interfaceRemoteDirectory- Parameters:
username- name of user.groupName- name of group.- Returns:
trueiff the user is a direct member of the group.
-
isGroupDirectGroupMember
Description copied from interface:RemoteDirectoryDetermines if a group is a direct member of another group. The directory is NOT expected to resolve any transitive group relationships.- Specified by:
isGroupDirectGroupMemberin interfaceRemoteDirectory- Parameters:
childGroup- name of child group.parentGroup- name of parent group.- Returns:
trueiff the childGroup is a direct member of the parentGroup.
-
addUserToGroups
public BatchResult<String> addUserToGroups(String username, Set<String> groupNames) throws UserNotFoundException Description copied from interface:InternalRemoteDirectoryAdds a user to many groups.This method assumes that user and groups already exist in the directory.
- Specified by:
addUserToGroupsin interfaceInternalRemoteDirectory- Parameters:
username- username of the user to whom we add groupsgroupNames- names of the groups- Returns:
- result of the bulk operation containing successful and failed entities
- Throws:
UserNotFoundException- when user with a givenusernamedoes not exist
-
addUserToGroup
public void addUserToGroup(String username, String groupName) throws UserNotFoundException, GroupNotFoundException, MembershipAlreadyExistsException Description copied from interface:RemoteDirectoryAdds a user as a member of a group. This means that all user members ofchildGroupwill appear as members ofparentGroupto querying applications.- Specified by:
addUserToGroupin interfaceRemoteDirectory- Parameters:
username- The user that will become a member ofgroupNamegroupName- The group that will gain a new member.- Throws:
UserNotFoundException- If the user cannot be found.GroupNotFoundException- If the group cannot be found.MembershipAlreadyExistsException- if the user is already a member of the group
-
addGroupToGroup
public void addGroupToGroup(String childGroup, String parentGroup) throws InvalidMembershipException, GroupNotFoundException, MembershipAlreadyExistsException Description copied from interface:RemoteDirectoryAdds a group as a member of a parent group.- Specified by:
addGroupToGroupin interfaceRemoteDirectory- Parameters:
childGroup- The group that will become a member ofparentGroupparentGroup- The group that will gain a new member- Throws:
InvalidMembershipException- if the childGroup and parentGroup exist but are of different GroupTypes.GroupNotFoundException- One or both of the groups cannot be found.MembershipAlreadyExistsException- if the child group is already a child of the parent group
-
addAllGroupsToGroup
public BatchResult<String> addAllGroupsToGroup(Collection<String> childGroupNames, String groupName) throws GroupNotFoundException Description copied from interface:InternalRemoteDirectoryAdds a collection of child groups to a group.Caller must ensure that the memberships don't already exist.
- Specified by:
addAllGroupsToGroupin interfaceInternalRemoteDirectory- Parameters:
childGroupNames- names of child groups to add to group.groupName- name of group to add child groups to.- Returns:
- result containing both successful and failed child groups
- Throws:
GroupNotFoundException- group with suppliedgroupNamecannot be found.
-
removeUserFromGroup
public void removeUserFromGroup(String username, String groupName) throws MembershipNotFoundException, GroupNotFoundException, UserNotFoundException Description copied from interface:RemoteDirectoryRemoves a user as a member of a group.- Specified by:
removeUserFromGroupin interfaceRemoteDirectory- Parameters:
username- The user that will be removed fromparentGroupgroupName- The group that will lose the member.- Throws:
MembershipNotFoundException- if the user is not a direct member of the group.GroupNotFoundException- If the group cannot be found.UserNotFoundException- If the user cannot be found.
-
removeUsersFromGroup
public BatchResult<String> removeUsersFromGroup(Set<String> usernames, String groupName) throws GroupNotFoundException Description copied from interface:InternalRemoteDirectoryRemoves a collection of users from a group.- Specified by:
removeUsersFromGroupin interfaceInternalRemoteDirectory- Parameters:
usernames- names of users to remove from group.groupName- name of group to remove users from.- Returns:
- result containing both successful and failed users
- Throws:
GroupNotFoundException- group with suppliedgroupNamedoes not exist
-
removeGroupFromGroup
public void removeGroupFromGroup(String childGroup, String parentGroup) throws InvalidMembershipException, MembershipNotFoundException, GroupNotFoundException Description copied from interface:RemoteDirectoryRemoves a group as a member of a parent group.- Specified by:
removeGroupFromGroupin interfaceRemoteDirectory- Parameters:
childGroup- The group that will be removed fromparentGroupparentGroup- The group that will lose the member.- Throws:
InvalidMembershipException- if the childGroup and parentGroup exist but are of different GroupTypes.MembershipNotFoundException- if the childGroup is not a direct member of the parentGroup.GroupNotFoundException- One or both of the groups cannot be found.
-
removeGroupsFromGroup
public BatchResult<String> removeGroupsFromGroup(Collection<String> childGroupNames, String groupName) throws GroupNotFoundException Description copied from interface:InternalRemoteDirectoryRemoves a collection of child groups from a group.- Specified by:
removeGroupsFromGroupin interfaceInternalRemoteDirectory- Parameters:
childGroupNames- names of child groups to remove from group.groupName- name of group to remove child groups from.- Returns:
- result containing both successful and failed child groups
- Throws:
GroupNotFoundException- group with suppliedgroupNamecannot be found.
-
countDirectMembersOfGroup
Description copied from interface:RemoteDirectoryCount the direct members of a group in the remote directory. You may hint at the number of memberships that you would like to see for the purposes of efficiency but the hint may be ignored.- Specified by:
countDirectMembersOfGroupin interfaceRemoteDirectory- Parameters:
groupName- the name of the group to search forquerySizeHint- hinting at the maximum number of memberships that should be counted. The directory that implements this may choose to count less or more. This is a user provided suggestion for potential efficiency.- Returns:
- A bounded count of the number of memberships in the given group for the provided directory. If the group is not found then there are exactly 0 members of that non-existent group.
-
searchGroupRelationships
Description copied from interface:RemoteDirectorySearches for membership information.- Specified by:
searchGroupRelationshipsin interfaceMultiValuesQueriesSupport- Specified by:
searchGroupRelationshipsin interfaceRemoteDirectory- Parameters:
query- query for memberships.- Returns:
- a List of Users or Groups or Strings depending on the query criteria. An empty List if there are no results. Results are ordered by entity name, case-insensitive.
-
searchGroupRelationshipsGroupedByName
Description copied from interface:MultiValuesQueriesSupportSearches forgroupsthat match the supplied query criteria. This method is similar toMultiValuesQueriesSupport.searchGroupRelationships(MembershipQuery), but it additionally groups results by elements ofMembershipQuery.getEntityNamesToMatch().- Specified by:
searchGroupRelationshipsGroupedByNamein interfaceMultiValuesQueriesSupport- Parameters:
query- EntityQuery for Entity.GROUP.- Returns:
Map<String, List<T>>of groups/groupnames matching the search criteria, grouped byMembershipQuery.getEntityNamesToMatch(). Results are ordered by entity name, case-insensitive. An emptywill be returned if no groups matching the criteria are found.Map
-
testConnection
Does nothing, connection is determined by the ability to communicate with the database. Crowd wouldn't have started if the database connection failed.- Specified by:
testConnectionin interfaceRemoteDirectory- Throws:
OperationFailedException- underlying directory implementation failed to execute the operation.
-
supportsInactiveAccounts
public boolean supportsInactiveAccounts()Internal directories always support inactive accounts.- Specified by:
supportsInactiveAccountsin interfaceRemoteDirectory- Returns:
true, always
-
supportsNestedGroups
public boolean supportsNestedGroups()Description copied from interface:RemoteDirectoryAllows us to only display nested-group related UI for directories that support it.- Specified by:
supportsNestedGroupsin interfaceRemoteDirectory- Returns:
truebecause Internal Directories support nested groups as of Crowd 2.0.
-
supportsPasswordExpiration
public boolean supportsPasswordExpiration()Internal Directories always support expiring passwords- Specified by:
supportsPasswordExpirationin interfaceRemoteDirectory- Returns:
true, always.
-
supportsSettingEncryptedCredential
public boolean supportsSettingEncryptedCredential()Internal directories always support setting passwords by hash.- Specified by:
supportsSettingEncryptedCredentialin interfaceRemoteDirectory- Returns:
true, always.
-
isRolesDisabled
public boolean isRolesDisabled()Description copied from interface:RemoteDirectoryExpose whether the directory has roles disabled. Always true.- Specified by:
isRolesDisabledin interfaceRemoteDirectory- Returns:
- true
-
getMemberships
Description copied from interface:RemoteDirectoryGet an iterable view of the available group memberships. This may be implemented as a single remote call or separate calls, depending on the directory.
If there is a failure in the underlying retrieval, the iterator may throw
Membership.MembershipIterationExceptionat runtime.If the directory does not have a bulk call interface then a typical implementation would be:
return new DirectoryMembershipsIterable(this);- Specified by:
getMembershipsin interfaceRemoteDirectory- Returns:
- an iterable view of the available group memberships
- Throws:
OperationFailedException- if the underlying directory implementation failed to execute the operation
-
getAuthoritativeDirectory
- Specified by:
getAuthoritativeDirectoryin interfaceRemoteDirectory- Returns:
- the directory that is the authoritative source of data for this directory, possibly itself.
-
expireAllPasswords
public void expireAllPasswords()Description copied from interface:RemoteDirectorySets theUserConstants.REQUIRES_PASSWORD_CHANGEattribute to true for all users in the directory using bulk operations- Specified by:
expireAllPasswordsin interfaceRemoteDirectory
-
getUserAvatarByName
public AvatarReference getUserAvatarByName(String username, int sizeHint) throws OperationFailedException Description copied from interface:RemoteDirectoryReturn an avatar, if available, for the named user.- Specified by:
getUserAvatarByNamein interfaceRemoteDirectorysizeHint- a hint in pixels for the context in which this will be used- Returns:
- an avatar, or
nullif none is available - Throws:
OperationFailedException
-