com.atlassian.sal.api.user

Interface UserManager

public interface UserManager

Interface providing user based operations across various apps.

Since:

2.0

Method Summary

Modifier and Type	Method and Description
boolean	authenticate(String username, String password) Given a username and password, this method checks whether or not the provided user can be authenticated
Iterable<String>	findGroupNamesByPrefix(String prefix, int startIndex, int maxResults) Returns a list of group names.
UserProfile	getRemoteUser() Returns the profile of the currently logged in user or null if no user can be found.
UserProfile	getRemoteUser(javax.servlet.http.HttpServletRequest request) Returns the UserProfile of the currently logged in user or null if no user can be found.
UserKey	getRemoteUserKey() Returns the key of the currently logged in user or null if no user can be found.
UserKey	getRemoteUserKey(javax.servlet.http.HttpServletRequest request) Returns the UserKey of the currently logged in user or null if no user can be found.
String	getRemoteUsername() Deprecated. since 2.10, use getRemoteUser() or getRemoteUserKey() instead
String	getRemoteUsername(javax.servlet.http.HttpServletRequest request) Deprecated. since 2.10, use getRemoteUser(javax.servlet.http.HttpServletRequest) instead.
UserProfile	getUserProfile(String username) Returns a UserProfile object for the specified user or null if no user can be found
UserProfile	getUserProfile(UserKey userKey) Returns a UserProfile object for the specified user or null if no user can be found
boolean	isAdmin(String username) Deprecated. since 2.10, use isAdmin(UserKey) instead
boolean	isAdmin(UserKey userKey) Returns true or false depending on whether a user has been granted the administrator permission.
boolean	isSystemAdmin(String username) Deprecated. since 2.10, use isSystemAdmin(UserKey) instead
boolean	isSystemAdmin(UserKey userKey) Returns true or false depending on whether a user has been granted the system administrator permission.
boolean	isUserInGroup(String username, String group) Deprecated. since 2.10, use isUserInGroup(UserKey, String) instead
boolean	isUserInGroup(UserKey userKey, String group) Returns whether the given user is in the given group
Principal	resolve(String username) Returns the user that made this request or null if this application does not have such a user.

Method Detail

getRemoteUsername

@Deprecated
 @Nullable
String getRemoteUsername()

Deprecated. since 2.10, use getRemoteUser() or getRemoteUserKey() instead

Returns the username of the currently logged in user or null if no user can be found. If possible, please use getRemoteUsername(HttpServletRequest).

Returns:

The user name of the logged in user or null

getRemoteUser

@Nullable
UserProfile getRemoteUser()

Returns the profile of the currently logged in user or null if no user can be found.

Getting the full UserProfile may have performance implications in some applications. Consider using getRemoteUserKey() if you don't need the full object.

Returns:

the UserProfile of the logged in user or null

Since:

2.10

See Also:

getRemoteUserKey()

getRemoteUserKey

@Nullable
UserKey getRemoteUserKey()

Returns the key of the currently logged in user or null if no user can be found.

Returns:

the UserKey of the logged in user or null

Since:

2.10

See Also:

getRemoteUser()

getRemoteUsername

@Deprecated
 @Nullable
String getRemoteUsername(javax.servlet.http.HttpServletRequest request)

Deprecated. since 2.10, use getRemoteUser(javax.servlet.http.HttpServletRequest) instead.

Returns the username of the currently logged in user or null if no user can be found.

* Note: Implementing applications might not actually be using the HttpServletRequest, but actually using an internal ThreadLocal authentication context.

Parameters:

request - The request to retrieve the username from

Returns:

The user name of the logged in user or null

getRemoteUser

@Nullable
UserProfile getRemoteUser(javax.servlet.http.HttpServletRequest request)

Returns the UserProfile of the currently logged in user or null if no user can be found.

Getting the full UserProfile may have performance implications in some applications. Consider using getRemoteUserKey() if you don't need the full object.

* Note: Implementing applications might not actually be using the HttpServletRequest, but actually using an internal ThreadLocal authentication context.

Parameters:

request - The request to retrieve the username from

Returns:

The currently logged in user or null

Since:

2.10

See Also:

getRemoteUser(), getRemoteUserKey(javax.servlet.http.HttpServletRequest)

getRemoteUserKey

@Nullable
UserKey getRemoteUserKey(javax.servlet.http.HttpServletRequest request)

Returns the UserKey of the currently logged in user or null if no user can be found.

Note: Implementing applications might not actually be using the HttpServletRequest, but actually using an internal ThreadLocal authentication context.

Parameters:

request - The request to retrieve the username from

Returns:

The key of the currently logged in user or null

Since:

2.10

See Also:

getRemoteUserKey(), getRemoteUser(javax.servlet.http.HttpServletRequest)

getUserProfile

@Nullable
UserProfile getUserProfile(@Nullable
                                     String username)

Returns a UserProfile object for the specified user or null if no user can be found

Parameters:

username - The username of the user whose profile is requested

Returns:

The user's profile or null

Since:

2.2.0

getUserProfile

@Nullable
UserProfile getUserProfile(@Nullable
                                     UserKey userKey)

Returns a UserProfile object for the specified user or null if no user can be found

Parameters:

userKey - The userKey of the user whose profile is requested

Returns:

The user's profile or null

Since:

2.10

isUserInGroup

@Deprecated
boolean isUserInGroup(@Nullable
                                  String username,
                                  @Nullable
                                  String group)

Deprecated. since 2.10, use isUserInGroup(UserKey, String) instead

Returns whether the user is in the specify group

Parameters:

username - The username to check

group - The group to check

Returns:

true if the user is in the specified group

isUserInGroup

boolean isUserInGroup(@Nullable
                      UserKey userKey,
                      @Nullable
                      String group)

Returns whether the given user is in the given group

Parameters:

userKey - The user

group - The group

Returns:

true if the user is in the specified group

Since:

2.10

isSystemAdmin

@Deprecated
boolean isSystemAdmin(@Nullable
                                  String username)

Deprecated. since 2.10, use isSystemAdmin(UserKey) instead

Returns true or false depending on whether a user has been granted the system administrator permission. A system administrator has full administrative permissions in the application, including permission to perform operations that may affect the underlying operating system, such as specifying filesystem paths, installing plugins, configuring mail servers and logging, performing backups and restores, etc. Only check for system administrator when performing this type of operation. Operations that do not affect the underlying system should use isAdmin(String) instead.

Parameters:

username - The username of the user to check

Returns:

true or false depending on whether a user has been granted the system admin permission.

See Also:

About 'JIRA System Administrators' and 'JIRA Administrators', Comparing the System Administrator with the Confluence Administrator Permission

isSystemAdmin

boolean isSystemAdmin(@Nullable
                      UserKey userKey)

Returns true or false depending on whether a user has been granted the system administrator permission. A system administrator has full administrative permissions in the application, including permission to perform operations that may affect the underlying operating system, such as specifying filesystem paths, installing plugins, configuring mail servers and logging, performing backups and restores, etc. Only check for system administrator when performing this type of operation. Operations that do not affect the underlying system should use isAdmin(String) instead.

Parameters:

userKey - The key of the user to check

Returns:

true or false depending on whether a user has been granted the system admin permission.

Since:

2.10

See Also:

About 'JIRA System Administrators' and 'JIRA Administrators', Comparing the System Administrator with the Confluence Administrator Permission

isAdmin

@Deprecated
boolean isAdmin(@Nullable
                            String username)

Deprecated. since 2.10, use isAdmin(UserKey) instead

Returns true or false depending on whether a user has been granted the administrator permission. An administrator may have restricted administrative permissions that only apply to application-level configuration that cannot affect the underlying operating system. Only check for administrator permission when performing this type of operation. Operations that can affect security, the filesystem, or allow arbitrary code execution must check isSystemAdmin(String) instead.

Note that system administrator permission implies administrator permission. That is, any username for which userManager.isSystemAdmin(username) returns true will also return true for userManager.isAdmin(username).

Parameters:

username - The username of the user to check

Returns:

true or false depending on whether the user has been granted the admin permission

See Also:

About 'JIRA System Administrators' and 'JIRA Administrators', Comparing the System Administrator with the Confluence Administrator Permission

isAdmin

boolean isAdmin(@Nullable
                UserKey userKey)

Returns true or false depending on whether a user has been granted the administrator permission. An administrator may have restricted administrative permissions that only apply to application-level configuration that cannot affect the underlying operating system. Only check for administrator permission when performing this type of operation. Operations that can affect security, the filesystem, or allow arbitrary code execution must check isSystemAdmin(String) instead.

Note that system administrator permission implies administrator permission. That is, any username for which userManager.isSystemAdmin(username) returns true will also return true for userManager.isAdmin(username).

Parameters:

userKey - The user of the user to check

Returns:

true or false depending on whether the user has been granted the admin permission

Since:

2.10

See Also:

About 'JIRA System Administrators' and 'JIRA Administrators', Comparing the System Administrator with the Confluence Administrator Permission

authenticate

boolean authenticate(String username,
                     String password)

Given a username and password, this method checks whether or not the provided user can be authenticated

Parameters:

username - Username of the user

password - Password of the user

Returns:

true if the user can be authenticated, false otherwise

resolve

@Nullable
Principal resolve(String username)
                     throws UserResolutionException

Returns the user that made this request or null if this application does not have such a user.

Parameters:

username - Username of the user a consumer is making a request on behalf of

Returns:

Principal corresponding to the username, null if the user does not exist

Throws:

UserResolutionException - thrown if there is a problem resolving the user, such as a failure when accessing an external user store

findGroupNamesByPrefix

Iterable<String> findGroupNamesByPrefix(String prefix,
                                        int startIndex,
                                        int maxResults)

Returns a list of group names.

Parameters:

prefix - only return groups with names matching this prefix

startIndex - don't return the first startIndex results

maxResults - return at most this many results

Returns:

an Iterable of names of groups