public class PasswordPolicyManagerImpl extends Object implements PasswordPolicyManager
| Constructor and Description |
|---|
PasswordPolicyManagerImpl(com.atlassian.plugin.PluginAccessor pluginAccessor,
com.atlassian.plugin.event.PluginEventManager pluginEventManager) |
| Modifier and Type | Method and Description |
|---|---|
Collection<WebErrorMessage> |
checkPolicy(ApplicationUser user,
String oldPassword,
String newPassword)
Checks the password policies against a proposed password change for an existing user.
|
Collection<WebErrorMessage> |
checkPolicy(String username,
String displayName,
String emailAddress,
String newPassword)
Checks the password policies for a proposed new user.
|
List<String> |
getPolicyDescription(boolean hasOldPassword)
Returns a list of rules that passwords must follow to satisfy all password policies.
|
public PasswordPolicyManagerImpl(com.atlassian.plugin.PluginAccessor pluginAccessor,
com.atlassian.plugin.event.PluginEventManager pluginEventManager)
@Nonnull public Collection<WebErrorMessage> checkPolicy(@Nonnull String username, @Nullable String displayName, @Nullable String emailAddress, @Nonnull String newPassword)
PasswordPolicyManagercheckPolicy in interface PasswordPolicyManagerusername - the username that the new user would have; must not be nulldisplayName - the display name that the new user would have; may be nullemailAddress - the email address that the new user would have; may be nullnewPassword - the proposed new password; must not be nullWebErrorMessage; never null@Nonnull public List<String> getPolicyDescription(boolean hasOldPassword)
PasswordPolicyManagergetPolicyDescription in interface PasswordPolicyManagerhasOldPassword - whether or not the request concerns the rules when the old password
is provided. This is true for the case where an existing user is changing
his/her own password, but not when an administrator is changing another user's
password or a new account is getting created. The rule list should probably be
different for these cases. For example, it does not make sense to tell an
administrator that the new password can not be similar to the old password when
the administrator does not even know what the old password was. Nor does it make
sense to say this to a new user, for whom the whole idea is completely irrelevant.public Collection<WebErrorMessage> checkPolicy(@Nonnull ApplicationUser user, @Nullable String oldPassword, @Nonnull String newPassword)
PasswordPolicyManagercheckPolicy in interface PasswordPolicyManageruser - the user whose password would be changed; must not be nulloldPassword - the user's current password, if known; may be null, in which case any checks
that would be made against it will be skippednewPassword - the proposed new passwordWebErrorMessage; never nullCopyright © 2002-2017 Atlassian. All Rights Reserved.