public final class DirectoryHandler extends Object
The current directory of a repository is returned by the static
method getInstance(Repository)
.
Note: Normal use of EBX® APIs does not require accessing this class, since authentication and permissions management are transparent from the developer point of view (they are "container-managed"). However, this class may be useful when data governance has specific functional dependencies on the directory (for example, a service needs acces to all defined users, or if it must display a specific profile).
Modifier and Type | Method and Description |
---|---|
UserReference |
authenticateUserFromArray(Object[] args) |
UserReference |
authenticateUserFromHttpRequest(HttpServletRequest request) |
UserReference |
authenticateUserFromLoginPassword(String aLogin,
String aPassword) |
UserReference |
authenticateUserFromSOAPHeader(Element header) |
String |
displayBuiltInRole(Role aBuiltInRole,
Locale aLocale) |
String |
displayProfile(Profile aProfile,
Locale aLocale)
Returns a label for the profile specified.
|
String |
displaySpecificRole(Role aSpecificRole,
Locale aLocale) |
String |
displayUser(UserReference aUserReference,
Locale aLocale) |
String |
displayUserWithSalutation(UserReference aUserReference,
Locale aLocale) |
List<UserReference> |
getBackedUpUsers(UserReference aUserReference)
If the
Directory implementation returns null ,
this method returns an empty List. |
List<UserReference> |
getBackingUpUsers(UserReference aUserReference)
If the
Directory implementation returns null ,
this method returns an empty List. |
Directory |
getDirectoryImplementation()
Returns the underlying implementation of the directory.
|
static DirectoryHandler |
getInstance(Repository aRepository)
Returns the directory instance that is associated with the specified repository.
|
List<Profile> |
getProfiles(ProfileListContext aProfileContext) |
String |
getRoleEmail(Role aRole)
If not null, the email address is considered as the mailing list of all the users in this role.
|
URI |
getUserAuthenticationURI(Session aSession) |
String |
getUserEmail(UserReference aUserReference) |
List<UserReference> |
getUsersInRole(Role aRole) |
boolean |
isBuiltInAdministratorDisabled()
Returns
true if the built-in administrator role
has been disabled. |
boolean |
isProfileDefined(Profile aProfile)
Returns
true if the specified profile is defined in the
directory. |
boolean |
isProfileIncluded(Profile aProfile,
Profile anotherProfile)
Returns
true when aProfile is equal to
or included in anotherProfile . |
boolean |
isRoleStrictlyIncluded(Role aRole,
Role anotherRole)
Returns
true if aRole is included
in anotherRole . |
boolean |
isSpecificRoleDefined(Role aSpecificRole) |
boolean |
isUserDefined(UserReference aUserReference) |
boolean |
isUserInRole(UserReference aUser,
Role aRole)
Returns
true if the user has the specified role. |
public static DirectoryHandler getInstance(Repository aRepository)
Warning: a normal use of EBX® APIs does not require to access this class, since authentication and permissions management are transparent from the developer point of view (they are "container-managed"). However, this class may be useful when Master Data Management has specific functional dependencies on the directory (for example, a service needs all of the defined users, or it has to display a specific profile).
getDirectoryImplementation()
public UserReference authenticateUserFromLoginPassword(String aLogin, String aPassword) throws AuthenticationException
public UserReference authenticateUserFromHttpRequest(HttpServletRequest request) throws AuthenticationException
public UserReference authenticateUserFromSOAPHeader(Element header) throws AuthenticationException
AuthenticationException
Directory.authenticateUserFromSOAPHeader(Element)
public UserReference authenticateUserFromArray(Object[] args)
public boolean isProfileDefined(Profile aProfile)
true
if the specified profile is defined in the
directory.
The implementation of this method does the following:
isUserDefined(UserReference)
;true
;isSpecificRoleDefined(Role)
.public boolean isUserDefined(UserReference aUserReference)
Directory.isUserDefined(UserReference)
public boolean isSpecificRoleDefined(Role aSpecificRole)
Directory.isSpecificRoleDefined(Role)
public boolean isProfileIncluded(Profile aProfile, Profile anotherProfile)
true
when aProfile
is equal to
or included in anotherProfile
.
The implementation of this method returns true
:
aProfile
references a user U
, and:
anotherProfile
references the same user,
anotherProfile
is a role and user U
has this role
(this calls method isUserInRole(UserReference, Role)
).
aProfile
references a role R
, and:
anotherProfile
references the same role,
anotherProfile
is a role and role R
is, included
in anotherProfile
(this calls method isRoleStrictlyIncluded(Role, Role)
).
If the specified profile has been authenticated and the corresponding
Session object is available, it is recommended to invoke
Session.isUserInRole(Profile)
instead of this method, for performance purposes.
Session.isUserInRole(Profile)
public boolean isRoleStrictlyIncluded(Role aRole, Role anotherRole)
true
if aRole
is included
in anotherRole
.
This method invokes Directory.isRoleStrictlyIncluded(Role, Role)
, unless:
aRole
is Profile.ADMINISTRATOR
and that role is disabled, in which case returns false
,
aRole
is Profile.EVERYONE
and that role is a specific one, in which case returns true
.
isBuiltInAdministratorDisabled()
public boolean isUserInRole(UserReference aUser, Role aRole)
true
if the user has the specified role.
This method invokes Directory.isUserInRole(UserReference, Role)
, unless
the specified role is built-in administrator role
and that role is disabled, in which case returns false
.
If the specified user has been authenticated and the corresponding
Session object is available, it is recommended to invoke
Session.isUserInRole(Profile)
instead of this method, for performance purposes.
public final boolean isBuiltInAdministratorDisabled()
true
if the built-in administrator role
has been disabled.public List<Profile> getProfiles(ProfileListContext aProfileContext)
RuntimeException
- If the list returned by the directory implementation has incorrect elements.Directory.getProfiles(ProfileListContext)
public List<UserReference> getUsersInRole(Role aRole)
RuntimeException
- If the list returned by the directory implementation has incorrect elements.Directory.getUsersInRole(Role)
public String getUserEmail(UserReference aUserReference)
Directory.getUserEmail(UserReference)
public String getRoleEmail(Role aRole)
Directory.getRoleEmail(Role)
public String displayProfile(Profile aProfile, Locale aLocale)
The implementation of this method does the following:
displayUser(UserReference, Locale)
;displayBuiltInRole(Role, Locale)
;displaySpecificRole(Role, Locale)
.public String displayUser(UserReference aUserReference, Locale aLocale)
public String displayUserWithSalutation(UserReference aUserReference, Locale aLocale)
IllegalArgumentException
- if user is not actually defined.Directory.displayUserWithSalutation(UserReference, Locale)
public List<UserReference> getBackedUpUsers(UserReference aUserReference)
Directory
implementation returns null
,
this method returns an empty List.RuntimeException
- If the list returned by the directory implementation has incorrect elements.
It also checks that a user cannot be backed up by himself.Directory.getBackedUpUsers(UserReference)
public List<UserReference> getBackingUpUsers(UserReference aUserReference)
Directory
implementation returns null
,
this method returns an empty List.RuntimeException
- If the list returned by the directory implementation has incorrect elements.Directory.getBackingUpUsers(UserReference)
public Directory getDirectoryImplementation()
public URI getUserAuthenticationURI(Session aSession)
Directory.getUserAuthenticationURI(Session)