Package africa.absa.inception.security

Class UserDirectoryBase

java.lang.Object
africa.absa.inception.security.UserDirectoryBase
Direct Known Subclasses:
InternalUserDirectory, LDAPUserDirectory
public abstract class UserDirectoryBase extends Object
The UserDirectoryBase class provides the base class from which all user directory classes should be derived.
Author:
Marcus Portmann

  • Constructor Details

    • UserDirectoryBase

      public UserDirectoryBase(UUID userDirectoryId, List<UserDirectoryParameter> parameters, GroupRepository groupRepository, UserRepository userRepository, RoleRepository roleRepository)
      Constructs a new UserDirectoryBase.
      Parameters:
      userDirectoryId - the ID for the user directory
      parameters - the parameters for the user directory
      groupRepository - the Group Repository
      userRepository - the User Repository
      roleRepository - the Role Repository

  • Method Details

    • getGroupRepository

      public GroupRepository getGroupRepository()
      Returns the Group Repository.
      Returns:
      the Group Repository

    • getParameters

      public List<UserDirectoryParameter> getParameters()
      Returns the parameters for the user directory.
      Returns:
      the parameters for the user directory

    • getRoleRepository

      public RoleRepository getRoleRepository()
      Returns the Role Repository.
      Returns:
      the Role Repository

    • getUserDirectoryId

      public UUID getUserDirectoryId()
      Returns the ID for the user directory.
      Returns:
      the ID for the user directory

    • getUserRepository

      public UserRepository getUserRepository()
      Returns the User Repository.
      Returns:
      the User Repository

    • isNullOrEmpty

      protected boolean isNullOrEmpty(Object value)
      Checks whether the specified value is null or blank.
      Parameters:
      value - the value to check
      Returns:
      true if the value is null or blank

    • addMemberToGroup

      void addMemberToGroup(String groupName, GroupMemberType memberType, String memberName) throws GroupNotFoundException, UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Add the group member to the group.
      Parameters:
      groupName - the name of the group
      memberType - the group member type
      memberName - the group member name
      Throws:
      GroupNotFoundException - if the group could not be found
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group member could not be added to the group

    • addRoleToGroup

      void addRoleToGroup(String groupName, String roleCode) throws GroupNotFoundException, RoleNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Add the role to the group.
      Parameters:
      groupName - the name of the group
      roleCode - the code for the role
      Throws:
      GroupNotFoundException - if the group could not be found
      RoleNotFoundException - if the role could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the role could not be added to the group

    • addUserToGroup

      void addUserToGroup(String groupName, String username) throws GroupNotFoundException, UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Add the user to the group.
      Parameters:
      groupName - the name of the group
      username - the username for the user
      Throws:
      GroupNotFoundException - if the group could not be found
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be added to the group

    • adminChangePassword

      void adminChangePassword(String username, String newPassword, boolean expirePassword, boolean lockUser, boolean resetPasswordHistory, PasswordChangeReason reason) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Administratively change the password for the user.
      Parameters:
      username - the username for the user
      newPassword - the new password
      expirePassword - expire the user's password
      lockUser - lock the user
      resetPasswordHistory - reset the user's password history
      reason - the reason for changing the password
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the password could not be administratively changed

    • authenticate

      void authenticate(String username, String password) throws AuthenticationFailedException, UserLockedException, ExpiredPasswordException, UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Authenticate the user.
      Parameters:
      username - the username for the user
      password - the password being used to authenticate
      Throws:
      AuthenticationFailedException - if the authentication failed
      UserLockedException - if the user is locked
      ExpiredPasswordException - if the password for the user has expired
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be authenticated

    • changePassword

      void changePassword(String username, String password, String newPassword) throws AuthenticationFailedException, UserLockedException, ExistingPasswordException, africa.absa.inception.core.service.ServiceUnavailableException
      Change the password for the user.
      Parameters:
      username - the username for the user
      password - the password for the user that is used to authorise the operation
      newPassword - the new password
      Throws:
      AuthenticationFailedException - if the authentication failed
      UserLockedException - if the user is locked
      ExistingPasswordException - if the user has previously used the new password
      africa.absa.inception.core.service.ServiceUnavailableException - if the password could not be changed

    • createGroup

      void createGroup(Group group) throws DuplicateGroupException, africa.absa.inception.core.service.ServiceUnavailableException
      Create the new group.
      Parameters:
      group - the group
      Throws:
      DuplicateGroupException - if the group already exists
      africa.absa.inception.core.service.ServiceUnavailableException - if the group could not be created

    • createUser

      void createUser(User user, boolean expiredPassword, boolean userLocked) throws DuplicateUserException, africa.absa.inception.core.service.ServiceUnavailableException
      Create the new user.
      Parameters:
      user - the user
      expiredPassword - create the user with its password expired
      userLocked - create the user locked
      Throws:
      DuplicateUserException - if the user already exists
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be created

    • deleteGroup

      void deleteGroup(String groupName) throws GroupNotFoundException, ExistingGroupMembersException, africa.absa.inception.core.service.ServiceUnavailableException
      Delete the group.
      Parameters:
      groupName - the name of the group
      Throws:
      GroupNotFoundException - if the group could not be found
      ExistingGroupMembersException - if the group has existing members
      africa.absa.inception.core.service.ServiceUnavailableException - if the group could not be deleted

    • deleteUser

      void deleteUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Delete the user.
      Parameters:
      username - the username for the user
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be deleted

    • findUsers

      List<User> findUsers(List<UserAttribute> userAttributes) throws InvalidAttributeException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the users matching the user attribute criteria.
      Parameters:
      userAttributes - the user attribute criteria used to select the users
      Returns:
      the users whose attributes match the user attribute criteria
      Throws:
      InvalidAttributeException - if an attribute is invalid
      africa.absa.inception.core.service.ServiceUnavailableException - if the users matching the user attribute criteria could not be found

    • getCapabilities

      UserDirectoryCapabilities getCapabilities() throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the capabilities the user directory supports.
      Returns:
      the capabilities the user directory supports
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the user directory capabilities could not be retrieved

    • getFunctionCodesForUser

      List<String> getFunctionCodesForUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the function codes for the user.
      Parameters:
      username - the username for the user
      Returns:
      the function codes for the user
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the function codes could not be retrieved for the user

    • getGroup

      Group getGroup(String groupName) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the group.
      Parameters:
      groupName - the name of the group
      Returns:
      the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group could not be retrieved

    • getGroupNames

      List<String> getGroupNames() throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve all the group names.
      Returns:
      the group names
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the group names could not be retrieved

    • getGroupNamesForUser

      List<String> getGroupNamesForUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the names of the groups the user is a member of.
      Parameters:
      username - the username for the user
      Returns:
      the names of the groups the user is a member of
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the names of the groups the user is a member of could not be retrieved

    • getGroups

      List<Group> getGroups() throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve all the groups.
      Returns:
      the groups
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the groups could not be retrieved

    • getGroups

      Groups getGroups(String filter, africa.absa.inception.core.sorting.SortDirection sortDirection, Integer pageIndex, Integer pageSize) throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the groups.
      Parameters:
      filter - the optional filter to apply to the groups
      sortDirection - the optional sort direction to apply to the groups
      pageIndex - the optional page index
      pageSize - the optional page size
      Returns:
      the groups
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the groups could not be retrieved

    • getGroupsForUser

      List<Group> getGroupsForUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the groups the user is a member of.
      Parameters:
      username - the username for the user
      Returns:
      the groups the user is a member of
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the groups the user is a member of could not be retrieved

    • getMembersForGroup

      List<GroupMember> getMembersForGroup(String groupName) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the group members for the group.
      Parameters:
      groupName - the name of the group
      Returns:
      the group members for the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group members could not be retrieved for the group

    • getMembersForGroup

      GroupMembers getMembersForGroup(String groupName, String filter, africa.absa.inception.core.sorting.SortDirection sortDirection, Integer pageIndex, Integer pageSize) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the group members for the group.
      Parameters:
      groupName - the name of the group
      filter - the optional filter to apply to the group members
      sortDirection - the optional sort direction to apply to the group members
      pageIndex - the optional page index
      pageSize - the optional page size
      Returns:
      the group members for the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group members could not be retrieved for the group

    • getRoleCodesForGroup

      List<String> getRoleCodesForGroup(String groupName) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the codes for the roles that have been assigned to the group.
      Parameters:
      groupName - the name of the group
      Returns:
      the codes for the roles that have been assigned to the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the codes for the roles assigned to the group could not be retrieved

    • getRoleCodesForUser

      List<String> getRoleCodesForUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the codes for the roles that the user has been assigned.
      Parameters:
      username - the username for the user
      Returns:
      the codes for the roles that the user has been assigned
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the codes for the roles assigned to the user could not be retrieved

    • getRolesForGroup

      List<GroupRole> getRolesForGroup(String groupName) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the roles that have been assigned to the group.
      Parameters:
      groupName - the name of the group
      Returns:
      the roles that have been assigned to the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the codes for the roles assigned to the group could not be retrieved

    • getUser

      User getUser(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the user.
      Parameters:
      username - the username for the user
      Returns:
      the user
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be retrieved

    • getUserName

      String getUserName(String username) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the name of the user.
      Parameters:
      username - the username for the user
      Returns:
      the name of the user
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the name of the user could not be retrieved

    • getUsers

      List<User> getUsers() throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve all the users.
      Returns:
      the users
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the users could not be retrieved

    • getUsers

      Users getUsers(String filter, UserSortBy sortBy, africa.absa.inception.core.sorting.SortDirection sortDirection, Integer pageIndex, Integer pageSize) throws africa.absa.inception.core.service.ServiceUnavailableException
      Retrieve the users.
      Parameters:
      filter - the optional filter to apply to the users
      sortBy - the optional method used to sort the users e.g. by name
      sortDirection - the optional sort direction to apply to the users
      pageIndex - the optional page index
      pageSize - the optional page size
      Returns:
      the users
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the users could not be retrieved

    • isExistingUser

      boolean isExistingUser(String username) throws africa.absa.inception.core.service.ServiceUnavailableException
      Does the user with the specified username exist?
      Parameters:
      username - the username for the user
      Returns:
      true if a user with specified username exists or false otherwise
      Throws:
      africa.absa.inception.core.service.ServiceUnavailableException - if the check for the existing user failed

    • isUserInGroup

      boolean isUserInGroup(String groupName, String username) throws UserNotFoundException, GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Is the user in the group?
      Parameters:
      groupName - the name of the group
      username - the username for the user
      Returns:
      true if the user is a member of the group or false otherwise
      Throws:
      UserNotFoundException - if the user could not be found
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the check to confirm if the user is a member of the group failed

    • removeMemberFromGroup

      void removeMemberFromGroup(String groupName, GroupMemberType memberType, String memberName) throws GroupNotFoundException, GroupMemberNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Remove the group member from the group.
      Parameters:
      groupName - the name of the group
      memberType - the group member type
      memberName - the group member name
      Throws:
      GroupNotFoundException - if the group could not be found
      GroupMemberNotFoundException - if the group member could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group member could not be removed from the group

    • removeRoleFromGroup

      void removeRoleFromGroup(String groupName, String roleCode) throws GroupNotFoundException, GroupRoleNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Remove the role from the group.
      Parameters:
      groupName - the name of the group
      roleCode - the code for the role
      Throws:
      GroupNotFoundException - if the group could not be found
      GroupRoleNotFoundException - if the group role could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the role could not be removed from the group

    • removeUserFromGroup

      void removeUserFromGroup(String groupName, String username) throws GroupNotFoundException, UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Remove the user from the group.
      Parameters:
      groupName - the name of the group
      username - the username for the user
      Throws:
      GroupNotFoundException - if the group could not be found
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be removed from the group

    • resetPassword

      void resetPassword(String username, String newPassword) throws UserNotFoundException, UserLockedException, ExistingPasswordException, africa.absa.inception.core.service.ServiceUnavailableException
      Reset the password for the user.
      Parameters:
      username - the username for the user
      newPassword - the new password
      Throws:
      UserNotFoundException - if the user could not be found
      UserLockedException - if the user is locked
      ExistingPasswordException - if the user has previously used the new password
      africa.absa.inception.core.service.ServiceUnavailableException - if the password for the user could not be reset

    • updateGroup

      void updateGroup(Group group) throws GroupNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Update the group.
      Parameters:
      group - the group
      Throws:
      GroupNotFoundException - if the group could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the group could not be updated

    • updateUser

      void updateUser(User user, boolean expirePassword, boolean lockUser) throws UserNotFoundException, africa.absa.inception.core.service.ServiceUnavailableException
      Update the user.
      Parameters:
      user - the user
      expirePassword - expire the user's password as part of the update
      lockUser - lock the user as part of the update
      Throws:
      UserNotFoundException - if the user could not be found
      africa.absa.inception.core.service.ServiceUnavailableException - if the user could not be updated