Package alpine.persistence

Class AlpineQueryManager

    • Constructor Detail

      • AlpineQueryManager

        public AlpineQueryManager()
        Default constructor.

      • AlpineQueryManager

        public AlpineQueryManager​(javax.jdo.PersistenceManager pm)
        Constructs a new AlpineQueryManager.
        Parameters:
        pm - a PersistenceManager

      • AlpineQueryManager

        public AlpineQueryManager​(AlpineRequest request)
        Constructs a new AlpineQueryManager.
        Parameters:
        request - an AlpineRequest

    • Method Detail

      • getApiKey

        public ApiKey getApiKey​(String key)
        Returns an API key.
        Parameters:
        key - the key to return
        Returns:
        an ApiKey
        Since:
        1.0.0

      • regenerateApiKey

        public ApiKey regenerateApiKey​(ApiKey apiKey)
        Regenerates an API key. This method does not create a new ApiKey object, rather it uses the existing ApiKey object and simply creates a new key string.
        Parameters:
        apiKey - the ApiKey object to regenerate the key of.
        Returns:
        an ApiKey
        Since:
        1.0.0

      • createApiKey

        public ApiKey createApiKey​(Team team)
        Creates a new ApiKey object, including a cryptographically secure API key string.
        Parameters:
        team - The team to create the key for
        Returns:
        an ApiKey

      • createOidcUser

        public OidcUser createOidcUser​(String username)
        Creates a new OidcUser object with the specified username.
        Parameters:
        username - The username of the new OidcUser. This must reference an existing username in the OpenID Connect identity provider.
        Returns:
        an LdapUser
        Since:
        1.8.0

      • updateOidcUser

        public OidcUser updateOidcUser​(OidcUser transientUser)
        Updates the specified OidcUser.
        Parameters:
        transientUser - the optionally detached OidcUser object to update.
        Returns:
        an OidcUser
        Since:
        1.8.0

      • getOidcUser

        public OidcUser getOidcUser​(String username)
        Retrieves an OidcUser containing the specified username. If the username does not exist, returns null.
        Parameters:
        username - The username to retrieve
        Returns:
        an OidcUser
        Since:
        1.8.0

      • getOidcUsers

        public List<OidcUser> getOidcUsers()
        Returns a complete list of all OidcUser objects, in ascending order by username.
        Returns:
        a list of OidcUser
        Since:
        1.8.0

      • createOidcGroup

        public OidcGroup createOidcGroup​(String name)
        Creates a OidcGroup.
        Parameters:
        name - Name of the group to create
        Returns:
        a OidcGroup
        Since:
        1.8.0

      • updateOidcGroup

        public OidcGroup updateOidcGroup​(OidcGroup oidcGroup)
        Updates a OidcGroup.
        Parameters:
        oidcGroup - The group to update
        Returns:
        a refreshed OidcGroup
        Since:
        1.8.0

      • getOidcGroups

        public List<OidcGroup> getOidcGroups()
        Returns a complete list of all OidcGroup objects, in ascending order by name.
        Returns:
        a list of OidcGroup
        Since:
        1.8.0

      • getOidcGroup

        public OidcGroup getOidcGroup​(String name)
        Returns an OidcGroup containing the specified name. If the name does not exist, returns null.
        Parameters:
        name - Name of the group to retrieve
        Returns:
        an OidcGroup
        Since:
        1.8.0

      • synchronizeTeamMembership

        public OidcUser synchronizeTeamMembership​(OidcUser user,
                                          List<String> groupNames)
        This method dynamically assigns team membership to the specified user from the list of OpenID Connect groups the user is a member of. The method will look up any MappedOidcGroups and ensure the user is only a member of the teams that have a mapping to an OpenID Connect group for which the user is a member.
        Parameters:
        user - the OpenID Connect user to sync team membership for
        groupNames - a list of OpenID Connect groups the user is a member of
        Returns:
        a refreshed OidcUser object
        Since:
        1.8.0

      • getLdapUser

        public LdapUser getLdapUser​(String username)
        Retrieves an LdapUser containing the specified username. If the username does not exist, returns null.
        Parameters:
        username - The username to retrieve
        Returns:
        an LdapUser
        Since:
        1.0.0

      • getLdapUsers

        public List<LdapUser> getLdapUsers()
        Returns a complete list of all LdapUser objects, in ascending order by username.
        Returns:
        a list of LdapUsers
        Since:
        1.0.0

      • createLdapUser

        public LdapUser createLdapUser​(String username)
        Creates a new LdapUser object with the specified username.
        Parameters:
        username - The username of the new LdapUser. This must reference an existing username in the directory service
        Returns:
        an LdapUser
        Since:
        1.0.0

      • updateLdapUser

        public LdapUser updateLdapUser​(LdapUser transientUser)
        Updates the specified LdapUser.
        Parameters:
        transientUser - the optionally detached LdapUser object to update.
        Returns:
        an LdapUser
        Since:
        1.0.0

      • synchronizeTeamMembership

        public LdapUser synchronizeTeamMembership​(LdapUser user,
                                          List<String> groupDNs)
        This method dynamically assigns team membership to the specified user from the list of LDAP group DN's the user is a member of. The method will look up any MappedLdapGroups and ensure the user is only a member of the teams that have a mapping to an LDAP group for which the user is a member.
        Parameters:
        user - the LDAP user to sync team membership for
        groupDNs - a list of LDAP group DNs the user is a member of
        Returns:
        a refreshed LdapUser object
        Since:
        1.4.0

      • createManagedUser

        public ManagedUser createManagedUser​(String username,
                                     String passwordHash)
        Creates a new ManagedUser object.
        Parameters:
        username - The username for the user
        passwordHash - The hashed password.
        Returns:
        a ManagedUser
        Since:
        1.0.0
        See Also:
        PasswordService

      • createManagedUser

        public ManagedUser createManagedUser​(String username,
                                     String fullname,
                                     String email,
                                     String passwordHash,
                                     boolean forcePasswordChange,
                                     boolean nonExpiryPassword,
                                     boolean suspended)
        Creates a new ManagedUser object.
        Parameters:
        username - The username for the user
        fullname - The fullname of the user
        email - The users email address
        passwordHash - The hashed password
        forcePasswordChange - Whether or not user needs to change password on next login or not
        nonExpiryPassword - Whether or not the users password ever expires or not
        suspended - Whether or not user being created is suspended or not
        Returns:
        a ManagedUser
        Since:
        1.1.0
        See Also:
        PasswordService

      • updateManagedUser

        public ManagedUser updateManagedUser​(ManagedUser transientUser)
        Updates the specified ManagedUser.
        Parameters:
        transientUser - the optionally detached ManagedUser object to update.
        Returns:
        an ManagedUser
        Since:
        1.0.0

      • getManagedUser

        public ManagedUser getManagedUser​(String username)
        Returns a ManagedUser with the specified username. If the username does not exist, returns null.
        Parameters:
        username - The username to retrieve
        Returns:
        a ManagedUser
        Since:
        1.0.0

      • getManagedUsers

        public List<ManagedUser> getManagedUsers()
        Returns a complete list of all ManagedUser objects, in ascending order by username.
        Returns:
        a List of ManagedUsers
        Since:
        1.0.0

      • getUserPrincipal

        public UserPrincipal getUserPrincipal​(String username)
        Resolves a UserPrincipal. Default order resolution is to first match on ManagedUser then on LdapUser and finally on OidcUser. This may be configurable in a future release.
        Parameters:
        username - the username of the principal to retrieve
        Returns:
        a UserPrincipal if found, null if not found
        Since:
        1.0.0

      • createTeam

        public Team createTeam​(String name,
                       boolean createApiKey)
        Creates a new Team with the specified name. If createApiKey is true, then createApiKey(alpine.model.Team) is invoked and a cryptographically secure API key is generated.
        Parameters:
        name - The name of th team
        createApiKey - whether or not to create an API key for the team
        Returns:
        a Team
        Since:
        1.0.0

      • getTeams

        public List<Team> getTeams()
        Returns a complete list of all Team objects, in ascending order by name.
        Returns:
        a List of Teams
        Since:
        1.0.0

      • updateTeam

        public Team updateTeam​(Team transientTeam)
        Updates the specified Team.
        Parameters:
        transientTeam - the optionally detached Team object to update
        Returns:
        a Team
        Since:
        1.0.0

      • addUserToTeam

        public boolean addUserToTeam​(UserPrincipal user,
                             Team team)
        Associates a UserPrincipal to a Team.
        Parameters:
        user - The user to bind
        team - The team to bind
        Returns:
        true if operation was successful, false if not. This is not an indication of team association, an unsuccessful return value may be due to the team or user not existing, or a binding that already exists between the two.
        Since:
        1.0.0

      • removeUserFromTeam

        public boolean removeUserFromTeam​(UserPrincipal user,
                                  Team team)
        Removes the association of a UserPrincipal to a Team.
        Parameters:
        user - The user to unbind
        team - The team to unbind
        Returns:
        true if operation was successful, false if not. This is not an indication of team disassociation, an unsuccessful return value may be due to the team or user not existing, or a binding that may not exist.
        Since:
        1.0.0

      • createPermission

        public Permission createPermission​(String name,
                                   String description)
        Creates a Permission object.
        Parameters:
        name - The name of the permission
        description - the permissions description
        Returns:
        a Permission
        Since:
        1.1.0

      • getPermission

        public Permission getPermission​(String name)
        Retrieves a Permission by its name.
        Parameters:
        name - The name of the permission
        Returns:
        a Permission
        Since:
        1.1.0

      • getPermissions

        public List<Permission> getPermissions()
        Returns a list of all Permissions defined in the system.
        Returns:
        a List of Permission objects
        Since:
        1.1.0

      • getEffectivePermissions

        public List<Permission> getEffectivePermissions​(UserPrincipal user)
        Determines the effective permissions for the specified user by collecting a List of all permissions assigned to the user either directly, or through team membership.
        Parameters:
        user - the user to retrieve permissions for
        Returns:
        a List of Permission objects
        Since:
        1.1.0

      • hasPermission

        public boolean hasPermission​(UserPrincipal user,
                             String permissionName)
        Determines if the specified UserPrincipal has been assigned the specified permission.
        Parameters:
        user - the UserPrincipal to query
        permissionName - the name of the permission
        Returns:
        true if the user has the permission assigned, false if not
        Since:
        1.0.0

      • hasPermission

        public boolean hasPermission​(UserPrincipal user,
                             String permissionName,
                             boolean includeTeams)
        Determines if the specified UserPrincipal has been assigned the specified permission.
        Parameters:
        user - the UserPrincipal to query
        permissionName - the name of the permission
        includeTeams - if true, will query all Team membership assigned to the user for the specified permission
        Returns:
        true if the user has the permission assigned, false if not
        Since:
        1.0.0

      • hasPermission

        public boolean hasPermission​(Team team,
                             String permissionName)
        Determines if the specified Team has been assigned the specified permission.
        Parameters:
        team - the Team to query
        permissionName - the name of the permission
        Returns:
        true if the team has the permission assigned, false if not
        Since:
        1.0.0

      • hasPermission

        public boolean hasPermission​(ApiKey apiKey,
                             String permissionName)
        Determines if the specified ApiKey has been assigned the specified permission.
        Parameters:
        apiKey - the ApiKey to query
        permissionName - the name of the permission
        Returns:
        true if the apiKey has the permission assigned, false if not
        Since:
        1.1.1

      • getMappedLdapGroup

        public MappedLdapGroup getMappedLdapGroup​(Team team,
                                          String dn)
        Retrieves a MappedLdapGroup object for the specified Team and LDAP group.
        Parameters:
        team - a Team object
        dn - a String representation of Distinguished Name
        Returns:
        a MappedLdapGroup if found, or null if no mapping exists
        Since:
        1.4.0

      • getMappedLdapGroups

        public List<MappedLdapGroup> getMappedLdapGroups​(Team team)
        Retrieves a List of MappedLdapGroup objects for the specified Team.
        Parameters:
        team - a Team object
        Returns:
        a List of MappedLdapGroup objects
        Since:
        1.4.0

      • getMappedLdapGroups

        public List<MappedLdapGroup> getMappedLdapGroups​(String dn)
        Retrieves a List of MappedLdapGroup objects for the specified DN.
        Parameters:
        dn - a String representation of Distinguished Name
        Returns:
        a List of MappedLdapGroup objects
        Since:
        1.4.0

      • isMapped

        public boolean isMapped​(Team team,
                        String dn)
        Determines if the specified Team is mapped to the specified LDAP group.
        Parameters:
        team - a Team object
        dn - a String representation of Distinguished Name
        Returns:
        true if a mapping exists, false if not
        Since:
        1.4.0

      • createMappedLdapGroup

        public MappedLdapGroup createMappedLdapGroup​(Team team,
                                             String dn)
        Creates a MappedLdapGroup object.
        Parameters:
        team - The team to map
        dn - the distinguished name of the LDAP group to map
        Returns:
        a MappedLdapGroup
        Since:
        1.4.0

      • createMappedOidcGroup

        public MappedOidcGroup createMappedOidcGroup​(Team team,
                                             OidcGroup group)
        Creates a MappedOidcGroup object.
        Parameters:
        team - The team to map
        group - The OIDC group to map
        Returns:
        a MappedOidcGroup
        Since:
        1.8.0

      • getMappedOidcGroup

        public MappedOidcGroup getMappedOidcGroup​(Team team,
                                          OidcGroup group)
        Retrieves a MappedOidcGroup object for the specified Team and OIDC group.
        Parameters:
        team - a Team object
        group - a OidcGroup object
        Returns:
        a MappedOidcGroup if found, or null if no mapping exists
        Since:
        1.8.0

      • getMappedOidcGroups

        public List<MappedOidcGroup> getMappedOidcGroups​(Team team)
        Retrieves a List of MappedOidcGroup objects for the specified Team.
        Parameters:
        team - The team to retrieve mappings for
        Returns:
        a List of MappedOidcGroup objects
        Since:
        1.8.0

      • getMappedOidcGroups

        public List<MappedOidcGroup> getMappedOidcGroups​(OidcGroup group)
        Retrieves a List of MappedOidcGroup objects for the specified group.
        Parameters:
        group - The group to retrieve mappings for
        Returns:
        a List of MappedOidcGroup objects
        Since:
        1.8.0

      • isOidcGroupMapped

        public boolean isOidcGroupMapped​(Team team,
                                 OidcGroup group)
        Determines if the specified Team is mapped to the specified OpenID Connect group.
        Parameters:
        team - a Team object
        group - a OidcGroup object
        Returns:
        true if a mapping exists, false if not
        Since:
        1.8.0

      • createEventServiceLog

        public EventServiceLog createEventServiceLog​(Class<? extends Subscriber> clazz)
        Creates a new EventServiceLog. This method will automatically determine if the subscriber is an implementation of LoggableSubscriber and if so, will log the event. If not, then nothing will be logged and this method will return null.
        Parameters:
        clazz - the class of the subscriber task that handles the event
        Returns:
        a new EventServiceLog

      • updateEventServiceLog

        public EventServiceLog updateEventServiceLog​(EventServiceLog eventServiceLog)
        Updates a EventServiceLog.
        Parameters:
        eventServiceLog - the EventServiceLog to update
        Returns:
        an updated EventServiceLog

      • getLatestEventServiceLog

        public EventServiceLog getLatestEventServiceLog​(Class<LoggableSubscriber> clazz)
        Returns the most recent log entry for the specified Subscriber. If no log entries are found, this method will return null.
        Parameters:
        clazz - The LoggableSubscriber class to query on
        Returns:
        a EventServiceLog
        Since:
        1.0.0

      • getConfigProperty

        public ConfigProperty getConfigProperty​(String groupName,
                                        String propertyName)
        Returns a ConfigProperty with the specified groupName and propertyName.
        Parameters:
        groupName - the group name of the config property
        propertyName - the name of the property
        Returns:
        a ConfigProperty object
        Since:
        1.3.0

      • getConfigProperties

        public List<ConfigProperty> getConfigProperties​(String groupName)
        Returns a list of ConfigProperty objects with the specified groupName.
        Parameters:
        groupName - the group name of the properties
        Returns:
        a List of ConfigProperty objects
        Since:
        1.3.0

      • getConfigProperties

        public List<ConfigProperty> getConfigProperties()
        Returns a list of ConfigProperty objects.
        Returns:
        a List of ConfigProperty objects
        Since:
        1.3.0

      • createConfigProperty

        public ConfigProperty createConfigProperty​(String groupName,
                                           String propertyName,
                                           String propertyValue,
                                           IConfigProperty.PropertyType propertyType,
                                           String description)
        Creates a ConfigProperty object.
        Parameters:
        groupName - the group name of the property
        propertyName - the name of the property
        propertyValue - the value of the property
        propertyType - the type of property
        description - a description of the property
        Returns:
        a ConfigProperty object
        Since:
        1.3.0