org.olat.data.basesecurity

接口 BaseSecurity

所有已知实现类:

BaseSecurityManager, BaseSecurityNotificationMock

public interface BaseSecurity

Description:
SecurityDao, however not renamed since it is supposed to be replaced in a near future with a more JAAS like abstraction.

作者:

Felix Jost

方法概要

方法

限定符和类型	方法和说明
void	addIdentityToSecurityGroup(Identity identity, SecurityGroup secGroup)
int	countIdentitiesOfSecurityGroup(SecurityGroup secGroup)
java.lang.Long	countUniqueUserLoginsSince(java.util.Date lastLoginLimit) get number of users with last login greater than lastLoginLimit
Authentication	createAndPersistAuthentication(Identity identity, java.lang.String provider, java.lang.String authUsername, java.lang.String credential)
Identity	createAndPersistIdentity(java.lang.String username, User user, java.lang.String provider, java.lang.String authusername, java.lang.String credential)
Identity	createAndPersistIdentityAndUser(java.lang.String username, User user, java.lang.String provider, java.lang.String authusername, java.lang.String credential)
Identity	createAndPersistIdentityAndUserWithUserGroup(java.lang.String loginName, java.lang.String pwd, User newUser) Persists the given user, creates an identity for it and adds the user to the users system group
SecurityGroup	createAndPersistNamedSecurityGroup(java.lang.String groupName) create only makes no sense, since there are no attibutes to set
Policy	createAndPersistPolicy(SecurityGroup secGroup, java.lang.String permission, java.util.Date from, java.util.Date to, OLATResourceable olatResourceable)
Policy	createAndPersistPolicy(SecurityGroup secGroup, java.lang.String permission, OLATResourceable olatResourceable) the olatResourceable is not required to have some persisted implementation, but the manager will use the OLATResource to persist it.
Policy	createAndPersistPolicyWithResource(SecurityGroup secGroup, java.lang.String permission, java.util.Date from, java.util.Date to, OLATResource olatResource)
Policy	createAndPersistPolicyWithResource(SecurityGroup secGroup, java.lang.String permission, OLATResource olatResource) Creates and persist a policy for certain OLAT-resource (instead of OLAT-resourceable)
SecurityGroup	createAndPersistSecurityGroup() create only makes no sense, since there are no attibutes to set
void	deleteAuthentication(Authentication authentication)
void	deleteInvitation(Invitation invitation) Delete an invitation
void	deleteNamedGroup(java.lang.String string) 已过时。
void	deletePolicy(SecurityGroup secGroup, java.lang.String permission, OLATResourceable olatResourceable)
void	deleteSecurityGroup(SecurityGroup secGroup) removes the group with all the idendities contained in it, the idenities itself are of course not deleted.
Authentication	findAuthentication(Identity identity, java.lang.String provider)
Authentication	findAuthenticationByAuthusername(java.lang.String authusername, java.lang.String provider)
java.util.List<Invitation>	findExpiredInvitations(java.util.Date limitDate) Retrieves all expired invitations created earlier than limitDate
Identity	findIdentityByName(java.lang.String identityName) Find an identity by its name.
Invitation	findInvitation(SecurityGroup secGroup) Find an invitation by its security group
Invitation	findInvitation(java.lang.String token) Find an invitation by its security token
SecurityGroup	findSecurityGroupByName(java.lang.String securityGroupName)
java.util.List<java.lang.Long>	getActiveIdentityIds()
java.util.List<Authentication>	getAuthentications(Identity identity) Return the List of associated Authentications.
java.util.List<Identity>	getDeletedIdentitiesByName(java.lang.String identityName) 已过时。
java.util.List<SecurityGroup>	getGroupsWithPermissionOnOlatResourceable(java.lang.String permission, OLATResourceable olatResourceable) use for testing ONLY.
java.util.List<java.lang.Object[]>	getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup)
java.util.List<java.lang.Object[]>	getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup, boolean sortedByAddDate)
java.util.List<Identity>	getIdentitiesByPowerSearch(java.lang.String login, java.util.Map<java.lang.String,java.lang.String> userProperties, boolean userPropertiesAsIntersectionSearch, SecurityGroup[] groups, PermissionOnResourceable[] permissionOnResources, java.lang.String[] authProviders, java.util.Date createdAfter, java.util.Date createdBefore, java.util.Date userLoginAfter, java.util.Date userLoginBefore, java.lang.Integer status) Get a list of identities that match the following conditions.
java.util.List<Identity>	getIdentitiesOfSecurityGroup(SecurityGroup secGroup)
java.util.List<Identity>	getIdentitiesOfSecurityGroup(SecurityGroup secGroup, boolean sortedByAddDate)
java.util.List<Identity>	getIdentitiesWithPermissionOnOlatResourceable(java.lang.String permission, OLATResourceable olatResourceable) use for testing ONLY.
java.util.List<Identity>	getPoliciesOfIdentity(Identity identity) for debugging and info by the olat admins:
java.util.List<Policy>	getPoliciesOfResource(OLATResourceable resource, SecurityGroup securityGroup) Return the policies
java.util.List<Policy>	getPoliciesOfSecurityGroup(SecurityGroup secGroup)
Roles	getRoles(Identity identity) Get the identity's roles
java.util.Date	getSecurityGroupJoinDateForIdentity(SecurityGroup secGroup, Identity identity) Get date where identity joined a security group
java.util.List<SecurityGroup>	getSecurityGroupsForIdentity(Identity identity) Get all SecurtityGroups an Identity is in
java.util.List<Identity>	getVisibleIdentitiesByPowerSearch(java.lang.String login, java.util.Map<java.lang.String,java.lang.String> userProperties, boolean userPropertiesAsIntersectionSearch, SecurityGroup[] groups, PermissionOnResourceable[] permissionOnResources, java.lang.String[] authProviders, java.util.Date createdAfter, java.util.Date createdBefore) Get a list of identities that match the following conditions.
boolean	hasInvitationPolicies(java.lang.String token, java.util.Date atDate) Is the invitation linked to any valid policies
void	init()
boolean	isIdentityInSecurityGroup(Identity identity, SecurityGroup secGroup) use only if really needed.
boolean	isIdentityInvited(Identity identity) Check if the identity has an invitation, valid or not
boolean	isIdentityPermittedOnResourceable(Identity identity, java.lang.String permission, OLATResourceable olatResourceable) is allowed to....
boolean	isIdentityPermittedOnResourceable(Identity identity, java.lang.String permission, OLATResourceable olatResourceable, boolean checkTypeRight)
boolean	isIdentityVisible(java.lang.String identityName) Check if identity is visible.
Identity	loadIdentityByKey(java.lang.Long identityKey) find an identity by the key instead of the username.
Identity	loadIdentityByKey(java.lang.Long identityKey, boolean strict) find an identity by the key or return null if no identity found
void	removeIdentityFromSecurityGroup(Identity identity, SecurityGroup secGroup) Removes the identity from this security group or does nothing if the identity is not in the group at all.
void	saveIdentityStatus(Identity identity, java.lang.Integer status) Save an identity
Invitation	saveInvitation(Invitation invitation) Create and persist an invitation with its security group and security token.
void	updateInvitation(Invitation invitation) Update the invitation
void	updatePolicy(Policy policy, java.util.Date from, java.util.Date to) Update the policy valid dates

方法详细资料

init

void init()

isIdentityPermittedOnResourceable

boolean isIdentityPermittedOnResourceable(Identity identity,
                                        java.lang.String permission,
                                        OLATResourceable olatResourceable)

is allowed to....

参数:

identity -

permission -

olatResourceable -

返回:

true if permitted

getRoles

Roles getRoles(Identity identity)

Get the identity's roles

参数:

identity -

返回:

The roles of the identity

isIdentityPermittedOnResourceable

boolean isIdentityPermittedOnResourceable(Identity identity,
                                        java.lang.String permission,
                                        OLATResourceable olatResourceable,
                                        boolean checkTypeRight)

参数:

identity -

permission -

olatResourceable -

checkTypeRight -

返回:

true if permitted

isIdentityInSecurityGroup

boolean isIdentityInSecurityGroup(Identity identity,
                                SecurityGroup secGroup)

use only if really needed. Normally better use isIdentityPermittedOnResourceable!

参数:

identity -

secGroup -

返回:

true if the identity is in the group

getIdentitiesOfSecurityGroup

java.util.List<Identity> getIdentitiesOfSecurityGroup(SecurityGroup secGroup)

参数:

secGroup -

返回:

list of Identities in this security group (NOT sorted by a certain attribute).

getIdentitiesOfSecurityGroup

java.util.List<Identity> getIdentitiesOfSecurityGroup(SecurityGroup secGroup,
                                                    boolean sortedByAddDate)

参数:

secGroup -

返回:

list of Identities in this security group (sorted by date added to it).

getIdentitiesAndDateOfSecurityGroup

java.util.List<java.lang.Object[]> getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup)

参数:

secGroup -

返回:

a List of Object[] with the array[0] = Identity, array[1] = addedToGroupTimestamp

getIdentitiesAndDateOfSecurityGroup

java.util.List<java.lang.Object[]> getIdentitiesAndDateOfSecurityGroup(SecurityGroup secGroup,
                                                                     boolean sortedByAddDate)

参数:

sortedByAddDate - true= return list of idenities sorted by added date

getSecurityGroupJoinDateForIdentity

java.util.Date getSecurityGroupJoinDateForIdentity(SecurityGroup secGroup,
                                                 Identity identity)

Get date where identity joined a security group

参数:

secGroup -

identity -

返回:

joindate of given securityGroup. May return null if group doesn't exist or user isn't in this group

findSecurityGroupByName

SecurityGroup findSecurityGroupByName(java.lang.String securityGroupName)

参数:

securityGroupName -

返回:

the securitygroup

deleteNamedGroup

void deleteNamedGroup(java.lang.String string)

已过时。

Used only in OLATUpgrade_5_2_0

findIdentityByName

Identity findIdentityByName(java.lang.String identityName)

Find an identity by its name. This is an exact match. Use the getIdentititesByPowerSearch() method if you also want to find substrings.

Be aware that this method does not check the identities status! This method returns identities with any state, also deleted identities!

参数:

identityName -

返回:

the identity or null if not found

getDeletedIdentitiesByName

java.util.List<Identity> getDeletedIdentitiesByName(java.lang.String identityName)

已过时。

Used only in OLATUpgrade_6_1_1

loadIdentityByKey

Identity loadIdentityByKey(java.lang.Long identityKey)

find an identity by the key instead of the username. Prefer this method as findByName will become deprecated soon.

参数:

identityKey - the key of the identity to load; may not be null or zero

返回:

the identity or an exception if not found

loadIdentityByKey

Identity loadIdentityByKey(java.lang.Long identityKey,
                         boolean strict)

find an identity by the key or return null if no identity found

参数:

identityKey - the key of the identity to load; may not be null or zero

返回:

the identity or null

countUniqueUserLoginsSince

java.lang.Long countUniqueUserLoginsSince(java.util.Date lastLoginLimit)

get number of users with last login greater than lastLoginLimit

参数:

lastLoginLimit -

返回:

countIdentitiesOfSecurityGroup

int countIdentitiesOfSecurityGroup(SecurityGroup secGroup)

参数:

secGroup -

返回:

nr of members in the securitygroup

createAndPersistIdentity

Identity createAndPersistIdentity(java.lang.String username,
                                User user,
                                java.lang.String provider,
                                java.lang.String authusername,
                                java.lang.String credential)

参数:

username - the username

user - the unpresisted User

provider - the provider of the authentication ("OLAT" or "AAI"). If null, no authentication token is generated.

authusername - the username used as authentication credential (=username for provider "OLAT")

credential - the credentials or null if not used

返回:

the new identity

createAndPersistIdentityAndUser

Identity createAndPersistIdentityAndUser(java.lang.String username,
                                       User user,
                                       java.lang.String provider,
                                       java.lang.String authusername,
                                       java.lang.String credential)

参数:

username - the username

user - the unpresisted User

provider - the provider of the authentication ("OLAT" or "AAI"). If null, no authentication token is generated.

authusername - the username used as authentication credential (=username for provider "OLAT")

credential - the credentials or null if not used

返回:

the new identity

createAndPersistIdentityAndUserWithUserGroup

Identity createAndPersistIdentityAndUserWithUserGroup(java.lang.String loginName,
                                                    java.lang.String pwd,
                                                    User newUser)

Persists the given user, creates an identity for it and adds the user to the users system group

参数:

loginName -

pwd - null: no OLAT authentication is generated. If not null, the password will be encrypted and and an OLAT authentication is generated.

newUser - unpersisted users

返回:

Identity

getAuthentications

java.util.List<Authentication> getAuthentications(Identity identity)

Return the List of associated Authentications.

参数:

identity -

返回:

a list of Authentication

findAuthentication

Authentication findAuthentication(Identity identity,
                                java.lang.String provider)

参数:

identity -

provider -

返回:

Authentication for this identitity and provider or NULL if not found

createAndPersistAuthentication

Authentication createAndPersistAuthentication(Identity identity,
                                            java.lang.String provider,
                                            java.lang.String authUsername,
                                            java.lang.String credential)

参数:

identity -

provider -

authUsername -

credential -

返回:

an Authentication

deleteAuthentication

void deleteAuthentication(Authentication authentication)

参数:

authentication -

createAndPersistSecurityGroup

SecurityGroup createAndPersistSecurityGroup()

create only makes no sense, since there are no attibutes to set

返回:

a new persisted SecurityGroup or throws an Exception

createAndPersistNamedSecurityGroup

SecurityGroup createAndPersistNamedSecurityGroup(java.lang.String groupName)

create only makes no sense, since there are no attibutes to set

参数:

groupName -

返回:

the newly created securitygroup

deleteSecurityGroup

void deleteSecurityGroup(SecurityGroup secGroup)

removes the group with all the idendities contained in it, the idenities itself are of course not deleted.

参数:

secGroup -

addIdentityToSecurityGroup

void addIdentityToSecurityGroup(Identity identity,
                              SecurityGroup secGroup)

参数:

identity -

secGroup -

removeIdentityFromSecurityGroup

void removeIdentityFromSecurityGroup(Identity identity,
                                   SecurityGroup secGroup)

Removes the identity from this security group or does nothing if the identity is not in the group at all.

参数:

identity -

secGroup -

createAndPersistPolicy

Policy createAndPersistPolicy(SecurityGroup secGroup,
                            java.lang.String permission,
                            OLATResourceable olatResourceable)

the olatResourceable is not required to have some persisted implementation, but the manager will use the OLATResource to persist it. If the olatResourceable used OLATResource as its persister, then the same OLATResource (same row in table) will be used by the manager use as internal reference in the Policy table

参数:

secGroup -

permission -

olatResourceable -

返回:

the newly created policy

createAndPersistPolicy

Policy createAndPersistPolicy(SecurityGroup secGroup,
                            java.lang.String permission,
                            java.util.Date from,
                            java.util.Date to,
                            OLATResourceable olatResourceable)

createAndPersistPolicyWithResource

Policy createAndPersistPolicyWithResource(SecurityGroup secGroup,
                                        java.lang.String permission,
                                        OLATResource olatResource)

Creates and persist a policy for certain OLAT-resource (instead of OLAT-resourceable)

参数:

secGroup -

permission -

olatResource -

返回:

the newly created policy

createAndPersistPolicyWithResource

Policy createAndPersistPolicyWithResource(SecurityGroup secGroup,
                                        java.lang.String permission,
                                        java.util.Date from,
                                        java.util.Date to,
                                        OLATResource olatResource)

saveInvitation

Invitation saveInvitation(Invitation invitation)

Create and persist an invitation with its security group and security token.

返回:

updateInvitation

void updateInvitation(Invitation invitation)

Update the invitation

参数:

invitation -

hasInvitationPolicies

boolean hasInvitationPolicies(java.lang.String token,
                            java.util.Date atDate)

Is the invitation linked to any valid policies

参数:

token -

atDate -

返回:

findInvitation

Invitation findInvitation(SecurityGroup secGroup)

Find an invitation by its security group

参数:

secGroup -

返回:

The invitation or null if not found

findInvitation

Invitation findInvitation(java.lang.String token)

Find an invitation by its security token

参数:

token -

返回:

The invitation or null if not found

isIdentityInvited

boolean isIdentityInvited(Identity identity)

Check if the identity has an invitation, valid or not

参数:

identity -

返回:

deleteInvitation

void deleteInvitation(Invitation invitation)

Delete an invitation

参数:

invitation -

findExpiredInvitations

java.util.List<Invitation> findExpiredInvitations(java.util.Date limitDate)

Retrieves all expired invitations created earlier than limitDate

deletePolicy

void deletePolicy(SecurityGroup secGroup,
                java.lang.String permission,
                OLATResourceable olatResourceable)

参数:

secGroup -

permission -

olatResourceable -

getPoliciesOfSecurityGroup

java.util.List<Policy> getPoliciesOfSecurityGroup(SecurityGroup secGroup)

参数:

secGroup -

返回:

a list of Policy objects

getPoliciesOfResource

java.util.List<Policy> getPoliciesOfResource(OLATResourceable resource,
                                           SecurityGroup securityGroup)

Return the policies

参数:

resource - The resource (mandatory)

securityGroup - The securityGroup (optional)

返回:

updatePolicy

void updatePolicy(Policy policy,
                java.util.Date from,
                java.util.Date to)

Update the policy valid dates

参数:

policy -

from -

to -

getGroupsWithPermissionOnOlatResourceable

java.util.List<SecurityGroup> getGroupsWithPermissionOnOlatResourceable(java.lang.String permission,
                                                                      OLATResourceable olatResourceable)

use for testing ONLY.

参数:

permission -

olatResourceable -

返回:

a list of SecurityGroup objects

getIdentitiesWithPermissionOnOlatResourceable

java.util.List<Identity> getIdentitiesWithPermissionOnOlatResourceable(java.lang.String permission,
                                                                     OLATResourceable olatResourceable)

use for testing ONLY.

参数:

permission -

olatResourceable -

返回:

a list of Identity objects

getPoliciesOfIdentity

java.util.List<Identity> getPoliciesOfIdentity(Identity identity)

for debugging and info by the olat admins:

参数:

identity -

返回:

scalar query return list of object[] with SecurityGroupImpl, PolicyImpl, OLATResourceImpl

findAuthenticationByAuthusername

Authentication findAuthenticationByAuthusername(java.lang.String authusername,
                                              java.lang.String provider)

参数:

authusername -

provider -

返回:

Authentication for this authusername and provider or NULL if not found

getVisibleIdentitiesByPowerSearch

java.util.List<Identity> getVisibleIdentitiesByPowerSearch(java.lang.String login,
                                                         java.util.Map<java.lang.String,java.lang.String> userProperties,
                                                         boolean userPropertiesAsIntersectionSearch,
                                                         SecurityGroup[] groups,
                                                         PermissionOnResourceable[] permissionOnResources,
                                                         java.lang.String[] authProviders,
                                                         java.util.Date createdAfter,
                                                         java.util.Date createdBefore)

Get a list of identities that match the following conditions. All parameters are additive. NULL values mean "no constraints" (e.g. all parameters NULL would result in a list with all identities of the entire system)

参数:

login -

userPropertyHandlers - Map of user properties that needs to be matched.

userPropertiesAsIntersectionSearch - true: user properties and login name are combined with an AND query; false: user properties and login name are combined with an OR query

groups - Array of SecurityGroups the user participates in. Search machtches if user is in any of the groups (OR query)

permissionOnResources - Array of resource permissions the user has. Search machtches if user has any of the permissions (OR query)

authProviders - Array of authenticaton providers the user has. Search machtches if user has any of the authProviders (OR query)

createdAfter - date after which the user has been created

createdBefore - date before which the user has been created

返回:

List of identities

getIdentitiesByPowerSearch

java.util.List<Identity> getIdentitiesByPowerSearch(java.lang.String login,
                                                  java.util.Map<java.lang.String,java.lang.String> userProperties,
                                                  boolean userPropertiesAsIntersectionSearch,
                                                  SecurityGroup[] groups,
                                                  PermissionOnResourceable[] permissionOnResources,
                                                  java.lang.String[] authProviders,
                                                  java.util.Date createdAfter,
                                                  java.util.Date createdBefore,
                                                  java.util.Date userLoginAfter,
                                                  java.util.Date userLoginBefore,
                                                  java.lang.Integer status)

Get a list of identities that match the following conditions. All parameters are additive. NULL values mean "no constraints" (e.g. all parameters NULL would result in a list with all identities of the entire system)

参数:

login -

userPropertyHandlers - Map of user properties that needs to be matched.

userPropertiesAsIntersectionSearch - true: user properties and login name are combined with an AND query; false: user properties and login name are combined with an OR query

groups - Array of SecurityGroups the user participates in. Search machtches if user is in any of the groups (OR query)

permissionOnResources - Array of resource permissions the user has. Search machtches if user has any of the permissions (OR query)

authProviders - Array of authenticaton providers the user has. Search machtches if user has any of the authProviders (OR query)

createdAfter - date after which the user has been created

createdBefore - date before which the user has been created

userLoginBefore - date before the user has logged in the last time

userLoginAfter - date after the user has logged in the last time

status - identity status, define in interface Identity e.g. ACTIV, LOGIN_DENIED, DELETED

返回:

List of identities

getActiveIdentityIds

java.util.List<java.lang.Long> getActiveIdentityIds()

返回:

ID list of all active identities

saveIdentityStatus

void saveIdentityStatus(Identity identity,
                      java.lang.Integer status)

Save an identity

参数:

identity - Save this identity

isIdentityVisible

boolean isIdentityVisible(java.lang.String identityName)

Check if identity is visible. Deleted or login-denied users are not visible.

参数:

identityName -

返回:

getSecurityGroupsForIdentity

java.util.List<SecurityGroup> getSecurityGroupsForIdentity(Identity identity)

Get all SecurtityGroups an Identity is in

参数:

identity -

返回:

List with SecurityGroups