Package com.complexible.stardog.security

Interface UserManager

  • public interface UserManager
    API for managing users in Stardog.
    Since:
    0.9
    Version:
    2.0
    Author:
    Blazej Bulka, Hector Perez-Urbina

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void addUser​(java.lang.String theUsername, boolean theSuperuser, char[] thePassword)
      Adds a new user.
      void addUserRole​(java.lang.String theUserName, java.lang.String theRole)
      Assigns a role to a user.
      void changePassword​(java.lang.String theUsername, char[] theCurrentPassword, char[] theNewPassword)
      Changes the password for the user.
      void deleteUser​(java.lang.String theUsername)
      Removes an existing user.
      void deleteUserRole​(java.lang.String theUserName, java.lang.String theRole)
      Unassigns a role from a user.
      java.util.Collection<java.lang.String> getAllUsers()
      Gets the names of all users in the system that the authenticated user is allowed to see.
      java.util.Collection<java.lang.String> getUserRoles​(java.lang.String theUsername)
      Retrieves all roles of the specified user.
      boolean isSuperUser​(java.lang.String theUsername)
      Checks whether the specified user is a super user
      boolean isUserAutoCreated​(java.lang.String theUsername)
      Checks whether the specified user was auto-created as a result the OAuth jwt authentication process.
      boolean isUserEnabled​(java.lang.String theUsername)
      Checks whether the specified user is enabled
      void setUserEnabled​(java.lang.String theUsername, boolean theEnabled)
      Enables/disables the user.
      void setUserRoles​(java.lang.String theUserName, java.util.Collection<java.lang.String> theRoles)
      Changes the user roles.

    • Method Detail

      • addUser

        void addUser​(java.lang.String theUsername,
             boolean theSuperuser,
             char[] thePassword)
      throws com.complexible.stardog.security.StardogSecurityException,
             com.complexible.stardog.security.ResourceExistsException,
             com.complexible.stardog.security.IllegalPasswordException,
             StardogAuthorizationException
        Adds a new user.
        Parameters:
        theUsername - the username of the new user
        theSuperuser - true, if the new user should be a super user; false, otherwise
        thePassword - the initial password for the user
        Throws:
        com.complexible.stardog.security.ResourceExistsException - if there is already a user with that name
        StardogAuthorizationException - if the current user does not have a permission to create the new user
        com.complexible.stardog.security.IllegalPasswordException - if the password is invalid
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • deleteUser

        void deleteUser​(java.lang.String theUsername)
         throws com.complexible.stardog.security.StardogSecurityException,
                com.complexible.stardog.security.ResourceNotFoundException,
                com.complexible.stardog.security.OperationNotSupportedException,
                StardogAuthorizationException
        Removes an existing user. It is not possible to remove the last active (enabled) super user from the system.
        Parameters:
        theUsername - the user to be removed.
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no such username
        com.complexible.stardog.security.OperationNotSupportedException - if the operation is not supported for this user (e.g., it is the last active super user in the system).
        StardogAuthorizationException - if the current user does not have a permission to remove the user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • getAllUsers

        java.util.Collection<java.lang.String> getAllUsers()
                                            throws com.complexible.stardog.security.StardogSecurityException
        Gets the names of all users in the system that the authenticated user is allowed to see.
        Throws:
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • changePassword

        void changePassword​(java.lang.String theUsername,
                    char[] theCurrentPassword,
                    char[] theNewPassword)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    StardogAuthorizationException,
                    java.lang.IllegalArgumentException,
                    com.complexible.stardog.security.IllegalPasswordException
        Changes the password for the user. The user needs to have the permission `write:user:USERNAME` to be able to change password for that user. By default, every user is granted this permission automatically, so they are allowed to change their own password unless that permission has been revoked by the system administrator. The current password for the user has to be provided as input. Superusers can change the password for another user without specifying the current password.
        Parameters:
        theUsername - the name of the user whose password should be changed
        theCurrentPassword - the current password for the user
        theNewPassword - the new password for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no user with the specified name
        StardogAuthorizationException - if the current user does not have the permission to change the password for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason
        java.lang.IllegalArgumentException - if the password is empty
        com.complexible.stardog.security.IllegalPasswordException - if the password is invalid

      • getUserRoles

        java.util.Collection<java.lang.String> getUserRoles​(java.lang.String theUsername)
                                             throws com.complexible.stardog.security.StardogSecurityException,
                                                    com.complexible.stardog.security.ResourceNotFoundException,
                                                    StardogAuthorizationException
        Retrieves all roles of the specified user.
        Parameters:
        theUsername - the user name whose roles should be retrieved
        Returns:
        a collection of all role names for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no user with the specified name
        StardogAuthorizationException - if the current user does not have the permission to retrieve the roles of the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • setUserRoles

        void setUserRoles​(java.lang.String theUserName,
                  java.util.Collection<java.lang.String> theRoles)
           throws com.complexible.stardog.security.StardogSecurityException,
                  com.complexible.stardog.security.ResourceNotFoundException,
                  StardogAuthorizationException
        Changes the user roles.
        Parameters:
        theUserName - the user name whose roles should be changed
        theRoles - a new set of roles for the user (this set will replace the existing set of roles for the user)
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • addUserRole

        void addUserRole​(java.lang.String theUserName,
                 java.lang.String theRole)
          throws com.complexible.stardog.security.StardogSecurityException,
                 com.complexible.stardog.security.ResourceNotFoundException,
                 StardogAuthorizationException
        Assigns a role to a user.
        Parameters:
        theUserName - the user name
        theRole - a new role for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • deleteUserRole

        void deleteUserRole​(java.lang.String theUserName,
                    java.lang.String theRole)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    StardogAuthorizationException
        Unassigns a role from a user.
        Parameters:
        theUserName - the user name
        theRole - the role name
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isSuperUser

        boolean isSuperUser​(java.lang.String theUsername)
             throws com.complexible.stardog.security.StardogSecurityException,
                    StardogAuthorizationException
        Checks whether the specified user is a super user
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user is a super user; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isUserEnabled

        boolean isUserEnabled​(java.lang.String theUsername)
               throws com.complexible.stardog.security.StardogSecurityException,
                      StardogAuthorizationException
        Checks whether the specified user is enabled
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user is enabled; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • setUserEnabled

        void setUserEnabled​(java.lang.String theUsername,
                    boolean theEnabled)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    com.complexible.stardog.security.OperationNotSupportedException,
                    StardogAuthorizationException
        Enables/disables the user. This operation must not disable the last active super user in the system.
        Parameters:
        theUsername - the name of the user to be enabled/disabled
        theEnabled - true if the user is to become a enabled (active); false if the user should become disabled
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no such user name
        com.complexible.stardog.security.OperationNotSupportedException - if the operation would disable the last super user
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isUserAutoCreated

        boolean isUserAutoCreated​(java.lang.String theUsername)
        Checks whether the specified user was auto-created as a result the OAuth jwt authentication process.
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user was auto-created; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason