Package com.complexible.stardog.security

Interface UserManager

  • public interface UserManager
    API for managing users in Stardog.
    Since:
    0.9
    Version:
    2.0
    Author:
    Blazej Bulka, Hector Perez-Urbina

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void addUser​(java.lang.String theUsername, boolean theSuperuser, char[] thePassword)
      Adds a new user.
      void addUserRole​(java.lang.String theUserName, java.lang.String theRole)
      Assigns a role to a user.
      void changePassword​(java.lang.String theUsername, char[] theNewPassword)
      Changes the password for the user.
      void deleteUser​(java.lang.String theUsername)
      Removes an existing user.
      void deleteUserRole​(java.lang.String theUserName, java.lang.String theRole)
      Unassigns a role from a user.
      java.util.Collection<java.lang.String> getAllUsers()
      Gets the names of all users in the system that the authenticated user is allowed to see.
      java.util.Collection<java.lang.String> getUserRoles​(java.lang.String theUsername)
      Retrieves all roles of the specified user.
      boolean isSuperUser​(java.lang.String theUsername)
      Checks whether the specified user is a super user
      boolean isUserAutoCreated​(java.lang.String theUsername)
      Checks whether the specified user was auto-created as a result the OAuth jwt authentication process.
      boolean isUserEnabled​(java.lang.String theUsername)
      Checks whether the specified user is enabled
      void setUserEnabled​(java.lang.String theUsername, boolean theEnabled)
      Enables/disables the user.
      void setUserRoles​(java.lang.String theUserName, java.util.Collection<java.lang.String> theRoles)
      Changes the user roles.

    • Method Detail

      • addUser

        void addUser​(java.lang.String theUsername,
             boolean theSuperuser,
             char[] thePassword)
      throws com.complexible.stardog.security.StardogSecurityException,
             com.complexible.stardog.security.ResourceExistsException,
             com.complexible.stardog.security.IllegalPasswordException,
             StardogAuthorizationException
        Adds a new user.
        Parameters:
        theUsername - the username of the new user
        theSuperuser - true, if the new user should be a super user; false, otherwise
        thePassword - the initial password for the user
        Throws:
        com.complexible.stardog.security.ResourceExistsException - if there is already a user with that name
        StardogAuthorizationException - if the current user does not have a permission to create the new user
        com.complexible.stardog.security.IllegalPasswordException - if the password is invalid
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • deleteUser

        void deleteUser​(java.lang.String theUsername)
         throws com.complexible.stardog.security.StardogSecurityException,
                com.complexible.stardog.security.ResourceNotFoundException,
                com.complexible.stardog.security.OperationNotSupportedException,
                StardogAuthorizationException
        Removes an existing user. It is not possible to remove the last active (enabled) super user from the system.
        Parameters:
        theUsername - the user to be removed.
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no such username
        com.complexible.stardog.security.OperationNotSupportedException - if the operation is not supported for this user (e.g., it is the last active super user in the system).
        StardogAuthorizationException - if the current user does not have a permission to remove the user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • getAllUsers

        java.util.Collection<java.lang.String> getAllUsers()
                                            throws com.complexible.stardog.security.StardogSecurityException
        Gets the names of all users in the system that the authenticated user is allowed to see.
        Throws:
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • changePassword

        void changePassword​(java.lang.String theUsername,
                    char[] theNewPassword)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    StardogAuthorizationException,
                    java.lang.IllegalArgumentException,
                    com.complexible.stardog.security.IllegalPasswordException
        Changes the password for the user. In general, users are only allowed to change their own password. The only exceptions to this rule are: (1) superusers are allowed to change password of any user; (2) some users may not be allowed to change their own password.
        Parameters:
        theUsername - the name of the user whose password should be changed
        theNewPassword - the new password for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no user with the specified name
        StardogAuthorizationException - if the current user does not have the permission to change the password for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason
        java.lang.IllegalArgumentException - if the password is empty
        com.complexible.stardog.security.IllegalPasswordException - if the password is invalid

      • getUserRoles

        java.util.Collection<java.lang.String> getUserRoles​(java.lang.String theUsername)
                                             throws com.complexible.stardog.security.StardogSecurityException,
                                                    com.complexible.stardog.security.ResourceNotFoundException,
                                                    StardogAuthorizationException
        Retrieves all roles of the specified user.
        Parameters:
        theUsername - the user name whose roles should be retrieved
        Returns:
        a collection of all role names for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no user with the specified name
        StardogAuthorizationException - if the current user does not have the permission to retrieve the roles of the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • setUserRoles

        void setUserRoles​(java.lang.String theUserName,
                  java.util.Collection<java.lang.String> theRoles)
           throws com.complexible.stardog.security.StardogSecurityException,
                  com.complexible.stardog.security.ResourceNotFoundException,
                  StardogAuthorizationException
        Changes the user roles.
        Parameters:
        theUserName - the user name whose roles should be changed
        theRoles - a new set of roles for the user (this set will replace the existing set of roles for the user)
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • addUserRole

        void addUserRole​(java.lang.String theUserName,
                 java.lang.String theRole)
          throws com.complexible.stardog.security.StardogSecurityException,
                 com.complexible.stardog.security.ResourceNotFoundException,
                 StardogAuthorizationException
        Assigns a role to a user.
        Parameters:
        theUserName - the user name
        theRole - a new role for the user
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • deleteUserRole

        void deleteUserRole​(java.lang.String theUserName,
                    java.lang.String theRole)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    StardogAuthorizationException
        Unassigns a role from a user.
        Parameters:
        theUserName - the user name
        theRole - the role name
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if one of the resources (username or role name) does not exist
        StardogAuthorizationException - if the current user does not have the permission to set the roles for the specified user
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isSuperUser

        boolean isSuperUser​(java.lang.String theUsername)
             throws com.complexible.stardog.security.StardogSecurityException,
                    StardogAuthorizationException
        Checks whether the specified user is a super user
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user is a super user; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isUserEnabled

        boolean isUserEnabled​(java.lang.String theUsername)
               throws com.complexible.stardog.security.StardogSecurityException,
                      StardogAuthorizationException
        Checks whether the specified user is enabled
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user is enabled; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • setUserEnabled

        void setUserEnabled​(java.lang.String theUsername,
                    boolean theEnabled)
             throws com.complexible.stardog.security.StardogSecurityException,
                    com.complexible.stardog.security.ResourceNotFoundException,
                    com.complexible.stardog.security.OperationNotSupportedException,
                    StardogAuthorizationException
        Enables/disables the user. This operation must not disable the last active super user in the system.
        Parameters:
        theUsername - the name of the user to be enabled/disabled
        theEnabled - true if the user is to become a enabled (active); false if the user should become disabled
        Throws:
        com.complexible.stardog.security.ResourceNotFoundException - if there is no such user name
        com.complexible.stardog.security.OperationNotSupportedException - if the operation would disable the last super user
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason

      • isUserAutoCreated

        boolean isUserAutoCreated​(java.lang.String theUsername)
        Checks whether the specified user was auto-created as a result the OAuth jwt authentication process.
        Parameters:
        theUsername - the username to be checked
        Returns:
        true, if the user was auto-created; false otherwise
        Throws:
        StardogAuthorizationException - if the current user does not have the permission to perform this operation
        com.complexible.stardog.security.StardogSecurityException - if the operation should fail for any other reason