AdminSecurityService (BroadleafCommerce 5.2.10-SNAPSHOT API)

All Known Implementing Classes:

AdminSecurityServiceImpl
```
public interface AdminSecurityService
```
Author:

jfischer

Field Summary

Fields
Modifier and Type Field and Description

static String[] DEFAULT_PERMISSIONS

Fields
Modifier and Type	Field and Description
`static String[]`	`DEFAULT_PERMISSIONS`

Method Summary

All Methods Instance Methods Abstract Methods Deprecated Methods
Modifier and Type	Method and Description
`AdminUser`	`changePassword(PasswordChange passwordChange)`
`GenericResponse`	`changePassword(String username, String oldPassword, String password, String confirmPassword)` Change a user's password only if oldPassword matches what's stored for that user
`void`	`clearAdminSecurityCache()` Clears the cache used for `isUserQualifiedForOperationOnCeilingEntity(AdminUser, PermissionType, String)`
`void`	`deleteAdminPermission(AdminPermission permission)`
`void`	`deleteAdminRole(AdminRole role)`
`void`	`deleteAdminUser(AdminUser user)`
`boolean`	`doesOperationExistForCeilingEntity(PermissionType permissionType, String ceilingEntityFullyQualifiedName)`
`String`	`getSalt()` Deprecated. use `getSaltSource()` instead, this will be removed in 4.2
`Object`	`getSalt(AdminUser user, String unencodedPassword)` Deprecated. the new `PasswordEncoder` handles salting internally, this will be removed in 4.2
`org.springframework.security.authentication.dao.SaltSource`	`getSaltSource()` Deprecated. the new `PasswordEncoder` handles salting internally, this will be removed in 4.2
`boolean`	`isUserQualifiedForOperationOnCeilingEntity(AdminUser adminUser, PermissionType permissionType, String ceilingEntityFullyQualifiedName)`
`AdminPermission`	`readAdminPermissionById(Long id)`
`AdminRole`	`readAdminRoleById(Long id)`
`AdminUser`	`readAdminUserById(Long id)`
`AdminUser`	`readAdminUserByUserName(String userName)`
`List<AdminUser>`	`readAdminUsersByEmail(String email)` Returns a list of admin users that match the given email.
`List<AdminPermission>`	`readAllAdminPermissions()`
`List<AdminRole>`	`readAllAdminRoles()`
`List<AdminUser>`	`readAllAdminUsers()`
`GenericResponse`	`resetPasswordUsingToken(String username, String token, String password, String confirmPassword)` Updates the password for the passed in user only if the passed in token is valid for that user.
`AdminPermission`	`saveAdminPermission(AdminPermission permission)`
`AdminRole`	`saveAdminRole(AdminRole role)`
`AdminUser`	`saveAdminUser(AdminUser user)`
`GenericResponse`	`sendForgotUsernameNotification(String emailAddress)` Looks up the corresponding AdminUser and emails the address on file with the associated username.
`GenericResponse`	`sendResetPasswordNotification(String userName)` Generates an access token and then emails the user.
`void`	`setSalt(String salt)` Deprecated. use `setSaltSource(SaltSource)` instead, this will be removed in 4.2
`void`	`setSaltSource(org.springframework.security.authentication.dao.SaltSource saltSource)` Deprecated. the new `PasswordEncoder` handles salting internally, this will be removed in 4.2

- Field Detail
  - DEFAULT_PERMISSIONS
```
static final String[] DEFAULT_PERMISSIONS
```
- Method Detail
  - readAllAdminUsers
```
List<AdminUser> readAllAdminUsers()
```
  - readAdminUserById
```
AdminUser readAdminUserById(Long id)
```
  - readAdminUserByUserName
```
AdminUser readAdminUserByUserName(String userName)
```
  - saveAdminUser
```
AdminUser saveAdminUser(AdminUser user)
```
  - deleteAdminUser
```
void deleteAdminUser(AdminUser user)
```
  - readAllAdminRoles
```
List<AdminRole> readAllAdminRoles()
```
  - readAdminRoleById
```
AdminRole readAdminRoleById(Long id)
```
  - saveAdminRole
```
AdminRole saveAdminRole(AdminRole role)
```
  - deleteAdminRole
```
void deleteAdminRole(AdminRole role)
```
  - readAllAdminPermissions
```
List<AdminPermission> readAllAdminPermissions()
```
  - readAdminPermissionById
```
AdminPermission readAdminPermissionById(Long id)
```
  - saveAdminPermission
```
AdminPermission saveAdminPermission(AdminPermission permission)
```
  - deleteAdminPermission
```
void deleteAdminPermission(AdminPermission permission)
```
  - clearAdminSecurityCache
```
void clearAdminSecurityCache()
```
    Clears the cache used for isUserQualifiedForOperationOnCeilingEntity(AdminUser, PermissionType, String)
  - changePassword
```
AdminUser changePassword(PasswordChange passwordChange)
```
  - isUserQualifiedForOperationOnCeilingEntity
```
boolean isUserQualifiedForOperationOnCeilingEntity(AdminUser adminUser,
                                                   PermissionType permissionType,
                                                   String ceilingEntityFullyQualifiedName)
```
  - doesOperationExistForCeilingEntity
```
boolean doesOperationExistForCeilingEntity(PermissionType permissionType,
                                           String ceilingEntityFullyQualifiedName)
```
  - sendForgotUsernameNotification
```
GenericResponse sendForgotUsernameNotification(String emailAddress)
```
    Looks up the corresponding AdminUser and emails the address on file with the associated username.
    
    Parameters:
    
    emailAddress - email address of user to email
    
    Returns:
    
    Response can contain errors including (notFound)
  - sendResetPasswordNotification
```
GenericResponse sendResetPasswordNotification(String userName)
```
    Generates an access token and then emails the user.
    
    Parameters:
    
    userName - the username of the user to send a password reset email
    
    Returns:
    
    Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)
  - resetPasswordUsingToken
```
GenericResponse resetPasswordUsingToken(String username,
                                        String token,
                                        String password,
                                        String confirmPassword)
```
    Updates the password for the passed in user only if the passed in token is valid for that user.
    
    Parameters:
    
    username - the username of the user
    
    token - a valid reset token from the email
    
    password - the new desired password
    
    confirmPassword - the password confirmation to match password
    
    Returns:
    
    Response can contain errors including (invalidUsername, inactiveUser, invalidToken, invalidPassword, tokenExpired, passwordMismatch)
  - changePassword
```
GenericResponse changePassword(String username,
                               String oldPassword,
                               String password,
                               String confirmPassword)
```
    Change a user's password only if oldPassword matches what's stored for that user
    
    Parameters:
    
    username - the username to change the password for
    
    oldPassword - the user's current password
    
    password - the desired new password
    
    confirmPassword - the confirm password to ensure it matches password
    
    Returns:
    
    Response can contain errors including (invalidUser, emailNotFound, inactiveUser, invalidPassword, passwordMismatch)
  - getSalt
```
@Deprecated
String getSalt()
```
    Deprecated. use getSaltSource() instead, this will be removed in 4.2
    
    Returns:
    
    the currently used salt string
  - setSalt
```
@Deprecated
void setSalt(String salt)
```
    Deprecated. use setSaltSource(SaltSource) instead, this will be removed in 4.2
    
    Parameters:
    
    salt - the new salt string to use
  - getSaltSource
```
@Deprecated
org.springframework.security.authentication.dao.SaltSource getSaltSource()
```
    Deprecated. the new PasswordEncoder handles salting internally, this will be removed in 4.2
    
    Returns the SaltSource used with the blAdminPasswordEncoder to encrypt the user password. Usually configured in applicationContext-admin-security.xml. This is not a required property and will return null if not configured
    
    Returns:
    
    the currently used SaltSource
  - setSaltSource
```
@Deprecated
void setSaltSource(org.springframework.security.authentication.dao.SaltSource saltSource)
```
    Deprecated. the new PasswordEncoder handles salting internally, this will be removed in 4.2
    
    Sets the SaltSource used with blAdminPasswordEncoder to encrypt the user password. Usually configured within applicationContext-admin-security.xml
    
    Parameters:
    
    saltSource - the new SaltSource to use
  - getSalt
```
@Deprecated
Object getSalt(AdminUser user,
                           String unencodedPassword)
```
    Deprecated. the new PasswordEncoder handles salting internally, this will be removed in 4.2
    
    Gets the salt object for the current admin user. By default this delegates to getSaltSource(). If there is not a SaltSource configured (getSaltSource() returns null) then this also returns null.
    
    Parameters:
    
    user - the AdminUser to get UserDetails from
    
    unencodedPassword - the unencoded password
    
    Returns:
    
    the salt for the current admin user
  - readAdminUsersByEmail
```
List<AdminUser> readAdminUsersByEmail(String email)
```
    Returns a list of admin users that match the given email. This could potentially return more than one user if the admin.user.requireUniqueEmailAddress property is set to false.
    
    Parameters:
    
    email - the email address to search for
    
    Returns:
    
    a List of AdminUser matching the provided email address

Interface AdminSecurityService

Field Summary

Method Summary

Field Detail

DEFAULT_PERMISSIONS

Method Detail

readAllAdminUsers

readAdminUserById

readAdminUserByUserName

saveAdminUser

deleteAdminUser

readAllAdminRoles

readAdminRoleById

saveAdminRole

deleteAdminRole

readAllAdminPermissions

readAdminPermissionById

saveAdminPermission

deleteAdminPermission

clearAdminSecurityCache

changePassword

isUserQualifiedForOperationOnCeilingEntity

doesOperationExistForCeilingEntity

sendForgotUsernameNotification

sendResetPasswordNotification

resetPasswordUsingToken

changePassword

getSalt

setSalt

getSaltSource

setSaltSource

getSalt

readAdminUsersByEmail