Package org.broadleafcommerce.openadmin.server.security.service

Interface AdminSecurityService

All Known Implementing Classes:
AdminSecurityServiceImpl
public interface AdminSecurityService
Author:
jfischer

  • Field Details

    • DEFAULT_PERMISSIONS

      static final String[] DEFAULT_PERMISSIONS

  • Method Details

    • readAllAdminUsers

      List<AdminUser> readAllAdminUsers()

    • readAdminUserById

      AdminUser readAdminUserById(Long id)

    • readAdminUserByUserName

      AdminUser readAdminUserByUserName(String userName)

    • saveAdminUser

      AdminUser saveAdminUser(AdminUser user)

    • deleteAdminUser

      void deleteAdminUser(AdminUser user)

    • readAllAdminRoles

      List<AdminRole> readAllAdminRoles()

    • readAdminRoleById

      AdminRole readAdminRoleById(Long id)

    • saveAdminRole

      AdminRole saveAdminRole(AdminRole role)

    • deleteAdminRole

      void deleteAdminRole(AdminRole role)

    • readAllAdminPermissions

      List<AdminPermission> readAllAdminPermissions()

    • readAdminPermissionById

      AdminPermission readAdminPermissionById(Long id)

    • saveAdminPermission

      AdminPermission saveAdminPermission(AdminPermission permission)

    • deleteAdminPermission

      void deleteAdminPermission(AdminPermission permission)

    • clearAdminSecurityCache

      void clearAdminSecurityCache()
      Clears the cache used for isUserQualifiedForOperationOnCeilingEntity(AdminUser, PermissionType, String)

    • changePassword

      AdminUser changePassword(PasswordChange passwordChange)

    • isUserQualifiedForOperationOnCeilingEntity

      boolean isUserQualifiedForOperationOnCeilingEntity(AdminUser adminUser, PermissionType permissionType, String ceilingEntityFullyQualifiedName)

    • doesOperationExistForCeilingEntity

      boolean doesOperationExistForCeilingEntity(PermissionType permissionType, String ceilingEntityFullyQualifiedName)

    • sendForgotUsernameNotification

      GenericResponse sendForgotUsernameNotification(String emailAddress)
      Looks up the corresponding AdminUser and emails the address on file with the associated username.
      Parameters:
      emailAddress - email address of user to email
      Returns:
      Response can contain errors including (notFound)

    • sendResetPasswordNotification

      GenericResponse sendResetPasswordNotification(String userName)
      Generates an access token and then emails the user.
      Parameters:
      userName - the username of the user to send a password reset email
      Returns:
      Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)

    • resetPasswordUsingToken

      GenericResponse resetPasswordUsingToken(String username, String token, String password, String confirmPassword)
      Updates the password for the passed in user only if the passed in token is valid for that user.
      Parameters:
      username - the username of the user
      token - a valid reset token from the email
      password - the new desired password
      confirmPassword - the password confirmation to match password
      Returns:
      Response can contain errors including (invalidUsername, inactiveUser, invalidToken, invalidPassword, tokenExpired, passwordMismatch)

    • changePassword

      GenericResponse changePassword(String username, String oldPassword, String password, String confirmPassword)
      Change a user's password only if oldPassword matches what's stored for that user
      Parameters:
      username - the username to change the password for
      oldPassword - the user's current password
      password - the desired new password
      confirmPassword - the confirm password to ensure it matches password
      Returns:
      Response can contain errors including (invalidUser, emailNotFound, inactiveUser, invalidPassword, passwordMismatch)

    • readAdminUsersByEmail

      List<AdminUser> readAdminUsersByEmail(String email)
      Returns a list of admin users that match the given email. This could potentially return more than one user if the admin.user.requireUniqueEmailAddress property is set to false.
      Parameters:
      email - the email address to search for
      Returns:
      a List of AdminUser matching the provided email address