Package de.hybris.platform.jalo.user

Class UserManager

java.lang.Object

de.hybris.platform.jalo.Manager

de.hybris.platform.jalo.user.UserManager

All Implemented Interfaces:

ItemLifecycleListener, Serializable

public class UserManager
extends Manager

The manager for all users and user - related items.

Here you can create and search employees, customer, user groups, addresses and titles.

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static class	UserManager.UserManagerSerializableDTO

Nested classes/interfaces inherited from class de.hybris.platform.jalo.Manager

Manager.GenericManagerSingletonCreator, Manager.ManagerSingletonCreator

Field Summary

Fields

Modifier and Type	Field	Description
static final boolean	ALLOW_CUSTOMER_ADMIN_DEFAULT
static final String	BEAN_NAME	Identifier of this manager used at core-spring.xml spring configuration.
static final String	CONFIG_ALLOW_CUSTOMER_ADMIN
static final String	FIELD_NAME	Search property constant denoting the address field name to search in.
static final String	SEARCH_PATTERN	Search property constant denoting the address field value to search for.

Constructor Summary

Constructors

Constructor	Description
UserManager()

Method Summary

Modifier and Type	Method	Description
protected void	checkBeforeItemRemoval(SessionContext ctx, Item item)	Avoids call to ejb layer except for Principals.
boolean	checkPassword(User user, LoginToken token)
boolean	checkPassword(User user, String plainPassword)
Address	createAddress(PK pkBase, Item item)	Creates address for given item.
Address	createAddress(PK pkBase, Item item, boolean asCopy)	Creates address for given item.
protected Address	createAddress(PK pkBase, Item owner, Address original, Country country, Region region, Title title, JaloPropertyContainer props)
Address	createAddress(Item item)	Creates address for given item.
Customer	createCustomer(PK pk, String login)	Creates a new Customer.
Customer	createCustomer(String login)	Creates a new Customer.
Employee	createEmployee(PK pk, String login)	Creates a new Employee.
Employee	createEmployee(String login)	Creates a new Employee.
Title	createTitle(PK pkBase, String code)	Creates a new Title.
Title	createTitle(String code)	Creates a new Title.
User	createUser(PK pk, String uid)	Creates a new User.
User	createUser(PK pkBase, String userID, ComposedType type)	Creates a new User with a specified user type.
User	createUser(String uid)	Creates a new User.
UserGroup	createUserGroup(PK pkBase, String groupId)	Creates a new UserGroup.
UserGroup	createUserGroup(String uid)	Creates a new UserGroup.
void	deleteLoginTokenCookie(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Deletes a cookie at given request according to storeLoginTokenCookie(String, String, String, HttpServletResponse) method.
protected String	doGenerateLoginTokenCookieValue(String uid, String languageISO, String plainTextPassword, User user)	Deprecated, for removal: This API element is subject to removal in a future version. since 2011, use doGenerateLoginTokenCookieValue(String, String, String, User, Integer)
protected String	doGenerateLoginTokenCookieValue(String uid, String languageISO, String plainTextPassword, User user, Integer ttl)
Collection	findUserGroups(ComposedType type, String groupId, String name, String description)	Searches for specific users groups.
Collection<? extends UserGroup>	findUserGroups(ComposedType type, String groupId, String name, String description, boolean disableRestrictions)	Searches for specific users groups.
Collection	findUsers(ComposedType type, String uid, String name, String description)	Searches for specific users.
Collection<? extends User>	findUsers(ComposedType type, String uid, String name, String description, boolean disableRestrictions)	Searches for specific users.
String	generateCustomerID()	Generates a new customer ID using the number series with identifier NumberSeriesConstants.Series#CUSTOMER_ID.
String	generateLoginTokenCookieValue(User user, String languageISO)
String	generateLoginTokenCookieValue(String uid, String languageISO, String plainTextPassword)	Deprecated, for removal: This API element is subject to removal in a future version. since 2011, use generateLoginTokenCookieValue(String, String, String, Integer)
String	generateLoginTokenCookieValue(String uid, String languageISO, String plainTextPassword, Integer ttl)
protected String	getAddressTypeCode()
Employee	getAdminEmployee()	Returns the admin employee.
UserGroup	getAdminUserGroup()	Returns the admin user group.
Collection	getAllAddresses()	Returns all addresses.
Collection	getAllAddresses(Item owner)	Returns all address of the given owner.
Collection	getAllCustomers()	Finds all customer users.
Collection	getAllEmployees()	Finds all employees.
Collection	getAllPrincipals()	Returns absolute every user and usergroup stored in the system.
Collection	getAllTitles()	Returns all titles.
Collection	getAllUserGroups()	Finds all user groups.
Collection	getAllUsers()	Returns all users (excluding all UserGroups).
Customer	getAnonymousCustomer()	Returns the anonymous customer.
CookieBasedLoginToken	getCookieBasedLoginToken(javax.servlet.http.HttpServletRequest request)
Customer	getCustomerByLogin(String login)	Find a customer by its login name.
protected ComposedType	getCustomerType()
Employee	getEmployeeByLogin(String login)	Finds an employee by its login name.
protected ComposedType	getEmployeeType()
protected String	getEncodedPasswordForLoginCookie(String uid, String plainTextPassword, User user)
protected String	getEncodedPasswordWithSalt(User user, String passwordToEncode, String saltToAdd)
static UserManager	getInstance()	Gets the instance of this manager.
LoginToken	getLoginToken(javax.servlet.http.HttpServletRequest request)	Tries to get a login token from request.
protected PasswordEncoder	getLoginTokenPasswordEncoder(User user)
PasswordCheckingStrategy	getPasswordCheckingStrategy()
Title	getTitleByCode(String code)	Returns the Title with the specified code.
protected String	getTitleTypeCode()
StringBasedLoginToken	getURLBasedLoginToken(javax.servlet.http.HttpServletRequest request)
User	getUserByLogin(String login)	Finds a user by its login name.
UserGroup	getUserGroupByGroupID(String groupID)	Finds a user group by its login name.
protected String	getUserGroupTypeCode()
protected String	getUserTypeCode()	Gets the code of the User composed type.
void	init()	called once for each tenant, so this method fits best to perform some initialization stuff
boolean	isAdmin(Customer customer)
boolean	isAdmin(Employee employee)
boolean	isAdmin(User user)
static boolean	isCustomersAllowedAsAdmin()
protected boolean	isPlainTextPasswordStored(User user)
protected void	notifyItemRemoval(SessionContext ctx, Item item)	Superclass method overridden to avoid calls to ejb layer.
void	removeItem(Item item)
void	setPasswordCheckingStrategy(PasswordCheckingStrategy paramPasswordCheckingStrategy)
void	storeLoginTokenCookie(String name, String uid, String language, String passwd, String path, String domain, boolean secure, int ttl, javax.servlet.http.HttpServletResponse response)
void	storeLoginTokenCookie(String name, String uid, String language, String passwd, String path, javax.servlet.http.HttpServletResponse response)
void	storeLoginTokenCookie(String uid, String language, String passwd, String path, javax.servlet.http.HttpServletResponse response)
void	storeLoginTokenCookie(String uid, String language, String passwd, javax.servlet.http.HttpServletResponse response)	Stores given login informations at a cookie of given session.
Object	writeReplace()

Methods inherited from class de.hybris.platform.jalo.Manager

afterItemCreation, beforeItemCreation, destroy, extractNonRequiredRemoteFromItem, extractRequiredRemoteFromItem, getAllValuesSessionContext, getAttribute, getAttributeMap, getFirstItemByAttribute, getFirstItemByAttribute, getRemote, getRemoteManagerClass, getSession, getSingletonManagerInstance, getTenant, getTransientObject, getTransientObjectMap, setAttribute, setTenant, setTransientObject, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

BEAN_NAME

public static final String BEAN_NAME

Identifier of this manager used at core-spring.xml spring configuration.

See Also:

• Constant Field Values

FIELD_NAME

public static final String FIELD_NAME

Search property constant denoting the address field name to search in.

See Also:

• Constant Field Values

SEARCH_PATTERN

public static final String SEARCH_PATTERN

Search property constant denoting the address field value to search for.

See Also:

• Constant Field Values

CONFIG_ALLOW_CUSTOMER_ADMIN

public static final String CONFIG_ALLOW_CUSTOMER_ADMIN

See Also:

• Constant Field Values

ALLOW_CUSTOMER_ADMIN_DEFAULT

public static final boolean ALLOW_CUSTOMER_ADMIN_DEFAULT

See Also:

• Constant Field Values

Constructor Details

UserManager

public UserManager()

Method Details

init

public void init()

Description copied from class: Manager

called once for each tenant, so this method fits best to perform some initialization stuff

Overrides:

init in class Manager

getInstance

public static UserManager getInstance()

Gets the instance of this manager.

Returns:

instance of this manager

checkBeforeItemRemoval

protected void checkBeforeItemRemoval(SessionContext ctx,
 Item item)
                               throws ConsistencyCheckException

Avoids call to ejb layer except for Principals.

Overrides:

checkBeforeItemRemoval in class Manager

Parameters:

ctx - the current session context

item - the item which should be removed

Throws:

ConsistencyCheckException - thrown to abort removal due to consistency errors

Since:

2.10

notifyItemRemoval

protected void notifyItemRemoval(SessionContext ctx,
 Item item)

Superclass method overridden to avoid calls to ejb layer.

Overrides:

notifyItemRemoval in class Manager

Parameters:

ctx - the currency session context

item - the item which is going to be removed

Since:

2.10

getUserTypeCode

protected String getUserTypeCode()

Gets the code of the User composed type.

getUserGroupTypeCode

protected String getUserGroupTypeCode()

getTitleTypeCode

protected String getTitleTypeCode()

getAddressTypeCode

protected String getAddressTypeCode()

getCustomerType

protected ComposedType getCustomerType()

getEmployeeType

protected ComposedType getEmployeeType()

getAllUsers

public Collection getAllUsers()

Returns all users (excluding all UserGroups).

Returns:

a Collection of all users.

findUsers

public Collection findUsers(ComposedType type,
 String uid,
 String name,
 String description)

Searches for specific users.

Parameters:

type - The ComposedType which restricts the search or null to search all 'User' types

uid - The uid to search or null to search all

name - The name to search or null to search all

description - The description to search or null to search all

Returns:

collection with users, which fulfills the criteria

findUsers

public Collection<? extends User> findUsers(ComposedType type,
 String uid,
 String name,
 String description,
 boolean disableRestrictions)

Searches for specific users.

Parameters:

type - The ComposedType which restricts the search or null to search all 'User' types

uid - The uid to search or null to search all

name - The name to search or null to search all

description - The description to search or null to search all

disableRestrictions - will search restrictions be disabled?

Returns:

collection with users, which fulfills the criteria

getAllPrincipals

public Collection getAllPrincipals()

Returns absolute every user and usergroup stored in the system. But be warned: this method may be inperformant, especially in larger setups.

Returns:

a Collection of all principals.

getAllCustomers

public Collection getAllCustomers()

Finds all customer users. Please note that this does not include customer subclasses but just the hybris platform core customer user type!

Returns:

a Collection of all customers.

getAllEmployees

public Collection getAllEmployees()

Finds all employees. Please note that this does not include employee subclasses but just the hybris platform core employee user type!

Returns:

a Collection of all employees.

getAllUserGroups

public Collection getAllUserGroups()

Finds all user groups. Please note that this does not include usergroup subclasses but just the hybris platform core usergroup user type!

Returns:

a Collection of all user groups.

findUserGroups

public Collection findUserGroups(ComposedType type,
 String groupId,
 String name,
 String description)

Searches for specific users groups.

Parameters:

type - The ComposedType which restricts the search or null to search all 'UserGroup' types

groupId - The groupid to search or null to search all

name - The name to search or null to search all

description - The description to search or null to search all

Returns:

collection with user groups, which fulfills the criteria

findUserGroups

public Collection<? extends UserGroup> findUserGroups(ComposedType type,
 String groupId,
 String name,
 String description,
 boolean disableRestrictions)

Searches for specific users groups.

Parameters:

type - The ComposedType which restricts the search or null to search all 'UserGroup' types

groupId - The groupid to search or null to search all

name - The name to search or null to search all

description - The description to search or null to search all

disableRestrictions - will search restrictions be disabled?

Returns:

collection with user groups, which fulfills the criteria

getAllTitles

public Collection getAllTitles()

Returns all titles.

Returns:

a Collection of all titles.

getAllAddresses

public Collection getAllAddresses()

Returns all addresses.

Returns:

a Collection of all addresses.

getCustomerByLogin

public Customer getCustomerByLogin(String login)
                            throws JaloItemNotFoundException

Find a customer by its login name.

Returns:

the Customer with the specified login.

Throws:

JaloItemNotFoundException - if there is no Customer with the specified login.

getEmployeeByLogin

public Employee getEmployeeByLogin(String login)
                            throws JaloItemNotFoundException

Finds an employee by its login name.

Returns:

the Employee with the specified login.

Throws:

JaloItemNotFoundException - if there is no Employee with the specified login.

getUserByLogin

public User getUserByLogin(String login)
                    throws JaloItemNotFoundException

Finds a user by its login name.

Returns:

the User with the specified login.

Throws:

JaloItemNotFoundException - if there is no User with the specified login.

getUserGroupByGroupID

public UserGroup getUserGroupByGroupID(String groupID)
                                throws JaloItemNotFoundException

Finds a user group by its login name.

Returns:

the UserGroup with the specified ID.

Throws:

JaloItemNotFoundException - if there is no UserGroup with the specified ID.

createCustomer

public Customer createCustomer(String login)
                        throws ConsistencyCheckException

Creates a new Customer.

Returns:

the new Customer

Throws:

ConsistencyCheckException - if this login name is already used

createCustomer

public Customer createCustomer(PK pk,
 String login)
                        throws ConsistencyCheckException

Creates a new Customer.

Parameters:

pk - the pk for the new item; it will be equipped with type code additionally (-)

Returns:

the new Customer

Throws:

ConsistencyCheckException - if this login name is already used

createEmployee

public Employee createEmployee(String login)
                        throws ConsistencyCheckException

Creates a new Employee.

Returns:

the new Employee

Throws:

ConsistencyCheckException - if this login name is already used

createEmployee

public Employee createEmployee(PK pk,
 String login)
                        throws ConsistencyCheckException

Creates a new Employee.

Parameters:

pk - the pk for the new item; it will be equipped with type code additionally (-)

Returns:

the new Employee

Throws:

ConsistencyCheckException - if this login name is already used

createUserGroup

public UserGroup createUserGroup(String uid)
                          throws ConsistencyCheckException

Creates a new UserGroup.

Parameters:

uid - the ID of the new UserGroup

Returns:

the new UserGroup

Throws:

ConsistencyCheckException - if this login name is already used

createUserGroup

public UserGroup createUserGroup(PK pkBase,
 String groupId)
                          throws ConsistencyCheckException

Creates a new UserGroup.

Parameters:

pkBase - the pk for the new item; it will be equipped with type code additionally (-)

groupId - the ID of the new UserGroup

Returns:

the new UserGroup

Throws:

ConsistencyCheckException - if this login name is already used

createUser

public User createUser(String uid)
                throws ConsistencyCheckException

Creates a new User.

Returns:

the new User

Throws:

ConsistencyCheckException - if this login name is already used

createUser

public User createUser(PK pk,
 String uid)
                throws ConsistencyCheckException

Creates a new User.

Parameters:

pk - the pk for the new item; it will be equipped with type code additionally (-)

Returns:

the new User

Throws:

ConsistencyCheckException - if this login name is already used

createUser

public User createUser(PK pkBase,
 String userID,
 ComposedType type)
                throws ConsistencyCheckException

Creates a new User with a specified user type.

Parameters:

pkBase - the pk for the new item; it will be equipped with type code additionally (-)

type - the item type of the new user item

Returns:

the new User

Throws:

ConsistencyCheckException - if this login name is already used

createTitle

public Title createTitle(String code)
                  throws ConsistencyCheckException

Creates a new Title.

Parameters:

code - the code.

Returns:

the new Title

Throws:

ConsistencyCheckException - if the code is already in use.

createTitle

public Title createTitle(PK pkBase,
 String code)
                  throws ConsistencyCheckException

Creates a new Title.

Parameters:

pkBase - the pk for the new item; it will be equipped with type code additionally (-)

code - the code.

Returns:

the new Title

Throws:

ConsistencyCheckException - if the code is already in use.

getTitleByCode

public Title getTitleByCode(String code)
                     throws JaloItemNotFoundException

Returns the Title with the specified code.

Parameters:

code - the searched code

Returns:

the Title with the specified code

Throws:

JaloItemNotFoundException - if there is no Title with the specified code

getAdminEmployee

public Employee getAdminEmployee()

Returns the admin employee. Nevertheless there may be multiple admin employees; these are all members of the admin user group.

Returns:

the admin employee

Throws:

JaloInternalException - if admin can not be found

isAdmin

public boolean isAdmin(User user)

isAdmin

public boolean isAdmin(Employee employee)

isAdmin

public boolean isAdmin(Customer customer)

isCustomersAllowedAsAdmin

public static boolean isCustomersAllowedAsAdmin()

getAnonymousCustomer

public Customer getAnonymousCustomer()

Returns the anonymous customer.

Returns:

the anonymous customer

Throws:

JaloInternalException - if anonymous can not be found

getAdminUserGroup

public UserGroup getAdminUserGroup()

Returns the admin user group. All members automatically have admin permissions.

Returns:

the admin user group

getAllAddresses

public Collection getAllAddresses(Item owner)

Returns all address of the given owner.

Parameters:

owner - the Item whose addresses will be returned.

Returns:

a Collection of all address of the given owner.

createAddress

public Address createAddress(Item item)

Creates address for given item.

Parameters:

item - - for this item address will be created

Returns:

created address

createAddress

public Address createAddress(PK pkBase,
 Item item,
 boolean asCopy)

Creates address for given item.

Parameters:

item - - for this item address will be created

Returns:

created address

createAddress

public Address createAddress(PK pkBase,
 Item item)

Creates address for given item.

Parameters:

item - - for this item address will be created

Returns:

created address

createAddress

protected Address createAddress(PK pkBase,
 Item owner,
 Address original,
 Country country,
 Region region,
 Title title,
 JaloPropertyContainer props)

generateCustomerID

public String generateCustomerID()

Generates a new customer ID using the number series with identifier NumberSeriesConstants.Series#CUSTOMER_ID. This number will be unique in relation to all id's generated by this method before.

Returns:

new customer id

Since:

public since 3.1-u6, before protected

getLoginToken

public LoginToken getLoginToken(javax.servlet.http.HttpServletRequest request)

Tries to get a login token from request. First it tries to extract it from url, then from cookie.

getCookieBasedLoginToken

public CookieBasedLoginToken getCookieBasedLoginToken(javax.servlet.http.HttpServletRequest request)

getURLBasedLoginToken

public StringBasedLoginToken getURLBasedLoginToken(javax.servlet.http.HttpServletRequest request)

generateLoginTokenCookieValue

@Deprecated(since="2011",
            forRemoval=true)
public String generateLoginTokenCookieValue(String uid,
 String languageISO,
 String plainTextPassword)
                                     throws EJBPasswordEncoderNotFoundException

Deprecated, for removal: This API element is subject to removal in a future version.

since 2011, use generateLoginTokenCookieValue(String, String, String, Integer)

Generates a value entry for a CookieBasedLoginToken instance, which will be used by some web apps (like printcockpit, hmc, ...) for an 'auto' login process All occurrences if possible should be replace with generateLoginTokenCookieValue(User, String)

Returns:

the generated token. format: ${user PK}${language PK}${password} (sample: 11326704420716009013969790041776ee10c315eba2c75b403ea79136f5b38d)

Throws:

EJBPasswordEncoderNotFoundException

generateLoginTokenCookieValue

public String generateLoginTokenCookieValue(User user,
 String languageISO)
                                     throws EJBPasswordEncoderNotFoundException

Returns:

generated token format: ${user PK}${language PK}

Throws:

EJBPasswordEncoderNotFoundException

generateLoginTokenCookieValue

public String generateLoginTokenCookieValue(String uid,
 String languageISO,
 String plainTextPassword,
 Integer ttl)
                                     throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

doGenerateLoginTokenCookieValue

@Deprecated(since="2011",
            forRemoval=true)
protected String doGenerateLoginTokenCookieValue(String uid,
 String languageISO,
 String plainTextPassword,
 User user)
                                          throws EJBPasswordEncoderNotFoundException

Deprecated, for removal: This API element is subject to removal in a future version.

since 2011, use doGenerateLoginTokenCookieValue(String, String, String, User, Integer)

Throws:

EJBPasswordEncoderNotFoundException

doGenerateLoginTokenCookieValue

protected String doGenerateLoginTokenCookieValue(String uid,
 String languageISO,
 String plainTextPassword,
 User user,
 Integer ttl)
                                          throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

getEncodedPasswordForLoginCookie

protected String getEncodedPasswordForLoginCookie(String uid,
 String plainTextPassword,
 User user)
                                           throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

getEncodedPasswordWithSalt

protected String getEncodedPasswordWithSalt(User user,
 String passwordToEncode,
 String saltToAdd)

storeLoginTokenCookie

public void storeLoginTokenCookie(String uid,
 String language,
 String passwd,
 javax.servlet.http.HttpServletResponse response)
                           throws EJBPasswordEncoderNotFoundException

Stores given login informations at a cookie of given session. The parameters of the cookie can be configured via system properties with keys defined at CookieBasedLoginToken.

Throws:

EJBPasswordEncoderNotFoundException

storeLoginTokenCookie

public void storeLoginTokenCookie(String uid,
 String language,
 String passwd,
 String path,
 javax.servlet.http.HttpServletResponse response)
                           throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

storeLoginTokenCookie

public void storeLoginTokenCookie(String name,
 String uid,
 String language,
 String passwd,
 String path,
 javax.servlet.http.HttpServletResponse response)
                           throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

storeLoginTokenCookie

public void storeLoginTokenCookie(String name,
 String uid,
 String language,
 String passwd,
 String path,
 String domain,
 boolean secure,
 int ttl,
 javax.servlet.http.HttpServletResponse response)
                           throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

deleteLoginTokenCookie

public void deleteLoginTokenCookie(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)

Deletes a cookie at given request according to storeLoginTokenCookie(String, String, String, HttpServletResponse) method.

isPlainTextPasswordStored

protected boolean isPlainTextPasswordStored(User user)

getLoginTokenPasswordEncoder

protected PasswordEncoder getLoginTokenPasswordEncoder(User user)
                                                throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

writeReplace

public Object writeReplace()
                    throws ObjectStreamException

Specified by:

writeReplace in class Manager

Throws:

ObjectStreamException

checkPassword

public boolean checkPassword(User user,
 String plainPassword)
                      throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

checkPassword

public boolean checkPassword(User user,
 LoginToken token)
                      throws EJBPasswordEncoderNotFoundException

Throws:

EJBPasswordEncoderNotFoundException

setPasswordCheckingStrategy

public void setPasswordCheckingStrategy(PasswordCheckingStrategy paramPasswordCheckingStrategy)

getPasswordCheckingStrategy

public PasswordCheckingStrategy getPasswordCheckingStrategy()

removeItem

public void removeItem(Item item)
                throws ConsistencyCheckException

Throws:

ConsistencyCheckException