uk.ac.ed.epcc.webapp.session

Interface SessionService<A extends AppUser>

Type Parameters:

A - type of AppUser

All Superinterfaces:

AppContextCleanup, AppContextService<SessionService<A>>, Contexed

All Known Implementing Classes:

AbstractSessionService, ServletSessionService, SimpleSessionService

public interface SessionService<A extends AppUser>
extends Contexed, AppContextService<SessionService<A>>

AppContextService for managing session information. This encodes all information about the current authenticated user, most importantly their roles. The users may also have a database representation as an AppUser object which can also be stored in this service. If no database representation of the users is required then the getLoginFactory should return null but the getName and role methods can still be used.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ADMIN_ROLE Default administrator role.

Method Summary

Modifier and Type	Method and Description
void	addSecurityContext(java.util.Map att) Add context parameters for security logging.
boolean	canHaveRole(A user, java.lang.String role) query the default role set for the specified user.
default boolean	canHaveRoleFromList(A user, java.lang.String... roles)
void	clearCurrentPerson() remove the current person
void	flushRelationships() clear the internal relationship cache as things may have changed
boolean	getApplyToggle() are toggle roles currently enabled
java.lang.Object	getAttribute(java.lang.String key) retrieve an object stored in the session.
java.util.Date	getAuthenticationTime() If there is a current user return the time they authenticated This should only record a user-present authentication not API access via a token
java.lang.String	getAuthenticationType() Get the authentication type used for the session.
A	getCurrentPerson() get the current person if known
BaseFilter<A>	getGlobalRoleFilter(java.lang.String role) get a BaseFilter for all AppUsers who have access to a global role.
java.util.Locale	getLocale() Get the Locale to use in the current context
AppUserFactory<A>	getLoginFactory() get the concrete factory class for the AppUser used by this application
java.lang.String	getName() Get the Name for the current user.
<T extends DataObject> BaseFilter<A>	getPersonInRelationshipRoleFilter(DataObjectFactory<T> fac, java.lang.String role, T target) get a BaseFilter representing the set of AppUsers that are in a particular relationship-role with a target object.
BaseFilter<A>	getPersonInRoleFilter(java.lang.String... role_list) Get a filter for AppUsers that can be in any of the specified global roles.
<T extends DataObject> BaseFilter<T>	getRelationshipRoleFilter(DataObjectFactory<T> fac, java.lang.String role) get a BaseFilter representing the set of target objects that the current user has a particular relationship-role with.
<T extends DataObject> BaseFilter<T>	getRelationshipRoleFilter(DataObjectFactory<T> fac, java.lang.String role, BaseFilter<T> fallback) get a BaseFilter representing the set of target objects that the current user has a particular relationship-role with.
java.util.Set<java.lang.String>	getStandardRoles() Get the set of standard roles.
<T extends DataObject> BaseFilter<T>	getTargetInRelationshipRoleFilter(DataObjectFactory<T> fac, java.lang.String role, A person) get a BaseFilter representing the set of targets that a specified AppUser is in a particular relationship-role with.
java.util.TimeZone	getTimeZone()
java.lang.Boolean	getToggle(java.lang.String role) get the current State of a role toggle or null if not a toggle role
java.util.Set<java.lang.String>	getToggleRoles() Get the set of toggle roles for the current user.
<T extends DataObject> boolean	hasRelationship(DataObjectFactory<T> fac, T target, java.lang.String role) Method to check relationships on a specified target object.
default <T extends DataObject> boolean	hasRelationship(DataObjectFactory<T> fac, T target, java.lang.String role, boolean fallback) Method to check relationships on a specified target object.
<T extends DataObject> boolean	hasRelationship(DataObjectFactory<T> fac, T target, java.lang.String role, java.util.function.Supplier<java.lang.Boolean> fallback) Method to check relationships on a specified target object.
boolean	hasRole(java.lang.String role) Does the current user have the specified role.
default boolean	hasRoleFromList(java.lang.String... roles) check for membership of any of the roles in list
boolean	haveCurrentUser() Can we generate an AppUser for this session.
boolean	isAuthenticated() Tests if the session has already authenticated.
boolean	isCurrentPerson(A person) does the current session correspond to the person.
void	logOut() Clear current person and any saved state
java.lang.String	mapRoleName(java.lang.String role) Perform role-name mapping.
default <T extends DataObject> boolean	personHasRelationship(A person, DataObjectFactory<T> fac, T target, java.lang.String role, java.util.function.Supplier<java.lang.Boolean> fallback) Convenience method to query the relationships of a specified person rather than the current user Note this will not consider global roles unless the person matches the current person
void	removeAttribute(java.lang.String key) remove object from session
void	setApplyToggle(boolean value) enable/disable the toggle checks for this session
void	setAttribute(java.lang.String key, java.lang.Object value) Store an object in the session.
void	setAuthenticationTime(java.util.Date d) Set the authentication time
void	setAuthenticationType(java.lang.String type) Set the authenticaiton type used for the session.
void	setCurrentPerson(A person) Set the current person
void	setCurrentPerson(int id) Set the current person by id
void	setCurrentRoleToggle(java.util.Map<java.lang.String,java.lang.Boolean> toggle_map) Remember the current role_map belonging to the current user.
void	setRole(A user, java.lang.String role, boolean value) request a role change for a specified user.
void	setTempRole(java.lang.String role) Set a temporary (not stored to database) role.
void	setToggle(java.lang.String name, boolean value) Set the toggle state of a role
java.lang.Boolean	toggleRole(java.lang.String name) Toggle the state of a role return the new value of the toggle or null if its not a togglable role

Methods inherited from interface uk.ac.ed.epcc.webapp.Contexed

getContext

Methods inherited from interface uk.ac.ed.epcc.webapp.AppContextService

getType

Methods inherited from interface uk.ac.ed.epcc.webapp.AppContextCleanup

cleanup

Field Detail

ADMIN_ROLE

static final java.lang.String ADMIN_ROLE

Default administrator role.

See Also:

Constant Field Values

Method Detail

getName

java.lang.String getName()

Get the Name for the current user. This method can still be used when no login factory is configured.

Returns:

String

haveCurrentUser

boolean haveCurrentUser()

Can we generate an AppUser for this session.

Returns:

true if we know the current user

hasRole

boolean hasRole(java.lang.String role)

Does the current user have the specified role. Always returns false if user is not known;

Parameters:

role -

Returns:

boolean

getToggleRoles

java.util.Set<java.lang.String> getToggleRoles()

Get the set of toggle roles for the current user. These are roles that a user can enable/disable on request.

Returns:

Set of role names.

getToggle

java.lang.Boolean getToggle(java.lang.String role)

get the current State of a role toggle or null if not a toggle role

Parameters:

role -

Returns:

Boolean or null

setToggle

void setToggle(java.lang.String name,
               boolean value)

Set the toggle state of a role

Parameters:

name - String role to set

value - boolean value to set

setApplyToggle

void setApplyToggle(boolean value)

enable/disable the toggle checks for this session

Parameters:

value -

getApplyToggle

boolean getApplyToggle()

are toggle roles currently enabled

Returns:

toggleRole

java.lang.Boolean toggleRole(java.lang.String name)

Toggle the state of a role return the new value of the toggle or null if its not a togglable role

Parameters:

name - String role to toggle

Returns:

Boolean or null

setCurrentRoleToggle

void setCurrentRoleToggle(java.util.Map<java.lang.String,java.lang.Boolean> toggle_map)

Remember the current role_map belonging to the current user.

Parameters:

toggle_map -

getCurrentPerson

A getCurrentPerson()

get the current person if known

Returns:

AppUser or null

setCurrentPerson

void setCurrentPerson(A person)

Set the current person

Parameters:

person -

isCurrentPerson

boolean isCurrentPerson(A person)

does the current session correspond to the person.

Parameters:

person -

Returns:

boolean

setCurrentPerson

void setCurrentPerson(int id)

Set the current person by id

Parameters:

id -

clearCurrentPerson

void clearCurrentPerson()

remove the current person

getAuthenticationTime

java.util.Date getAuthenticationTime()

If there is a current user return the time they authenticated This should only record a user-present authentication not API access via a token

Returns:

setAuthenticationTime

void setAuthenticationTime(java.util.Date d)

Set the authentication time

Parameters:

d -

getAuthenticationType

java.lang.String getAuthenticationType()

Get the authentication type used for the session. This should be one of "password" or a remote auth realm

Returns:

setAuthenticationType

void setAuthenticationType(java.lang.String type)

Set the authenticaiton type used for the session. This should be one of "password" or a remote auth realm.

Parameters:

type -

logOut

void logOut()

Clear current person and any saved state

getLoginFactory

AppUserFactory<A> getLoginFactory()

get the concrete factory class for the AppUser used by this application

Returns:

AppUserFactory

hasRoleFromList

default boolean hasRoleFromList(java.lang.String... roles)

check for membership of any of the roles in list

Parameters:

role_list -

Returns:

boolean

setRole

void setRole(A user,
             java.lang.String role,
             boolean value)
      throws java.lang.UnsupportedOperationException

request a role change for a specified user. This is an optional operation as a session service may not have the ability to modify roles.

Parameters:

user -

role -

value -

Throws:

java.lang.UnsupportedOperationException

setTempRole

void setTempRole(java.lang.String role)

Set a temporary (not stored to database) role.

Parameters:

role -

canHaveRole

boolean canHaveRole(A user,
                    java.lang.String role)

query the default role set for the specified user. This only queries the roles managed directly by the session service. This method should reflect the state set by setRole and should not be used to query the current roles of the current user. No role mapping is applied

Parameters:

user -

role -

Returns:

is role permitted.

getGlobalRoleFilter

BaseFilter<A> getGlobalRoleFilter(java.lang.String role)

get a BaseFilter for all AppUsers who have access to a global role. This is the same selection as {@link #canHaveRole(AppUser, String)

Parameters:

role -

Returns:

canHaveRoleFromList

default boolean canHaveRoleFromList(A user,
                                    java.lang.String... roles)

setAttribute

void setAttribute(java.lang.String key,
                  java.lang.Object value)

Store an object in the session. Objects stored in the session should not contain references to the AppContext as the AppContext might have a shorter lifetime. t

Parameters:

key -

value -

removeAttribute

void removeAttribute(java.lang.String key)

remove object from session

Parameters:

key -

getAttribute

java.lang.Object getAttribute(java.lang.String key)

retrieve an object stored in the session.

Parameters:

key -

Returns:

Object or null

getLocale

java.util.Locale getLocale()

Get the Locale to use in the current context

Returns:

Locale

getStandardRoles

java.util.Set<java.lang.String> getStandardRoles()

Get the set of standard roles. Used by add-role forms etc.

Returns:

getTimeZone

java.util.TimeZone getTimeZone()

mapRoleName

java.lang.String mapRoleName(java.lang.String role)

Perform role-name mapping. This allows multiple specific roles to be mapped to a single meta-role.

Parameters:

role - specific role requests

Returns:

String actual role to use

getRelationshipRoleFilter

<T extends DataObject> BaseFilter<T> getRelationshipRoleFilter(DataObjectFactory<T> fac,
                                                               java.lang.String role)
                                                        throws UnknownRelationshipException

get a BaseFilter representing the set of target objects that the current user has a particular relationship-role with.

Parameters:

fac - DataObjectFactory for target object

role -

Returns:

BaseFilter

Throws:

UnknownRelationshipException

getRelationshipRoleFilter

<T extends DataObject> BaseFilter<T> getRelationshipRoleFilter(DataObjectFactory<T> fac,
                                                               java.lang.String role,
                                                               BaseFilter<T> fallback)

get a BaseFilter representing the set of target objects that the current user has a particular relationship-role with. If the named relationship is defined it is used to narrow the selection of the fallback filter. Otherwise just the fallback filter is returned.

Parameters:

fac - DataObjectFactory for target object

role -

fallback - BaseFilter to use by default.

Returns:

BaseFilter

getPersonInRelationshipRoleFilter

<T extends DataObject> BaseFilter<A> getPersonInRelationshipRoleFilter(DataObjectFactory<T> fac,
                                                                       java.lang.String role,
                                                                       T target)
                                                                throws UnknownRelationshipException

get a BaseFilter representing the set of AppUsers that are in a particular relationship-role with a target object. A null target selects all AppUsers that have the specified role with any target matched by the factories default DataObjectFactory.getDefaultRelationshipFilter().

Parameters:

fac -

role -

target -

Returns:

BaseFilter

Throws:

UnknownRelationshipException

getPersonInRoleFilter

BaseFilter<A> getPersonInRoleFilter(java.lang.String... role_list)

Get a filter for AppUsers that can be in any of the specified global roles. as defined in canHaveRoleFromList(AppUser, String...)

Parameters:

role_list -

Returns:

getTargetInRelationshipRoleFilter

<T extends DataObject> BaseFilter<T> getTargetInRelationshipRoleFilter(DataObjectFactory<T> fac,
                                                                       java.lang.String role,
                                                                       A person)
                                                                throws UnknownRelationshipException

get a BaseFilter representing the set of targets that a specified AppUser is in a particular relationship-role with.

Parameters:

fac -

role -

person -

Returns:

BaseFilter

Throws:

UnknownRelationshipException

hasRelationship

<T extends DataObject> boolean hasRelationship(DataObjectFactory<T> fac,
                                               T target,
                                               java.lang.String role)
                                        throws UnknownRelationshipException

Method to check relationships on a specified target object. Note that getRelationshipRoleFilter(DataObjectFactory, String) is sufficient for this in combination with DataObjectFactory.matches(BaseFilter, DataObject) but adding a method to SessionService reduces code duplication and adds to possibility of caching the results.

Parameters:

fac - DataObjectFactory

target - DataObject to test for relationship

role - String role to test

Returns:

boolean true if has relationship

Throws:

UnknownRelationshipException

hasRelationship

default <T extends DataObject> boolean hasRelationship(DataObjectFactory<T> fac,
                                                       T target,
                                                       java.lang.String role,
                                                       boolean fallback)

Method to check relationships on a specified target object.

Parameters:

fac - DataObjectFactory

target - DataObject to test for relationship

role - String role to test

fallback - boolean value to use if relationship undefined

Returns:

boolean true if has relationship

hasRelationship

<T extends DataObject> boolean hasRelationship(DataObjectFactory<T> fac,
                                               T target,
                                               java.lang.String role,
                                               java.util.function.Supplier<java.lang.Boolean> fallback)

Method to check relationships on a specified target object.

Parameters:

fac - DataObjectFactory

target - DataObject to test for relationship

role - String role to test

fallback - Supplier value to use if relationship undefined

Returns:

boolean true if has relationship

personHasRelationship

default <T extends DataObject> boolean personHasRelationship(A person,
                                                             DataObjectFactory<T> fac,
                                                             T target,
                                                             java.lang.String role,
                                                             java.util.function.Supplier<java.lang.Boolean> fallback)

Convenience method to query the relationships of a specified person rather than the current user Note this will not consider global roles unless the person matches the current person

Type Parameters:

T -

Parameters:

person -

fac -

target -

role -

fallback -

Returns:

isAuthenticated

boolean isAuthenticated()

Tests if the session has already authenticated. This can return false even if haveCurrentUser() could return true provided it is called first.

flushRelationships

void flushRelationships()

clear the internal relationship cache as things may have changed

addSecurityContext

void addSecurityContext(java.util.Map att)

Add context parameters for security logging.

Parameters:

att -