Package com.broadleafcommerce.adminuser.resource.domain

Class AdminUser

java.lang.Object
com.broadleafcommerce.adminuser.resource.domain.AdminUser
All Implemented Interfaces:
Serializable
public class AdminUser extends Object implements Serializable
Represents a user of the admin application. Can be assigned AdminRoles and AdminPermissions.

This domain is synchronized to the authentication service through messaging on each persistence event.

Author:
Samarth Dhruva (samarthd)
See Also:

  • Constructor Details

    • AdminUser

      public AdminUser()

  • Method Details

    • getRestrictedPermissionsPermissionRefs

      public Set<AdminPermissionRef> getRestrictedPermissionsPermissionRefs()
      Gets the AdminPermissionRef from restrictedPermissions.
      Returns:
      Set of permissions

    • getRestrictedRolesRoleRefs

      public Set<AdminRoleRef> getRestrictedRolesRoleRefs()
      Gets the AdminRoleRef from restrictedRoles.
      Returns:
      Set of roles

    • getExternalRoleNames

      public Set<String> getExternalRoleNames()
      Get this AdminUser's roles that were assigned by a third party authorization provider. Note, this will only be accurate if the system has hydrated the roles.
      Returns:
      Set of this AdminUser's roles that were assigned by a third party authorization provider.
      See Also:
      • roles

    • getId

      public String getId()
      The unique identifier for this user.

    • getName

      public String getName()
      The name of this user.

    • getUsername

      public String getUsername()
      The username of this user, used to log into the application. May be the same as email, but that is not necessary.

    • getEmail

      public String getEmail()
      The email address of the user.

    • getPhone

      public String getPhone()
      The phone number of the user.

    • getDefaultCommunicationPreference

      public String getDefaultCommunicationPreference()
      The default communication preference of the user.

    • isGlobal

      public boolean isGlobal()
      If true, this user is a global user, meaning that they can access the global applications. If not, the user can only access the applications they are assigned to via applicationIds.
      Returns:
      true if the user is a global user which can access global applications, false if the user can only access applications they are assigned to

    • isActive

      public boolean isActive()
      A flag indicating whether the admin user account is enabled. If false, they will not be able to log in.

      This flag should be used if the admin user needs to be enabled/disabled for administrative reasons.

      Returns:
      true if the admin user account is enabled, false otherwise

    • isLocked

      public boolean isLocked()
      A flag indicating whether the admin user account is locked due to too many failed login attempts.
      Returns:
      true if the admin user account is locked, false otherwise

    • isExpired

      public boolean isExpired()
      A flag indicating whether the admin user account is expired. If false, they will not be able to log in.

      This flag can be used to declare an account as expired and unusable, but currently there is no logic for that. It will always be false.

      Returns:
      true if the admin user account is expired, false otherwise

    • isChangePasswordRequired

      public boolean isChangePasswordRequired()
      A flag indicating whether the admin user account requires a password reset. If true, they will not be able to log in until they reset their password.
      Returns:
      true if the admin user's password is expired and requires a reset, false otherwise

    • isGrantAnyAuthorityAllowed

      public boolean isGrantAnyAuthorityAllowed()
      A flag indicating whether the admin user account can grant any authority. If true, this user can grant any roles or permissions to any users without needing to have those permissions itself. If false, it can only grant authorities that the user itself has, either permissions that are directly assigned or inherited from roles within the specified restrictions, or permissions within their own specified restrictions from restrictedRoles or restrictedPermissions.
      Returns:
      true if the admin user can grant any authority, false if the user can only grant authority that the user itself has

    • getRoles

      public Set<AdminRoleRef> getRoles()
      The roles that this user is assigned. The user is granted all permissions that each of these roles are directly assigned or inherit from their ancestors.

      These can only be roles whose AdminRole.tenantId is accessible from this user's tenantId.

      See Also:

    • getPermissions

      public Set<AdminPermissionRef> getPermissions()
      The permissions that this user is directly assigned (in addition to permissions granted through roles).

      These can only be permissions whose AdminPermission.tenantId is accessible from this user's tenantId.

      See Also:

    • getRestrictions

      public Set<AdminRestriction> getRestrictions()
      The data restrictions that control the data this user is permitted to access.
      See Also:

    • getRestrictedRoles

      public Set<AdminRestrictedRole> getRestrictedRoles()
      The roles that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
      See Also:

    • getRestrictedPermissions

      public Set<AdminRestrictedPermission> getRestrictedPermissions()
      The permissions that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
      See Also:

    • getApplicationIds

      public Set<String> getApplicationIds()
      The ids of applications this user is a member of.

    • getDefaultApplicationId

      @Nullable public String getDefaultApplicationId()
      The ids of applications this user is a member of.

    • getTenantId

      @Nullable public String getTenantId()
      The id of the tenant this user is associated with.

    • isTenantUser

      @Deprecated public boolean isTenantUser()
      Deprecated.
      in favor of tenantAccess
      Indicates whether this is a tenant level user or not.
      Returns:
      Is this a tenant level user?

    • isTenantAccess

      public boolean isTenantAccess()
      Indicates whether this user has access at the tenant level or not.
      Returns:
      Does this user have tenant level access?

    • isApplicationAccess

      public boolean isApplicationAccess()
      Indicates whether this user has access at the application level or not.
      Returns:
      Does this user have application level access?

    • getDefaultTimeZone

      public String getDefaultTimeZone()
      The default time zone for this user. It will be used to format the dates in the Admin panel if specified.
      Returns:
      The default time zone for this user

    • getContextState

      @Nullable public MutabilityContextState getContextState()
      Used to expose this entity's mutability in a request context.

      For example, can be used to hint to the admin application to show this entity as read-only.

      See Also:

    • setId

      public void setId(String id)
      The unique identifier for this user.

    • setName

      public void setName(String name)
      The name of this user.

    • setUsername

      public void setUsername(String username)
      The username of this user, used to log into the application. May be the same as email, but that is not necessary.

    • setEmail

      public void setEmail(String email)
      The email address of the user.

    • setPhone

      public void setPhone(String phone)
      The phone number of the user.

    • setDefaultCommunicationPreference

      public void setDefaultCommunicationPreference(String defaultCommunicationPreference)
      The default communication preference of the user.

    • setGlobal

      public void setGlobal(boolean global)
      If true, this user is a global user, meaning that they can access the global applications. If not, the user can only access the applications they are assigned to via applicationIds.
      Parameters:
      global - true if the user is a global user which can access global applications, false if the user can only access applications they are assigned to

    • setActive

      public void setActive(boolean active)
      A flag indicating whether the admin user account is enabled. If false, they will not be able to log in.

      This flag should be used if the admin user needs to be enabled/disabled for administrative reasons.

      Parameters:
      active - true if the admin user account is enabled, false otherwise

    • setLocked

      public void setLocked(boolean locked)
      A flag indicating whether the admin user account is locked due to too many failed login attempts.
      Parameters:
      locked - true if the admin user account is locked, false otherwise

    • setExpired

      public void setExpired(boolean expired)
      A flag indicating whether the admin user account is expired. If false, they will not be able to log in.

      This flag can be used to declare an account as expired and unusable, but currently there is no logic for that. It will always be false.

      Parameters:
      expired - true if the admin user account is expired, false otherwise

    • setChangePasswordRequired

      public void setChangePasswordRequired(boolean changePasswordRequired)
      A flag indicating whether the admin user account requires a password reset. If true, they will not be able to log in until they reset their password.
      Parameters:
      changePasswordRequired - true if the admin user's password is expired and requires a reset, false otherwise

    • setGrantAnyAuthorityAllowed

      public void setGrantAnyAuthorityAllowed(boolean grantAnyAuthorityAllowed)
      A flag indicating whether the admin user account can grant any authority. If true, this user can grant any roles or permissions to any users without needing to have those permissions itself. If false, it can only grant authorities that the user itself has, either permissions that are directly assigned or inherited from roles within the specified restrictions, or permissions within their own specified restrictions from restrictedRoles or restrictedPermissions.
      Parameters:
      grantAnyAuthorityAllowed - true if the admin user can grant any authority, false if the user can only grant authority that the user itself has

    • setRoles

      public void setRoles(Set<AdminRoleRef> roles)
      The roles that this user is assigned. The user is granted all permissions that each of these roles are directly assigned or inherit from their ancestors.

      These can only be roles whose AdminRole.tenantId is accessible from this user's tenantId.

      See Also:

    • setPermissions

      public void setPermissions(Set<AdminPermissionRef> permissions)
      The permissions that this user is directly assigned (in addition to permissions granted through roles).

      These can only be permissions whose AdminPermission.tenantId is accessible from this user's tenantId.

      See Also:

    • setRestrictions

      public void setRestrictions(Set<AdminRestriction> restrictions)
      The data restrictions that control the data this user is permitted to access.
      See Also:

    • setRestrictedRoles

      public void setRestrictedRoles(Set<AdminRestrictedRole> restrictedRoles)
      The roles that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
      See Also:

    • setRestrictedPermissions

      public void setRestrictedPermissions(Set<AdminRestrictedPermission> restrictedPermissions)
      The permissions that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
      See Also:

    • setApplicationIds

      public void setApplicationIds(Set<String> applicationIds)
      The ids of applications this user is a member of.

    • setDefaultApplicationId

      public void setDefaultApplicationId(@Nullable String defaultApplicationId)
      The ids of applications this user is a member of.

    • setTenantId

      public void setTenantId(@Nullable String tenantId)
      The id of the tenant this user is associated with.

    • setTenantUser

      @Deprecated public void setTenantUser(boolean tenantUser)
      Deprecated.
      in favor of tenantAccess
      Indicates whether this is a tenant level user or not.
      Parameters:
      tenantUser - Is this a tenant level user?

    • setTenantAccess

      public void setTenantAccess(boolean tenantAccess)
      Indicates whether this user has access at the tenant level or not.
      Parameters:
      tenantAccess - Does this user have tenant level access?

    • setApplicationAccess

      public void setApplicationAccess(boolean applicationAccess)
      Indicates whether this user has access at the application level or not.
      Parameters:
      applicationAccess - Does this user have application level access?

    • setDefaultTimeZone

      public void setDefaultTimeZone(String defaultTimeZone)
      The default time zone for this user. It will be used to format the dates in the Admin panel if specified.
      Parameters:
      defaultTimeZone - The default time zone for this user

    • setContextState

      public void setContextState(@Nullable MutabilityContextState contextState)
      Used to expose this entity's mutability in a request context.

      For example, can be used to hint to the admin application to show this entity as read-only.

      See Also:

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object