Serialized Form

  • Package com.broadleafcommerce.adminuser.resource.domain

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminPermission

      class AdminPermission extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • contextState
          MutabilityContextState contextState
          Deprecated.
          Used to expose this entity's mutability in a request context.

          For example, can be used to hint to the admin application to show this entity as read-only.

          See Also:
        • id
          String id
          Deprecated.
          The unique identifier for this permission.
        • name
          String name
          Deprecated.
          The name for this permission.

          This value should not be relied on as a unique identifier, but we do validate against duplicate names within the permission's context.

          See Also:
        • tenantId
          String tenantId
          Deprecated.
          The id of the tenant this permission is associated with.

          This is used to perform manual tenant discrimination - we do this because we require different behavior than what a Trackable implementation would provide.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminPermissionRef

      class AdminPermissionRef extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • attributes
          Map<String,Object> attributes
          Contains any additional properties of a permission that do not fit in the above fields.
        • id
          String id
          The ID of this permission as it exists in the system where roles are stored (default storage is Auth)
        • name
          String name
          The name of this permission. Must be hydrated.
        • tenantId
          String tenantId
          The tenant ID of this permission. TODO This currently appears to have no effect. Other than direct DB inserts, there is no valid way to set this value.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRestrictedPermission

      class AdminRestrictedPermission extends AdminRestrictedPrivilege implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • permission
          AdminPermissionRef permission
          Represents the permission that is being restricted.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRestrictedPrivilege

      class AdminRestrictedPrivilege extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • restriction
          AdminRestriction restriction
          Represents the restriction on a restricted entity

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRestrictedRole

      class AdminRestrictedRole extends AdminRestrictedPrivilege implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • role
          AdminRoleRef role
          Represents the Role that is being restricted.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRestriction

      class AdminRestriction extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • targets
          Set<String> targets
          Represents the targets of the restriction.
        • type
          String type
          Represents the type of the restriction.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRole

      class AdminRole extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • contextState
          MutabilityContextState contextState
          Deprecated.
          Used to expose this entity's mutability in a request context.

          For example, can be used to hint to the admin application to show this entity as read-only.

          See Also:
        • id
          String id
          Deprecated.
          The unique identifier for this role.
        • name
          String name
          Deprecated.
          The name for this role. This has no purpose other than labeling.

          This value should not be relied on as a unique identifier, but we do validate against duplicate names within the role's context.

          See Also:
        • parentRoleId
          String parentRoleId
          Deprecated.
          The id of the parent of this role (if any).

          This role will effectively inherit all of the AdminRole.permissions of its parent and any ancestors further up in the hierarchy.

          Global roles can only have global parents, while tenant roles can have parents from global or the same tenant.

          Furthermore, there is validation in place to prevent cycles from being created in a role's ancestry (role cannot become a parent of itself).

          See Also:
        • permissions
          Set<AdminPermissionRef> permissions
          Deprecated.
          The permissions directly assigned to this role. This is in addition to any permissions inherited from this role's ancestors.

          Global roles can only have global permissions, while tenant roles can have permissions from global or the same tenant.

          See Also:
        • tenantId
          String tenantId
          Deprecated.
          The id of the tenant this role is assigned to.

          This is used to perform manual tenant discrimination - we do this because we require different behavior than what a Trackable implementation would provide.

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminRoleRef

      class AdminRoleRef extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • attributes
          Map<String,Object> attributes
          Contains any additional properties of a role that do not fit in the above fields.
        • id
          String id
          The ID of this role as it exists in the system where roles are stored (default storage is Auth)
        • name
          String name
          The name of this role. Must be hydrated.
        • parentRoleId
          String parentRoleId
          The id of the parent of this role (if any).

          This role will effectively inherit all of the AdminRoleRef.permissions of its parent and any ancestors further up in the hierarchy.

          Global roles can only have global parents, while tenant roles can have parents from global or the same tenant.

          Furthermore, there is validation in place to prevent cycles from being created in a role's ancestry (role cannot become a parent of itself).

        • permissions
          Set<AdminPermissionRef> permissions
        • tenantId
          String tenantId
          The tenant ID of this role. TODO This currently appears to have no effect. Other than direct DB inserts, there is no valid way to set this value.
        • thirdPartyAssigned
          boolean thirdPartyAssigned
          Indicate if this role was assigned by a third party system

    • Class com.broadleafcommerce.adminuser.resource.domain.AdminUser

      class AdminUser extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • active
          boolean active
          A flag indicating whether the admin user account is enabled. If false, they will not be able to log in.

          This flag should be used if the admin user needs to be enabled/disabled for administrative reasons.

        • applicationAccess
          boolean applicationAccess
          Indicates whether this user has access at the application level or not.
        • applicationIds
          Set<String> applicationIds
          The ids of applications this user is a member of.
        • changePasswordRequired
          boolean changePasswordRequired
          A flag indicating whether the admin user account requires a password reset. If true, they will not be able to log in until they reset their password.
        • contextState
          MutabilityContextState contextState
          Used to expose this entity's mutability in a request context.

          For example, can be used to hint to the admin application to show this entity as read-only.

          See Also:
        • defaultApplicationId
          String defaultApplicationId
          The ids of applications this user is a member of.
        • defaultCommunicationPreference
          String defaultCommunicationPreference
          The default communication preference of the user.
        • defaultTimeZone
          String defaultTimeZone
          The default time zone for this user. It will be used to format the dates in the Admin panel if specified.
        • email
          String email
          The email address of the user.
        • expired
          boolean expired
          A flag indicating whether the admin user account is expired. If false, they will not be able to log in.

          This flag can be used to declare an account as expired and unusable, but currently there is no logic for that. It will always be false.

        • global
          boolean global
          If true, this user is a global user, meaning that they can access the global applications. If not, the user can only access the applications they are assigned to via AdminUser.applicationIds.
        • grantAnyAuthorityAllowed
          boolean grantAnyAuthorityAllowed
          A flag indicating whether the admin user account can grant any authority. If true, this user can grant any roles or permissions to any users without needing to have those permissions itself. If false, it can only grant authorities that the user itself has, either permissions that are directly assigned or inherited from AdminUser.roles within the specified AdminUser.restrictions, or permissions within their own specified restrictions from AdminUser.restrictedRoles or AdminUser.restrictedPermissions.
        • id
          String id
          The unique identifier for this user.
        • locked
          boolean locked
          A flag indicating whether the admin user account is locked due to too many failed login attempts.
        • name
          String name
          The name of this user.
        • permissions
          Set<AdminPermissionRef> permissions
          The permissions that this user is directly assigned (in addition to permissions granted through AdminUser.roles).

          These can only be permissions whose AdminPermission.tenantId is accessible from this user's AdminUser.tenantId.

          See Also:
        • phone
          String phone
          The phone number of the user.
        • restrictedPermissions
          Set<AdminRestrictedPermission> restrictedPermissions
          The permissions that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
          See Also:
        • restrictedRoles
          Set<AdminRestrictedRole> restrictedRoles
          The roles that this user is directly assigned that are restricted to only apply when accessing certain segments of data.
          See Also:
        • restrictions
          Set<AdminRestriction> restrictions
          The data restrictions that control the data this user is permitted to access.
          See Also:
        • roles
          Set<AdminRoleRef> roles
          The roles that this user is assigned. The user is granted all permissions that each of these roles are directly assigned or inherit from their ancestors.

          These can only be roles whose AdminRole.tenantId is accessible from this user's AdminUser.tenantId.

          See Also:
        • tenantAccess
          boolean tenantAccess
          Indicates whether this user has access at the tenant level or not.
        • tenantId
          String tenantId
          The id of the tenant this user is associated with.
        • tenantUser
          boolean tenantUser
          Deprecated.
          in favor of AdminUser.tenantAccess
          Indicates whether this is a tenant level user or not.
        • username
          String username
          The username of this user, used to log into the application. May be the same as AdminUser.email, but that is not necessary.

    • Class com.broadleafcommerce.adminuser.resource.domain.MutabilityContextState

      class MutabilityContextState extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • mutable
          boolean mutable
          Reports whether the owning entity is mutable from the request's context.

  • Package com.broadleafcommerce.adminuser.resource.web.endpoint.exception

  • Package com.broadleafcommerce.adminuser.user.domain

    • Class com.broadleafcommerce.adminuser.user.domain.User

      class User extends Object implements Serializable
      serialVersionUID:
      1L

      • Serialized Fields

        • applicationAccess
          boolean applicationAccess
          Indicate if this user has access to the application level
        • applicationIds
          Set<String> applicationIds
          The applications this user is restricted to.
        • attributes
          Map<String,Object> attributes
          Additional attributes of a user. All of a User's attributes that are available at the time of registration are available.
        • changePasswordRequired
          boolean changePasswordRequired
          A flag indicating whether the admin user account requires a password reset. If true, they will not be able to log in until they reset their password.
        • email
          String email
          The user's email address.
        • expired
          boolean expired
          A flag indicating whether the admin user account is expired. If false, they will not be able to log in.

          This flag can be used to declare an account as expired and unusable, but currently there is no logic for that. It will always be false.

        • externalId
          String externalId
          Intended to hold any unique identifier for this user as known by an external (non-BLC) system. For example, many implementations may integrate or import/export data from other systems that manage their own unique identifiers.
        • firstName
          String firstName
          The first name of the user, if the fullName is not being used for the user.
          See Also:
          • Customer#getName()
        • fullName
          String fullName
          The full name of the user.
          See Also:
          • Customer#getName()
        • id
          String id
        • lastName
          String lastName
          The last name of the user, if the fullName is not being used for the user.
          See Also:
          • Customer#getName()
        • locked
          boolean locked
          Indicates the user has been locked due to too many failed login attempts.
        • middleName
          String middleName
          The middle name of the user, if the fullName is not being used for the user.
          See Also:
          • Customer#getName()
        • phone
          String phone
          The user's phone number
        • roles
          Set<AdminRoleRef> roles
          The roles of the user. Not generally relevant, but is useful if user modification originates from the auth service.
        • serviceId
          String serviceId
          If the auth service received this user from a BLC service (ex: the admin user service or the customer service), this field will be the ID value used by that service for this user.

          If this value is set, there should also be a value set for User.type.

          Only if both values are non-null, a combination of this field and User.type will be unique across all records in the authentication service. There is no uniqueness guarantee for records which have a null service ID or null User.type.

          See Also:
          • User.type
        • tenantAccess
          boolean tenantAccess
          Indicate if this user has access to the tenant level
        • tenantId
          String tenantId
          The id of the tenant this user is associated with.
        • type
          String type
          Represents the type of user this is. This value must be supplied if User.serviceId is set.
          See Also:
          • User.serviceId
          • UserType
        • username
          String username
          What this user uses to actually log in. Often the same as User.email.

  • Package com.broadleafcommerce.adminuser.user.messaging

  • Package com.broadleafcommerce.adminuser.user.provider.jpa

  • Package com.broadleafcommerce.adminuser.user.provider.jpa.domain

  • Package com.broadleafcommerce.adminuser.user.service.exception