Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.sap.security.api
Interface IUser

All Superinterfaces:
IPrincipal, java.security.Principal, java.io.Serializable
All Known Subinterfaces:
IUserMaint
public interface IUser
extends java.security.Principal, IPrincipal

This interface provides read-access to the user's attributes, and offers basic support for authorization checking. Implementations of this interface must make sure that all get-methods with a return type of String, e.g. getFax(), getCompanyId() etc. return null if that attribute either does not exist or has a null value in the user store. This does NOT apply to the generic getAttribute...() methods.

If you want to keep and persist an identifier as a reference to an instance of IUser you must use method IPrincipal.getUniqueID(). As this identifier contains internal information and is usually not readable, it should not be used in end user interfaces.

Use methods IPrincipal.getDisplayName() or getUniqueName() in order to display attributes with a nice name for user interfaces.

Version:
1.0

Field Summary
static int DEFAULT_ACCESSIBILITY_LEVEL
          Constant used for user's default accessibility level
static int SCREENREADER_ACCESSIBILITY_LEVEL
          Constant used for user's screen reader support
static java.lang.String VERSIONSTRING
           
 
Fields inherited from interface com.sap.security.api.IPrincipal
BYTE_TYPE, DEFAULT_NAMESPACE, DEFAULT_RELATION_NAMESPACE, DESCRIPTION, DISPLAYNAME, PRINCIPAL_CREATION_DATE, PRINCIPAL_MODIFY_DATE, PRINCIPAL_RELATION_MEMBER_ATTRIBUTE, PRINCIPAL_RELATION_PARENT_ATTRIBUTE, STRING_TYPE, TRANSIENT_NAMESPACE, UNIQUE_NAME
 
Method Summary
 void checkPermission(java.security.Permission permission)
          If the user has the specified permission, this method does nothing.
 int getAccessibilityLevel()
          Gets the user's accessibilityLevel used for Screen Reader Support
 java.lang.String getCellPhone()
          Gets the user's default cellphone number.
 java.lang.String getCity()
          Gets the user's city.
 java.lang.String getCompany()
          Gets the user's company.
 java.lang.String getCountry()
          Gets the ISO-3166 two-letter uppercase code of the country where the user lives.
 java.lang.String getCurrency()
          Gets the three letter uppercase code of the user's currency, e.g.
 java.lang.String getDepartment()
          Gets the user's department.
 java.lang.String getEmail()
          Gets the user's default email address.
 java.lang.String getFax()
          Gets the user's default fax number.
 java.lang.String getFirstName()
          Gets the user's first name.
 java.lang.String getJobTitle()
          Gets the user's job title, e.g.
 java.lang.String getLastName()
          Gets the user's last name.
 java.util.Locale getLocale()
          Gets the user's Locale; this determines e.g.
 java.util.Iterator getParentGroups(boolean recursive)
          Gets the list of (all) parent groups including parents, grandparents, ...
 java.util.Iterator getRoles(boolean recursive)
          Gets the list of (all) assigned roles of this user including parent groups, grandparent groups,...
 java.lang.String getSalutation()
          Gets the user's salutation, e.g.
 java.lang.String getState()
          Gets the user's state or region.
 java.lang.String getStreet()
          Gets the user's street.
 java.lang.String getTelephone()
          Gets the user's default telephone number.
 java.util.TimeZone getTimeZone()
          Gets the user's time zone.
 java.lang.String getTitle()
          Gets the user's academic title or title of nobility
 java.lang.Object getTransientAttribute(java.lang.String namespace, java.lang.String name)
          Generic get method to access additional transient attributes.
 java.lang.String getUid()
          Deprecated. new applications should use IPrincipal.getUniqueID().
 java.lang.String getUniqueName()
          Get uniqueName of this IUser object.
 IUserAccount[] getUserAccounts()
          Returns an array of useraccount objects which are assigned to this user.
 java.util.Iterator getUserAccountUniqueIDs()
          Returns an iterator of String objects which represent the uniqueIDs of assigned IUserAccount objects
 IUserFactory getUserFactory()
          Gets the user factory which instantiated this user object.
 java.lang.String getZip()
          Gets the zip code of the user's city.
 boolean hasPermission(java.security.Permission permission)
          Returns true if the user has the given permission.
 boolean isCompanyUser()
          Checks if this user belongs to a company.
 boolean isMemberOfGroup(java.lang.String uniqueIdOfGroup, boolean recursive)
          Checks if the principal belongs to the passed uniqueIdOfGroup This method does a recursive search, so if this principal belongs to a group which is a member of this group, true is returned.
 boolean isMemberOfRole(java.lang.String uniqueIdOfRole, boolean recursive)
          Checks if the principal belongs to the passed roleId This method does a recursive search if parameter recursive is set to true.
 boolean setTransientAttribute(java.lang.String namespace, java.lang.String name, java.lang.Object o)
          Generic method to associate arbitrary data with a principal.
 
Methods inherited from interface java.security.Principal
equals, getName, hashCode, toString
 
Methods inherited from interface com.sap.security.api.IPrincipal
created, equals, getAttribute, getAttributeNames, getAttributeNamespaces, getAttributeType, getBinaryAttribute, getDisplayName, getParents, getUniqueID, hashCode, isExistenceChecked, isMutable, lastModified, refresh
 

Field Detail

VERSIONSTRING

public static final java.lang.String VERSIONSTRING

DEFAULT_ACCESSIBILITY_LEVEL

public static final int DEFAULT_ACCESSIBILITY_LEVEL
Constant used for user's default accessibility level

SCREENREADER_ACCESSIBILITY_LEVEL

public static final int SCREENREADER_ACCESSIBILITY_LEVEL
Constant used for user's screen reader support
Method Detail

getUid

public java.lang.String getUid()
Deprecated. new applications should use IPrincipal.getUniqueID().

Gets the user ID. This method is included for backward compatibility with the SAPMarkets user management only. New applications should not use it.

getJobTitle

public java.lang.String getJobTitle()
Gets the user's job title, e.g. Developer, Development Architect, Development Manager etc.
Returns:
String user's job title

getDepartment

public java.lang.String getDepartment()
Gets the user's department.
Returns:
String user's department

getTitle

public java.lang.String getTitle()
Gets the user's academic title or title of nobility
Returns:
String user's academic title

getSalutation

public java.lang.String getSalutation()
Gets the user's salutation, e.g. Mr., Ms., Mrs.
Returns:
String user's salutation

getFirstName

public java.lang.String getFirstName()
Gets the user's first name. This may include one or more middle names.
Returns:
String user's first name

getLastName

public java.lang.String getLastName()
Gets the user's last name. This may include second names.
Returns:
String user's last name

getStreet

public java.lang.String getStreet()
Gets the user's street. This may include house numbers, street numbers etc.
Returns:
String user's street address

getCity

public java.lang.String getCity()
Gets the user's city.
Returns:
String user's city

getZip

public java.lang.String getZip()
Gets the zip code of the user's city.
Returns:
String user's zip code

getState

public java.lang.String getState()
Gets the user's state or region.
Returns:
String user's state or region

getCountry

public java.lang.String getCountry()
Gets the ISO-3166 two-letter uppercase code of the country where the user lives. NOTE that this is independent from the country available via getCountry() of the user's Locale, since expatriate users may not have their Locale's country set to the country where they actually reside.
Returns:
String user's country

getLocale

public java.util.Locale getLocale()
Gets the user's Locale; this determines e.g. the language in which text is displayed to the user's and the style that numbers are formated. Applications needing to get the country where the user resides must call getCountry() instead of using the Locale's country.
Returns:
Locale user's locale object or null in case no locale is stored for this IUser object.

getTimeZone

public java.util.TimeZone getTimeZone()
Gets the user's time zone.
Returns:
TimeZone user's timezone object or null in case no timezone is stored for this IUser object.

NOTE: Do not modify this TimeZone object. For performance reasons the TimeZone object is only created once when method getTimeZone() is called the first time. In case you modify this TimeZone object you may encounter inconsistencies because the user object has a different Timezone value set on the persistence layer.

getCurrency

public java.lang.String getCurrency()
Gets the three letter uppercase code of the user's currency, e.g. DEM, EUR or USD.
Returns:
String user's currency

getTelephone

public java.lang.String getTelephone()
Gets the user's default telephone number.
Returns:
String user's telephone

getCellPhone

public java.lang.String getCellPhone()
Gets the user's default cellphone number.
Returns:
String user's cell phone

getFax

public java.lang.String getFax()
Gets the user's default fax number.
Returns:
String user's fax

getEmail

public java.lang.String getEmail()
Gets the user's default email address.
Returns:
String user's email

isCompanyUser

public boolean isCompanyUser()
Checks if this user belongs to a company.
Returns:
true if user belongs to company

getCompany

public java.lang.String getCompany()
Gets the user's company.
Returns:
String user's company id

getUserFactory

public IUserFactory getUserFactory()
Gets the user factory which instantiated this user object.
Returns:
{@see IUserFactory} user factory

hasPermission

public boolean hasPermission(java.security.Permission permission)
Returns true if the user has the given permission.
Returns:
true if the user has the given permission.

checkPermission

public void checkPermission(java.security.Permission permission)
                     throws java.security.AccessControlException
If the user has the specified permission, this method does nothing. If not, it will throw an AccessControlException, and possibly trigger appropriate tracing action.
Throws:
AccessControlException - if the user doesn't have the specified permission

getUserAccounts

public IUserAccount[] getUserAccounts()
                               throws UMException
Returns an array of useraccount objects which are assigned to this user. Returns a empty array of type IUserAccount in case that this user is not assigned to any accounts.
Returns:
IUserAccount[] user account objects associated with this user

getUserAccountUniqueIDs

public java.util.Iterator getUserAccountUniqueIDs()
                                           throws UMException
Returns an iterator of String objects which represent the uniqueIDs of assigned IUserAccount objects
Returns:
iterator of accounts assigned to this principal. The iterator contains String objects representing the uniqueIDs of assigned IUserAccount objects.

getAccessibilityLevel

public int getAccessibilityLevel()
Gets the user's accessibilityLevel used for Screen Reader Support
Returns:
accessibility level of screen reader support. If no value is set in datastore the default return value is DEFAULT_ACCESSIBILITY_LEVEL Following constants can be returned: DEFAULT_ACCESSIBILITY_LEVEL SCREENREADER_ACCESSIBILITY_LEVEL

getRoles

public java.util.Iterator getRoles(boolean recursive)
Gets the list of (all) assigned roles of this user including parent groups, grandparent groups,... if recursive is set to true NOTE: This method may also return roles which are already deleted.
Parameters:
recursive - if true returns all parent roles
Returns:
iterator of roles for this principal. The iterator contains uniqueIdOfRole strings

getParentGroups

public java.util.Iterator getParentGroups(boolean recursive)
Gets the list of (all) parent groups including parents, grandparents, ... if recursive is set to true
Parameters:
recursive - if true returns all parent groups
Returns:
iterator of groups of this user. The iterator contains uniqueIdOfGroup strings

isMemberOfRole

public boolean isMemberOfRole(java.lang.String uniqueIdOfRole,
                              boolean recursive)
Checks if the principal belongs to the passed roleId This method does a recursive search if parameter recursive is set to true. If this user belongs to a group which is a member of a role, true is returned.
Parameters:
uniqueIdOfRole - identifying the role
recursive - if true checks also all parent groups
Returns:
true if this user is directly or indirectly (via role membership) assigned.

isMemberOfGroup

public boolean isMemberOfGroup(java.lang.String uniqueIdOfGroup,
                               boolean recursive)
Checks if the principal belongs to the passed uniqueIdOfGroup This method does a recursive search, so if this principal belongs to a group which is a member of this group, true is returned.
Parameters:
uniqueIdOfGroup - the ID of the collection
Returns:
true if the principal is directly or indirectly (via group membership) assigned to uniqueIdOfGroup.

getUniqueName

public java.lang.String getUniqueName()
Get uniqueName of this IUser object. A (usually) unique readable name of an instance of IUser.

Note: Depending on the persistence layer it is not guaranteed that this name is unique. The uniqueName may change over time. Thus, do not persist the uniqueName. Always use the unique identifier of IPrincipal.getUniqueID() for this purpose.

Use the uniqueName for searching and displaying in user interfaces.

Returns:
uniqueName of object

getTransientAttribute

public java.lang.Object getTransientAttribute(java.lang.String namespace,
                                              java.lang.String name)
Generic get method to access additional transient attributes. These attributes are contained in separate namespaces, and are accessible via their names. Attributes that are in no distinct namespace are formally located in the namespace null.

Note: the transient attributes are instance specific.

Parameters:
namespace - namespace the attribute is in (may be null)
name - name of the attribute
Returns:
the values of the respective attribute, or null if this namespace or attribute within this namespace does not exist

setTransientAttribute

public boolean setTransientAttribute(java.lang.String namespace,
                                     java.lang.String name,
                                     java.lang.Object o)
Generic method to associate arbitrary data with a principal. The method will return true if values is different from the attribute's previous values, false otherwise. These texts are tansient and will not be stored in the persistence.
Parameters:
namespace - namespace of the attribute to set.
name - name of the attribute
o - value of the attribute
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © 2002 SAP AG All Rights Reserved.