Package de.xima.fc.interfaces.user

Interface IUser

All Superinterfaces:
Serializable
All Known Implementing Classes:
VirtualUser
public interface IUser extends Serializable
Common interface representing an authenticated user. Through this interface user information and permissions of the user can be accessed.
Since:
8.0.0
Author:
XIMA Media GmbH

  • Method Details

    • getUniversalReferenceId

      @NotBlank @NotBlank String getUniversalReferenceId()
      Returns:
      the universal reference ID of this user. The universal reference ID is unique for every user within the system across all authentication clients. See UserMgmtUtils.getUniversalReferenceId(EHashAlgorithm, String, String) for universal reference ID format.

    • getAuthenticationContext

      @Nullable IAuthenticationContext getAuthenticationContext()
      Returns:
      the authentication context for this user. The authentication context contains information about how the user authenticated. Virtual users don't have an authentication context because they have never been authenticated.

    • getEmail

      String getEmail()
      Returns:
      the email address of the user if there is any. The email address may come from the formcycle profile or the profile returned by the authentication client.

    • getUserName

      @Nullable String getUserName()
      Returns:
      the user name of this user within the formcycle system if there is any and null otherwise.

    • getFirstName

      String getFirstName()
      Returns:
      the first name of the user if there is any. The first name may come from the formcycle profile or the profile returned by the authentication client.

    • getFamilyName

      String getFamilyName()
      Returns:
      the family name of the user if there is any. The family name may come from the formcycle profile or the profile returned by the authentication client.

    • getDisplayName

      String getDisplayName()
      Returns:
      the display name of the user if there is any. The display name may come from the formcycle profile or the profile returned by the authentication client and is usually the full name (first and family name separated by whitespace).

    • getGender

      @NotNull @NotNull EGender getGender()
      Returns:
      the gender of the user if there is any specified and EGender.UNSPECIFIED otherwise. The gender may come from the formcycle profile or the profile returned by the authentication client.

    • getPictureUrl

      @Nullable URI getPictureUrl()
      Returns:
      the picture URL of the user if there is any and null otherwise. The picture URL may come from the profile returned by the authentication client.

    • getProfile

      @Nullable UserProfile getProfile()
      Returns:
      the formcycle profile of the user if a match was found in the system and null otherwise.

    • getRoles

      @NotNull @NotNull Set<String> getRoles()
      Returns:
      A Set of roles of the user within the system. Roles are scoped to clients or the system. For the format of client roles see UserMgmtUtils.getClientRole(Mandant, String). The format of system roles is just the role name.

    • getPermissions

      @NotNull @NotNull Set<String> getPermissions()
      Returns:
      A Set of permission the user has within the system. Permissions are scoped to clients or the system. For the format of client permissions see UserMgmtUtils.getClientPermission(Mandant, String). The format of system permissions is just the permission name.

    • getAuthorizedClients

      @NotNull default @NotNull Set<Mandant> getAuthorizedClients()
      Convenience method for access all authorized clients of this user. For accessing client authorizations see getClientAuthorizations() or getClientAuthorizations(Mandant).
      Returns:
      A Set of all the clients the user has authorization. Regular users have authorization to a client if they have been assigned a role within the client (see IClientAuthorization.getRoles()). The super user has authorizations to all clients that have super user access enabled (see Mandant.isSadminAccess()).

    • getClientAuthorizations

      @NotNull @NotNull Set<IClientAuthorization> getClientAuthorizations()
      Returns all client authorizations this user has been assigned. Client authorizations may be direct through a FOMRCYCLE account (see DirectClientAuthorization.getUserProfile()) or in indirect through filters (see IndirectClientAuthorization). The super user has authorizations to all clients that have super user access enabled (see Mandant.isSadminAccess()).
      Returns:
      a set of all authorizations for this user within the given client.

    • getScopedUserGroups

      @NotNull default @NotNull Map<String,Set<BenutzerGruppe>> getScopedUserGroups()
      Returns a map of the all the user groups the user is assigned to scoped by application areas. The following scopes exist:
      Returns:
      A map of the scoped user groups.

    • hasClientRole

      default boolean hasClientRole(Mandant client, String role)
      Checks whether or not the user has the given client role.
      Parameters:
      client - to check for role
      role - to check for within the client
      Returns:
      true if the user has the given client role and false otherwise.

    • hasSystemRole

      default boolean hasSystemRole(String role)
      Checks whether or not the user has the given system role.
      Parameters:
      role - to check for within the system
      Returns:
      true if the user has the given system role and false otherwise.

    • hasClientPermission

      default boolean hasClientPermission(Mandant client, String permission)
      Checks whether or not the user has the given client permission.
      Parameters:
      client - to check for permission
      permission - to check for within the client
      Returns:
      true if the user has the given client permission and false otherwise.

    • hasSystemPermission

      default boolean hasSystemPermission(String permission)
      Checks whether or not the user has the given system permission.
      Parameters:
      permission - to check for within the system
      Returns:
      true if the user has the given system permission and false otherwise.

    • hasGeneralPermission

      default boolean hasGeneralPermission(String permission)
      Checks whether or not the user has the given general permission. General permissions are independent of scope.
      Parameters:
      permission - general permission to check.
      Returns:
      true if the user has the given general permission and false otherwise.

    • getClientAuthorizations

      @NotNull default @NotNull Set<IClientAuthorization> getClientAuthorizations(Mandant client)
      Returns all client authorizations this user has been assigned within the client. Client authorizations may be direct through a FOMRCYCLE account (see DirectClientAuthorization.getUserProfile()) or in indirect through filters (see IndirectClientAuthorization). The super user does not have client authorizations
      Parameters:
      client - for which to get the authorizations
      Returns:
      a set of all authorizations for this user within the given client.

    • getClientUserGroups

      @NotNull default @NotNull Set<BenutzerGruppe> getClientUserGroups(String scope, Mandant client)
      Returns all user groups that this user has been assigned to within the given client and the given scope. The scope limits the returned set of user groups to a part of the application. When no scope is given, the user groups from all scopes are returned. Commonly used scopes are for example EAccessProperty.USER_INBOX.getKey() (client inbox) and EAccessProperty.PROJECTS.getKey() (form overview / designer). For more information about scopes see getScopedUserGroups(). The super user is not assigned to any user groups. An empty set will always be returned for the super user.
      Parameters:
      scope - for which to find the user groups. Pass null for all scopes.
      client - for which to find the user groups of this user.
      Returns:
      All user groups the user has been assigned to within the given client and scope.

    • getClientInboxes

      @NotNull default @NotNull Set<Postfach> getClientInboxes(String scope, Mandant client)
      Returns all inboxes that this user has access to within the given client and the given scope. The scope limits the returned set of inboxes to a part of the application. When no scope is given, the inboxes from all scopes are returned. Commonly used scopes are for example EAccessProperty.USER_INBOX.getKey() (client inbox) and EAccessProperty.PROJECTS.getKey() (form overview / designer). For more information about scopes see getScopedUserGroups(). The super user has access to all inboxes if client inbox access has been enabled or no inboxes if client inbox access has been disabled (see Mandant.isSadminInboxAccess()). An empty set will always be returned for the super user.
      Parameters:
      scope - for which to find the user groups. Pass null for all scopes.
      client - for which to find the user groups of this user.
      Returns:
      All user groups the user has been assigned to within the given client and scope.

    • getUserGroups

      @NotNull default @NotNull Set<BenutzerGruppe> getUserGroups(String scope)
      Returns all user groups that this user has been assigned to within the given scope. The scope limits the returned set of user groups to a part of the application. When no scope is given, the user groups from all scopes are returned. Commonly used scopes are for example EAccessProperty.USER_INBOX.getKey() (client inbox) and EAccessProperty.PROJECTS.getKey() (form overview / designer). For more information about scopes see getScopedUserGroups(). The super user is not assigned to any user groups. An empty set will always be returned for the super user.
      Parameters:
      scope - for which to find the user groups. Pass null for all scopes.
      Returns:
      All user groups the user has been assigned to within the given scope.
      Since:
      8.0.2

    • getInboxes

      @NotNull default @NotNull Set<Postfach> getInboxes(String scope)
      Returns all inboxes that this user has access to within the given scope. The scope limits the returned set of inboxes to a part of the application. When no scope is given, the inboxes from all scopes are returned. Commonly used scopes are for example EAccessProperty.USER_INBOX.getKey() (client inbox) and EAccessProperty.PROJECTS.getKey() (form overview / designer). For more information about scopes see getScopedUserGroups(). The super user has access to all inboxes if client inbox access has been enabled or no inboxes if client inbox access has been disabled (see Mandant.isSadminInboxAccess()). An empty set will always be returned for the super user.
      Parameters:
      scope - for which to find the user groups. Pass null for all scopes.
      Returns:
      All user groups the user has been assigned to within the given scope.
      Since:
      8.0.2