com.atlassian.jira.bc.user

Class DefaultUserService

java.lang.Object

com.atlassian.jira.bc.user.DefaultUserService

All Implemented Interfaces:

UserService

public class DefaultUserService
extends Object
implements UserService

Default implementation of UserService interface. Contains methods to create/delete users hiding UserUtil internals.

Since:

v4.0

Nested Class Summary

Nested classes/interfaces inherited from interface com.atlassian.jira.bc.user.UserService

UserService.AddUserToApplicationValidationResult, UserService.CreateUsernameValidationResult, UserService.CreateUserRequest, UserService.CreateUserValidationResult, UserService.DeleteUserValidationResult, UserService.FieldName, UserService.RemoveUserFromApplicationValidationResult, UserService.UpdateUserValidationResult

Field Summary

Fields

Modifier and Type	Field and Description
protected org.slf4j.Logger	log

Constructor Summary

Constructors

Constructor and Description

DefaultUserService(UserUtil userUtil, UserDeleteVeto userDeleteVeto, PermissionManager permissionManager, UserManager userManager, I18nHelper.BeanFactory i18nFactory, JiraAuthenticationContext jiraAuthenticationContext, com.atlassian.event.api.EventPublisher eventPublisher, PreDeleteUserErrorsManager preDeleteUserErrorsManager, CreateUserApplicationHelper applicationHelper, ApplicationRoleManager applicationRoleManager, UserValidationHelper validationHelper, GlobalPermissionGroupAssociationUtil globalPermissionGroupAssociationUtil, GlobalPermissionManager globalPermissionManager, UserEventFactory userEventFactory, GroupManager groupManager)

Method Summary

Modifier and Type	Method and Description
void	addUserToApplication(UserService.AddUserToApplicationValidationResult result) Given a valid validation result, this will associate a user with an application by adding that user to all the default groups assigned to that application (regardless of the license).
ApplicationUser	createUser(UserService.CreateUserValidationResult result) Create a new application user if the provided ServiceResultImpl.isValid().
ApplicationUser	createUserFromSignup(UserService.CreateUserValidationResult result) Given a valid validation result, this will create the user using the details provided in the validation result.
ApplicationUser	createUserNoNotification(UserService.CreateUserValidationResult result) Given a valid validation result, this will create the user using the details provided in the validation result.
ApplicationUser	createUserWithNotification(UserService.CreateUserValidationResult result) Given a valid validation result, this will create the user using the details provided in the validation result.
ApplicationUserBuilder	newUserBuilder(ApplicationUser user) Allows you to construct ApplicationUser for UserService.validateUpdateUser(ApplicationUser)
void	removeUser(ApplicationUser loggedInUser, UserService.DeleteUserValidationResult result) Given a valid validation result, this will remove the user and removes the user from all the groups.
void	removeUserFromApplication(UserService.RemoveUserFromApplicationValidationResult result) Given a valid validation result, this will disassociate a user from an application by removing that user from all the groups assigned to that application.
void	updateUser(UserService.UpdateUserValidationResult updateUserValidationResult) Execute the update using the validation result from UserService.validateUpdateUser(ApplicationUser).
UserService.AddUserToApplicationValidationResult	validateAddUserToApplication(ApplicationUser user, com.atlassian.application.api.ApplicationKey applicationKey) Validates associating a user with an application.
UserService.AddUserToApplicationValidationResult	validateAddUserToApplication(ApplicationUser loggedInUser, ApplicationUser user, com.atlassian.application.api.ApplicationKey applicationKey) Validates associating a user with an application.
UserService.CreateUserValidationResult	validateCreateUser(UserService.CreateUserRequest createUserRequest) Validate that a new user can be created.
UserService.CreateUserValidationResult	validateCreateUserForAdmin(ApplicationUser loggedInUser, String username, String password, String confirmPassword, String email, String fullname) Validates creating a user for the admin section.
UserService.CreateUserValidationResult	validateCreateUserForAdmin(ApplicationUser loggedInUser, String username, String password, String confirmPassword, String email, String fullname, Long directoryId) Validates creating a user for the admin section.
UserService.CreateUserValidationResult	validateCreateUserForSetup(ApplicationUser loggedInUser, String username, String password, String confirmPassword, String email, String fullname) Validates creating a user during setup of JIRA.
UserService.CreateUserValidationResult	validateCreateUserForSignup(ApplicationUser loggedInUser, String username, String password, String confirmPassword, String email, String fullname) Validates creating a user during public signup.
UserService.CreateUserValidationResult	validateCreateUserForSignupOrSetup(ApplicationUser loggedInUser, String username, String password, String confirmPassword, String email, String fullname) Validates creating a user during setup of JIRA or during public signup.
UserService.CreateUsernameValidationResult	validateCreateUsername(ApplicationUser loggedInUser, String username) Validates the username for a new user.
UserService.CreateUsernameValidationResult	validateCreateUsername(ApplicationUser loggedInUser, String username, Long directoryId) Validates the username for a new user.
UserService.DeleteUserValidationResult	validateDeleteUser(ApplicationUser loggedInUser, ApplicationUser userForDelete) Validates removing a user for the admin section.
UserService.DeleteUserValidationResult	validateDeleteUser(ApplicationUser loggedInUser, String username) Validates removing a user for the admin section.
UserService.RemoveUserFromApplicationValidationResult	validateRemoveUserFromApplication(ApplicationUser user, com.atlassian.application.api.ApplicationKey applicationKey) Validates disassociating a user from an application.
UserService.RemoveUserFromApplicationValidationResult	validateRemoveUserFromApplication(ApplicationUser loggedInUser, ApplicationUser user, com.atlassian.application.api.ApplicationKey applicationKey) Validates disassociating a user from an application.
UserService.UpdateUserValidationResult	validateUpdateUser(ApplicationUser user) Validates updating a user's details.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

protected final org.slf4j.Logger log

Constructor Detail

DefaultUserService

public DefaultUserService(UserUtil userUtil,
                          UserDeleteVeto userDeleteVeto,
                          PermissionManager permissionManager,
                          UserManager userManager,
                          I18nHelper.BeanFactory i18nFactory,
                          JiraAuthenticationContext jiraAuthenticationContext,
                          com.atlassian.event.api.EventPublisher eventPublisher,
                          PreDeleteUserErrorsManager preDeleteUserErrorsManager,
                          CreateUserApplicationHelper applicationHelper,
                          ApplicationRoleManager applicationRoleManager,
                          UserValidationHelper validationHelper,
                          GlobalPermissionGroupAssociationUtil globalPermissionGroupAssociationUtil,
                          GlobalPermissionManager globalPermissionManager,
                          UserEventFactory userEventFactory,
                          GroupManager groupManager)

Method Detail

newUserBuilder

@Nonnull
public ApplicationUserBuilder newUserBuilder(@Nonnull
                                                      ApplicationUser user)

Description copied from interface: UserService

Allows you to construct ApplicationUser for UserService.validateUpdateUser(ApplicationUser)

Specified by:

newUserBuilder in interface UserService

validateCreateUserForSignup

public UserService.CreateUserValidationResult validateCreateUserForSignup(ApplicationUser loggedInUser,
                                                                          String username,
                                                                          String password,
                                                                          String confirmPassword,
                                                                          String email,
                                                                          String fullname)

Description copied from interface: UserService

Validates creating a user during public signup. This method checks that there is a writable User Directory available. It also validates that all parameters (username, email, fullname, password) have been provided. Email is also checked to ensure that it is a valid email address. The username is required to be lowercase characters only and unique. The confirmPassword has to match the password provided.

This validation differs from the 'ForAdminPasswordRequired' and 'ForAdmin' validations as follows:

• Does not require global admin rights
• The password is required

Specified by:

validateCreateUserForSignup in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

password - The password for the new user.

confirmPassword - The password confirmation. Needs to match password.

email - The email for the new user. Needs to be a valid email address.

fullname - The full name for the new user

Returns:

a validation result containing appropriate errors or the new user's details

validateCreateUserForSetup

public UserService.CreateUserValidationResult validateCreateUserForSetup(ApplicationUser loggedInUser,
                                                                         String username,
                                                                         String password,
                                                                         String confirmPassword,
                                                                         String email,
                                                                         String fullname)

Description copied from interface: UserService

Validates creating a user during setup of JIRA. This method does not check for a writable User Directory because the embedded crowd subsystem will not be initialised, and we know we will just have an Internal Directory during Setup. It also validates that all parameters (username, email, fullname, password) have been provided. Email is also checked to ensure that it is a valid email address. The username is required to be lowercase characters only and unique. The confirmPassword has to match the password provided.

This validation differs from the 'ForAdminPasswordRequired' and 'ForAdmin' validations as follows:

• Does not require global admin rights
• The password is required

Specified by:

validateCreateUserForSetup in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

password - The password for the new user.

confirmPassword - The password confirmation. Needs to match password.

email - The email for the new user. Needs to be a valid email address.

fullname - The full name for the new user

Returns:

a validation result containing appropriate errors or the new user's details

validateCreateUserForSignupOrSetup

public UserService.CreateUserValidationResult validateCreateUserForSignupOrSetup(ApplicationUser loggedInUser,
                                                                                 String username,
                                                                                 String password,
                                                                                 String confirmPassword,
                                                                                 String email,
                                                                                 String fullname)

Description copied from interface: UserService

Validates creating a user during setup of JIRA or during public signup. This method checks that there is a writable User Directory available. It also validates that all parameters (username, email, fullname, password) have been provided. Email is also checked to ensure that it is a valid email address. The username is required to be lowercase characters only and unique. The confirmPassword has to match the password provided.

This validation differs from the 'ForAdminPasswordRequired' and 'ForAdmin' validations as follows:

• Does not require global admin rights
• The password is required

Specified by:

validateCreateUserForSignupOrSetup in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

password - The password for the new user.

confirmPassword - The password confirmation. Needs to match password.

email - The email for the new user. Needs to be a valid email address.

fullname - The full name for the new user

Returns:

a validation result containing appropriate errors or the new user's details

validateCreateUser

public UserService.CreateUserValidationResult validateCreateUser(UserService.CreateUserRequest createUserRequest)

Description copied from interface: UserService

Validate that a new user can be created. The validation instructions are specified in the UserService.CreateUserRequest.

Typical validations are:

• Validate that specified (or default) application(s) has a seat available for the new user and that the default group(s) has been configured.
• Validate that the specified logged in user is allowed to create a new user.
• Validate that the specified or default user directory exists and is writable.
• Validate that password conforms to password policy.
• Validate that confirm password matches password (optional).
• Validate that the new username is not currently in use.

UserService.createUser(CreateUserValidationResult) should only be called when the validationResult.isValid().

Usage example:

 final CreateUserRequest createUserRequest = CreateUserRequest.withUserDetails(currentApplicationUser,
               username, password, email, displayName)
 result = userService.validateCreateUser(createUserRequest);
 if(result.isValid())
 {
    userService.createUser(createUserRequest);
 }
 
 

This request indicates that the user should be created in the default user directory with access to the default applications.

Specified by:

validateCreateUser in interface UserService

Parameters:

createUserRequest - user creation request containing new user details and validation instructions.

Returns:

the result that would contain error messages when validation was not successful.

validateCreateUserForAdmin

public UserService.CreateUserValidationResult validateCreateUserForAdmin(ApplicationUser loggedInUser,
                                                                         String username,
                                                                         String password,
                                                                         String confirmPassword,
                                                                         String email,
                                                                         String fullname)

Description copied from interface: UserService

Validates creating a user for the admin section. This method checks that external user management is disabled and that the user performing the operation has global admin rights. It also validates that all parameters (username, email, fullname) except for the password have been provided. Email is also checked to ensure that it is a valid email address. The username is required to be lowercase characters only and unique. The confirmPassword has to match the password provided.

This validation differs from the 'ForSetup' and 'ForAdminPasswordRequired' validations as follows:

• Does require global admin rights
• The password is NOT required

Specified by:

validateCreateUserForAdmin in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

password - The password for the new user.

confirmPassword - The password confirmation. Needs to match password.

email - The email for the new user. Needs to be a valid email address.

fullname - The full name for the new user

Returns:

a validation result containing appropriate errors or the new user's details

validateCreateUserForAdmin

public UserService.CreateUserValidationResult validateCreateUserForAdmin(ApplicationUser loggedInUser,
                                                                         String username,
                                                                         String password,
                                                                         String confirmPassword,
                                                                         String email,
                                                                         String fullname,
                                                                         @Nullable
                                                                         Long directoryId)

Description copied from interface: UserService

Validates creating a user for the admin section. This method checks that external user management is disabled and that the user performing the operation has global admin rights. It also validates that all parameters (username, email, fullname) except for the password have been provided. Email is also checked to ensure that it is a valid email address. The username is required to be lowercase characters only and unique. The confirmPassword has to match the password provided.

This method allows the caller to name a directory to create the user in and the directoryId must be valid and represent a Directory with "create user" permission.

This validation differs from the 'ForSetup' and 'ForAdminPasswordRequired' validations as follows:

• Does require global admin rights
• The password is NOT required

Specified by:

validateCreateUserForAdmin in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

password - The password for the new user.

confirmPassword - The password confirmation. Needs to match password.

email - The email for the new user. Needs to be a valid email address.

fullname - The full name for the new user

directoryId - The User Directory

Returns:

a validation result containing appropriate errors or the new user's details

validateCreateUsername

public UserService.CreateUsernameValidationResult validateCreateUsername(ApplicationUser loggedInUser,
                                                                         String username)

Description copied from interface: UserService

Validates the username for a new user. The username is required to be lowercase characters only and unique across all directories.

Specified by:

validateCreateUsername in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

Returns:

a validation result containing appropriate errors

validateCreateUsername

public UserService.CreateUsernameValidationResult validateCreateUsername(ApplicationUser loggedInUser,
                                                                         String username,
                                                                         Long directoryId)

Description copied from interface: UserService

Validates the username for a new user. The username is required to be lowercase characters only and unique in the given directory.

Specified by:

validateCreateUsername in interface UserService

Parameters:

loggedInUser - The remote user trying to add a new user

username - The username of the new user. Needs to be lowercase and unique.

directoryId - The directory which the new user is intended to be created in.

Returns:

a validation result containing appropriate errors

createUser

public ApplicationUser createUser(@Nonnull
                                  UserService.CreateUserValidationResult result)
                           throws PermissionException,
                                  CreateException

Description copied from interface: UserService

Create a new application user if the provided ServiceResultImpl.isValid(). This is typically called after performing UserService.validateCreateUser(CreateUserRequest) and verifying that the ServiceResultImpl.isValid(). If the request is not valid or UserService.validateCreateUser(CreateUserRequest) was not called prior to this method an IllegalStateException would get thrown.

Specified by:

createUser in interface UserService

Parameters:

result - create user validation result returned from UserService.validateCreateUser(CreateUserRequest), this contains the user details and instructions used to create new user.

Returns:

an application user representing the newly created user.

Throws:

PermissionException - when the logged in user does not have permissions to perform user creation or when the user directory is read-only.

CreateException - if the user could not be created for any reason, eg username already exists

See Also:

UserService.validateCreateUser(CreateUserRequest)

createUserNoNotification

public ApplicationUser createUserNoNotification(UserService.CreateUserValidationResult result)
                                         throws PermissionException,
                                                CreateException

Description copied from interface: UserService

Given a valid validation result, this will create the user using the details provided in the validation result. No email notification will be send to created user.

Specified by:

createUserNoNotification in interface UserService

Parameters:

result - The validation result

Returns:

The new user object that was created

Throws:

PermissionException - If you cannot create users in this directory (it is read-only).

CreateException - if the user could not be created, eg username already exists

createUserFromSignup

public ApplicationUser createUserFromSignup(UserService.CreateUserValidationResult result)
                                     throws PermissionException,
                                            CreateException

Description copied from interface: UserService

Given a valid validation result, this will create the user using the details provided in the validation result. Email notification will be send to created user - via UserEventType.USER_SIGNUP event.

Specified by:

createUserFromSignup in interface UserService

Parameters:

result - The validation result

Returns:

The new user object that was created

Throws:

PermissionException - If you cannot create users in this directory (it is read-only).

CreateException - if the user could not be created, eg username already exists

createUserWithNotification

public ApplicationUser createUserWithNotification(UserService.CreateUserValidationResult result)
                                           throws PermissionException,
                                                  CreateException

Description copied from interface: UserService

Given a valid validation result, this will create the user using the details provided in the validation result. Email notification will be send to created user - via UserEventType.USER_CREATED event.

Specified by:

createUserWithNotification in interface UserService

Parameters:

result - The validation result

Returns:

The new user object that was created

Throws:

PermissionException - If you cannot create users in this directory (it is read-only).

CreateException - if the user could not be created, eg username already exists

validateUpdateUser

public UserService.UpdateUserValidationResult validateUpdateUser(ApplicationUser user)

Description copied from interface: UserService

Validates updating a user's details.

Specified by:

validateUpdateUser in interface UserService

Parameters:

user - The user details to update

Returns:

A validation result containing any errors and all user details

updateUser

public void updateUser(UserService.UpdateUserValidationResult updateUserValidationResult)

Description copied from interface: UserService

Execute the update using the validation result from UserService.validateUpdateUser(ApplicationUser).

Specified by:

updateUser in interface UserService

Parameters:

updateUserValidationResult - Result from the validation, which also contains all the user's details.

validateDeleteUser

public UserService.DeleteUserValidationResult validateDeleteUser(ApplicationUser loggedInUser,
                                                                 String username)

Description copied from interface: UserService

Validates removing a user for the admin section. This method checks that external user management is disabled and that the user performing the operation has global admin rights. It also validates that username have been provided.

See UserService.validateDeleteUser(ApplicationUser, ApplicationUser) for restrictions.

Specified by:

validateDeleteUser in interface UserService

Parameters:

loggedInUser - The remote user trying to remove a user

username - The username of the user to remove. Needs to be valid

Returns:

a validation result containing appropriate errors or the user object for delete

validateDeleteUser

public UserService.DeleteUserValidationResult validateDeleteUser(ApplicationUser loggedInUser,
                                                                 ApplicationUser userForDelete)

Description copied from interface: UserService

Validates removing a user for the admin section. This method checks that external user management is disabled and that the user performing the operation has global admin rights. It also validates that username have been provided.

Removing the user is not allowed if:

• Logged in user lacks global admin permissions
• Logged in user and target user are the same user
• Logged in user is not a system administrator but the target user is
• Target user is the assignee for any issue
• Target user is the reporter for any issue
• Target user is the project lead for any project
• A plugin that implements PreDeleteUserErrors rejects the request

Specified by:

validateDeleteUser in interface UserService

Parameters:

loggedInUser - The remote user trying to remove a user

userForDelete - The user to remove. Needs to be valid

Returns:

a validation result containing appropriate errors or the user object for delete

removeUser

public void removeUser(ApplicationUser loggedInUser,
                       UserService.DeleteUserValidationResult result)

Description copied from interface: UserService

Given a valid validation result, this will remove the user and removes the user from all the groups. All components lead by user will have lead cleared.

Specified by:

removeUser in interface UserService

Parameters:

loggedInUser - the user performing operation

result - The validation result

validateAddUserToApplication

public UserService.AddUserToApplicationValidationResult validateAddUserToApplication(ApplicationUser user,
                                                                                     com.atlassian.application.api.ApplicationKey applicationKey)

Description copied from interface: UserService

Validates associating a user with an application. This method checks there is an application specified by the application key. It also checks if there are any default groups assigned to that application. It validates if there are any spaces in the application license as well. This also validates if the directory where the user lives is not fully read-only.

Specified by:

validateAddUserToApplication in interface UserService

Parameters:

user - the user to be associated with the application

applicationKey - the key of the application

Returns:

a validation result containing appropriate errors or the details used to associate a user with an application

validateAddUserToApplication

public UserService.AddUserToApplicationValidationResult validateAddUserToApplication(ApplicationUser loggedInUser,
                                                                                     ApplicationUser user,
                                                                                     com.atlassian.application.api.ApplicationKey applicationKey)

Description copied from interface: UserService

Validates associating a user with an application. This method checks if the logged in user has the permission to add user to application. It then checks if there is an application specified by the application key. It also checks if there are any default groups assigned to that application. It validates if there are any spaces in the application license as well. This also validates if the directory where the user lives is not fully read-only.

Specified by:

validateAddUserToApplication in interface UserService

Parameters:

loggedInUser - The logged in user

user - the user to be associated with the application

applicationKey - the key of the application

Returns:

a validation result containing appropriate errors or the details used to associate a user with an application

addUserToApplication

public void addUserToApplication(UserService.AddUserToApplicationValidationResult result)
                          throws AddException,
                                 PermissionException

Description copied from interface: UserService

Given a valid validation result, this will associate a user with an application by adding that user to all the default groups assigned to that application (regardless of the license).

If the user is already associated with the application but is not the member of all the default groups, that user will be added to the default groups which that user does not belong to yet.

If any of the default groups assigned to this application are also assigned to other application(s), the user will also be associated with those applications as well.

This method is not the exact opposite to UserService.removeUserFromApplication(com.atlassian.jira.bc.user.UserService.RemoveUserFromApplicationValidationResult). While this method only adds user to the default groups assigned to an application, removeUserFromApplication method removes user from all the group assigned to an application.

Specified by:

addUserToApplication in interface UserService

Parameters:

result - the validation result

Throws:

AddException - the underlying directory implementation failed to add user to group

PermissionException - the underlying directory has been configured to not allow user to be added to group, or the directory/group is read-only

validateRemoveUserFromApplication

public UserService.RemoveUserFromApplicationValidationResult validateRemoveUserFromApplication(ApplicationUser user,
                                                                                               com.atlassian.application.api.ApplicationKey applicationKey)

Description copied from interface: UserService

Validates disassociating a user from an application. This method checks there is an application specified by the application key.

Method expects for loggedInUser to be available via JiraAuthenticationContext.getLoggedInUser().

Specified by:

validateRemoveUserFromApplication in interface UserService

Parameters:

user - the user to be disassociated with the application

applicationKey - the key of the application

Returns:

a validation result containing appropriate errors or the details used to disassociate a user from an application

validateRemoveUserFromApplication

public UserService.RemoveUserFromApplicationValidationResult validateRemoveUserFromApplication(ApplicationUser loggedInUser,
                                                                                               ApplicationUser user,
                                                                                               com.atlassian.application.api.ApplicationKey applicationKey)

Description copied from interface: UserService

Validates disassociating a user from an application. This method checks there is an application specified by the application key.

Specified by:

validateRemoveUserFromApplication in interface UserService

Parameters:

loggedInUser - application user performing the application access removal

user - the user to be disassociated with the application

applicationKey - the key of the application

Returns:

a validation result containing appropriate errors or the details used to disassociate a user from an application

removeUserFromApplication

public void removeUserFromApplication(UserService.RemoveUserFromApplicationValidationResult result)
                               throws RemoveException,
                                      PermissionException

Description copied from interface: UserService

Given a valid validation result, this will disassociate a user from an application by removing that user from all the groups assigned to that application. This also validates if the directory where the user lives is not fully read-only.

If the group set assigned to this application is a superset of the group set assigned to other application(s), the user will also be disassociated with those applications as well.

This method is not the exact opposite to UserService.addUserToApplication(com.atlassian.jira.bc.user.UserService.AddUserToApplicationValidationResult). While this method removes user from all the group assigned to an application, addUserToApplication method only adds user to the default groups assigned to an application

Specified by:

removeUserFromApplication in interface UserService

Parameters:

result - The validation result

Throws:

RemoveException - the underlying directory implementation failed to remove user from group

PermissionException - the underlying directory has been configured to not allow user to be removed from group, or the directory/group is read-only