OKMAuth
Used for managing security and users. For example add or remove grants on a node, create or modify users or getting the profiles.
Basics
The class com.openkm.bean.Permission contains permission values ( READ, WRITE, etc. ). You should use it in combination with methods that are changing or getting security grants.
To set READ and WRITE access you should do:
int permission = Permission.READ + Permission.WRITE;
To check if you have permission access you should do:
// permission is a valid integer value
if ((permission | Permission.WRITE) = Permission.WRITE) {
// Has WRITE grants.
}
On almost methods you'll see parameter named "nodePath". The value of this parameter can be some valid node path ( folder, document, mail).
Example of nodePath:
- Using path -> "/okm:root/sample.pdf"
Also on all methods you'll see parameter named "token". When accessing application across SOAP the login process returns a token, what is used to identify the user on all the exposed methods. From default application execution context you must use "null" value what indicates to the application must use the "user session".
On special cases you might be "promoted as Administrator" using the "administrator token".
String systemToken = DbSessionManager.getInstance().getSystemToken();
Methods
login
Description:
Method | Return values | Description |
---|---|---|
login() |
void |
Simulates user UI login process. |
When user is logged from UI, are executed some background process what creates main user nodes, like /okm:trash. Unfortunatelly if the user has never logged from UI and login from API these nodes are still not created and will raise an error, for it is necessary at the beginning execute login method. The user must be logged before executing the method. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().login();
} catch (Exception e) {
e.printStackTrace();
}
}
}
login
Description:
Method | Return values | Description |
---|---|---|
login(String user, String pass) |
void |
Simulates user UI login process. |
When user is logged from UI, are executed some background process what creates main user nodes, like /okm:trash. Unfortunatelly if the user has never logged from UI and login from API these nodes are still not created and will raise an error, for it is necessary at the beginning execute login method. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().login("userId","password");
} catch (Exception e) {
e.printStackTrace();
}
}
}
logout
Description:
Method | Return values | Description |
---|---|---|
logout() |
void |
Kill user session. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().logout();
} catch (Exception e) {
e.printStackTrace();
}
}
}
grantUser
Description:
Method | Return values | Description |
---|---|---|
grantUser(String token, String nodePath, String user, int permissions, boolean recursive) |
void |
Add user grant on a node. |
The parameter recursive only has sense when the nodePath is a folder node. When parameter recursive is true, the change will be applied to the node and descendants. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;
public class Test {
public static void main(String[] args) {
try {
// Add john write grants at the node but not descendants
OKMAuth.getInstance().grantUser(null, "/okm:root", "john", Permission.ALL_GRANTS, false);
// Add all okmAdmin grants at the node and descendants
OKMAuth.getInstance().grantUser(null, "/okm:root", "okmAdmin", Permission.ALL_GRANTS, true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
revokeUser
Description:
Method | Return values | Description |
---|---|---|
revokeUser(String token, String nodePath, String user, int permissions, boolean recursive) |
void |
Remove user grant on a node. |
The parameter recursive only has sense when the nodePath is a folder node. When parameter recursive is true, the change will be applied to the node and descendants. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;
public class Test {
public static void main(String[] args) {
try {
// Remove john write grants at the node but not descendants
OKMAuth.getInstance().revokeUser(null, "/okm:root", "john", Permission.ALL_GRANTS, false);
// Remove all okmAdmin grants at the node and descendants
OKMAuth.getInstance().revokeUser(null, "/okm:root", "okmAdmin", Permission.ALL_GRANTS, true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
getGrantedUsers
Description:
Method | Return values | Description |
---|---|---|
getGrantedUsers(String token, String nodePath) |
Map<String, Integer> |
Return the granted users of a node. |
Example:
package com.openkm;
import java.util.Map;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
Map<String, Integer> grants = OKMAuth.getInstance().getGrantedUsers(null, "/okm:root");
for (String role : grants.keySet()) {
System.out.println(role + "->" + grants.get(role));
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
grantRole
Description:
Method | Return values | Description |
---|---|---|
grantRole(String token, String nodePath, String role, int permissions, boolean recursive) |
void |
Add role grant on a node. |
The parameter recursive only has sense when the nodePath is a folder node. When parameter recursive is true, the change will be applied to the node and descendants. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;
public class Test {
public static void main(String[] args) {
try {
// Add ROLE_USER write grants at the node but not descendants
OKMAuth.getInstance().grantRole(null, "/okm:root", "ROLE_USER", Permission.ALL_GRANTS, false);
// Add all ROLE_ADMIN grants to the node and descendants
OKMAuth.getInstance().grantRole(null, "/okm:root", "ROLE_ADMIN", Permission.ALL_GRANTS, true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
revokeRole
Description:
Method | Return values | Description |
---|---|---|
revokeRole(String token, String nodePath, String role, int permissions, boolean recursive) |
void |
Remove role grant on a node. |
The parameter recursive only has sense when the nodePath is a folder node. When parameter recursive is true, the change will be applied to the node and its descendants. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;
public class Test {
public static void main(String[] args) {
try {
// Remove ROLE_USER write grants at the node but not descendants
OKMAuth.getInstance().revokeRole(null, "/okm:root", "ROLE_USER", Permission.ALL_GRANTS, false);
// Remove all ROLE_ADMIN grants to the node and descendants
OKMAuth.getInstance().revokeRole(null, "/okm:root", "ROLE_ADMIN", Permission.ALL_GRANTS, true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
getGrantedRoles
Description:
Method | Return values | Description |
---|---|---|
getGrantedRoles(String token, String nodePath) |
Map<String, Integer> |
Return the granted roles of a node. |
Example:
package com.openkm;
import java.util.Map;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
Map<String, Integer> grants = OKMAuth.getInstance().getGrantedRoles(null,"/okm:root");
for (String role : grants.keySet()) {
System.out.println(role + "->" + grants.get(role));
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
getUsers
Description:
Method | Return values | Description |
---|---|---|
getUsers(String token) |
List<String> |
Return the list of all the users. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
for (String user : OKMAuth.getInstance().getUsers(null)) {
System.out.println(user);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
getRoles
Description:
Method | Return values | Description |
---|---|---|
getRoles(String token) |
List<String> |
Return the list of all the roles. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
for (String user : OKMAuth.getInstance().getRoles(null)) {
System.out.println(user);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
getUsersByRole
Description:
Method | Return values | Description |
---|---|---|
getUsersByRole(String token, String role) |
List<String> |
Return the list of all the users who have assigned a role. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
for (String user : OKMAuth.getInstance().getUsersByRole(null, "ROLE_ADMIN")) {
System.out.println(user);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
getRolesByUser
Description:
Method | Return values | Description |
---|---|---|
getRolesByUser(String token, String user) |
List<String> |
Return the list of all the roles assigned to a user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
for (String role : OKMAuth.getInstance().getRolesByUser(null, "okmAdmin")) {
System.out.println(role);
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
getMail
Description:
Method | Return values | Description |
---|---|---|
getMail(String token, String user) |
String |
Return the mail of a valid user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
System.out.println(OKMAuth.getInstance().getMail(null, "okmAdmin"));
} catch (Exception e) {
e.printStackTrace();
}
}
}
getName
Description:
Method | Return values | Description |
---|---|---|
getName(String token, String user) |
String |
Return the name of a valid user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
System.out.println(OKMAuth.getInstance().getName(null, "okmAdmin"));
} catch (Exception e) {
e.printStackTrace();
}
}
}
changeSecurity
Description:
Method | Return values | Description |
---|---|---|
public void changeSecurity(String token, String nodePath, Map<String, Integer> grantUsers, Map<String, Integer> revokeUsers, |
void |
Change the security of a node. |
Example:
package com.openkm;
import java.util.*;
import com.openkm.bean.Permission;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
String nodePath = "b9736924-bb97-4e2c-8450-138c21e0c9d5";
Map<String, Integer> grantUsers = new HashMap<>();
Map<String, Integer> revokeUsers = new HashMap<>();
Map<String, Integer> grantRoles = new HashMap<>();
grantRoles.put("ROLE_TEST", Permission.READ | Permission.WRITE);
Map<String, Integer> revokeRoles = new HashMap<>();
OKMAuth.getInstance().changeSecurity(null, nodePath, grantUsers, revokeUsers, grantRoles, revokeRoles, false);
} catch (Exception e) {
e.printStackTrace();
}
}
}
createUser
Description:
Method | Return values | Description |
---|---|---|
createUser(String token, String user, String password, String email, String name, boolean active) |
void |
Create a new user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().createUser(null, "test", "password.2016", "some@mail.com", "User Name", true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
deleteUser
Description:
Method | Return values | Description |
---|---|---|
deleteUser(String token, String user) |
void |
Delete a user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().deleteUser(null, "test");
} catch (Exception e) {
e.printStackTrace();
}
}
}
updateUser
Description:
Method | Return values | Description |
---|---|---|
updateUser(String token, String user, String password, String email, String name, boolean active) |
void |
Update a user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().updateUser(null, "test", "newpassword", "some@mail.com", "Test", false);
} catch (Exception e) {
e.printStackTrace();
}
}
}
createRole
Description:
Method | Return values | Description |
---|---|---|
createRole(String token, String role, boolean active) |
void |
Create a new role. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().createRole(null, "ROLE_TEST", true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
deleteRole
Description:
Method | Return values | Description |
---|---|---|
deleteRole(String token, String role) |
void |
Delete a role. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().deleteRole(null, "ROLE_TEST");
} catch (Exception e) {
e.printStackTrace();
}
}
}
updateRole
Description:
Method | Return values | Description |
---|---|---|
updateRole(String token, String role, boolean active) |
void |
Update a role. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().updateRole(null, "ROLE_TEST",true);
} catch (Exception e) {
e.printStackTrace();
}
}
}
assignRole
Description:
Method | Return values | Description |
---|---|---|
assignRole(String token, String user, String role) |
void |
Assign role to a user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().assignRole(null, "test", "ROLE_USER");
} catch (Exception e) {
e.printStackTrace();
}
}
}
removeRole
Description:
Method | Return values | Description |
---|---|---|
removeRole(String token, String user, String role) |
void |
Remove a role from a user. |
Example:
package com.openkm;
import com.openkm.api.OKMAuth;
public class Test {
public static void main(String[] args) {
try {
OKMAuth.getInstance().removeRole(null, "test", "ROLE_USER");
} catch (Exception e) {
e.printStackTrace();
}
}
}