OKMAuth

Used for managing security and users. For example add or remove grants on a node, create or modify users or getting the profiles. 

Basics

The class com.openkm.bean.Permission contains permission values ( READ, WRITE, etc. ). You should use it in combination with methods that are changing or getting security grants.

To set READ and WRITE access you should do:

int permission = Permission.READ + Permission.WRITE;

To check if you have permission access you should do:

// permission is a valid integer value
if ((permission | Permission.WRITE) = Permission.WRITE) {
  // Has WRITE grants.
}

On almost methods you'll see parameter named "nodePath". The value of this parameter can be some valid node path ( folder, document, mail).

Example of nodePath:

  • Using path -> "/okm:root/sample.pdf"

Also on all methods you'll see parameter named "token". When accessing application across SOAP the login process returns a token, what is used to identify the user on all the exposed methods. From default application execution context you must use "null" value what indicates to the application must use the "user session".

On special cases you might be "promoted as Administrator" using the "administrator token".

String systemToken = DbSessionManager.getInstance().getSystemToken();

Methods

login

Description:

MethodReturn valuesDescription

login()

void

Simulates user UI login process.

When user is logged from UI, are executed some background process what creates main user nodes, like /okm:trash. Unfortunatelly if the user has never logged from UI and login from API these nodes are still not created and will raise an error, for it is necessary at the beginning execute login method.

The user must be logged before executing the method.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().login();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

login

Description:

MethodReturn valuesDescription

login(String user, String pass)

void

Simulates user UI login process.

When user is logged from UI, are executed some background process what creates main user nodes, like /okm:trash. Unfortunatelly if the user has never logged from UI and login from API these nodes are still not created and will raise an error, for it is necessary at the beginning execute login method.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().login("userId","password");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

logout

Description:

MethodReturn valuesDescription

logout()

void

Kill user session.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().logout();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

grantUser

Description:

MethodReturn valuesDescription

grantUser(String token, String nodePath, String user, int permissions, boolean recursive)

void

Add user grant on a node.

The parameter recursive only has sense when the nodePath is a folder node.

When parameter recursive is true, the change will be applied to the node and descendants.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;

public class Test {
    public static void main(String[] args) {
        try {
            // Add john write grants at the node but not descendants
            OKMAuth.getInstance().grantUser(null, "/okm:root", "john", Permission.ALL_GRANTS, false);

            // Add all okmAdmin grants at the node and descendants
            OKMAuth.getInstance().grantUser(null, "/okm:root", "okmAdmin", Permission.ALL_GRANTS, true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

revokeUser

Description:

MethodReturn valuesDescription

revokeUser(String token, String nodePath, String user, int permissions, boolean recursive)

void

Remove user grant on a node.

The parameter recursive only has sense when the nodePath is a folder node.

When parameter recursive is true, the change will be applied to the node and descendants.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;

public class Test {
    public static void main(String[] args) {
        try {
            // Remove john write grants at the node but not descendants
            OKMAuth.getInstance().revokeUser(null, "/okm:root", "john", Permission.ALL_GRANTS, false);

            // Remove all okmAdmin grants at the node and descendants
            OKMAuth.getInstance().revokeUser(null, "/okm:root", "okmAdmin", Permission.ALL_GRANTS, true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getGrantedUsers

Description:

MethodReturn valuesDescription

getGrantedUsers(String token, String nodePath)

Map<String, Integer>

Return the granted users of a node.

Example:

package com.openkm;

import java.util.Map;
import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            Map<String, Integer> grants = OKMAuth.getInstance().getGrantedUsers(null, "/okm:root");
            for (String role : grants.keySet()) {
                System.out.println(role + "->" + grants.get(role));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

grantRole

Description:

MethodReturn valuesDescription

grantRole(String token, String nodePath, String role, int permissions, boolean recursive)

void

Add role grant on a node.

The parameter recursive only has sense when the nodePath is a folder node.

When parameter recursive is true, the change will be applied to the node and descendants.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;

public class Test {
    public static void main(String[] args) {
        try {
            // Add ROLE_USER write grants at the node but not descendants
            OKMAuth.getInstance().grantRole(null, "/okm:root", "ROLE_USER", Permission.ALL_GRANTS, false);

            // Add all ROLE_ADMIN grants to the node and descendants
            OKMAuth.getInstance().grantRole(null, "/okm:root", "ROLE_ADMIN", Permission.ALL_GRANTS, true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

revokeRole

Description:

MethodReturn valuesDescription

revokeRole(String token, String nodePath, String role, int permissions, boolean recursive)

void

Remove role grant on a node.

The parameter recursive only has sense when the nodePath is a folder node.

When parameter recursive is true, the change will be applied to the node and its descendants.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;
import com.openkm.bean.Permission;

public class Test {
    public static void main(String[] args) {
        try {
            // Remove ROLE_USER write grants at the node but not descendants
            OKMAuth.getInstance().revokeRole(null, "/okm:root", "ROLE_USER", Permission.ALL_GRANTS, false);

            // Remove all ROLE_ADMIN grants to the node and descendants
            OKMAuth.getInstance().revokeRole(null, "/okm:root", "ROLE_ADMIN", Permission.ALL_GRANTS, true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getGrantedRoles

Description:

MethodReturn valuesDescription

getGrantedRoles(String token, String nodePath) 

Map<String, Integer>

Return the granted roles of a node.

Example:

package com.openkm;

import java.util.Map;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            Map<String, Integer> grants = OKMAuth.getInstance().getGrantedRoles(null,"/okm:root");
            for (String role : grants.keySet()) {
                System.out.println(role + "->" + grants.get(role));
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getUsers

Description:

MethodReturn valuesDescription

getUsers(String token) 

List<String>

Return the list of all the users.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            for (String user : OKMAuth.getInstance().getUsers(null)) {
                System.out.println(user);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getRoles

Description:

MethodReturn valuesDescription

getRoles(String token) 

List<String>

Return the list of all the roles.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            for (String user : OKMAuth.getInstance().getRoles(null)) {
                System.out.println(user);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getUsersByRole

Description:

MethodReturn valuesDescription

getUsersByRole(String token, String role)  

List<String>

Return the list of all the users who have assigned a role.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            for (String user : OKMAuth.getInstance().getUsersByRole(null, "ROLE_ADMIN")) {
                System.out.println(user);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getRolesByUser

Description:

MethodReturn valuesDescription

getRolesByUser(String token, String user)  

List<String>

Return the list of all the roles assigned to a user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            for (String role : OKMAuth.getInstance().getRolesByUser(null, "okmAdmin")) {
                System.out.println(role);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getMail

Description:

MethodReturn valuesDescription

getMail(String token, String user) 

String

Return the mail of a valid user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            System.out.println(OKMAuth.getInstance().getMail(null, "okmAdmin"));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

getName

Description:

MethodReturn valuesDescription

getName(String token, String user) 

String

Return the name of a valid user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            System.out.println(OKMAuth.getInstance().getName(null, "okmAdmin"));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

changeSecurity

Description:

MethodReturn valuesDescription

public void changeSecurity(String token, String nodePath, Map<String, Integer> grantUsers, Map<String, Integer> revokeUsers,
            Map<String, Integer> grantRoles, Map<String, Integer> revokeRoles, boolean recursive)

void

Change the security of a node.

Example:

package com.openkm;

import java.util.*;
import com.openkm.bean.Permission;
import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
             String nodePath = "b9736924-bb97-4e2c-8450-138c21e0c9d5";
             Map<String, Integer> grantUsers = new HashMap<>();
             Map<String, Integer> revokeUsers = new HashMap<>();
             Map<String, Integer> grantRoles = new HashMap<>();
             grantRoles.put("ROLE_TEST", Permission.READ | Permission.WRITE);	
             Map<String, Integer> revokeRoles = new HashMap<>();
             OKMAuth.getInstance().changeSecurity(null, nodePath, grantUsers, revokeUsers, grantRoles, revokeRoles, false);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

createUser

Description:

MethodReturn valuesDescription

createUser(String token, String user, String password, String email, String name, boolean active) 

void

Create a new user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().createUser(null, "test", "password.2016", "some@mail.com", "User Name", true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

deleteUser

Description:

MethodReturn valuesDescription

deleteUser(String token, String user) 

void

Delete a user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().deleteUser(null, "test");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

updateUser

Description:

MethodReturn valuesDescription

updateUser(String token, String user, String password, String email, String name, boolean active) 

void

Update a user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().updateUser(null, "test", "newpassword", "some@mail.com", "Test", false);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

createRole

Description:

MethodReturn valuesDescription

createRole(String token, String role, boolean active) 

void

Create a new role.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().createRole(null, "ROLE_TEST", true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

deleteRole

Description:

MethodReturn valuesDescription

deleteRole(String token, String role) 

void

Delete a role.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().deleteRole(null, "ROLE_TEST");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

updateRole

Description:

MethodReturn valuesDescription

updateRole(String token, String role, boolean active) 

void

Update a role.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().updateRole(null, "ROLE_TEST",true);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

assignRole

Description:

MethodReturn valuesDescription

assignRole(String token, String user, String role) 

void

Assign role to a user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().assignRole(null, "test", "ROLE_USER");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

removeRole

Description:

MethodReturn valuesDescription

removeRole(String token, String user, String role) 

void

Remove a role from a user.

Example:

package com.openkm;

import com.openkm.api.OKMAuth;

public class Test {
    public static void main(String[] args) {
        try {
            OKMAuth.getInstance().removeRole(null, "test", "ROLE_USER");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}