AdminUserProvisioningServiceImpl (BroadleafCommerce Open Admin Platform 6.2.8-GA API)

java.lang.Object
- org.broadleafcommerce.openadmin.server.security.service.user.AdminUserProvisioningServiceImpl

All Implemented Interfaces:

AdminUserProvisioningService
```
@Service(value="blAdminUserProvisioningService")
public class AdminUserProvisioningServiceImpl
extends Object
implements AdminUserProvisioningService
```
This component allows for the default provisioning of an AdminUser and roles in the Broadleaf database, based on the external authentication of a user (e.g. LDAP or custom external authentication provider).

Author:

Kelly Tisdell

Field Summary

Fields
Modifier and Type	Field and Description
`protected AdminExternalLoginUserExtensionManager`	`adminExternalLoginExtensionManager`
`protected AdminSecurityHelper`	`adminSecurityHelper`
`protected Map<String,String[]>`	`roleNameSubstitutions`
`protected AdminSecurityService`	`securityService`

Constructor Summary

Constructors
Constructor and Description

AdminUserProvisioningServiceImpl()

Constructors
Constructor and Description
`AdminUserProvisioningServiceImpl()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`addPermissions(HashSet<AdminRole> parsedRoles, List<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)`
`protected void`	`convertPermissionPrefixToRole(List<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)`
`protected AdminUserDetails`	`createDetails(AdminUser adminUser, BroadleafExternalAuthenticationUserDetails details, Set<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)`
`protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority>`	`extractAdminUserAuthorities(HashSet<AdminRole> parsedRoles)` Extracts the `SimpleGrantedAuthority`s for the given List of `AdminRole`s.
`protected AdminUser`	`getAdminUser(BroadleafExternalAuthenticationUserDetails details, HashSet<AdminRole> parsedRoles)`
`protected HashSet<AdminRole>`	`parseAdminRoles(BroadleafExternalAuthenticationUserDetails details)`
`protected HashSet<String>`	`parseRolesFromUserDetails(BroadleafExternalAuthenticationUserDetails details)` Uses the provided role name substitutions to map the LDAP roles to Broadleaf roles.
`AdminUserDetails`	`provisionAdminUser(BroadleafExternalAuthenticationUserDetails details)` This method uses the details argument to add or update an AdminUser object in the database, along with appropriate roles and permissions.
`void`	`setRoleNameSubstitutions(Map<String,String[]> roleNameSubstitutions)` This allows you to declaratively set a map containing values that will substitute role names from LDAP to Broadleaf roles names in cases that they might be different.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - securityService
```
protected AdminSecurityService securityService
```
  - adminExternalLoginExtensionManager
```
protected AdminExternalLoginUserExtensionManager adminExternalLoginExtensionManager
```
  - adminSecurityHelper
```
protected AdminSecurityHelper adminSecurityHelper
```
  - roleNameSubstitutions
```
protected Map<String,String[]> roleNameSubstitutions
```
- Constructor Detail
  - AdminUserProvisioningServiceImpl
```
public AdminUserProvisioningServiceImpl()
```
- Method Detail
  - provisionAdminUser
```
public AdminUserDetails provisionAdminUser(BroadleafExternalAuthenticationUserDetails details)
```
    Description copied from interface: AdminUserProvisioningService
    
    This method uses the details argument to add or update an AdminUser object in the database, along with appropriate roles and permissions. The result of the call to this should be an instance of AdminUserDetails. NOTE: IT IS GENERALLY EXPECTED THAT THIS METHOD WILL BE CALLED AFTER A USER HAS BEEN AUTHENTICATED.
    
    Specified by:
    
    provisionAdminUser in interface AdminUserProvisioningService
    
    Returns:
  - parseAdminRoles
```
protected HashSet<AdminRole> parseAdminRoles(BroadleafExternalAuthenticationUserDetails details)
```
  - extractAdminUserAuthorities
```
protected Set<org.springframework.security.core.authority.SimpleGrantedAuthority> extractAdminUserAuthorities(HashSet<AdminRole> parsedRoles)
```
    Extracts the SimpleGrantedAuthoritys for the given List of AdminRoles. In addition, this will handle populating the default roles. This method returns a Set in order to avoid the duplication between the permissions of different roles.
    
    Parameters:
    
    parsedRoles - a List of AdminRole
    
    Returns:
    
    a Set of unique authorities for the given roles
  - addPermissions
```
protected void addPermissions(HashSet<AdminRole> parsedRoles,
                              List<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)
```
  - convertPermissionPrefixToRole
```
protected void convertPermissionPrefixToRole(List<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)
```
  - getAdminUser
```
protected AdminUser getAdminUser(BroadleafExternalAuthenticationUserDetails details,
                                 HashSet<AdminRole> parsedRoles)
```
  - createDetails
```
protected AdminUserDetails createDetails(AdminUser adminUser,
                                         BroadleafExternalAuthenticationUserDetails details,
                                         Set<org.springframework.security.core.authority.SimpleGrantedAuthority> adminUserAuthorities)
```
  - parseRolesFromUserDetails
```
protected HashSet<String> parseRolesFromUserDetails(BroadleafExternalAuthenticationUserDetails details)
```
    Uses the provided role name substitutions to map the LDAP roles to Broadleaf roles.
    
    Parameters:
    
    details - the auth details
    
    Returns:
    
    a Set of unique Broadleaf role names
  - setRoleNameSubstitutions
```
public void setRoleNameSubstitutions(Map<String,String[]> roleNameSubstitutions)
```
    This allows you to declaratively set a map containing values that will substitute role names from LDAP to Broadleaf roles names in cases that they might be different. For example, if you have a role specified in LDAP under "memberOf" with a DN of "Marketing Administrator", you might want to map that to the role "ADMIN". By default the prefix "ROLE_" will be pre-pended to this name. So to configure this, you would specify: With this configuration, all roles returned by LDAP that have a DN of "Marketing Administrator" will be converted to "ADMIN"
    
    Parameters:
    
    roleNameSubstitutions -

Class AdminUserProvisioningServiceImpl

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

securityService

adminExternalLoginExtensionManager

adminSecurityHelper

roleNameSubstitutions

Constructor Detail

AdminUserProvisioningServiceImpl

Method Detail

provisionAdminUser

parseAdminRoles

extractAdminUserAuthorities

addPermissions

convertPermissionPrefixToRole

getAdminUser

createDetails

parseRolesFromUserDetails

setRoleNameSubstitutions