Package org.apache.guacamole.net.auth

Interface UserContext

    • Method Detail

      • self

        User self()
        Returns the User whose access rights control the operations of this UserContext.
        Returns:
        The User whose access rights control the operations of this UserContext.

      • getResource

        Object getResource()
            throws org.apache.guacamole.GuacamoleException
        Returns an arbitrary REST resource representing this UserContext. The REST resource returned must be properly annotated with JSR-311 annotations, and may serve as the root resource for any number of subresources. The returned resource is ultimately exposed at ".../api/session/ext/IDENTIFIER/", where IDENTIFIER is the identifier of the AuthenticationProvider associated with this UserContext. REST resources returned by this function will only be reachable by authenticated users with valid authentication tokens. REST resources which should be accessible by all users regardless of whether they have authenticated should instead be returned from AuthenticationProvider.getResource().
        Returns:
        An arbitrary REST resource, annotated with JSR-311 annotations, or null if no such resource is defined.
        Throws:
        org.apache.guacamole.GuacamoleException - If the REST resource cannot be returned due to an error.

      • getAuthenticationProvider

        AuthenticationProvider getAuthenticationProvider()
        Returns the AuthenticationProvider which created this UserContext, which may not be the same AuthenticationProvider that authenticated the user associated with this UserContext.
        Returns:
        The AuthenticationProvider that created this UserContext.

      • getUserDirectory

        Directory<User> getUserDirectory()
                          throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate other users, but only as allowed by the permissions given to the user of this UserContext.
        Returns:
        A Directory whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getUserGroupDirectory

        Directory<UserGroup> getUserGroupDirectory()
                                    throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate user groups, but only as allowed by the permissions given to the user of this UserContext.
        Returns:
        A Directory whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionDirectory

        Directory<Connection> getConnectionDirectory()
                                      throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate connections and their configurations, but only as allowed by the permissions given to the user.
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionGroupDirectory

        Directory<ConnectionGroup> getConnectionGroupDirectory()
                                                throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate connection groups and their members, but only as allowed by the permissions given to the user.
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getActiveConnectionDirectory

        Directory<ActiveConnection> getActiveConnectionDirectory()
                                                  throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate active connections, but only as allowed by the permissions given to the user.
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getSharingProfileDirectory

        Directory<SharingProfile> getSharingProfileDirectory()
                                              throws org.apache.guacamole.GuacamoleException
        Retrieves a Directory which can be used to view and manipulate sharing profiles and their configurations, but only as allowed by the permissions given to the user.
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionHistory

        ActivityRecordSet<ConnectionRecord> getConnectionHistory()
                                                  throws org.apache.guacamole.GuacamoleException
        Retrieves all connection records visible to current user. Connection history records describe the start and end times of connections, and correspond to the times that users connect or disconnect to individual remote desktops. The resulting set of connection records can be further filtered and ordered using the methods defined on ActivityRecordSet.
        Returns:
        A set of all connection records visible to the current user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the connection records.

      • getUserHistory

        ActivityRecordSet<ActivityRecord> getUserHistory()
                                          throws org.apache.guacamole.GuacamoleException
        Retrieves all user history records visible to current user. User history records describe the start and end times of user sessions, and correspond to the times that users logged in or out. The resulting set of user records can be further filtered and ordered using the methods defined on ActivityRecordSet.
        Returns:
        A set of all user records visible to the current user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the user records.

      • getRootConnectionGroup

        ConnectionGroup getRootConnectionGroup()
                                throws org.apache.guacamole.GuacamoleException
        Retrieves a connection group which can be used to view and manipulate connections, but only as allowed by the permissions given to the user of this UserContext.
        Returns:
        A connection group whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getUserAttributes

        Collection<Form> getUserAttributes()
        Retrieves a collection of all attributes applicable to users. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Returns:
        A collection of all attributes applicable to users.

      • getUserGroupAttributes

        Collection<Form> getUserGroupAttributes()
        Retrieves a collection of all attributes applicable to user groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Returns:
        A collection of all attributes applicable to user groups.

      • getConnectionAttributes

        Collection<Form> getConnectionAttributes()
        Retrieves a collection of all attributes applicable to connections. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Returns:
        A collection of all attributes applicable to connections.

      • getConnectionGroupAttributes

        Collection<Form> getConnectionGroupAttributes()
        Retrieves a collection of all attributes applicable to connection groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Returns:
        A collection of all attributes applicable to connection groups.

      • getSharingProfileAttributes

        Collection<Form> getSharingProfileAttributes()
        Retrieves a collection of all attributes applicable to sharing profiles. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Returns:
        A collection of all attributes applicable to sharing profile.

      • invalidate

        void invalidate()
        Invalidates this user context, releasing all associated resources. This function will be invoked when the user logs out, or when their session is automatically invalidated.

      • getPrivileged

        default UserContext getPrivileged()
        Returns a user context which provides privileged access. Unlike the original user context, which is required to enforce its own permissions and act only within the rights of the associated user, the user context returned by this function MAY ignore the restrictions that otherwise limit the current user's access.

        This function is intended to allow extensions which decorate other extensions to act independently of the restrictions that affect the current user. This function will only be invoked by extensions and WILL NOT be invoked directly by the web application. Implementations of this function MAY still enforce access restrictions, particularly if they do not want to grant full, unrestricted access to other extensions.

        A default implementation which simply returns this is provided for compatibility with Apache Guacamole 1.1.0 and older.

        Returns:
        A user context instance which MAY ignore some or all restrictions which otherwise limit the current user's access.