Package org.apache.guacamole.net.auth

Class DelegatingUserContext

java.lang.Object
org.apache.guacamole.net.auth.DelegatingUserContext
All Implemented Interfaces:
UserContext
Direct Known Subclasses:
TokenInjectingUserContext
public class DelegatingUserContext extends Object implements UserContext
UserContext implementation which simply delegates all function calls to an underlying UserContext.

  • Constructor Details

    • DelegatingUserContext

      public DelegatingUserContext(UserContext userContext)
      Wraps the given UserContext such that all function calls against this DelegatingUserContext will be delegated to it.
      Parameters:
      userContext - The UserContext to wrap.

  • Method Details

    • getDelegateUserContext

      protected UserContext getDelegateUserContext()
      Returns the underlying UserContext wrapped by this DelegatingUserContext.
      Returns:
      The UserContext wrapped by this DelegatingUserContext.

    • self

      public User self()
      Description copied from interface: UserContext
      Returns the User whose access rights control the operations of this UserContext.
      Specified by:
      self in interface UserContext
      Returns:
      The User whose access rights control the operations of this UserContext.

    • getResource

      public Object getResource() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Returns an arbitrary REST resource representing this UserContext. The REST resource returned must be properly annotated with JSR-311 annotations, and may serve as the root resource for any number of subresources. The returned resource is ultimately exposed at ".../api/session/ext/IDENTIFIER/", where IDENTIFIER is the identifier of the AuthenticationProvider associated with this UserContext. REST resources returned by this function will only be reachable by authenticated users with valid authentication tokens. REST resources which should be accessible by all users regardless of whether they have authenticated should instead be returned from AuthenticationProvider.getResource().
      Specified by:
      getResource in interface UserContext
      Returns:
      An arbitrary REST resource, annotated with JSR-311 annotations, or null if no such resource is defined.
      Throws:
      org.apache.guacamole.GuacamoleException - If the REST resource cannot be returned due to an error.

    • getAuthenticationProvider

      public AuthenticationProvider getAuthenticationProvider()
      Description copied from interface: UserContext
      Returns the AuthenticationProvider which created this UserContext, which may not be the same AuthenticationProvider that authenticated the user associated with this UserContext.
      Specified by:
      getAuthenticationProvider in interface UserContext
      Returns:
      The AuthenticationProvider that created this UserContext.

    • getUserDirectory

      public Directory<User> getUserDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate other users, but only as allowed by the permissions given to the user of this UserContext.
      Specified by:
      getUserDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the restrictions of this UserContext.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getUserGroupDirectory

      public Directory<UserGroup> getUserGroupDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate user groups, but only as allowed by the permissions given to the user of this UserContext.
      Specified by:
      getUserGroupDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the restrictions of this UserContext.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getConnectionDirectory

      public Directory<Connection> getConnectionDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate connections and their configurations, but only as allowed by the permissions given to the user.
      Specified by:
      getConnectionDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the permissions of the user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getConnectionGroupDirectory

      public Directory<ConnectionGroup> getConnectionGroupDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate connection groups and their members, but only as allowed by the permissions given to the user.
      Specified by:
      getConnectionGroupDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the permissions of the user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getActiveConnectionDirectory

      public Directory<ActiveConnection> getActiveConnectionDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate active connections, but only as allowed by the permissions given to the user.
      Specified by:
      getActiveConnectionDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the permissions of the user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getSharingProfileDirectory

      public Directory<SharingProfile> getSharingProfileDirectory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a Directory which can be used to view and manipulate sharing profiles and their configurations, but only as allowed by the permissions given to the user.
      Specified by:
      getSharingProfileDirectory in interface UserContext
      Returns:
      A Directory whose operations are bound by the permissions of the user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getConnectionHistory

      public ActivityRecordSet<ConnectionRecord> getConnectionHistory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves all connection records visible to current user. Connection history records describe the start and end times of connections, and correspond to the times that users connect or disconnect to individual remote desktops. The resulting set of connection records can be further filtered and ordered using the methods defined on ActivityRecordSet.
      Specified by:
      getConnectionHistory in interface UserContext
      Returns:
      A set of all connection records visible to the current user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the connection records.

    • getUserHistory

      public ActivityRecordSet<ActivityRecord> getUserHistory() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves all user history records visible to current user. User history records describe the start and end times of user sessions, and correspond to the times that users logged in or out. The resulting set of user records can be further filtered and ordered using the methods defined on ActivityRecordSet.
      Specified by:
      getUserHistory in interface UserContext
      Returns:
      A set of all user records visible to the current user.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the user records.

    • getRootConnectionGroup

      public ConnectionGroup getRootConnectionGroup() throws org.apache.guacamole.GuacamoleException
      Description copied from interface: UserContext
      Retrieves a connection group which can be used to view and manipulate connections, but only as allowed by the permissions given to the user of this UserContext.
      Specified by:
      getRootConnectionGroup in interface UserContext
      Returns:
      A connection group whose operations are bound by the restrictions of this UserContext.
      Throws:
      org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

    • getUserAttributes

      public Collection<Form> getUserAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of all attributes applicable to users. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
      Specified by:
      getUserAttributes in interface UserContext
      Returns:
      A collection of all attributes applicable to users.

    • getUserPreferenceAttributes

      public Collection<Form> getUserPreferenceAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of user attributes, specific to the user preferences page in the UI. Unlike standard user attributes, these should be self-editable.
      Specified by:
      getUserPreferenceAttributes in interface UserContext
      Returns:
      A collection of form of user attributes, specific to the user preferences page in the UI.

    • getUserGroupAttributes

      public Collection<Form> getUserGroupAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of all attributes applicable to user groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
      Specified by:
      getUserGroupAttributes in interface UserContext
      Returns:
      A collection of all attributes applicable to user groups.

    • getConnectionAttributes

      public Collection<Form> getConnectionAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of all attributes applicable to connections. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
      Specified by:
      getConnectionAttributes in interface UserContext
      Returns:
      A collection of all attributes applicable to connections.

    • getConnectionGroupAttributes

      public Collection<Form> getConnectionGroupAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of all attributes applicable to connection groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
      Specified by:
      getConnectionGroupAttributes in interface UserContext
      Returns:
      A collection of all attributes applicable to connection groups.

    • getSharingProfileAttributes

      public Collection<Form> getSharingProfileAttributes()
      Description copied from interface: UserContext
      Retrieves a collection of all attributes applicable to sharing profiles. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
      Specified by:
      getSharingProfileAttributes in interface UserContext
      Returns:
      A collection of all attributes applicable to sharing profile.

    • invalidate

      public void invalidate()
      Description copied from interface: UserContext
      Invalidates this user context, releasing all associated resources. This function will be invoked when the user logs out, or when their session is automatically invalidated.
      Specified by:
      invalidate in interface UserContext

    • getPrivileged

      public UserContext getPrivileged()
      Description copied from interface: UserContext
      Returns a user context which provides privileged access. Unlike the original user context, which is required to enforce its own permissions and act only within the rights of the associated user, the user context returned by this function MAY ignore the restrictions that otherwise limit the current user's access.

      This function is intended to allow extensions which decorate other extensions to act independently of the restrictions that affect the current user. This function will only be invoked by extensions and WILL NOT be invoked directly by the web application. Implementations of this function MAY still enforce access restrictions, particularly if they do not want to grant full, unrestricted access to other extensions.

      A default implementation which simply returns this is provided for compatibility with Apache Guacamole 1.1.0 and older.

      Specified by:
      getPrivileged in interface UserContext
      Returns:
      A user context instance which MAY ignore some or all restrictions which otherwise limit the current user's access.

    • isValid

      public boolean isValid()
      Description copied from interface: UserContext
      Returns true if the session for the User associated with this user context is valid, or false otherwise. If the session is not valid, the webapp can be expected to terminate the session within a short period of time. NOTE: The webapp currently checks once a minute, and terminates any session marked as invalid.
      Specified by:
      isValid in interface UserContext
      Returns:
      true if the session for the User associated with this user context is valid, or false otherwise.