Package org.apache.guacamole.net.auth

Class DelegatingUserContext

    • Constructor Detail

      • DelegatingUserContext

        public DelegatingUserContext​(UserContext userContext)
        Wraps the given UserContext such that all function calls against this DelegatingUserContext will be delegated to it.
        Parameters:
        userContext - The UserContext to wrap.

    • Method Detail

      • getDelegateUserContext

        protected UserContext getDelegateUserContext()
        Returns the underlying UserContext wrapped by this DelegatingUserContext.
        Returns:
        The UserContext wrapped by this DelegatingUserContext.

      • self

        public User self()
        Description copied from interface: UserContext
        Returns the User whose access rights control the operations of this UserContext.
        Specified by:
        self in interface UserContext
        Returns:
        The User whose access rights control the operations of this UserContext.

      • getResource

        public Object getResource()
                   throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Returns an arbitrary REST resource representing this UserContext. The REST resource returned must be properly annotated with JSR-311 annotations, and may serve as the root resource for any number of subresources. The returned resource is ultimately exposed at ".../api/session/ext/IDENTIFIER/", where IDENTIFIER is the identifier of the AuthenticationProvider associated with this UserContext. REST resources returned by this function will only be reachable by authenticated users with valid authentication tokens. REST resources which should be accessible by all users regardless of whether they have authenticated should instead be returned from AuthenticationProvider.getResource().
        Specified by:
        getResource in interface UserContext
        Returns:
        An arbitrary REST resource, annotated with JSR-311 annotations, or null if no such resource is defined.
        Throws:
        org.apache.guacamole.GuacamoleException - If the REST resource cannot be returned due to an error.

      • getAuthenticationProvider

        public AuthenticationProvider getAuthenticationProvider()
        Description copied from interface: UserContext
        Returns the AuthenticationProvider which created this UserContext, which may not be the same AuthenticationProvider that authenticated the user associated with this UserContext.
        Specified by:
        getAuthenticationProvider in interface UserContext
        Returns:
        The AuthenticationProvider that created this UserContext.

      • getUserDirectory

        public Directory<User> getUserDirectory()
                                 throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate other users, but only as allowed by the permissions given to the user of this UserContext.
        Specified by:
        getUserDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getUserGroupDirectory

        public Directory<UserGroup> getUserGroupDirectory()
                                           throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate user groups, but only as allowed by the permissions given to the user of this UserContext.
        Specified by:
        getUserGroupDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionDirectory

        public Directory<Connection> getConnectionDirectory()
                                             throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate connections and their configurations, but only as allowed by the permissions given to the user.
        Specified by:
        getConnectionDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionGroupDirectory

        public Directory<ConnectionGroup> getConnectionGroupDirectory()
                                                       throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate connection groups and their members, but only as allowed by the permissions given to the user.
        Specified by:
        getConnectionGroupDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getActiveConnectionDirectory

        public Directory<ActiveConnection> getActiveConnectionDirectory()
                                                         throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate active connections, but only as allowed by the permissions given to the user.
        Specified by:
        getActiveConnectionDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getSharingProfileDirectory

        public Directory<SharingProfile> getSharingProfileDirectory()
                                                     throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a Directory which can be used to view and manipulate sharing profiles and their configurations, but only as allowed by the permissions given to the user.
        Specified by:
        getSharingProfileDirectory in interface UserContext
        Returns:
        A Directory whose operations are bound by the permissions of the user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getConnectionHistory

        public ActivityRecordSet<ConnectionRecord> getConnectionHistory()
                                                         throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves all connection records visible to current user. Connection history records describe the start and end times of connections, and correspond to the times that users connect or disconnect to individual remote desktops. The resulting set of connection records can be further filtered and ordered using the methods defined on ActivityRecordSet.
        Specified by:
        getConnectionHistory in interface UserContext
        Returns:
        A set of all connection records visible to the current user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the connection records.

      • getUserHistory

        public ActivityRecordSet<ActivityRecord> getUserHistory()
                                                 throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves all user history records visible to current user. User history records describe the start and end times of user sessions, and correspond to the times that users logged in or out. The resulting set of user records can be further filtered and ordered using the methods defined on ActivityRecordSet.
        Specified by:
        getUserHistory in interface UserContext
        Returns:
        A set of all user records visible to the current user.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while retrieving the user records.

      • getRootConnectionGroup

        public ConnectionGroup getRootConnectionGroup()
                                       throws org.apache.guacamole.GuacamoleException
        Description copied from interface: UserContext
        Retrieves a connection group which can be used to view and manipulate connections, but only as allowed by the permissions given to the user of this UserContext.
        Specified by:
        getRootConnectionGroup in interface UserContext
        Returns:
        A connection group whose operations are bound by the restrictions of this UserContext.
        Throws:
        org.apache.guacamole.GuacamoleException - If an error occurs while creating the Directory.

      • getUserAttributes

        public Collection<Form> getUserAttributes()
        Description copied from interface: UserContext
        Retrieves a collection of all attributes applicable to users. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Specified by:
        getUserAttributes in interface UserContext
        Returns:
        A collection of all attributes applicable to users.

      • getUserGroupAttributes

        public Collection<Form> getUserGroupAttributes()
        Description copied from interface: UserContext
        Retrieves a collection of all attributes applicable to user groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Specified by:
        getUserGroupAttributes in interface UserContext
        Returns:
        A collection of all attributes applicable to user groups.

      • getConnectionAttributes

        public Collection<Form> getConnectionAttributes()
        Description copied from interface: UserContext
        Retrieves a collection of all attributes applicable to connections. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Specified by:
        getConnectionAttributes in interface UserContext
        Returns:
        A collection of all attributes applicable to connections.

      • getConnectionGroupAttributes

        public Collection<Form> getConnectionGroupAttributes()
        Description copied from interface: UserContext
        Retrieves a collection of all attributes applicable to connection groups. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Specified by:
        getConnectionGroupAttributes in interface UserContext
        Returns:
        A collection of all attributes applicable to connection groups.

      • getSharingProfileAttributes

        public Collection<Form> getSharingProfileAttributes()
        Description copied from interface: UserContext
        Retrieves a collection of all attributes applicable to sharing profiles. This collection will contain only those attributes which the current user has general permission to view or modify. If there are no such attributes, this collection will be empty.
        Specified by:
        getSharingProfileAttributes in interface UserContext
        Returns:
        A collection of all attributes applicable to sharing profile.

      • invalidate

        public void invalidate()
        Description copied from interface: UserContext
        Invalidates this user context, releasing all associated resources. This function will be invoked when the user logs out, or when their session is automatically invalidated.
        Specified by:
        invalidate in interface UserContext

      • getPrivileged

        public UserContext getPrivileged()
        Description copied from interface: UserContext
        Returns a user context which provides privileged access. Unlike the original user context, which is required to enforce its own permissions and act only within the rights of the associated user, the user context returned by this function MAY ignore the restrictions that otherwise limit the current user's access.

        This function is intended to allow extensions which decorate other extensions to act independently of the restrictions that affect the current user. This function will only be invoked by extensions and WILL NOT be invoked directly by the web application. Implementations of this function MAY still enforce access restrictions, particularly if they do not want to grant full, unrestricted access to other extensions.

        A default implementation which simply returns this is provided for compatibility with Apache Guacamole 1.1.0 and older.

        Specified by:
        getPrivileged in interface UserContext
        Returns:
        A user context instance which MAY ignore some or all restrictions which otherwise limit the current user's access.