001: /*
002: * NEMESIS-FORUM.
003: * Copyright (C) 2002 David Laurent(lithium2@free.fr). All rights reserved.
004: *
005: * Copyright (c) 2000 The Apache Software Foundation. All rights reserved.
006: *
007: * Copyright (C) 2001 Yasna.com. All rights reserved.
008: *
009: * Copyright (C) 2000 CoolServlets.com. All rights reserved.
010: *
011: * NEMESIS-FORUM. is free software; you can redistribute it and/or
012: * modify it under the terms of the Apache Software License, Version 1.1,
013: * or (at your option) any later version.
014: *
015: * NEMESIS-FORUM core framework, NEMESIS-FORUM backoffice, NEMESIS-FORUM frontoffice
016: * application are parts of NEMESIS-FORUM and are distributed under
017: * same terms of licence.
018: *
019: *
020: * NEMESIS-FORUM includes software developed by the Apache Software Foundation (http://www.apache.org/)
021: * and software developed by CoolServlets.com (http://www.coolservlets.com).
022: * and software developed by Yasna.com (http://www.yasna.com).
023: *
024: */
025: package org.nemesis.forum;
026:
027: import java.util.Enumeration;
028:
029: import org.nemesis.forum.exception.UnauthorizedException;
030:
031: /**
032: * The User interface provides information about and services for users
033: * of the forum system. Users can be identified by a unique id or username.
034: * Users can also be organized into Groups for easier management of
035: * permissions at the forum level.
036: * <p>
037: * The name and email field will normally be required fields when creating
038: * user accounts for most implementations of forums. However, some users may
039: * wish to keep that information private. Therefore, there are two flags to
040: * set if the name and email fields should be made visible to other users. If
041: * the flags are set to deny access, getName() and getEmail() will throw
042: * UnauthorizedExceptions to users that don't have ADMIN permissions.
043: * <p>
044: * Security for User objects is provide by UserProxy protection proxy objects.
045: *
046: * @see Group
047: */
048: public interface User {
049:
050: /**
051: * Returns the user's id. All ids must be unique in the system.
052: *
053: * @return the user's id.
054: */
055: public int getID();
056:
057: /**
058: * Returns true if the User object is an anonymous user object.
059: *
060: * @return true if the user is anonymous.
061: */
062: public boolean isAnonymous();
063:
064: /**
065: * Returns the user's username. All usernames must be unique in the system.
066: *
067: * @return the username of the user.
068: */
069: public String getUsername();
070:
071: /**
072: * Returns the user's name. The user's name does not have to be to be
073: * unique in the system. Some users may opt to not let others see their
074: * name for privacy reasons. In that case, the user can set nameVisible to
075: * false. In that case, a call to this method will return null.
076: *
077: * @return the name of the user.
078: */
079: public String getName();
080:
081: /**
082: * Sets the user's name. The user's name does not have to be to be
083: * unique in the system.
084: *
085: * @param name new name for the user.
086: * @throws UnauthorizedException if does not have ADMIN permissions.
087: */
088: public void setName(String name) throws UnauthorizedException;
089:
090: /**
091: * Returns true if the user has chosen to make her name visible to other
092: * users. If the name is not visible, calling getName() will throw an
093: * UnauthorizedException.
094: *
095: * @return true if the name is visible to other users.
096: */
097: public boolean isNameVisible();
098:
099: /**
100: * Sets whether a user's name is visible to other users. If the field
101: * is set to not be visible, calling getName() will throw an
102: * UnauthorizedException.
103: *
104: * @param visible boolean value to determin if the name should be visible.
105: * @throws UnauthorizedException if does not have ADMIN permissions.
106: */
107: public void setNameVisible(boolean visible)
108: throws UnauthorizedException;
109:
110: /**
111: * Sets the users's password. The password should be passed in as
112: * plain text. The way the password is stored is implementation dependent.
113: * However, it is recommended to at least hash passwords with an
114: * algorithm such as MD5.
115: *
116: * @param password new password for the user.
117: * @throws UnauthorizedException if does not have ADMIN permissions.
118: */
119: public void setPassword(String password)
120: throws UnauthorizedException;
121:
122: /**
123: * Returns the user's password in hashed form. This method is only intended
124: * for system administration functions and can be ignored by skin writers.
125: *
126: * @return the hashed password.
127: * @throws UnauthorizedException if does not have ADMIN permissions.
128: */
129: public String getPasswordHash() throws UnauthorizedException;
130:
131: /**
132: * Sets the user's password in hashed form. This method is only intended
133: * for system administration functions and can be ignored by skin writers.
134: *
135: * @param hashedPassword the hashedPassword for the user.
136: * @throws UnauthorizedException if does not have ADMIN permissions.
137: */
138: public void setPasswordHash(String passwordHash)
139: throws UnauthorizedException;
140:
141: /**
142: * Reset's a user's password. This is useful if a user forgets their
143: * password since many implementations will not be able retrieve a
144: * hashed password. The normal side effect of calling this method is
145: * that the new password is emailed to the user using the email address
146: * listed in the account. However, this method could be abused by another
147: * user if they were able to continually reset another users's password.
148: * <p>
149: * A recommendation for implementation of a password resetting system:
150: * provide a form where users can request a password reset because they've
151: * forgotten their password. Making this request sends an email to the
152: * email account listed for the user. That email should include a web
153: * address with a random string for security. If the user visits that
154: * address within 24 hours, the password is reset with a random string
155: * and emailed to the user. If the web page is never visited, the password
156: * is not reset. This method provides good security and prevents abuse
157: * of the password resetting system. This functionality would probably
158: * be incorporated into a forum skin.
159: */
160:
161: //public void resetPassword();
162: // :TODO:resetPassword
163: /**
164: * Returns the user's email address. Email should be considered to be
165: * a required field of a user account since it is critical to many
166: * user operations performing. If the user sets emailVisible to false,
167: * this method will always return null.
168: *
169: * @return the email address of the user.
170: */
171: public String getEmail();
172:
173: /**
174: * Sets the user's email address. Email should be considered to be
175: * a required field of a user account since it is critical to many
176: * user operations performing.
177: *
178: * @param email new email address for the user.
179: * @throws UnauthorizedException if does not have ADMIN permissions.
180: */
181: public void setEmail(String email) throws UnauthorizedException;
182:
183: /**
184: * Returns true if the user has chosen to make her email visible to other
185: * users. If the email field is not visible, calling getEmail() will throw
186: * an UnauthorizedException.
187: *
188: * @return true if the name is visible to other users.
189: */
190: public boolean isEmailVisible();
191:
192: /**
193: * Sets whether a user's email is visible to other users. If the field
194: * is set to not be visible, calling getEmail() will throw an
195: * UnauthorizedException.
196: *
197: * @param visible boolean value to determin if the name should be visible.
198: * @throws UnauthorizedException if does not have ADMIN permissions.
199: */
200: public void setEmailVisible(boolean visible)
201: throws UnauthorizedException;
202:
203: /**
204: * Returns an extended property of the user. Each user can have an
205: * arbitrary number of extended properties. This lets particular skins
206: * or filters provide enhanced functionality that is not part of the base
207: * interface.
208: *
209: * @param name the name of the property to get.
210: * @return the value of the property
211: */
212: public String getProperty(String name);
213:
214: /**
215: * Returns an Enumeration of all the names of the extended user properties.
216: *
217: * @return an Enumeration of the property names.
218: */
219: public Enumeration propertyNames();
220:
221: /**
222: * Sets an extended property of the user. Each user can have an
223: * arbitrary number of extended properties. This lets particular skins
224: * or filters provide enhanced functionality that is not part of the base
225: * interface.
226: *
227: * @param name the name of the property to set.
228: * @param value the new value for the property.
229: */
230: public void setProperty(String name, String value);
231:
232: /**
233: * Returns the permissions for the user that correspond to the
234: * passed-in Authorization.
235: *
236: * @param authorization the auth token to look up permissions with.
237: */
238: public abstract ForumPermissions getPermissions(
239: Authorization authorization);
240:
241: /**
242: * Returns true if the handle on the object has the permission specified.
243: * A list of possible permissions can be found in the ForumPermissions
244: * class. Certain methods of this class are restricted to certain
245: * permissions as specified in the method comments.
246: *
247: * @see ForumPermissions
248: */
249: public boolean hasPermission(int type);
250:
251: //*****AJOUT
252: /**
253: * Returns true if the User is group administrator .
254: *
255: * @return true if the User is an administrator of the group.
256: */
257: public boolean isAdministratorInGroup(Group group);
258:
259: /**
260: * Returns true if if the User is a member of the group.
261: *
262: * @return true if the User is a member of the group.
263: */
264: public boolean isMemberInGroup(Group group);
265:
266: /**
267: * Returns the number of group where the user is administrator.
268: *
269: * @return the number of group where the user is administrator.
270: */
271: public int getGroupAdministratorCount();
272:
273: /**
274: * Returns the number of group where the user is member.
275: *
276: * @return the number of group where the user is member.
277: */
278: public int getGroupCount();
279:
280: }
|