package org.apache.turbine.services.security;
   
   /*
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements.  See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership.  The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
   * with the License.  You may obtain a copy of the License at
   *
   *   http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing,
   * software distributed under the License is distributed on an
   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   * KIND, either express or implied.  See the License for the
   * specific language governing permissions and limitations
   * under the License.
   */
  
  import java.util.List;
  
  import org.apache.commons.configuration.Configuration;
  
  import org.apache.torque.util.Criteria;
  
  import org.apache.turbine.om.security.User;
  import org.apache.turbine.services.InitializationException;
  import org.apache.turbine.util.security.DataBackendException;
  import org.apache.turbine.util.security.EntityExistsException;
  import org.apache.turbine.util.security.PasswordMismatchException;
  import org.apache.turbine.util.security.UnknownEntityException;
  
  /***
   * An UserManager performs {@link org.apache.turbine.om.security.User} objects
   * related tasks on behalf of the
   * {@link org.apache.turbine.services.security.BaseSecurityService}.
   *
   * The responsibilities of this class include loading data of an user from the
   * storage and putting them into the
   * {@link org.apache.turbine.om.security.User} objects, saving those data
   * to the permanent storage, and authenticating users.
   *
   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
   * @version $Id: UserManager.java 534527 2007-05-02 16:10:59Z tv $
   */
  public interface UserManager
  {
      /***
       * Initializes the UserManager
       *
       * @param conf A Configuration object to init this Manager
       *
       * @throws InitializationException When something went wrong.
       */
      void init(Configuration conf)
          throws InitializationException;
  
      /***
       * Check whether a specified user's account exists.
       *
       * The login name is used for looking up the account.
       *
       * @param user The user to be checked.
       * @return true if the specified account exists
       * @throws DataBackendException if there was an error accessing the data
       *         backend.
       */
      boolean accountExists(User user)
              throws DataBackendException;
  
      /***
       * Check whether a specified user's account exists.
       *
       * The login name is used for looking up the account.
       *
       * @param userName The name of the user to be checked.
       * @return true if the specified account exists
       * @throws DataBackendException if there was an error accessing the data
       *         backend.
       */
      boolean accountExists(String userName)
              throws DataBackendException;
  
      /***
       * Retrieve a user from persistent storage using username as the
       * key.
       *
       * @param username the name of the user.
       * @return an User object.
       * @throws UnknownEntityException if the user's record does not
       *         exist in the database.
       * @throws DataBackendException if there is a problem accessing the
       *         storage.
       */
      User retrieve(String username)
              throws UnknownEntityException, DataBackendException;
 
     /***
      * Retrieve a user from persistent storage using the primary key
      *
      * @param key The primary key object
      * @return an User object.
      * @throws UnknownEntityException if the user's record does not
      *         exist in the database.
      * @throws DataBackendException if there is a problem accessing the
      *         storage.
      */
     User retrieveById(Object key)
             throws UnknownEntityException, DataBackendException;
 
     /***
      * Retrieve a set of users that meet the specified criteria.
      *
      * As the keys for the criteria, you should use the constants that
      * are defined in {@link User} interface, plus the names
      * of the custom attributes you added to your user representation
      * in the data storage. Use verbatim names of the attributes -
      * without table name prefix in case of DB implementation.
      *
      * @param criteria The criteria of selection.
      * @return a List of users meeting the criteria.
      * @throws DataBackendException if there is a problem accessing the
      *         storage.
      * @deprecated Use retrieveList(Criteria crit)
      */
     User[] retrieve(Criteria criteria) throws DataBackendException;
 
     /***
      * Retrieve a list of users that meet the specified criteria.
      *
      * As the keys for the criteria, you should use the constants that
      * are defined in {@link User} interface, plus the names
      * of the custom attributes you added to your user representation
      * in the data storage. Use verbatim names of the attributes -
      * without table name prefix in case of DB implementation.
      *
      * @param criteria The criteria of selection.
      * @return a List of users meeting the criteria.
      * @throws DataBackendException if there is a problem accessing the
      *         storage.
      */
     List retrieveList(Criteria criteria)
         throws DataBackendException;
 
     /***
      * Retrieve a user from persistent storage using username as the
      * key, and authenticate the user. The implementation may chose
      * to authenticate to the server as the user whose data is being
      * retrieved.
      *
      * @param username the name of the user.
      * @param password the user supplied password.
      * @return an User object.
      * @throws PasswordMismatchException if the supplied password was incorrect.
      * @throws UnknownEntityException if the user's record does not
      *         exist in the database.
      * @throws DataBackendException if there is a problem accessing the storage.
      */
     User retrieve(String username, String password)
             throws PasswordMismatchException, UnknownEntityException,
             DataBackendException;
 
     /***
      * Save an User object to persistent storage. User's record is
      * required to exist in the storage.
      *
      * @param user an User object to store.
      * @throws UnknownEntityException if the user's record does not
      *         exist in the database.
      * @throws DataBackendException if there is a problem accessing the storage.
      */
     void store(User user)
             throws UnknownEntityException, DataBackendException;
 
     /***
      * Saves User data when the session is unbound. The user account is required
      * to exist in the storage.
      *
      * LastLogin, AccessCounter, persistent pull tools, and any data stored
      * in the permData hashtable that is not mapped to a column will be saved.
      *
      * @exception UnknownEntityException if the user's account does not
      *            exist in the database.
      * @exception DataBackendException if there is a problem accessing the
      *            storage.
      */
     void saveOnSessionUnbind(User user)
             throws UnknownEntityException, DataBackendException;
 
     /***
      * Authenticate an User with the specified password. If authentication
      * is successful the method returns nothing. If there are any problems,
      * exception was thrown.
      *
      * @param user an User object to authenticate.
      * @param password the user supplied password.
      * @throws PasswordMismatchException if the supplied password was incorrect.
      * @throws UnknownEntityException if the user's record does not
      *         exist in the database.
      * @throws DataBackendException if there is a problem accessing the storage.
      */
     void authenticate(User user, String password)
             throws PasswordMismatchException, UnknownEntityException,
             DataBackendException;
 
     /***
      * Creates new user account with specified attributes.
      *
      * @param user the object describing account to be created.
      * @param initialPassword password for the new user
      * @throws DataBackendException if there was an error accessing the data
      *         backend.
      * @throws EntityExistsException if the user account already exists.
      */
     void createAccount(User user, String initialPassword)
             throws EntityExistsException, DataBackendException;
 
     /***
      * Removes an user account from the system.
      *
      * @param user the object describing the account to be removed.
      * @throws DataBackendException if there was an error accessing the data
      *         backend.
      * @throws UnknownEntityException if the user account is not present.
      */
     void removeAccount(User user)
             throws UnknownEntityException, DataBackendException;
 
     /***
      * Change the password for an User.
      *
      * @param user an User to change password for.
      * @param oldPassword the current password suplied by the user.
      * @param newPassword the current password requested by the user.
      * @throws PasswordMismatchException if the supplied password was incorrect.
      * @throws UnknownEntityException if the user's record does not
      *         exist in the database.
      * @throws DataBackendException if there is a problem accessing the storage.
      */
     void changePassword(User user, String oldPassword,
                         String newPassword)
             throws PasswordMismatchException, UnknownEntityException,
             DataBackendException;
 
     /***
      * Forcibly sets new password for an User.
      *
      * This is supposed by the administrator to change the forgotten or
      * compromised passwords. Certain implementatations of this feature
      * would require administrative level access to the authenticating
      * server / program.
      *
      * @param user an User to change password for.
      * @param password the new password.
      * @throws UnknownEntityException if the user's record does not
      *            exist in the database.
      * @throws DataBackendException if there is a problem accessing the storage.
      */
     void forcePassword(User user, String password)
             throws UnknownEntityException, DataBackendException;
 }