org.apache.syncope.common.services

Interface UserSelfService

All Superinterfaces:

JAXRSService

@Path(value="users/self")
public interface UserSelfService
extends JAXRSService

REST operations for user self-management.

Field Summary

Fields inherited from interface org.apache.syncope.common.services.JAXRSService

DEFAULT_PARAM_PAGE, DEFAULT_PARAM_PAGE_VALUE, DEFAULT_PARAM_SIZE, DEFAULT_PARAM_SIZE_VALUE, PARAM_DETAILS, PARAM_FIQL, PARAM_ORDERBY, PARAM_PAGE, PARAM_SIZE

Method Summary

Methods

Modifier and Type	Method and Description
void	confirmPasswordReset(String token, String password) Reset the password value for the user matching the provided token, if available and still valid.
javax.ws.rs.core.Response	create(UserTO userTO, boolean storePassword) Self-registration for new user.
javax.ws.rs.core.Response	delete() Self-deletes user.
javax.ws.rs.core.Response	getOptions() Checks whether self-registration is allowed.
UserTO	read() Returns the user making the service call.
void	requestPasswordReset(String username, String securityAnswer) Provides answer for the security question configured for user matching the given username, if any.
javax.ws.rs.core.Response	update(Long userId, UserMod userMod) Self-updates user.

Method Detail

getOptions

@OPTIONS
javax.ws.rs.core.Response getOptions()

Checks whether self-registration is allowed.

Returns:

Response contains special Syncope HTTP header indicating if user self registration and / or password reset is allowed

See Also:

RESTHeaders.SELFREG_ALLOWED, RESTHeaders.PWDRESET_ALLOWED, RESTHeaders.PWDRESET_NEEDS_SECURITYQUESTIONS

read

@GET
@Produces(value={"application/xml","application/json"})
UserTO read()

Returns the user making the service call.

Returns:

calling user data

create

@POST
@Produces(value={"application/xml","application/json"})
@Consumes(value={"application/xml","application/json"})
javax.ws.rs.core.Response create(@NotNull
                                                      UserTO userTO,
                                                      @DefaultValue(value="true")@QueryParam(value="storePassword")
                                                      boolean storePassword)

Self-registration for new user.

Parameters:

userTO - user to be created

storePassword - whether password shall be stored internally

Returns:

Response object featuring Location header of self-registered user as well as the user itself - UserTO as Entity

update

@POST
@Path(value="{userId}")
@Produces(value={"application/xml","application/json"})
@Consumes(value={"application/xml","application/json"})
javax.ws.rs.core.Response update(@NotNull@PathParam(value="userId")
                                                           Long userId,
                                                           @NotNull
                                                           UserMod userMod)

Self-updates user.

Parameters:

userId - id of user to be updated

userMod - modification to be applied to user matching the provided userId

Returns:

Response object featuring the updated user - UserTO as Entity

delete

@DELETE
@Produces(value={"application/xml","application/json"})
javax.ws.rs.core.Response delete()

Self-deletes user.

Returns:

Response object featuring the deleted user - UserTO as Entity

requestPasswordReset

@POST
@Path(value="requestPasswordReset")
void requestPasswordReset(@NotNull@QueryParam(value="username")
                                  String username,
                                  String securityAnswer)

Provides answer for the security question configured for user matching the given username, if any. If provided anwser matches the one stored for that user, a password reset token is internally generated, otherwise an error is returned.

Parameters:

username - username for which the security answer is provided

securityAnswer - actual answer text

confirmPasswordReset

@POST
@Path(value="confirmPasswordReset")
void confirmPasswordReset(@NotNull@QueryParam(value="token")
                                  String token,
                                  String password)

Reset the password value for the user matching the provided token, if available and still valid. If the token actually matches one of users, and if it is still valid at the time of submission, the matching user's password value is set as provided. The new password value will need anyway to comply with all relevant password policies.

Parameters:

token - password reset token

password - new password to be set