Package io.goobi.viewer.managedbeans

Class UserBean

java.lang.Object
io.goobi.viewer.managedbeans.UserBean
All Implemented Interfaces:
Serializable
@Named @SessionScoped public class UserBean extends Object implements Serializable
JSF session-scoped backing bean responsible for user authentication, registration, and account management. Holds the currently logged-in User and mediates login/logout across local and OpenID Connect providers.

Lifecycle: Created once per HTTP session; destroyed when the session expires or the user explicitly logs out. Sensitive credential fields (password, passwordOne, passwordTwo) are declared transient and are therefore not included in session serialisation.

Thread safety: Mostly confined to the JSF request thread. The getAuthenticationProviders() method is synchronized to prevent concurrent lazy initialisation of the provider list.

See Also:

  • Constructor Details

    • UserBean

      public UserBean()
      Empty constructor.

  • Method Details

    • updateSessionTimeoutCounter

      public void updateSessionTimeoutCounter()
      updateSessionTimeoutCounter.

    • getSessionTimeout

      public String getSessionTimeout()
      getSessionTimeout.
      Returns:
      the remaining session timeout formatted as an ISO time string

    • createNewUserAccount

      public String createNewUserAccount() throws DAOException
      Creates and persists a new local User.
      Returns:
      an empty string after attempting to register the new user account
      Throws:
      DAOException - if any.

    • activateUserAccountAction

      public String activateUserAccountAction() throws DAOException
      activateUserAccountAction.
      Returns:
      the navigation outcome after attempting to activate the user account via email and key
      Throws:
      DAOException - if any.

    • login

      public String login() throws AuthenticationProviderException, IllegalStateException, InterruptedException, ExecutionException
      Login action method for local accounts.
      Returns:
      the url mapping to navigate to
      Throws:
      AuthenticationProviderException - if any.
      IllegalStateException - if any.
      InterruptedException - if any.
      ExecutionException - if any.

    • login

      public String login(IAuthenticationProvider provider) throws AuthenticationProviderException, IllegalStateException, InterruptedException, ExecutionException
      login.
      Parameters:
      provider - authentication provider to use for the login attempt
      Returns:
      the navigation outcome or redirect URL after the login attempt
      Throws:
      IllegalStateException - if any.
      AuthenticationProviderException - if any.
      InterruptedException - if any.
      ExecutionException - if any.

    • logout

      public String logout() throws AuthenticationProviderException, IOException
      Logout action method.
      Returns:
      an empty string after logging out the current user and invalidating the session
      Throws:
      AuthenticationProviderException - if any.
      IOException

    • getAllUsers

      public List<User> getAllUsers() throws DAOException
      Returns a list of all existing users (minus the superusers and the current user).
      Returns:
      a list of all non-superuser users excluding the currently logged-in user
      Throws:
      DAOException - if any.

    • sendPasswordResetLinkAction

      public String sendPasswordResetLinkAction() throws DAOException
      Sends a password reset link to the current e-mail address.
      Returns:
      the navigation outcome after attempting to send the password reset email
      Throws:
      DAOException - if any.

    • resetPasswordAction

      public String resetPasswordAction() throws DAOException
      Generates a new user password if the key is correct.
      Returns:
      the navigation outcome after attempting to reset the password via the activation key
      Throws:
      DAOException - if any.

    • transkribusLoginAction

      public String transkribusLoginAction()
      transkribusLoginAction.
      Returns:
      an empty string after attempting to authenticate with Transkribus

    • getUser

      public User getUser()
      Getter for the field user.
      Returns:
      the currently authenticated user, or null if no user is logged in

    • setUser

      public void setUser(User user)
      Setter for the field user.
      Parameters:
      user - the currently authenticated user to set

    • getNickName

      public String getNickName()
      Getter for the field nickName.
      Returns:
      the nickname entered during registration or profile editing

    • setNickName

      public void setNickName(String nickName)
      Setter for the field nickName.
      Parameters:
      nickName - the desired nickname for the user account

    • getEmail

      public String getEmail()
      Getter for the field email.
      Returns:
      the email address entered for login or registration

    • setEmail

      public void setEmail(String email)
      Setter for the field email.
      Parameters:
      email - the email address for login or registration

    • getPassword

      public String getPassword()
      Getter for the field password.
      Returns:
      the plain-text password entered by the user for login or registration

    • setPassword

      public void setPassword(String password)
      Setter for the field password.
      Parameters:
      password - the plain-text password entered by the user for login or registration

    • isLoggedIn

      public boolean isLoggedIn()
      isLoggedIn.
      Returns:
      true if a user is currently logged in and their account is active and not suspended, false otherwise

    • isAdmin

      public boolean isAdmin()
      isAdmin.
      Returns:
      true if the currently logged-in user is a superuser (administrator), false otherwise

    • isUserRegistrationEnabled

      public boolean isUserRegistrationEnabled()
      isUserRegistrationEnabled.
      Returns:
      true if self-registration for new users is enabled in the configuration, false otherwise

    • isShowOpenId

      public boolean isShowOpenId()
      isShowOpenId.
      Returns:
      true if OpenID Connect authentication options should be shown in the UI, false otherwise

    • isCloseTabAfterLogin

      public boolean isCloseTabAfterLogin()

    • getAuthenticationProviders

      public List<IAuthenticationProvider> getAuthenticationProviders()
      Getter for the field authenticationProviders.
      Returns:
      a list of all configured authentication providers

    • getLocalAuthenticationProvider

      public IAuthenticationProvider getLocalAuthenticationProvider()
      getLocalAuthenticationProvider.
      Returns:
      the first configured local authentication provider, or null if none is configured

    • getXserviceAuthenticationProvider

      public IAuthenticationProvider getXserviceAuthenticationProvider()
      getXserviceAuthenticationProvider.
      Returns:
      the first configured userPassword-type authentication provider, or null if none is configured

    • showAuthenticationProviderSelection

      public boolean showAuthenticationProviderSelection()
      showAuthenticationProviderSelection.
      Returns:
      true if more than one local or username/password authentication provider is configured, false otherwise

    • setAuthenticationProvider

      public void setAuthenticationProvider(IAuthenticationProvider provider)
      Setter for the field authenticationProvider.
      Parameters:
      provider - authentication provider to set as the active one

    • getAuthenticationProvider

      public IAuthenticationProvider getAuthenticationProvider()
      Getter for the field authenticationProvider.
      Returns:
      the currently active authentication provider

    • setAuthenticationProviderName

      public void setAuthenticationProviderName(String name)
      setAuthenticationProviderName.
      Parameters:
      name - name used to look up the matching authentication provider

    • getAuthenticationProviderName

      public String getAuthenticationProviderName()
      getAuthenticationProviderName.
      Returns:
      the name of the currently selected authentication provider, or an empty string if none is selected

    • getPasswordOne

      public String getPasswordOne()
      Getter for the field passwordOne.
      Returns:
      the first password entry for new account creation or password change

    • setPasswordOne

      public void setPasswordOne(String passwordOne)
      Setter for the field passwordOne.
      Parameters:
      passwordOne - first password entry for new account creation

    • getPasswordTwo

      public String getPasswordTwo()
      Getter for the field passwordTwo.
      Returns:
      the confirmation password entry for new account creation or password change

    • setPasswordTwo

      public void setPasswordTwo(String passwordTwo)
      Setter for the field passwordTwo.
      Parameters:
      passwordTwo - confirmation password entry for new account creation

    • resetPasswordFields

      public void resetPasswordFields()
      resetPasswordFields.

    • getLastName

      public String getLastName()
      Getter for the field lastName.
      Returns:
      the last name of the user

    • setLastName

      public void setLastName(String lastName)
      Setter for the field lastName.
      Parameters:
      lastName - the last name of the user

    • getRedirectUrl

      public String getRedirectUrl()
      Getter for the field redirectUrl.
      Returns:
      the URL to redirect to after a successful login, or null if the default redirect applies

    • setRedirectUrl

      public void setRedirectUrl(String redirectUrl)
      Setter for the field redirectUrl.
      Parameters:
      redirectUrl - the URL to redirect to after a successful login, or null to use the default

    • getOrigin

      public String getOrigin()

    • setOrigin

      public void setOrigin(String origin)

    • getActivationKey

      public String getActivationKey()
      Getter for the field activationKey.
      Returns:
      the account activation key sent to the user by email

    • setActivationKey

      public void setActivationKey(String activationKey)
      Setter for the field activationKey.
      Parameters:
      activationKey - the account activation key sent to the user by email

    • getTranskribusUserName

      public String getTranskribusUserName()
      Getter for the field transkribusUserName.
      Returns:
      the Transkribus account username for the linked integration

    • setTranskribusUserName

      public void setTranskribusUserName(String transkribusUserName)
      Setter for the field transkribusUserName.
      Parameters:
      transkribusUserName - the Transkribus account username for the linked integration

    • getTranskribusPassword

      public String getTranskribusPassword()
      Getter for the field transkribusPassword.
      Returns:
      the Transkribus account password for the linked integration

    • setTranskribusPassword

      public void setTranskribusPassword(String transkribusPassword)
      Setter for the field transkribusPassword.
      Parameters:
      transkribusPassword - the Transkribus account password for the linked integration

    • getHasAdminBackendAccess

      public Boolean getHasAdminBackendAccess() throws PresentationException, IndexUnreachableException, DAOException
      Checks whether the logged in user has access to the admin backend via being an admin or having CMS/campaign/comments access. Result is persisted for the duration of the session.
      Returns:
      true if the current user has access to the admin backend, false otherwise
      Throws:
      DAOException
      IndexUnreachableException
      PresentationException

    • setHasAdminBackendAccess

      public void setHasAdminBackendAccess(Boolean hasAdminBackendAccess)
      Setter for the field hasAdminBackendAccess.
      Parameters:
      hasAdminBackendAccess - true if the current user has access to the admin backend; false otherwise

    • userEquals

      public boolean userEquals(long id)
      userEquals.
      Parameters:
      id - database ID to compare against the current user
      Returns:
      true if the given database ID matches the ID of the currently logged-in user, false otherwise

    • hasProvidersOfType

      public boolean hasProvidersOfType(String type)
      hasProvidersOfType.
      Parameters:
      type - provider type string to match (e.g. "local", "openId")
      Returns:
      true if at least one configured authentication provider matches the given type, false otherwise

    • getProvidersOfType

      public List<IAuthenticationProvider> getProvidersOfType(String type)
      getProvidersOfType.
      Parameters:
      type - provider type string to filter by (e.g. "local", "openId")
      Returns:
      a list of authentication providers of the given type

    • getNumberOfProviderTypes

      public int getNumberOfProviderTypes()
      getNumberOfProviderTypes.
      Returns:
      a int.

    • isAllowPasswordChange

      public boolean isAllowPasswordChange()
      isAllowPasswordChange.
      Returns:
      true if the currently used authentication provider allows the user to change their password, false otherwise

    • isAllowNickNameChange

      public boolean isAllowNickNameChange()
      isAllowNickNameChange.
      Returns:
      true if the currently used authentication provider allows the user to change their nickname, false otherwise

    • isAllowEmailChange

      public boolean isAllowEmailChange()
      isAllowEmailChange.
      Returns:
      true if the currently used authentication provider allows the user to change their email address, false otherwise

    • isRequireLoginCaptcha

      public boolean isRequireLoginCaptcha()
      isRequireLoginCaptcha.
      Returns:
      true if a CAPTCHA is required for the login form, false otherwise

    • mustAgreeToTermsOfUse

      public boolean mustAgreeToTermsOfUse()
      Checks if the current user is required to agree to the terms of use.
      Returns:
      true if a user is logged in and User.isAgreedToTermsOfUse() returns false for this user

    • agreeToTermsOfUse

      public void agreeToTermsOfUse() throws DAOException
      agreeToTermsOfUse.
      Throws:
      DAOException - if any.

    • rejectTermsOfUse

      public void rejectTermsOfUse() throws DAOException
      rejectTermsOfUse.
      Throws:
      DAOException - if any.

    • logoutWithMessage

      public void logoutWithMessage(String messageKey) throws AuthenticationProviderException, IOException
      logoutWithMessage.
      Parameters:
      messageKey - i18n key for the info message shown after logout
      Throws:
      AuthenticationProviderException - if any.
      IOException

    • createBackupOfCurrentUser

      public void createBackupOfCurrentUser()
      createBackupOfCurrentUser.