User Service

Owned by Former user (Deleted)
Last updated: Dec 14, 2021 by Wilma Hodges
4 min read

The User Model

A User is used to model people who have access to a Sakai installation. Like many similar obects a User is a kind of Entity (entities used to be called resources in earlier versions of Sakai). All entities have a URL to access them, an identifier, and properties.

Methods used to access information about a user are separated from those used to modify data by a class called UserEdit that extends User.

Interface Diagram

The following diagram shows relationships between User and interfaces that it extends, etc. Basic APIs are shown in yellow, while APIs for factories are shown in green with arrows to the objects they generate. Providers that initialize information in a class are shown in blue.

Ignoring factories and providers, this diagram shows that all users are entities and are comparable. User editing functions are provided as extensions to the read-only User class.

User and Edit User Capabilities

Capabilities Provided by Entity

All entities have a URL, reference, and an identifier associated with them. The Entity interface provides access ResourceProperities (which likely should be renamed EntityProperties). Finally, the API provides a means to serialize it's data to XML.

Capabilities Providided by Comparable

Comparable provides a way to compare objects that implement it's interface.

Capabilities Provided by User

The User interface has a dependency on the legacy Time interface used to provide access to created time and modified time. Created by and modified by return a User.

The User interface provides direct access to critical metadata elements including email address, display name, sort name, first name, and last name.

Additionally, a means is provided to check the user's password and access to the type of this user.

Capabilities Provided by Edit

The Edit interface provides a check to see if the edit is still active or it has been closed. It also provides access to an entity's properties for editing.

Capabilities Provided by UserEdit

The UserEdit interface provides methods to modify the user's identifier (used only when the id is currently null), email, first name, last name, password, and user type.

The UserFactory

The user factor provides a means to create a new, editable user.

The UserDirectoryService

The user directory service is a user service that defines CHEF's approach to managing users, which is to model them using a directory. This service is responsible for determining access to a User object and for persisting it (presumably to a directory service such as LDAP).

Capabilities Provided by EntityProducer

Access to a label (that can be used as a file name, for example) and to an entity description is provided.

Tests for various conditions are provided including a test to see if the serice wants to be part of the archive merge and one to see if the service wants to be part of import.

Capabilites are provided to archive the resources associated with an entity, merging the resources into a given site (???), importing resourses from and to a specified context, parsing an entity reference, getting a collection of AuthZGroups, and synchronizing changes made to entitiesthat may be associated with a Site.

Further provisions are made to get resource properites for an entity given a reference, getting an entity given a reference, and getting a URL given an entity reference.

Finally, a means is included to get the HttpAccess object that supports entity access via the access servlet for these entities.

Capabilities Provided by UserDirectoryService

Four security functions are defined for the UserDirectoryService: add user, delete user, updating your own user, and updating any user. Four corresponding "allow" tests are provided to determine if the current user has permission to perform that function.

Means are provided to get a user given and id, get a list of users given a list of id's, get the current user, find users that have a specified email address, get the anonymous user, get a list of all users, get a list of users given an index range, count the number of known users, search for users given a criteria and index range, count the number of users returned by a search, and get a reference to a user given it's id.

An edit is started by getting a UserEdit object by specifying it's identifier. Once in edit, the changes may be committed, or canceled.

New users can be added, but must also be committed. Information from an XML description of a user can be merged into a UserEdit object. Users can also be removed.

Users can be authenticated and authenication can be destroyed.

The UserDirectoryProvider

The UserDirectoryProvider provides a means to get user definitions from some other source. This can be done singlely, as a collection (of ids), or by email address. Tests are provided to see if a user exists in the external source and to see if a user can be created in the external source.

Capability is also provided to work with external authentication. Tests are provided to see if this provider updates user records on successfull authentication and to check provider or internal data first when authenticating a user. External authentication traces can be destroyed.

Notes and Questions on the User Model

User types are not defined by the interface. Where are these defined?

Email addresses are used as a secondary user identifier and presumably must be unique in a Sakai installation.

No rules are prodided for how display name is derived. Presumably it concatenates first and last names, though this awkward for many languages.

Other user metadata must be added as entity properties and unlikely to be optimized for selection or retrieval.

Notes and Questions on User Factories and Providers

What is returned as the entity description for a User?

The synchWithSiteChange introduces a dependency bewteen the EntityProducer and Sites. All derived producers, services, factories, and managers will thus have a dependency on Sites.

Many of the methods defined by the EntityProducer do not seem to make sense in the context of a UserDirectoryService.

References are defined as an API in EntityProducer and as a string in Entity. Furthermore, it is possible to get a reference string from a Reference object. The EntityManager provides methods for creating, copying, and translating references.

The HttpAccess interface is defined with the other Entity classes.