1 4 package com.nightlabs.ipanema.security; 5 6 import java.io.Serializable ; 7 import java.io.UnsupportedEncodingException ; 8 import java.security.MessageDigest ; 9 import java.security.NoSuchAlgorithmException ; 10 import java.util.ArrayList ; 11 import java.util.Collection ; 12 import java.util.Date ; 13 import java.util.HashMap ; 14 import java.util.Iterator ; 15 import java.util.List ; 16 import java.util.Map ; 17 import java.util.Random ; 18 19 import javax.jdo.PersistenceManager; 20 import javax.jdo.Query; 21 import javax.jdo.spi.PersistenceCapable; 22 23 import org.apache.log4j.Logger; 24 25 import sun.misc.BASE64Encoder; 26 27 import com.nightlabs.ipanema.base.IpanemaBasePrincipal; 28 import com.nightlabs.ipanema.person.Person; 29 import com.nightlabs.ipanema.security.id.UserID; 30 import com.nightlabs.jdo.BaseObjectID; 31 32 37 38 58 public class User implements Serializable { 60 public static Logger LOGGER = Logger.getLogger(User.class); 61 62 public static final String FETCH_GROUP_PERSON = "User.person"; 63 public static final String FETCH_GROUP_USERREFS = "User.userRefs"; 64 public static final String FETCH_GROUP_THIS_USER = "User.this"; 65 66 public static final String QUERY_GET_USERS_BY_TYPE = "getUsersByType"; 67 68 77 public static String OTHER_USERID = "_Other_"; 78 79 91 public static String SYSTEM_USERID = "_System_"; 92 93 98 public boolean passwdChanged = false; 99 100 public static User getUser(PersistenceManager pm, IpanemaBasePrincipal principal) { 101 return getUser(pm, principal.getOrganisationID(), principal.getUserID()); 102 } 103 104 public static User getUser(PersistenceManager pm, String organisationID, String userID) 105 { 106 pm.getExtent(User.class); 107 return (User) pm.getObjectById(UserID.create(organisationID, userID), true); 108 } 109 110 119 private String organisationID; 120 121 125 private String userID; 126 127 public static final String USERTYPE_USER = "User"; 128 public static final String USERTYPE_ORGANISATION = "Organisation"; 129 public static final String USERTYPE_USERGROUP = "UserGroup"; 130 131 public static final String USERID_PREFIX_TYPE_ORGANISATION = "$"; public static final String USERID_PREFIX_TYPE_USERGROUP = "!"; 133 137 private String userType; 138 139 143 private String name; 144 145 149 private String description; 150 151 155 private String password; 156 157 171 private Map userGroups = new HashMap (); 172 173 188 private Map userRefs = new HashMap (); 189 190 191 194 private Person person = null; 195 196 199 private Date changeDT; 200 201 202 public User() {} 203 204 public User(String _userID) 205 { 206 this(null, _userID); 207 } 208 209 public User(String _organisationID, String _userID) 210 { 211 214 if (_userID == null) 215 throw new NullPointerException ("userID must not be null!"); 216 217 if (!BaseObjectID.isValidIDString(_userID)) 218 throw new IllegalArgumentException ("userID \""+_userID+"\" is not a valid id!"); 219 220 this.organisationID = _organisationID; 221 this.userID = _userID; 222 if (userID.startsWith(USERID_PREFIX_TYPE_ORGANISATION)) 223 this.userType = USERTYPE_ORGANISATION; 224 else if (userID.startsWith(USERID_PREFIX_TYPE_USERGROUP)) 225 this.userType = USERTYPE_USERGROUP; 226 else 227 this.userType = USERTYPE_USER; 228 changeDT = new Date (); 229 } 230 231 232 235 public String getOrganisationID() { 236 return organisationID; 237 } 238 239 protected void setOrganisationID(String _organisationID) { 240 this.organisationID = _organisationID; 241 } 242 243 246 public String getUserID() 247 { 248 return userID; 249 } 250 251 protected void setUserID(String _userID) 252 { 253 this.userID = _userID; 254 } 255 256 259 public String getUserType() { 260 return userType; 261 } 262 263 266 public String getDescription() { 267 return description; 268 } 269 272 public void setDescription(String description) { 273 this.description = description; 274 changeDT = new Date (); 275 } 276 279 public String getName() { 280 return name; 281 } 282 285 public void setName(String name) { 286 this.name = name; 287 changeDT = new Date (); 288 } 289 290 293 public String getPassword() 294 { 295 return password; 296 } 297 298 302 public void setPasswordPlain(String password) throws SecurityException 303 { 304 setPassword(encryptPassword(password)); 305 } 306 307 310 public void setPassword(String password) 311 { 312 passwdChanged = true; 313 this.password = password; 314 changeDT = new Date (); 315 } 316 317 318 321 public Person getPerson() { 322 return person; 323 } 324 327 public void setPerson(Person person) { 328 this.person = person; 329 if (person != null) { 330 } 333 changeDT = new Date (); 334 } 335 336 339 public Date getChangeDT() { 340 return changeDT; 341 } 342 343 350 public boolean checkPassword(String plainPassword) 351 throws SecurityException 352 { 353 if (plainPassword == null) 354 throw new NullPointerException ("plainPassword must not be null!"); 355 356 return encryptPassword(plainPassword).equals(getPassword()); 357 } 358 359 360 public static final int INCLUDE_NONE = 0; 361 public static final int INCLUDE_PERSON = 0x1; 362 public static final int INCLUDE_USERGROUPS = 0x2; 363 public static final int INCLUDE_ALL = Integer.MAX_VALUE; 364 365 public void makeTransient(int includeMask) 366 { 367 PersistenceManager pm = ((PersistenceCapable)this).jdoGetPersistenceManager(); 368 if (pm == null) 369 return; 370 371 pm.retrieve(this); 372 373 Map tmpUserGroups = new HashMap (); 374 if ((includeMask & INCLUDE_USERGROUPS) != 0) { 375 for (Iterator it = userGroups.values().iterator(); it.hasNext(); ) { 376 UserGroup userGroup = (UserGroup)it.next(); 377 userGroup.makeTransient(UserGroup.INCLUDE_NONE); 378 tmpUserGroups.put(userGroup.getUserID(), userGroup); 379 } 380 } 381 382 pm.makeTransient(this); 383 384 this.userGroups = tmpUserGroups; 385 } 386 387 protected transient String login = null; 388 394 public String getLogin() 395 { 396 if (login == null) { 397 StringBuffer sb = new StringBuffer (); 398 sb.append(getUserID()); 399 sb.append('@'); 400 sb.append(getOrganisationID()); 401 login = sb.toString(); 402 } 403 return login; 404 } 405 406 407 public Collection getUserRefs() 408 { 409 return userRefs.values(); 410 } 411 412 413 protected void _addUserRef(UserRef userRef) 414 { 415 if (userRef == null) 416 throw new NullPointerException ("userRef must not be null!"); 417 418 if (!this.userID.equals(userRef.getUserID())) 419 throw new IllegalArgumentException ("userRef.userID invalid!"); 420 421 userRefs.put(userRef.getAuthorityID(), userRef); 422 } 423 424 protected void _removeUserRef(String authorityID) 425 { 426 userRefs.remove(authorityID); 427 } 428 429 public UserRef getUserRef(String authorityID) 430 { 431 return (UserRef)userRefs.get(authorityID); 432 } 433 434 protected void _addUserGroup(UserGroup userGroup) 435 { 436 if (userGroup == null) 437 throw new NullPointerException ("userGroup must not be null!"); 438 439 userGroups.put(userGroup.getUserID(), userGroup); 440 } 441 442 445 protected void _removeUserGroup(String userGroupID) 446 { 447 userGroups.remove(userGroupID); 448 } 449 450 public boolean isUserGroupsEmpty() 451 { 452 return userGroups.isEmpty(); 453 } 454 455 public Collection getUserGroups() 456 { 457 return userGroups.values(); 458 } 459 460 463 public UserGroup getUserGroup(String userGroupID) 464 { 465 return (UserGroup)userGroups.get(userGroupID); 466 } 467 468 469 protected transient String thisString = null; 470 public String toString() 471 { 472 if (thisString == null) { 473 StringBuffer sb = new StringBuffer (); 474 sb.append(this.getClass().getName()); 475 sb.append('{'); 476 sb.append(getLogin()); sb.append('}'); 481 thisString = sb.toString(); 482 } 483 return thisString; 484 } 485 486 489 public boolean equals(Object obj) { 490 if (obj == this) 491 return true; 492 493 if (!(obj instanceof User)) 494 return false; 495 496 User other = (User)obj; 497 return 498 this.getOrganisationID().equals(other.getOrganisationID()) 499 && 500 this.getUserID().equals(other.getUserID()); 501 } 502 503 506 public int hashCode() { 507 return this.getOrganisationID().hashCode() ^ this.getUserID().hashCode(); 508 } 509 510 522 523 548 555 public static String generatePassword(int minLen, int maxLen) 556 { 557 Random random = new Random (); 558 int len = minLen + random.nextInt(maxLen - minLen + 1); 559 StringBuffer pw = new StringBuffer (); 560 for (int i = 0; i < len; ++i) { 561 int v = random.nextInt(126 - 40) + 40; pw.append((char)v); 563 } 564 return pw.toString(); 565 } 566 567 public static String encryptPassword(String password) 568 throws SecurityException 569 { 570 if(password == null) 571 return null; 572 573 MessageDigest md = null; 574 try { 575 md = MessageDigest.getInstance("SHA"); 576 md.update(password.getBytes("UTF-8")); 577 } catch(NoSuchAlgorithmException e) { 578 throw new SecurityException (e); 579 } catch(UnsupportedEncodingException e) { 580 throw new SecurityException (e); 581 } 582 byte raw[] = md.digest(); 583 return (new BASE64Encoder()).encode(raw); 584 } 585 586 public static UserSearchResult searchUsers ( 587 PersistenceManager pm, 588 String userType, 589 String searchStr, boolean exact, int itemsPerPage, int pageIndex, int userIncludeMask) 590 throws SecurityException 591 { 592 try { 593 if ("".equals(searchStr)) 594 searchStr = null; 595 596 if (itemsPerPage <= 0) { 597 itemsPerPage = Integer.MAX_VALUE; 598 pageIndex = 0; 599 } 600 601 if (pageIndex < 0) 602 pageIndex = 0; 603 604 Query query = pm.newQuery(pm.getExtent(User.class, true)); 605 query.declareImports("import java.lang.String"); 606 query.declareParameters("String userType, String searchStr"); 607 StringBuffer filter = new StringBuffer (); 608 if (userType != null) 609 filter.append("this.userType == userType"); 610 611 if (userType != null && searchStr != null) 612 filter.append(" && "); 613 614 if (searchStr != null) { 615 searchStr = searchStr.toLowerCase(); 616 if (exact) 617 filter.append("this.userID.toLowerCase() == searchStr"); 618 else 619 filter.append("this.userID.toLowerCase().indexOf(searchStr) >= 0"); 620 } 621 query.setFilter(filter.toString()); 622 query.setOrdering("this.organisationID ascending, this.userID ascending"); 623 Collection c = (Collection )query.execute(userType, searchStr); 624 int itemsFound = c.size(); 625 Iterator it = c.iterator(); 626 List items = new ArrayList (); 627 int idx = 0; 628 int firstIdx = 0; int lastIdx = Integer.MAX_VALUE; 629 if (pageIndex >= 0) 630 firstIdx = itemsPerPage * pageIndex; 631 lastIdx = firstIdx + itemsPerPage - 1; 632 633 while (it.hasNext()) { 634 User user = (User)it.next(); 635 if (idx >= firstIdx) 636 items.add(user); 637 638 ++idx; 639 if (idx > lastIdx) 640 break; 641 } return new UserSearchResult(itemsFound, itemsPerPage, pageIndex, items); 643 } catch (Exception x) { 644 throw new SecurityException (x); 645 } 646 } 647 648 657 public static Collection getUsersByType(PersistenceManager pm, String userType, String systemUserID) { 658 Query q = pm.newNamedQuery(User.class, QUERY_GET_USERS_BY_TYPE); 659 return (Collection )q.execute(userType, systemUserID); 660 } 661 662 } 663 | Popular Tags |