1 package org.apache.turbine.services.security.torque; 2 3 18 19 import java.util.ArrayList ; 20 import java.util.Iterator ; 21 import java.util.List ; 22 23 import org.apache.commons.configuration.Configuration; 24 25 import org.apache.commons.lang.StringUtils; 26 27 import org.apache.commons.logging.Log; 28 import org.apache.commons.logging.LogFactory; 29 30 import org.apache.torque.om.Persistent; 31 import org.apache.torque.util.Criteria; 32 33 import org.apache.turbine.om.security.User; 34 import org.apache.turbine.services.InitializationException; 35 import org.apache.turbine.services.security.TurbineSecurity; 36 import org.apache.turbine.services.security.UserManager; 37 import org.apache.turbine.util.security.DataBackendException; 38 import org.apache.turbine.util.security.EntityExistsException; 39 import org.apache.turbine.util.security.PasswordMismatchException; 40 import org.apache.turbine.util.security.UnknownEntityException; 41 42 59 public class TorqueUserManager 60 implements UserManager 61 { 62 63 private static Log log = LogFactory.getLog(TorqueUserManager.class); 64 65 72 public void init(Configuration conf) 73 throws InitializationException 74 { 75 UserPeerManager.init(conf); 76 } 77 78 88 public boolean accountExists(User user) 89 throws DataBackendException 90 { 91 return accountExists(user.getName()); 92 } 93 94 104 public boolean accountExists(String userName) 105 throws DataBackendException 106 { 107 Criteria criteria = new Criteria(); 108 criteria.add(UserPeerManager.getNameColumn(), userName); 109 List users; 110 try 111 { 112 users = UserPeerManager.doSelect(criteria); 113 } 114 catch (Exception e) 115 { 116 throw new DataBackendException( 117 "Failed to check account's presence", e); 118 } 119 if (users.size() > 1) 120 { 121 throw new DataBackendException( 122 "Multiple Users with same username '" + userName + "'"); 123 } 124 return (users.size() == 1); 125 } 126 127 138 public User retrieve(String userName) 139 throws UnknownEntityException, DataBackendException 140 { 141 Criteria criteria = new Criteria(); 142 criteria.add(UserPeerManager.getNameColumn(), userName); 143 144 List users = retrieveList(criteria);; 145 146 if (users.size() > 1) 147 { 148 throw new DataBackendException( 149 "Multiple Users with same username '" + userName + "'"); 150 } 151 if (users.size() == 1) 152 { 153 return (User) users.get(0); 154 } 155 throw new UnknownEntityException("Unknown user '" + userName + "'"); 156 } 157 158 168 public User retrieveById(Object key) 169 throws UnknownEntityException, DataBackendException 170 { 171 Criteria criteria = new Criteria(); 172 criteria.add(UserPeerManager.getIdColumn(), key); 173 174 List users = retrieveList(criteria); 175 176 if (users.size() > 1) 177 { 178 throw new DataBackendException( 179 "Multiple Users with same unique Key '" + String.valueOf(key) + "'"); 180 } 181 if (users.size() == 1) 182 { 183 return (User) users.get(0); 184 } 185 throw new UnknownEntityException("Unknown user with key '" + String.valueOf(key) + "'"); 186 } 187 188 196 public User[] retrieve(Criteria criteria) 197 throws DataBackendException 198 { 199 return (User [])retrieveList(criteria).toArray(new User[0]); 200 } 201 202 216 public List retrieveList(Criteria criteria) 217 throws DataBackendException 218 { 219 for (Iterator keys = criteria.keySet().iterator(); keys.hasNext(); ) 220 { 221 String key = (String ) keys.next(); 222 223 Criteria.Criterion[] criterion = criteria 225 .getCriterion(key).getAttachedCriterion(); 226 227 for (int i = 0; i < criterion.length; i++) 228 { 229 if (StringUtils.isEmpty(criterion[i].getTable())) 230 { 231 criterion[i].setTable(UserPeerManager.getTableName()); 232 } 233 } 234 } 235 List users = null; 236 try 237 { 238 users = UserPeerManager.doSelect(criteria); 239 } 240 catch (Exception e) 241 { 242 throw new DataBackendException("Failed to retrieve users", e); 243 } 244 return users; 245 } 246 247 263 public User retrieve(String userName, String password) 264 throws PasswordMismatchException, UnknownEntityException, 265 DataBackendException 266 { 267 User user = retrieve(userName); 268 authenticate(user, password); 269 return user; 270 } 271 272 282 public void store(User user) 283 throws UnknownEntityException, DataBackendException 284 { 285 if (!accountExists(user)) 286 { 287 throw new UnknownEntityException("The account '" + 288 user.getName() + "' does not exist"); 289 } 290 291 try 292 { 293 ((Persistent) user).setNew(false); 298 ((Persistent) user).setModified(true); 299 ((Persistent) user).save(); 300 } 301 catch (Exception e) 302 { 303 throw new DataBackendException("Failed to save user object", e); 304 } 305 } 306 307 319 public void saveOnSessionUnbind(User user) 320 throws UnknownEntityException, DataBackendException 321 { 322 if (!user.hasLoggedIn()) 323 { 324 return; 325 } 326 store(user); 327 } 328 329 330 344 public void authenticate(User user, String password) 345 throws PasswordMismatchException, UnknownEntityException, 346 DataBackendException 347 { 348 if (!accountExists(user)) 349 { 350 throw new UnknownEntityException("The account '" + 351 user.getName() + "' does not exist"); 352 } 353 354 357 362 363 if (!TurbineSecurity.checkPassword(password, user.getPassword())) 364 { 365 throw new PasswordMismatchException("The passwords do not match"); 366 } 367 } 368 369 383 public void changePassword(User user, String oldPassword, 384 String newPassword) 385 throws PasswordMismatchException, UnknownEntityException, 386 DataBackendException 387 { 388 if (!accountExists(user)) 389 { 390 throw new UnknownEntityException("The account '" + 391 user.getName() + "' does not exist"); 392 } 393 394 if (!TurbineSecurity.checkPassword(oldPassword, user.getPassword())) 395 { 396 throw new PasswordMismatchException( 397 "The supplied old password for '" + user.getName() + 398 "' was incorrect"); 399 } 400 user.setPassword(TurbineSecurity.encryptPassword(newPassword)); 401 store(user); 405 } 406 407 422 public void forcePassword(User user, String password) 423 throws UnknownEntityException, DataBackendException 424 { 425 if (!accountExists(user)) 426 { 427 throw new UnknownEntityException("The account '" + 428 user.getName() + "' does not exist"); 429 } 430 user.setPassword(TurbineSecurity.encryptPassword(password)); 431 store(user); 435 } 436 437 446 public void createAccount(User user, String initialPassword) 447 throws EntityExistsException, DataBackendException 448 { 449 if(StringUtils.isEmpty(user.getName())) 450 { 451 throw new DataBackendException("Could not create " 452 + "an user with empty name!"); 453 } 454 455 if (accountExists(user)) 456 { 457 throw new EntityExistsException("The account '" + 458 user.getName() + "' already exists"); 459 } 460 user.setPassword(TurbineSecurity.encryptPassword(initialPassword)); 461 462 try 463 { 464 ((Persistent) user).setNew(true); 469 ((Persistent) user).setModified(true); 470 ((Persistent) user).save(); 471 } 472 catch (Exception e) 473 { 474 throw new DataBackendException("Failed to create account '" + 475 user.getName() + "'", e); 476 } 477 } 478 479 487 public void removeAccount(User user) 488 throws UnknownEntityException, DataBackendException 489 { 490 if (!accountExists(user)) 491 { 492 throw new UnknownEntityException("The account '" + 493 user.getName() + "' does not exist"); 494 } 495 Criteria criteria = new Criteria(); 496 criteria.add(UserPeerManager.getNameColumn(), user.getName()); 497 try 498 { 499 UserPeerManager.doDelete(criteria); 500 } 501 catch (Exception e) 502 { 503 throw new DataBackendException("Failed to remove account '" + 504 user.getName() + "'", e); 505 } 506 } 507 } 508 | Popular Tags |