Java API By Example, From Geeks To Geeks.

1 package org.manentia.kasai; 2 3 import com.koala.commons.CriticalException; 4 import com.koala.commons.NonCriticalException; 5 import com.koala.commons.log.Log; 6 import com.koala.commons.xml.XMLBean; 7 import com.koala.commons.xml.exceptions.XMLException; 8 9 import org.apache.commons.lang.StringUtils; 10 import org.apache.commons.lang.exception.ExceptionUtils; 11 12 import org.manentia.kasai.Group; 13 import org.manentia.kasai.Role; 14 import org.manentia.kasai.User; 15 import org.manentia.kasai.authobject.AuthObjectHandler; 16 import org.manentia.kasai.exceptions.*; 17 import org.manentia.kasai.audit.AuditHandler; 18 import org.manentia.kasai.group.GroupHandler; 19 import org.manentia.kasai.operative.OperativeHandler; 20 import org.manentia.kasai.role.RoleHandler; 21 22 import org.w3c.dom.Document ; 23 24 import java.util.ArrayList ; 25 import java.util.Collection ; 26 import java.util.HashMap ; 27 import java.util.Iterator ; 28 import java.util.ResourceBundle ; 29 import org.manentia.kasai.util.ExceptionUtil; 30 import org.manentia.kasai.util.Constants; 31 import org.manentia.kasai.user.UserHandler; 32 33 34 /** 35  * Class to provide authority and authorization functionalities 36  * 37  * @author fpena 38  * 39  * (c) 2004 Koala Developers S.R.L. 40  */ 41 public class KasaiFacade { 42 43     //~ Static variables / initialization --------------------------------------------------------------------------- 44 45     /** Permission to read a group */ 46     static final String READ_GROUP = "kasai.group.read"; 47 48     /** Permission to delete a user from a group */ 49     static final String DELETE_USER_GROUP = "kasai.group.user.delete"; 50 51     /** Permission to add users to a group */ 52     static final String ADD_USER_TO_GROUP = "kasai.group.user.add"; 53 54     /** Permission to delete a group */ 55     static final String DELETE_GROUP = "kasai.group.delete"; 56 57     /** Permission to modify a group */ 58     static final String COMMIT_GROUP = "kasai.group.commit"; 59 60     /** Permission to block a group */ 61     static final String BLOCK_GROUP = "kasai.group.block"; 62 63     /** Permission to unblock a group */ 64     static final String UNBLOCK_GROUP = "kasai.group.unblock"; 65 66     /** Permission to read a user */ 67     static final String READ_USER = "kasai.user.read"; 68 69     /** Permission to delete a user */ 70     static final String DELETE_USER = "kasai.user.delete"; 71 72     /** Permission to modify a user */ 73     static final String COMMIT_USER = "kasai.user.commit"; 74 75     /** Permission to reset a user password*/ 76     static final String RESET_PASSWORD_USER = "kasai.user.resetpassword"; 77 78     /** Permission to block a user */ 79     static final String BLOCK_USER = "kasai.user.block"; 80 81     /** Permission to unblock a user */ 82     static final String UNBLOCK_USER = "kasai.user.unblock"; 83 84     /** Permission to modify a role */ 85     static final String COMMIT_ROLE = "kasai.role.commit"; 86 87     /** Permission to read a role */ 88     static final String READ_ROLE = "kasai.role.read"; 89 90     /** Permission to delete a role */ 91     static final String DELETE_ROLE = "kasai.role.delete"; 92 93     /** Permission to modify permissions of a object */ 94     static final String MODIFY_ACCESS = "kasai.object.modifyaccess"; 95 96     /** Singleton instance */ 97     private static KasaiFacade instance = null; 98 99     //~ Constructors -------------------------------------------------------------------------------------------------- 100 101     /** 102      * Creates a new KasaiFacade object. 103      */ 104     private KasaiFacade() { 105         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "init", "Enter", 106             java.util.logging.Level.INFO); 107         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "init", "Exit", 108             java.util.logging.Level.INFO); 109     } 110 111     //~ Methods -------------------------------------------------------------------------------------------------------- 112 113     /** 114      * Returns an instance of KasaiFacade 115      * 116      * @return Instance of KasaiFacade 117      * 118      */ 119     public static synchronized KasaiFacade getInstance(){ 120         if (instance == null) { 121             instance = new KasaiFacade(); 122         } 123 124         return instance; 125     } 126 127     /** 128      * Method to verify if a specific user is part of a specific group 129      * 130      * @param login User who is making the request 131      * @param userId Specific user 132      * @param groupId Specific group 133      * 134      * @return true if the userId is part of a groupId 135      * 136      * @throws DataAccessException Severe errors like SQL error, IO Error, etc Severe error (SQL errors, IO errors, etc) 137      */ 138     public boolean isUserInGroup(String login, String userId, String groupId) 139         throws DataAccessException { 140          141         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "isUserInGroup", "Enter", 142             java.util.logging.Level.INFO); 143 144         boolean result = false; 145         Collection users = null; 146 147         if ((StringUtils.isNotEmpty(userId)) && (StringUtils.isNotEmpty(groupId))) { 148             users = UserHandler.getInstance().list(userId, null, null, null, -1, null, groupId); 149         } 150 151         result = (users != null) && (users.size() > 0); 152 153         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "isUserInGroup", "Exit", 154             java.util.logging.Level.INFO); 155 156         return result; 157     } 158 159     /** 160      * Add one operative to a specific role. 161      * 162      * @param loginUser User who is making the request 163      * @param idOperative Operative identifier 164      * @param role Role identifier 165      * @param clientIP IP Address of whom is making the request Client IP address 166      * 167      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 168      * @throws DoesntExistsException The operative or role does not exist 169      * @throws NotEnoughPermissionException The user cannot perform this operation 170      * @throws CannotAuditException Error auditing operation 171      */ 172     public void addOperativeToRole(String loginUser, String idOperative, int role, String clientIP) 173         throws DataAccessException, DoesntExistsException,NotEnoughPermissionException, 174             CannotAuditException { 175          176         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "addOperativeToRole", 177             "Enter (loginUser=" + StringUtils.defaultString(loginUser, "<null>") + ",idOperative=" + 178             StringUtils.defaultString(idOperative, "<null>") + ",role=" + role, java.util.logging.Level.INFO); 179 180         long startTime = System.currentTimeMillis(); 181         String raisedError = null; 182         int returnCode = 0; 183 184         try { 185             this.validateOperative(loginUser, KasaiFacade.COMMIT_ROLE, "/kasai/role/" + role); 186             RoleHandler.getInstance().addOperativeToRole(idOperative, role); 187         } catch (DataAccessException e) { 188             raisedError = KasaiFacade.class.getName() + ".sqlError"; 189             returnCode = 1; 190             throw e; 191         } catch (DoesntExistsException deE) { 192             raisedError = deE.getMessage(); 193             returnCode = 2; 194             throw deE; 195         } catch (NotEnoughPermissionException nep) { 196             raisedError = nep.getMessage(); 197             returnCode = 3; 198             throw nep; 199         } finally { 200 201             HashMap transactionData = new HashMap (); 202 203             transactionData.put("idOperative", idOperative); 204             transactionData.put("role", String.valueOf(role)); 205 206             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 207                 KasaiFacade.class.getName() + ".addOperativeToRole", "/kasai/role/" + role, transactionData); 208         } 209 210         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "addOperativeToRole", "Exit", 211             java.util.logging.Level.INFO); 212     } 213 214     /** 215      * Add a user to a specific group 216      * 217      * @param loginUser User who is making the request 218      * @param idGroup Destination group identifier 219      * @param idUserToAdd User identifier 220      * @param clientIP IP Address of whom is making the request IP Address of whom is making the request 221      * 222      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 223      * @throws DoesntExistsException The user or group does not exist 224      * @throws NotEnoughPermissionException The user cannot perform this operation 225      * @throws CannotAuditException Errors auditing operation 226      */ 227     public void addUserToGroup(String loginUser, String idGroup, String idUserToAdd, String clientIP) 228         throws DataAccessException, DoesntExistsException, NotEnoughPermissionException, 229             CannotAuditException { 230          231         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "addUserToGroup", 232             "Enter(loginUser=" + StringUtils.defaultString(loginUser, "<null>") + ",idGroup=" + 233             StringUtils.defaultString(idGroup, "<null>") + ",idUserToAdd=" + 234             StringUtils.defaultString(idUserToAdd, "<null>") + ",clientIP=" + 235             StringUtils.defaultString(clientIP, "<null>"), java.util.logging.Level.INFO); 236 237         long startTime = System.currentTimeMillis(); 238         String raisedError = null; 239         int returnCode = 0; 240 241         try { 242             this.validateOperative(loginUser, ADD_USER_TO_GROUP, "/kasai/group/" + idGroup); 243 244             GroupHandler.getInstance().addUserToGroup(idUserToAdd, idGroup); 245         } catch (DataAccessException e) { 246             raisedError = KasaiFacade.class.getName() + ".sqlErrror"; 247             returnCode = 1; 248             throw e; 249         } catch (DoesntExistsException deE) { 250             raisedError = deE.getMessage(); 251             returnCode = 2; 252             throw deE; 253         } catch (NotEnoughPermissionException nep) { 254             raisedError = nep.getMessage(); 255             returnCode = 3; 256             throw nep; 257         } finally { 258 259             HashMap transactionData = new HashMap (); 260 261             transactionData.put("idGroup", idGroup); 262             transactionData.put("idUserToAdd", idUserToAdd); 263 264             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 265                 KasaiFacade.class.getName() + ".addUserToGroup", "/kasai/group/" + idGroup, transactionData); 266         } 267 268         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "addUserToGroup", "Exit", 269             java.util.logging.Level.INFO); 270     } 271 272     /** 273      * Method to block just the group, not the users. Users lost permissions assigned to them through the group. 274      * 275      * @param loginUser User who is making the request 276      * @param idGroup Group identifier 277      * @param clientIP IP Address of whom is making the request 278      * 279      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 280      * @throws InvalidAttributesException Group existing attributes are not correct 281      * @throws NotEnoughPermissionException The user cannot execute this operative 282      * @throws DoesntExistsException The group does not exist 283      * @throws CannotAuditException Error auditing transaction 284      */ 285     public void blockGroup(String loginUser, String idGroup, String clientIP) 286         throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 287             DoesntExistsException, CannotAuditException { 288          289         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockGroup", "Enter", 290             java.util.logging.Level.INFO); 291 292         long startTime = System.currentTimeMillis(); 293         String raisedError = null; 294         int returnCode = 0; 295 296         try { 297             this.validateOperative(loginUser, KasaiFacade.BLOCK_GROUP, "/kasai/group/" + idGroup); 298 299             Group group = GroupHandler.getInstance().read(idGroup); 300 301             if (group == null) { 302                 Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockGroup", 303                     "Group doesn't exist (" + idGroup + ")", java.util.logging.Level.WARNING); 304                 throw new DoesntExistsException(KasaiFacade.class.getName() + "groupDoesntExist"); 305             } 306 307             GroupHandler.getInstance().update(idGroup, true, group.getDescription()); 308         } catch (DataAccessException e) { 309             raisedError = KasaiFacade.class.getName() + ".sqlError"; 310             returnCode = 1; 311             throw e; 312         } catch (InvalidAttributesException iaE) { 313             raisedError = iaE.getMessage(); 314             returnCode = 2; 315             throw iaE; 316         } catch (NotEnoughPermissionException nep) { 317             raisedError = nep.getMessage(); 318             returnCode = 3; 319             throw nep; 320         } catch (DoesntExistsException deE) { 321             raisedError = deE.getMessage(); 322             returnCode = 4; 323             throw deE; 324         } finally { 325 326             HashMap transactionData = new HashMap (); 327 328             transactionData.put("idGroup", idGroup); 329 330             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 331                 KasaiFacade.class.getName() + ".blockGroup", "/kasai/group/" + idGroup, transactionData); 332         } 333 334         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockGroup", "Exit", 335             java.util.logging.Level.INFO); 336     } 337 338     /** 339      * Method to block a specific user. After this, user is disabled to use the application. 340      * 341      * @param loginUser User who is making the request 342      * @param idUserToBlock User identifier 343      * @param clientIP IP Address of whom is making the request 344      * 345      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 346      * @throws InvalidAttributesException Existing user information is invalid 347      * @throws NotEnoughPermissionException The user cannot perform this operation 348      * @throws DoesntExistsException The selected user does not exist 349      * @throws CannotAuditException Error auditing transaction 350      */ 351     public void blockUser(String loginUser, String idUserToBlock, String clientIP) 352         throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 353             DoesntExistsException, CannotAuditException { 354          355         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockUser", "Enter", 356             java.util.logging.Level.INFO); 357 358         long startTime = System.currentTimeMillis(); 359         String raisedError = null; 360         int returnCode = 0; 361 362         try { 363             this.validateOperative(loginUser, KasaiFacade.BLOCK_USER, "/kasai/user/" + idUserToBlock); 364 365             User user = UserHandler.getInstance().read(idUserToBlock, true); 366 367             if (user == null) { 368                 Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockGroup", 369                     "User doesn't exist (" + idUserToBlock + ")", java.util.logging.Level.WARNING); 370                 throw new DoesntExistsException(KasaiFacade.class.getName() + "userDoesntExist"); 371             } 372 373             UserHandler.getInstance().update(idUserToBlock, user.getFirstName(), user.getLastName(), user.getEmail(), true, 374                 user.getDescription()); 375         } catch (DataAccessException e) { 376             raisedError = KasaiFacade.class.getName() + ".sqlError"; 377             returnCode = 1; 378             throw e; 379         } catch (InvalidAttributesException iaE) { 380             raisedError = iaE.getMessage(); 381             returnCode = 2; 382             throw iaE; 383         } catch (NotEnoughPermissionException nep) { 384             raisedError = nep.getMessage(); 385             returnCode = 3; 386             throw nep; 387         } catch (DoesntExistsException deE) { 388             raisedError = deE.getMessage(); 389             returnCode = 4; 390             throw deE; 391         } finally { 392 393             HashMap transactionData = new HashMap (); 394 395             transactionData.put("idUserToBlock", idUserToBlock); 396 397             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 398                 KasaiFacade.class.getName() + ".blockUser", "/kasai/user/" + idUserToBlock, transactionData); 399         } 400 401         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockUser", "Exit", 402             java.util.logging.Level.INFO); 403     } 404 405     /** 406      * Method to change the user's password 407      * 408      * @param login User who is making the request 409      * @param oldPassword Actual password 410      * @param newPassword New password 411      * @param confirmation Confirmation password 412      * @param clientIP IP Address of whom is making the request 413      * 414      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 415      * @throws InvalidAttributesException Existing user info or new password are not valid 416      * @throws ServiceException Error changing password at the authentication service level 417      * @throws ServiceNotAvailableException The authentication service is not available 418      * @throws DoesntExistsException The user does not exists 419      * @throws CannotAuditException Error auditing operation 420      * @throws InvalidPasswordException The old password is not valid 421      */ 422     public void changePasswordUser(String login, String oldPassword, String newPassword, String confirmation, 423         String clientIP) throws DataAccessException, InvalidAttributesException, ServiceException, ServiceNotAvailableException, 424         DoesntExistsException, CannotAuditException, InvalidPasswordException { 425          426         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "changePasswordUser", "Enter", 427             java.util.logging.Level.INFO); 428 429         long startTime = System.currentTimeMillis(); 430         String raisedError = null; 431         int returnCode = 0; 432 433         try { 434 435             User user = UserHandler.getInstance().read(login, true); 436 437             if (user == null) { 438                 Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "changePasswordUser", 439                     "User doesn't exist (" + login + ")", java.util.logging.Level.WARNING); 440                 throw new DoesntExistsException(KasaiFacade.class.getName() + "userDoesntExist"); 441             } 442 443             user.changePassword(oldPassword, newPassword, confirmation); 444         } catch (DataAccessException e) { 445             raisedError = KasaiFacade.class.getName() + ".sqlError"; 446             returnCode = 1; 447             throw e; 448         } catch (InvalidAttributesException iaE) { 449             raisedError = iaE.getMessage(); 450             returnCode = 2; 451             throw iaE; 452         } catch (ServiceException e) { 453             raisedError = e.getMessage(); 454             returnCode = 3; 455             throw e; 456         } catch (ServiceNotAvailableException e) { 457             raisedError = e.getMessage(); 458             returnCode = 4; 459 460             throw e; 461         } catch (DoesntExistsException deE) { 462             raisedError = deE.getMessage(); 463             returnCode = 5; 464             throw deE; 465         } catch (InvalidPasswordException ipe) { 466             raisedError = ipe.getMessage(); 467             returnCode = 6; 468             throw ipe; 469         } finally { 470 471             HashMap transactionData = new HashMap (); 472 473             createAuditEntry(login, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 474                 KasaiFacade.class.getName() + ".changePasswordUser", "/kasai/user/" + login, transactionData); 475         } 476 477         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "changePasswordUser", "Exit", 478             java.util.logging.Level.INFO); 479     } 480 481     /** 482      * Method to verify if a user can do a specific operative over the object identified by object parameter 483      * 484      * @param login User who is making the request 485      * @param operative Operative to run over the object 486      * @param object Id of the object 487      * 488      * @return True if the user can do the operative over this object, false in other case 489      * 490      */ 491     public boolean checkOperative(String login, String operative, String object){ 492          493         return UserHandler.getInstance().checkOperative(login, operative, object); 494     } 495 496     /** 497      * Method to verify user's password 498      * 499      * @param login User who is making the request 500      * @param password User password 501      * @param clientIP IP Address of whom is making the request 502      * 503      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 504      * @throws NotFoundException The user does not exist 505      * @throws UserBlockedException The user is blocked 506      * @throws InvalidPasswordException The password is not valid 507      * @throws ServiceException The authentication service raised an error while validating the password 508      * @throws ServiceNotAvailableException The authentication service is not available 509      * @throws CannotAuditException Error auditing operation 510      */ 511     public void checkPasswordUser(String login, String password, String clientIP) 512         throws DataAccessException, NotFoundException, UserBlockedException, InvalidPasswordException, 513         ServiceException, ServiceNotAvailableException, CannotAuditException { 514 515         User user = null; 516         int result = User.AUTH_BAD_USERNAME; 517 518         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "checkPasswordUser", 519             "Enter(login=" + StringUtils.defaultString(login, "<null>") + ", password=" + 520             ((password == null) ? "<null>" : "******") + ", clientIP=" + StringUtils.defaultString(clientIP, "<null>") + 521             ")", java.util.logging.Level.INFO); 522 523         long startTime = System.currentTimeMillis(); 524         String raisedError = null; 525         int returnCode = 0; 526 527         try { 528             UserHandler.getInstance().checkPassword(login, password); 529 530             Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "checkPasswordUser", "Exit", 531                 java.util.logging.Level.INFO); 532         } catch (DataAccessException e) { 533             raisedError = KasaiFacade.class.getName() + ".sqlError"; 534             returnCode = 1; 535             throw e; 536         } catch (NotFoundException nfe) { 537             raisedError = nfe.getMessage(); 538             returnCode = 2; 539             throw nfe; 540         } catch (UserBlockedException ube) { 541             raisedError = ube.getMessage(); 542             returnCode = 3; 543             throw ube; 544         } catch (InvalidPasswordException ipe) { 545             raisedError = ipe.getMessage(); 546             returnCode = 5; 547             throw ipe; 548         } catch (ServiceException se) { 549             raisedError = se.getMessage(); 550             returnCode = 7; 551             throw se; 552         } catch (ServiceNotAvailableException snae) { 553             Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "changePasswordUser", 554                 "Error verifing user password (" + ExceptionUtils.getStackTrace(snae) + ")", 555                 java.util.logging.Level.SEVERE); 556 557             raisedError = snae.getMessage(); 558             returnCode = 8; 559             throw snae; 560         } finally { 561 562             HashMap transactionData = new HashMap (); 563 564             transactionData.put("login", login); 565 566             createAuditEntry(login, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 567                 KasaiFacade.class.getName() + ".checkPasswordUser", "/kasai/user/" + login, transactionData); 568         } 569     } 570 571     /** 572      * Copy all permissions from one object to another. 573      * 574      * @param loginUser User who is making the request 575      * @param sourceObject 576      * @param destinationObject 577      * 578      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 579      * @throws DoesntExistsException One (or both) of the objects does not exist 580      */ 581     public void copyObjectRoles(String loginUser, String sourceObject, String destinationObject) 582         throws DataAccessException, DoesntExistsException { 583         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "copyObjectRoles", "Enter", 584             java.util.logging.Level.INFO); 585 586         try { 587             AuthObjectHandler.getInstance().copyPermissionsFromObject(sourceObject, destinationObject); 588         } catch (DataAccessException e) { 589             throw e; 590         } catch (DoesntExistsException deE) { 591             throw deE; 592         } 593 594         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "copyObjectRoles", "Exit", 595             java.util.logging.Level.INFO); 596     } 597 598     /** 599      * Audits an operation 600      * 601      * @param userId User who is making the request 602      * @param returnCode Return code 603      * @param errorDescription Error description 604      * @param duration Duration in milliseconds 605      * @param clientIP IP Address of whom is making the request 606      * @param operation Operation executed 607      * @param objectID Object involved in the operation 608      * @param transactionData Extra data 609      * 610      * @throws CannotAuditException A severe error ocurred while writing the audit entry 611      */ 612     public void createAuditEntry(String userId, int returnCode, String errorDescription, long duration, 613         String clientIP, String operation, String objectID, HashMap transactionData) 614         throws CannotAuditException { 615 616         ResourceBundle res = ResourceBundle.getBundle(Constants.PROPERTY_FILE); 617         boolean auditIsEnabled = res.getString("kasai.audit.enabled").equalsIgnoreCase("yes"); 618 619         if (auditIsEnabled) { 620 621             Document transactionDoc = null; 622 623             try { 624 625                 XMLBean auditXML = new XMLBean("TransactionData"); 626                 String key; 627                 String value; 628 629                 for (Iterator iter = transactionData.keySet().iterator(); iter.hasNext();) { 630                     key = (String ) iter.next(); 631                     value = (String ) transactionData.get(key); 632                     auditXML.setString(key, value); 633                 } 634 635                 transactionDoc = auditXML.getXML(); 636             } catch (XMLException xmlE) { 637                 Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createAuditEntry", 638                     "XML error (" + ExceptionUtils.getStackTrace(xmlE) + ")", java.util.logging.Level.SEVERE); 639 640                 throw new CannotAuditException(KasaiFacade.class.getName() + ".xmlError", xmlE); 641             } 642 643             createAuditEntry(userId, returnCode, errorDescription, duration, clientIP, operation, objectID, 644                 transactionDoc); 645 646             Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createAuditEntry", "Exit", 647                 java.util.logging.Level.INFO); 648         } 649     } 650 651     /** 652      * Audit an operation 653      * 654      * @param userId User who is making the request 655      * @param returnCode Return code 656      * @param errorDescription Error description 657      * @param duration Duration in milliseconds 658      * @param clientIP IP Address of whom is making the request 659      * @param operation Operation executed 660      * @param objectID Object involved in the operation 661      * @param transactionData Extra data 662      * 663      * @throws CannotAuditException A severe error ocurred while writing the audit entry 664      */ 665     public void createAuditEntry(String userId, int returnCode, String errorDescription, long duration, 666         String clientIP, String operation, String objectID, Document transactionData) 667         throws CannotAuditException { 668 669         ResourceBundle res = ResourceBundle.getBundle(Constants.PROPERTY_FILE); 670         boolean auditIsEnabled = res.getString("kasai.audit.enabled").equalsIgnoreCase("yes"); 671 672         if (auditIsEnabled) { 673             Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createAuditEntry", 674                 "Enter (userId=" + StringUtils.defaultString(userId, "<null>") + ", returnCode=" + returnCode + 675                 ", errorDescription=" + StringUtils.defaultString(errorDescription, "<null>") + ", duration=" + 676                 duration + ", clientIP=" + StringUtils.defaultString(clientIP, "<null>") + ", operation=" + 677                 StringUtils.defaultString(operation, "<null>") + ", objectID=" + 678                 StringUtils.defaultString(objectID, "<null>") + ", transactionData=" + 679                 ((transactionData == null) ? "<null>" : "<data>"), java.util.logging.Level.INFO); 680 681             AuditHandler.createEntry(userId, returnCode, errorDescription, duration, clientIP, operation, objectID, 682                 transactionData); 683 684             Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createAuditEntry", "Exit", 685                 java.util.logging.Level.INFO); 686         } 687     } 688 689          690     /** 691      * Method to create a group 692      * 693      * @param loginUser User who is making the request 694      * @param id Group Group Identifier 695      * @param description Group description 696      * @param blocked Specify if the group must be blocked or not 697      * @param clientIP IP Address of whom is making the request 698      * 699      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 700      * @throws AlreadyExistsException A group with the given ID already exists 701      * @throws InvalidAttributesException The attributes are not valid for a group 702      * @throws NotEnoughPermissionException The user does not have enough permission to execute this operation 703      * @throws CannotAuditException Error auditing transaction 704      * @throws CriticalException Severe error creating group 705      */ 706     public void createGroup(String loginUser, String id, String description, boolean blocked, String clientIP) 707         throws DataAccessException, AlreadyExistsException, InvalidAttributesException, 708         NotEnoughPermissionException, CannotAuditException, CriticalException { 709          710         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createGroup", "Enter", 711             java.util.logging.Level.INFO); 712 713         long startTime = System.currentTimeMillis(); 714         String raisedError = null; 715         int returnCode = 0; 716 717         try { 718             this.validateOperative(loginUser, KasaiFacade.COMMIT_GROUP, "/kasai/group/"); 719 720             GroupHandler.getInstance().create(id, description, blocked); 721 722             this.createObject(loginUser, "/kasai/group/" + id); 723         } catch (DataAccessException e) { 724             raisedError = KasaiFacade.class.getName() + ".sqlError"; 725             returnCode = 1; 726 727             throw e; 728         } catch (AlreadyExistsException aeE) { 729             raisedError = aeE.getMessage(); 730             returnCode = 2; 731 732             throw aeE; 733         } catch (InvalidAttributesException e) { 734             raisedError = e.getMessage(); 735             returnCode = 3; 736 737             throw e; 738         } catch (NotEnoughPermissionException nep) { 739             raisedError = nep.getMessage(); 740             returnCode = 4; 741 742             throw nep; 743         } catch (CriticalException ce) { 744             raisedError = ce.getMessage(); 745             returnCode = 5; 746 747             throw ce; 748         } finally { 749 750             HashMap transactionData = new HashMap (); 751 752             transactionData.put("id", id); 753             transactionData.put("description", description); 754             transactionData.put("blocked", String.valueOf(blocked)); 755 756             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 757                 KasaiFacade.class.getName() + ".createGroup", "/kasai/group/" + id, transactionData); 758         } 759 760         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createGroup", "Exit", 761             java.util.logging.Level.INFO); 762     } 763 764     /** 765      * Method to register a new object in kasai. It Method assign to the loginUser the role specified in the properties file 766      * with the property kasai.default.role 767      * 768      * @param loginUser User who is making the request 769      * @param objectId Object identifier 770      * 771      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 772      * @throws CriticalException The object could be created but not its default permissions 773      */ 774     public void createObject(String loginUser, String objectId) 775         throws DataAccessException, CriticalException { 776          777         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObject", "Enter", 778             java.util.logging.Level.INFO); 779 780         ResourceBundle res = ResourceBundle.getBundle(Constants.PROPERTY_FILE); 781         boolean exists = false; 782 783         try { 784             AuthObjectHandler.getInstance().create(objectId); 785             AuthObjectHandler.getInstance().createObjectUserRole(objectId, loginUser, Integer.parseInt(res.getString("kasai.default.role"))); 786         } catch (DataAccessException e) { 787             throw e; 788         } catch (DoesntExistsException deE) { 789             throw new CriticalException(deE); 790         } 791 792         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObject", "Exit", 793             java.util.logging.Level.INFO); 794     } 795 796     /** 797      * Method to assign permissions. This assign the role specified to the group over the object identified by objectId 798      * 799      * @param loginUser User who is making the request 800      * @param objectId Object identifier 801      * @param group Group identifier 802      * @param role Role identifier 803      * @param clientIP IP Address of whom is making the request 804      * 805      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 806      * @throws DoesntExistsException The object, group or role doesnt exists 807      * @throws NotEnoughPermissionException The user cannot perform this operation 808      * @throws CannotAuditException Error auditing transaction 809      */ 810     public void createObjectGroupRole(String loginUser, String objectId, String group, int role, 811         String clientIP) throws DataAccessException, DoesntExistsException, NotEnoughPermissionException, 812         CannotAuditException{ 813          814         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectGroupRole", 815             "Enter (" + loginUser + "," + objectId + "," + group + "," + role + ")", java.util.logging.Level.INFO); 816 817         long startTime = System.currentTimeMillis(); 818         String raisedError = null; 819         int returnCode = 0; 820 821         try { 822             this.validateOperative(loginUser, MODIFY_ACCESS, objectId); 823 824             AuthObjectHandler.getInstance().createObjectGroupRole(objectId, group, role); 825         } catch (DataAccessException e) { 826             raisedError = KasaiFacade.class.getName() + ".sqlError"; 827             returnCode = 1; 828 829             throw e; 830         } catch (DoesntExistsException deE) { 831             raisedError = deE.getMessage(); 832             returnCode = 2; 833 834             throw deE; 835         } catch (NotEnoughPermissionException nep) { 836             raisedError = nep.getMessage(); 837             returnCode = 3; 838 839             throw nep; 840         } finally { 841 842             HashMap transactionData = new HashMap (); 843 844             transactionData.put("group", group); 845             transactionData.put("role", String.valueOf(role)); 846 847             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 848                 KasaiFacade.class.getName() + ".createObjectGroupRole", objectId, transactionData); 849         } 850 851         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectGroupRole", "Exit", 852             java.util.logging.Level.INFO); 853     } 854 855     /** 856      * Method to assign permissions. This assign the role specified to the user over the object identified by objectId 857      * 858      * @param loginUser User who is making the request 859      * @param objectId Object identifier 860      * @param user User identifier 861      * @param role Role identifier 862      * @param clientIP IP Address of whom is making the request 863      * 864      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 865      * @throws DoesntExistsException The user, object or role doesnt exist 866      * @throws NotEnoughPermissionException The user cannot perform this operation 867      * @throws CannotAuditException Error auditing transaction 868      */ 869     public void createObjectUserRole(String loginUser, String objectId, String user, int role, String clientIP) 870         throws DataAccessException, DoesntExistsException, NotEnoughPermissionException, 871         CannotAuditException{ 872          873         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectUserRole", "Enter", 874             java.util.logging.Level.INFO); 875 876         long startTime = System.currentTimeMillis(); 877         String raisedError = null; 878         int returnCode = 0; 879 880         try { 881             this.validateOperative(loginUser, MODIFY_ACCESS, objectId); 882 883             AuthObjectHandler.getInstance().createObjectUserRole(objectId, user, role); 884         } catch (DataAccessException e) { 885             raisedError = KasaiFacade.class.getName() + ".sqlError"; 886             returnCode = 1; 887             throw e; 888         } catch (DoesntExistsException deE) { 889             raisedError = deE.getMessage(); 890             returnCode = 2; 891             throw deE; 892         } catch (NotEnoughPermissionException nep) { 893             raisedError = nep.getMessage(); 894             returnCode = 3; 895             throw nep; 896         } finally { 897 898             HashMap transactionData = new HashMap (); 899 900             transactionData.put("user", user); 901             transactionData.put("role", String.valueOf(role)); 902 903             createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 904                 KasaiFacade.class.getName() + ".createObjectUserRole", objectId, transactionData); 905         } 906 907         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectUserRole", "Exit", 908             java.util.logging.Level.INFO); 909     } 910 911     /** 912      * Method to assign permissions. This assign the role specified to the user over the object identified by objectId 913      * 914      * @param objectId User who is making the request 915      * @param user User identifier 916      * @param role Role identifier 917      * 918      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 919      * @throws DoesntExistsException The object, user or role doesnt exist 920      */ 921     public void createObjectUserRole(String objectId, String user, int role) 922         throws DataAccessException, DoesntExistsException { 923          924         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectUserRole", "Enter", 925             java.util.logging.Level.INFO); 926 927         try { 928             AuthObjectHandler.getInstance().createObjectUserRole(objectId, user, role); 929         } catch (DataAccessException e) { 930             throw e; 931         } catch (DoesntExistsException deE) { 932             throw deE; 933         } 934 935         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectUserRole", "Exit", 936             java.util.logging.Level.INFO); 937     } 938 939     /** 940      * Register an object in Kasai, and assign to the user the specified role (roleId) over an object (objectId) 941      * 942      * @param loginUser User who is making the request 943      * @param objectId Object Identifier 944      * @param roleId Role identifier 945      * 946      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 947      * @throws DoesntExistsException The user, object or role doesnt exist 948      */ 949     public void createObjectWithRole(String loginUser, String objectId, int roleId) 950         throws DataAccessException, DoesntExistsException { 951          952         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectWithRole", "Enter", 953             java.util.logging.Level.INFO); 954 955         try { 956             AuthObjectHandler.getInstance().create(objectId); 957             if (roleId != -1) { 958                 AuthObjectHandler.getInstance().createObjectUserRole(objectId, loginUser, roleId); 959             } 960         } catch (DataAccessException e) { 961             throw e; 962         } catch (DoesntExistsException deE) { 963             throw deE; 964         } 965 966         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createObjectWithRole", "Exit", 967             java.util.logging.Level.INFO); 968     } 969 970     /** 971      * Creates a role 972      * 973      * @param loginUser User who is making the request 974      * @param name Name of the role to be created 975      * @param description Description of the role to be created 976      * @param operatives Operatives of the role to be created 977      * @param clientIP IP Address of whom is making the request 978      * 979      * @throws DataAccessException Severe errors like SQL error, IO Error, etc 980      * @throws CriticalException Severe errors like SQL error, IO Error, etc 981      * @throws AlreadyExistsException A role with the given name already exists 982      * @throws DoesntExistsException One of the given operatives does not exist 983      * @throws InvalidAttributesException The attributes are not valid for a role 984      * @throws NotEnoughPermissionException The user cannot perform this operation 985      * @throws CannotAuditException Error auditing transaction 986      */ 987     public int createRole(String loginUser, String name, String description, String [] operatives, String clientIP) 988         throws AlreadyExistsException, DoesntExistsException, DataAccessException, 989         InvalidAttributesException, NotEnoughPermissionException, CannotAuditException, 990         CriticalException{ 991          992         Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createRole", "Enter", 993             java.util.logging.Level.INFO); 994 995         long startTime = System.currentTimeMillis(); 996         String raisedError = null; 997         int returnCode = 0; 998         int roleId = -1; 999 1000        try { 1001            this.validateOperative(loginUser, KasaiFacade.COMMIT_ROLE, "/kasai/role/"); 1002 1003            roleId = RoleHandler.getInstance().create(name, description, operatives); 1004 1005            this.createObject(loginUser, "/kasai/role/" + roleId); 1006             1007        } catch (AlreadyExistsException aeE) { 1008            raisedError = aeE.getMessage(); 1009            returnCode = 1; 1010 1011            throw aeE; 1012        } catch (DoesntExistsException deE) { 1013            raisedError = deE.getMessage(); 1014            returnCode = 2; 1015 1016            throw deE; 1017        } catch (DataAccessException e) { 1018            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1019            returnCode = 3; 1020 1021            throw e; 1022        } catch (InvalidAttributesException e) { 1023            raisedError = e.getMessage(); 1024            returnCode = 4; 1025 1026            throw e; 1027        } catch (NotEnoughPermissionException nep) { 1028            raisedError = nep.getMessage(); 1029            returnCode = 5; 1030 1031            throw nep; 1032        } catch (CriticalException ce) { 1033            raisedError = ce.getMessage(); 1034            returnCode = 6; 1035 1036            throw ce; 1037        } finally { 1038 1039            HashMap transactionData = new HashMap (); 1040 1041            transactionData.put("name", name); 1042            transactionData.put("description", description); 1043 1044            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1045                KasaiFacade.class.getName() + ".createRole", "/kasai/role/" + roleId, transactionData); 1046        } 1047 1048        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createRole", "Exit", 1049            java.util.logging.Level.INFO); 1050         1051        return roleId; 1052    } 1053 1054    /** 1055     * Creates a user 1056     * 1057     * @param loginUser User who is making the request 1058     * @param idUser Identifier of the user to be created 1059     * @param firstName First Name of the user to be created 1060     * @param lastName Last Name of the user to be created 1061     * @param email Email of the user to be created 1062     * @param blocked Specifies if the user must be blocked or not 1063     * @param description Description of the user to be created 1064     * @param superUser Specifies if the user must be superUser or not 1065     * @param clientIP IP Address of whom is making the request 1066     * 1067     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1068     * @throws CriticalException Severe errors like SQL error, IO Error, etc 1069     * @throws AlreadyExistsException A user with the given id already exists 1070     * @throws InvalidAttributesException The attributes are not valid for a user 1071     * @throws DoesntExistsException The user executing the transaction does not exist 1072     * @throws NotEnoughPermissionException The user cannot perform this operation 1073     * @throws CannotAuditException Error auditing transaction 1074     */ 1075    public void createUser(String loginUser, String idUser, String firstName, String lastName, String email, 1076        boolean blocked, String description, boolean superUser, String clientIP) 1077        throws DataAccessException, AlreadyExistsException, InvalidAttributesException, 1078        DoesntExistsException, NotEnoughPermissionException, CannotAuditException, 1079        CriticalException { 1080         1081        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createUser", "Enter", 1082            java.util.logging.Level.INFO); 1083 1084        long startTime = System.currentTimeMillis(); 1085        String raisedError = null; 1086        int returnCode = 0; 1087 1088        try { 1089            this.validateOperative(loginUser, KasaiFacade.COMMIT_USER, "/kasai/user/"); 1090 1091            boolean sU = this.readUser(loginUser).getSuperUser(); 1092 1093            if (sU) { 1094                UserHandler.getInstance().create(idUser, firstName, lastName, email, blocked, description, superUser); 1095            } else { 1096                UserHandler.getInstance().create(idUser, firstName, lastName, email, blocked, description); 1097            } 1098 1099            ResourceBundle res = ResourceBundle.getBundle(Constants.PROPERTY_FILE); 1100            String group = res.getString("kasai.group.all"); 1101 1102            GroupHandler.getInstance().addUserToGroup(idUser, group); 1103            this.createObject(loginUser, "/kasai/user/" + idUser); 1104        } catch (DataAccessException e) { 1105            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1106            returnCode = 1; 1107 1108            throw e; 1109        } catch (AlreadyExistsException aeE) { 1110            raisedError = aeE.getMessage(); 1111            returnCode = 2; 1112 1113            throw aeE; 1114        } catch (InvalidAttributesException e) { 1115            raisedError = e.getMessage(); 1116            returnCode = 3; 1117 1118            throw e; 1119        } catch (DoesntExistsException deE) { 1120            raisedError = deE.getMessage(); 1121            returnCode = 4; 1122 1123            throw deE; 1124        } catch (NotEnoughPermissionException nep) { 1125            raisedError = nep.getMessage(); 1126            returnCode = 5; 1127 1128            throw nep; 1129        } catch (CriticalException ce) { 1130            raisedError = ce.getMessage(); 1131            returnCode = 6; 1132 1133            throw ce; 1134        } finally { 1135 1136            HashMap transactionData = new HashMap (); 1137 1138            transactionData.put("idUser", idUser); 1139            transactionData.put("firstName", firstName); 1140            transactionData.put("lastName", lastName); 1141            transactionData.put("email", email); 1142            transactionData.put("blocked", String.valueOf(blocked)); 1143            transactionData.put("description", description); 1144            transactionData.put("superUser", String.valueOf(superUser)); 1145 1146            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1147                KasaiFacade.class.getName() + ".createUser", "/kasai/user/" + idUser, transactionData); 1148        } 1149 1150        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createUser", "Exit", 1151            java.util.logging.Level.INFO); 1152    } 1153     1154    /** 1155     * Creates a user 1156     * 1157     * @param loginUser User who is making the request 1158     * @param idUser Identifier of the user to be created 1159     * @param firstName First Name of the user to be created 1160     * @param lastName Last Name of the user to be created 1161     * @param email Email of the user to be created 1162     * @param blocked Specifies if the user must be blocked or not 1163     * @param description Description of the user to be created 1164     * @param superUser Specifies if the user must be superUser or not 1165     * @param password Password to assign to the user 1166     * @param clientIP IP Address of whom is making the request 1167     * 1168     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1169     * @throws CriticalException Severe errors like SQL error, IO Error, etc 1170     * @throws AlreadyExistsException A user with the given id already exists 1171     * @throws InvalidAttributesException The attributes are not valid for a user 1172     * @throws DoesntExistsException The user executing the transaction does not exist 1173     * @throws NotEnoughPermissionException The user cannot perform this operation 1174     * @throws CannotAuditException Error auditing transaction 1175     */ 1176    public void createUser(String loginUser, String idUser, String firstName, String lastName, String email, 1177        boolean blocked, String description, boolean superUser, String password, String clientIP) 1178        throws DataAccessException, AlreadyExistsException, InvalidAttributesException, 1179        DoesntExistsException, NotEnoughPermissionException, CannotAuditException, 1180        CriticalException, InvalidPasswordException { 1181         1182        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createUser", "Enter", 1183            java.util.logging.Level.INFO); 1184 1185        long startTime = System.currentTimeMillis(); 1186        String raisedError = null; 1187        int returnCode = 0; 1188 1189        try { 1190            this.validateOperative(loginUser, KasaiFacade.COMMIT_USER, "/kasai/user/"); 1191 1192            boolean sU = this.readUser(loginUser).getSuperUser(); 1193 1194            if (sU) { 1195                UserHandler.getInstance().create(idUser, firstName, lastName, email, blocked, description, superUser, password); 1196            } else { 1197                UserHandler.getInstance().create(idUser, firstName, lastName, email, blocked, description, false, password); 1198            } 1199 1200            ResourceBundle res = ResourceBundle.getBundle(Constants.PROPERTY_FILE); 1201            String group = res.getString("kasai.group.all"); 1202 1203            GroupHandler.getInstance().addUserToGroup(idUser, group); 1204            this.createObject(loginUser, "/kasai/user/" + idUser); 1205        } catch (DataAccessException e) { 1206            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1207            returnCode = 1; 1208 1209            throw e; 1210        } catch (AlreadyExistsException aeE) { 1211            raisedError = aeE.getMessage(); 1212            returnCode = 2; 1213 1214            throw aeE; 1215        } catch (InvalidAttributesException e) { 1216            raisedError = e.getMessage(); 1217            returnCode = 3; 1218 1219            throw e; 1220        } catch (DoesntExistsException deE) { 1221            raisedError = deE.getMessage(); 1222            returnCode = 4; 1223 1224            throw deE; 1225        } catch (NotEnoughPermissionException nep) { 1226            raisedError = nep.getMessage(); 1227            returnCode = 5; 1228 1229            throw nep; 1230        } catch (CriticalException ce) { 1231            raisedError = ce.getMessage(); 1232            returnCode = 6; 1233 1234            throw ce; 1235        } finally { 1236 1237            HashMap transactionData = new HashMap (); 1238 1239            transactionData.put("idUser", idUser); 1240            transactionData.put("firstName", firstName); 1241            transactionData.put("lastName", lastName); 1242            transactionData.put("email", email); 1243            transactionData.put("blocked", String.valueOf(blocked)); 1244            transactionData.put("description", description); 1245            transactionData.put("superUser", String.valueOf(superUser)); 1246 1247            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1248                KasaiFacade.class.getName() + ".createUser", "/kasai/user/" + idUser, transactionData); 1249        } 1250 1251        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "createUser", "Exit", 1252            java.util.logging.Level.INFO); 1253    } 1254 1255    /** 1256     * Deletes a group 1257     * 1258     * @param loginUser User who is making the request 1259     * @param group Group identifier to be deleted 1260     * @param clientIP IP Address of whom is making the request 1261     * 1262     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1263     * @throws NotEnoughPermissionException The user cannot perform this operation 1264     * @throws CannotAuditException Error auditing transaction 1265     */ 1266    public void deleteGroup(String loginUser, String group, String clientIP) 1267        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 1268         1269        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteGroup", "Enter", 1270            java.util.logging.Level.INFO); 1271 1272        long startTime = System.currentTimeMillis(); 1273        String raisedError = null; 1274        int returnCode = 0; 1275 1276        try { 1277            this.validateOperative(loginUser, DELETE_GROUP, "/kasai/group/" + group); 1278 1279            GroupHandler.getInstance().delete(group); 1280 1281            deleteObject("/kasai/group/" + group); 1282        } catch (DataAccessException e) { 1283            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1284            returnCode = 1; 1285 1286            throw e; 1287        } catch (NotEnoughPermissionException nep) { 1288            raisedError = nep.getMessage(); 1289            returnCode = 2; 1290 1291            throw nep; 1292        } finally { 1293 1294            HashMap transactionData = new HashMap (); 1295 1296            transactionData.put("group", group); 1297 1298            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1299                KasaiFacade.class.getName() + ".deleteGroup", "/kasai/group/" + group, transactionData); 1300        } 1301 1302        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteGroup", "Exit", 1303            java.util.logging.Level.INFO); 1304    } 1305 1306    /** 1307     * Unregister an object from Kasai 1308     * 1309     * @param objectId Object identifier to be deleted 1310     * 1311     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1312     */ 1313    public void deleteObject(String objectId) throws DataAccessException { 1314         1315        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObject", "Enter", 1316            java.util.logging.Level.INFO); 1317 1318        try { 1319            AuthObjectHandler.getInstance().delete(objectId); 1320        } catch (DataAccessException e) { 1321            throw e; 1322        } 1323 1324        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObject", "Exit", 1325            java.util.logging.Level.INFO); 1326    } 1327 1328    /** 1329     * Remove an assigned role to the group over an object 1330     * 1331     * @param loginUser User who is making the request 1332     * @param id Identifier 1333     * @param clientIP IP Address of whom is making the request 1334     * 1335     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1336     * @throws CannotAuditException Error auditing transaction 1337     */ 1338    public void deleteObjectGroupRole(String loginUser, int id, String clientIP) 1339        throws DataAccessException, CannotAuditException { 1340         1341        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectGroupRole", "Enter", 1342            java.util.logging.Level.INFO); 1343 1344        long startTime = System.currentTimeMillis(); 1345        String raisedError = null; 1346        int returnCode = 0; 1347 1348        try { 1349            AuthObjectHandler.getInstance().deleteObjectGroupRole(id); 1350        } catch (DataAccessException e) { 1351            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1352            returnCode = 1; 1353 1354            throw e; 1355        } finally { 1356 1357            HashMap transactionData = new HashMap (); 1358 1359            transactionData.put("id", String.valueOf(id)); 1360 1361            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1362                KasaiFacade.class.getName() + ".deleteObjectGroupRole", "", transactionData); 1363        } 1364 1365        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectGroupRole", "Exit", 1366            java.util.logging.Level.INFO); 1367    } 1368 1369    /** 1370     * Remove an assigned role to the user over an object 1371     * 1372     * @param loginUser User who is making the request 1373     * @param user User identifier 1374     * @param idObject Object identifier 1375     * @param role Role identifier 1376     * @param clientIP IP Address of whom is making the request 1377     * 1378     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1379     * @throws NotEnoughPermissionException The user cannot perform this operation 1380     * @throws CannotAuditException Error auditing transaction 1381     */ 1382    public void deleteObjectUserRole(String loginUser, String user, String idObject, int role, 1383        String clientIP) throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 1384         1385        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Enter", 1386            java.util.logging.Level.INFO); 1387 1388        long startTime = System.currentTimeMillis(); 1389        String raisedError = null; 1390        int returnCode = 0; 1391 1392        try { 1393            this.validateOperative(loginUser, MODIFY_ACCESS, idObject); 1394 1395            AuthObjectHandler.getInstance().deleteObjectUserRole(user, idObject, role); 1396        } catch (DataAccessException e) { 1397            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1398            returnCode = 1; 1399 1400            throw e; 1401        } catch (NotEnoughPermissionException nep) { 1402            raisedError = nep.getMessage(); 1403            returnCode = 2; 1404 1405            throw nep; 1406        } finally { 1407 1408            HashMap transactionData = new HashMap (); 1409 1410            transactionData.put("user", user); 1411            transactionData.put("role", String.valueOf(role)); 1412 1413            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1414                KasaiFacade.class.getName() + ".deleteObjectUserRole", idObject, transactionData); 1415        } 1416 1417        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Exit", 1418            java.util.logging.Level.INFO); 1419    } 1420 1421    /** 1422     * Remove all assigned roles to the user over an object 1423     * 1424     * @param loginUser User who is making the request 1425     * @param user User identifier 1426     * @param idObject Object identifier 1427     * @param clientIP IP Address of whom is making the request 1428     * 1429     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1430     * @throws NotEnoughPermissionException The user cannot perform this operation 1431     * @throws CannotAuditException Error auditing transaction 1432     */ 1433    public void deleteObjectUserRole(String loginUser, String user, String idObject, String clientIP) 1434        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 1435         1436        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Enter", 1437            java.util.logging.Level.INFO); 1438 1439        long startTime = System.currentTimeMillis(); 1440        String raisedError = null; 1441        int returnCode = 0; 1442 1443        try { 1444            this.validateOperative(loginUser, MODIFY_ACCESS, idObject); 1445 1446            AuthObjectHandler.getInstance().deleteObjectUserRole(user, idObject); 1447        } catch (DataAccessException e) { 1448            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1449            returnCode = 1; 1450 1451            throw e; 1452        } catch (NotEnoughPermissionException nep) { 1453            raisedError = nep.getMessage(); 1454            returnCode = 2; 1455 1456            throw nep; 1457        } finally { 1458 1459            HashMap transactionData = new HashMap (); 1460 1461            transactionData.put("user", user); 1462 1463            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1464                KasaiFacade.class.getName() + ".deleteObjectUserRole", idObject, transactionData); 1465        } 1466 1467        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Exit", 1468            java.util.logging.Level.INFO); 1469    } 1470 1471    /** 1472     * Remove all assigned roles to the user over an object 1473     * 1474     * @param user User who is making the request 1475     * @param idObject Object identifier 1476     * 1477     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1478     */ 1479    public void deleteObjectUserRole(String user, String idObject) 1480        throws DataAccessException { 1481         1482        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Enter", 1483            java.util.logging.Level.INFO); 1484 1485        AuthObjectHandler.getInstance().deleteObjectUserRole(user, idObject); 1486 1487        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Exit", 1488            java.util.logging.Level.INFO); 1489    } 1490 1491    /** 1492     * Remove all assigned roles to the user over an object 1493     * 1494     * @param loginUser User who is making the request 1495     * @param id Relation identifier to be deleted 1496     * @param clientIP IP Address of whom is making the request 1497     * 1498     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1499     * @throws CannotAuditException Error auditing transaction 1500     */ 1501    public void deleteObjectUserRole(String loginUser, int id, String clientIP) 1502        throws DataAccessException, CannotAuditException { 1503         1504        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Enter", 1505            java.util.logging.Level.INFO); 1506 1507        long startTime = System.currentTimeMillis(); 1508        String raisedError = null; 1509        int returnCode = 0; 1510 1511        try { 1512            AuthObjectHandler.getInstance().deleteObjectUserRole(id); 1513        } finally { 1514 1515            HashMap transactionData = new HashMap (); 1516 1517            transactionData.put("id", String.valueOf(id)); 1518 1519            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1520                KasaiFacade.class.getName() + ".deleteObjectUserRole", "", transactionData); 1521        } 1522 1523        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteObjectUserRole", "Exit", 1524            java.util.logging.Level.INFO); 1525    } 1526 1527    /** 1528     * Delete a role 1529     * 1530     * @param loginUser User who is making the request 1531     * @param role Role identifier to be deleted 1532     * @param clientIP IP Address of whom is making the request 1533     * 1534     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1535     * @throws NotEnoughPermissionException The user cannot perform this operation 1536     * @throws CannotAuditException Error auditing transaction 1537     */ 1538    public void deleteRole(String loginUser, int role, String clientIP) 1539        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 1540         1541        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteRole", "Enter", 1542            java.util.logging.Level.INFO); 1543 1544        long startTime = System.currentTimeMillis(); 1545        String raisedError = null; 1546        int returnCode = 0; 1547 1548        try { 1549            this.validateOperative(loginUser, DELETE_ROLE, "/kasai/role/" + role); 1550 1551            this.deleteObject("/kasai/role/" + role); 1552            RoleHandler.getInstance().delete(role); 1553        } catch (DataAccessException e) { 1554            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1555            returnCode = 1; 1556 1557            throw e; 1558        } catch (NotEnoughPermissionException nep) { 1559            raisedError = nep.getMessage(); 1560            returnCode = 2; 1561 1562            throw nep; 1563        } finally { 1564 1565            HashMap transactionData = new HashMap (); 1566 1567            transactionData.put("role", String.valueOf(role)); 1568 1569            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1570                KasaiFacade.class.getName() + ".deleteObjectUserRole", "/kasai/role/" + role, transactionData); 1571        } 1572 1573        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteRole", "Exit", 1574            java.util.logging.Level.INFO); 1575    } 1576 1577    /** 1578     * Delete a user 1579     * 1580     * @param loginUser User who is making the request 1581     * @param idUserToDelete User identifier to be deleted 1582     * @param clientIP IP Address of whom is making the request 1583     * 1584     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1585     * @throws NotEnoughPermissionException The user cannot perform this operation 1586     * @throws CannotAuditException Error auditing transaction 1587     */ 1588    public void deleteUser(String loginUser, String idUserToDelete, String clientIP) 1589        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 1590         1591        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteUser", "Enter", 1592            java.util.logging.Level.INFO); 1593 1594        long startTime = System.currentTimeMillis(); 1595        String raisedError = null; 1596        int returnCode = 0; 1597 1598        try { 1599            this.validateOperative(loginUser, DELETE_USER, "/kasai/user/" + idUserToDelete); 1600 1601            UserHandler.getInstance().delete(idUserToDelete); 1602 1603            this.deleteObject("/kasai/user/" + idUserToDelete); 1604        } catch (DataAccessException e) { 1605            raisedError = KasaiFacade.class.getName() + ".sqlError"; 1606            returnCode = 1; 1607 1608            throw e; 1609        } catch (NotEnoughPermissionException nep) { 1610            raisedError = nep.getMessage(); 1611            returnCode = 2; 1612 1613            throw nep; 1614        } finally { 1615 1616            HashMap transactionData = new HashMap (); 1617 1618            transactionData.put("idUserToDelete", idUserToDelete); 1619 1620            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 1621                KasaiFacade.class.getName() + ".deleteUser", "/kasai/user/" + idUserToDelete, transactionData); 1622        } 1623 1624        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "deleteUser", "Exit", 1625            java.util.logging.Level.INFO); 1626    } 1627 1628    /** 1629     * List groups 1630     * 1631     * @param actualUser User making the request 1632     * @param idGroup It filters the list by group identifier 1633     * @param description It filters the list by group description 1634     * @param blocked It filters the list by blocked attribute 1635     * @param system It filters the list by system attribute 1636     * 1637     * @return Groups that satisfy given filters. 1638     * 1639     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1640     */ 1641    public Collection listGroups(String actualUser, String idGroup, String description, int blocked, int system) 1642        throws DataAccessException { 1643 1644        Collection groups = null; 1645 1646        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroups", "Enter", 1647            java.util.logging.Level.INFO); 1648 1649        groups = GroupHandler.getInstance().list(idGroup, description, blocked, system, null); 1650 1651        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroups", "Exit", 1652            java.util.logging.Level.INFO); 1653 1654        return groups; 1655    } 1656 1657    /** 1658     * List all the groups a user is member of 1659     * 1660     * @param user user identifier 1661     * 1662     * @return A collection containing the groups 1663     * 1664     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1665     */ 1666    public Collection listGroupsFromUser(String user) throws DataAccessException { 1667 1668        Collection groups = new ArrayList (); 1669 1670        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsFromUser", "Enter", 1671            java.util.logging.Level.INFO); 1672 1673        groups = GroupHandler.getInstance().list(null, null, -1, -1, user); 1674 1675        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsFromUser", "Exit", 1676            java.util.logging.Level.INFO); 1677 1678        return groups; 1679    } 1680 1681    /** 1682     * List all the groups a user is member of 1683     * 1684     * @param loginUser User who is making the request 1685     * @param user User identifier 1686     * 1687     * @return A collection containing groups 1688     * 1689     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1690     * @throws NotEnoughPermissionException The user cannot perform this operation 1691     */ 1692    public Collection listGroupsFromUser(String loginUser, String user) 1693        throws DataAccessException, NotEnoughPermissionException { 1694 1695        Collection groups = new ArrayList (); 1696 1697        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsFromUser", "Enter", 1698            java.util.logging.Level.INFO); 1699 1700        if (!user.equals(loginUser)) { 1701            this.validateOperative(loginUser, KasaiFacade.READ_USER, "/kasai/user/" + user); 1702        } 1703 1704        groups = GroupHandler.getInstance().list(null, null, -1, -1, user); 1705 1706        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsFromUser", "Exit", 1707            java.util.logging.Level.INFO); 1708 1709        return groups; 1710    } 1711 1712    /** 1713     * List groups that have a given operative assigned over a specific object. 1714     * 1715     * @param operative Operative 1716     * @param object Object identifier 1717     * 1718     * @return A collection of groups 1719     * 1720     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1721     */ 1722    public Collection listGroupsOperativeCollection(String operative, String object) 1723        throws DataAccessException { 1724 1725        Collection groups = null; 1726 1727        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsOperativeCollection", 1728            "Enter", java.util.logging.Level.INFO); 1729 1730        groups = OperativeHandler.getInstance().listGroupsOperative(operative, object); 1731 1732        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listGroupsOperativeCollection", 1733            "Exit", java.util.logging.Level.INFO); 1734 1735        return groups; 1736    } 1737 1738    /** 1739     * List assigned permissions over a given object 1740     * 1741     * @param loginUser User who is making the request 1742     * @param idObject Object identifier 1743     * 1744     * @return 1745     * 1746     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1747     */ 1748    public Collection listObjectRoles(String loginUser, String idObject) 1749        throws DataAccessException { 1750         1751        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listObjectRoles", "Enter", 1752            java.util.logging.Level.INFO); 1753 1754        Collection list = new ArrayList (); 1755 1756        list.addAll(AuthObjectHandler.getInstance().listObjectGroupsRoles(idObject)); 1757        list.addAll(AuthObjectHandler.getInstance().listObjectUsersRoles(idObject)); 1758 1759        return list; 1760    } 1761 1762    /** 1763     * List all operatives 1764     * 1765     * @param loginUser User who is making the request 1766     * 1767     * @return Operatives 1768     * 1769     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1770     */ 1771    public Collection listOperatives(String loginUser) 1772        throws DataAccessException { 1773         1774        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperatives", "Enter", 1775            java.util.logging.Level.INFO); 1776 1777        Collection operatives = null; 1778 1779        operatives = OperativeHandler.getInstance().list(null); 1780 1781        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperatives", "Exit", 1782            java.util.logging.Level.INFO); 1783 1784        return operatives; 1785    } 1786 1787    /** 1788     * List all operatives for a given role 1789     * 1790     * @param loginUser User who is making the request 1791     * @param role Role Identifier 1792     * 1793     * @return 1794     * 1795     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1796     */ 1797    public Collection listOperativesFromRole(String loginUser, int role) 1798        throws DataAccessException { 1799         1800        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperativesFromRole", "Enter", 1801            java.util.logging.Level.INFO); 1802 1803        Collection list = new ArrayList (); 1804 1805        list = RoleHandler.getInstance().listOperativesFromRole(role, ""); 1806 1807        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperativesFromRole", "Exit", 1808            java.util.logging.Level.INFO); 1809 1810        return list; 1811    } 1812 1813    /** 1814     * List operatives that are not part of the role 1815     * 1816     * @param loginUser User who is making the request 1817     * @param role Role identifier 1818     * 1819     * @return 1820     * 1821     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1822     */ 1823    public Collection listOperativesNotInRole(String loginUser, int role) 1824        throws DataAccessException { 1825         1826        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperativesNotInRole", "Enter", 1827            java.util.logging.Level.INFO); 1828 1829        Collection list = new ArrayList (); 1830 1831        list = RoleHandler.getInstance().listOperativesNotInRole(role); 1832 1833        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listOperativesNotInRole", "Exit", 1834            java.util.logging.Level.INFO); 1835 1836        return list; 1837    } 1838 1839    /** 1840     * List all roles 1841     * 1842     * @param loginUser User who is making the request 1843     * @param name It filters the list by the role name 1844     * 1845     * @return List of roles 1846     * 1847     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1848     */ 1849    public Collection listRoles(String loginUser, String name) 1850        throws DataAccessException { 1851         1852        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listRoles", "Enter", 1853            java.util.logging.Level.INFO); 1854 1855        Collection roles = null; 1856 1857        roles = RoleHandler.getInstance().list(name, false); 1858 1859        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listRoles", "Exit", 1860            java.util.logging.Level.INFO); 1861 1862        return roles; 1863    } 1864 1865    /** 1866     * List users 1867     * 1868     * @param loginUser User who is making the request 1869     * @param login It filters the list by the user login 1870     * @param firstName It filters the list by the user first name 1871     * @param lastName It filters the list by the user last name 1872     * @param email It filters the list by the user email 1873     * @param blocked It filters the list by the block attribute 1874     * @param description It filters the list by the user description 1875     * @param group It filters the list by a specific group that the user has to belong to 1876     * 1877     * @return List of users 1878     * 1879     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1880     */ 1881    public Collection listUsers(String loginUser, String login, String firstName, String lastName, String email, 1882        int blocked, String description, String group) 1883        throws DataAccessException { 1884 1885        Collection users = null; 1886 1887        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsers", "Enter", 1888            java.util.logging.Level.INFO); 1889 1890        users = UserHandler.getInstance().list(login, firstName, lastName, email, blocked, description, group); 1891 1892        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsers", "Exit", 1893            java.util.logging.Level.INFO); 1894 1895        return users; 1896    } 1897 1898     1899    /** 1900     * List group's users checking permission 1901     * 1902     * @param loginUser User who is making the request 1903     * @param group Group identifier 1904     * 1905     * @return List of users 1906     * 1907     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1908     */ 1909    public Collection listUsersFromGroup(String loginUser, String group) 1910        throws DataAccessException { 1911 1912        Collection users = null; 1913 1914        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersFromGroup", "Enter", 1915            java.util.logging.Level.INFO); 1916 1917        users = UserHandler.getInstance().list(null, null, null, null, -1, null, group); 1918 1919        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersFromGroup", "Exit", 1920            java.util.logging.Level.INFO); 1921 1922        return users; 1923    } 1924 1925    /** 1926     * List group's users without checking permission 1927     * 1928     * @param group Group Identifier 1929     * 1930     * @return List of users 1931     * 1932     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1933     */ 1934    public Collection listUsersFromGroup(String group) 1935        throws DataAccessException { 1936 1937        Collection users = null; 1938 1939        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersFromGroup", "Enter", 1940            java.util.logging.Level.INFO); 1941 1942        users = UserHandler.getInstance().list(null, null, null, null, -1, null, group); 1943 1944        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersFromGroup", "Exit", 1945            java.util.logging.Level.INFO); 1946 1947        return users; 1948    } 1949 1950    /** 1951     * List users that aren't part of a group 1952     * 1953     * @param loginUser User who is making the request 1954     * @param group Group identifier 1955     * 1956     * @return List of users 1957     * 1958     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1959     */ 1960    public Collection listUsersNotInGroup(String loginUser, String group) 1961        throws DataAccessException { 1962 1963        Collection aux = null; 1964 1965        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersNotInGroup", "Enter", 1966            java.util.logging.Level.INFO); 1967 1968        ArrayList users = new ArrayList (); 1969 1970        aux = GroupHandler.getInstance().listUsersNotInGroup(group); 1971 1972        for (Iterator iter = aux.iterator(); iter.hasNext();) { 1973 1974            User u = (User) iter.next(); 1975 1976            try { 1977                this.validateOperative(loginUser, KasaiFacade.READ_USER, "/kasai/user/" + u.getLogin()); 1978                users.add(u); 1979            } catch (Exception e) {} 1980        } 1981 1982        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersNotInGroup", "Exit", 1983            java.util.logging.Level.INFO); 1984 1985        return users; 1986    } 1987 1988    /** 1989     * List users that have a given operative assigned over a specific object. 1990     * 1991     * @param operative Operative identifier 1992     * @param object Object identifier 1993     * 1994     * @return A collection of users 1995     * 1996     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 1997     */ 1998    public Collection listUsersOperative(String operative, String object) 1999        throws DataAccessException { 2000 2001        Collection users = null; 2002 2003        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersOperative", "Enter", 2004            java.util.logging.Level.INFO); 2005 2006        users = OperativeHandler.getInstance().listUsersOperative(operative, object); 2007 2008        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "listUsersOperative", "Exit", 2009            java.util.logging.Level.INFO); 2010 2011        return users; 2012    } 2013 2014    /** 2015     * Modify a role 2016     * 2017     * @param loginUser User who is making the request 2018     * @param role Role identifier 2019     * @param name New name of the role to be modified 2020     * @param description New description of the role to be modified 2021     * @param operatives New operatives of the role to be modified 2022     * @param clientIP IP Address of whom is making the request 2023     * 2024     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2025     * @throws InvalidAttributesException The new attributes are not valid for a role 2026     * @throws NotEnoughPermissionException The user cannot perform this operation 2027     * @throws CannotAuditException Error auditing transaction 2028     */ 2029    public void modifyRole(String loginUser, int role, String name, String description, String [] operatives, 2030        String clientIP) throws DataAccessException, InvalidAttributesException, 2031        NotEnoughPermissionException, CannotAuditException { 2032         2033        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "modifyRole", "Enter", 2034            java.util.logging.Level.INFO); 2035 2036        long startTime = System.currentTimeMillis(); 2037        String raisedError = null; 2038        int returnCode = 0; 2039 2040        try { 2041            this.validateOperative(loginUser, KasaiFacade.COMMIT_ROLE, "/kasai/role/" + role); 2042 2043            RoleHandler.getInstance().update(role, name, description, operatives); 2044        } catch (DataAccessException e) { 2045            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2046            returnCode = 1; 2047 2048            throw e; 2049        } catch (InvalidAttributesException e) { 2050            raisedError = e.getMessage(); 2051            returnCode = 2; 2052 2053            throw e; 2054        } catch (NotEnoughPermissionException nep) { 2055            raisedError = nep.getMessage(); 2056            returnCode = 3; 2057 2058            throw nep; 2059        } finally { 2060 2061            HashMap transactionData = new HashMap (); 2062 2063            transactionData.put("role", String.valueOf(role)); 2064            transactionData.put("name", name); 2065            transactionData.put("description", description); 2066 2067            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2068                KasaiFacade.class.getName() + ".modifyRole", "/kasai/role/" + role, transactionData); 2069        } 2070 2071        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "modifyRole", "Exit", 2072            java.util.logging.Level.INFO); 2073    } 2074 2075    /** 2076     * Read a group checking permission and auditing the transaction 2077     * 2078     * @param loginUser User who is making the request 2079     * @param group Group identifier to be readed 2080     * @param clientIP IP Address of whom is making the request 2081     * 2082     * @return Group indentified by group parameter or null if it doesn't exist 2083     * 2084     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2085     * @throws NotEnoughPermissionException The user cannot perform this operation 2086     * @throws CannotAuditException Error auditing transaction 2087     * @throws DoesntExistsException The group does not exist 2088     */ 2089    public Group readGroup(String loginUser, String group, String clientIP) 2090        throws NotEnoughPermissionException, CannotAuditException, DataAccessException, DoesntExistsException { 2091        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readGroup", "Enter", 2092            java.util.logging.Level.INFO); 2093 2094        long startTime = System.currentTimeMillis(); 2095        String raisedError = null; 2096        int returnCode = 0; 2097 2098        Group g = null; 2099 2100        try { 2101            this.validateOperative(loginUser, KasaiFacade.READ_GROUP, "/kasai/group/" + group); 2102 2103            g = this.readGroup(group); 2104        } catch (NotEnoughPermissionException nep) { 2105            raisedError = nep.getMessage(); 2106            returnCode = 3; 2107 2108            throw nep; 2109        } catch (DoesntExistsException deE) { 2110            raisedError = deE.getMessage(); 2111            returnCode = 4; 2112 2113            throw deE; 2114        } finally { 2115 2116            HashMap transactionData = new HashMap (); 2117 2118            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2119                KasaiFacade.class.getName() + ".readGroup", "/kasai/group/" + group, transactionData); 2120        } 2121 2122        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readGroup", "Exit", 2123            java.util.logging.Level.INFO); 2124 2125        return g; 2126    } 2127 2128    /** 2129     * Read a group without checking permission 2130     * 2131     * @param group Group identifier 2132     * 2133     * @return Group identified by group parameter 2134     * 2135     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2136     * @throws DoesntExistsException The group doesnt exist 2137     */ 2138    public Group readGroup(String group) throws DataAccessException, DoesntExistsException { 2139 2140        Group g = null; 2141 2142        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readGroup", "Enter", 2143            java.util.logging.Level.INFO); 2144 2145        g = GroupHandler.getInstance().read(group); 2146 2147        if (g == null) { 2148            Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readGroup", 2149                "Group doesn't exist", java.util.logging.Level.SEVERE); 2150             2151            throw new DoesntExistsException(KasaiFacade.class.getName() + ".groupDoesntExist"); 2152        } 2153 2154        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readGroup", "Exit", 2155            java.util.logging.Level.INFO); 2156 2157        return g; 2158    } 2159 2160    /** 2161     * Read a role 2162     * 2163     * @param loginUser User who is making the request 2164     * @param role Role identifier 2165     * 2166     * @return Role identified by role parameter or null if the role doesnt' exist 2167     * 2168     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2169     */ 2170    public Role readRole(String loginUser, int role) throws DataAccessException { 2171 2172        Role r; 2173 2174        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readRole", "Enter", 2175            java.util.logging.Level.INFO); 2176 2177        r = readRole(role); 2178 2179        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readRole", "Exit", 2180            java.util.logging.Level.INFO); 2181 2182        return r; 2183    } 2184 2185    /** 2186     * Read a user checking permission and auditing the transaction. 2187     * 2188     * @param loginUser User who is making the request 2189     * @param login User login 2190     * @param clientIP IP Address of whom is making the request 2191     * 2192     * @return User identified by login parameter or null if the user doesn't exist 2193     * 2194     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2195     * @throws NotEnoughPermissionException The user cannot perform this operation 2196     * @throws CannotAuditException Error auditing transaction 2197     * @throws DoesntExistsException The user doesnt exist 2198     */ 2199    public User readUser(String loginUser, String login, String clientIP) 2200        throws NotEnoughPermissionException, CannotAuditException, DataAccessException,DoesntExistsException { 2201         2202        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readUser", "Enter", 2203            java.util.logging.Level.INFO); 2204 2205        long startTime = System.currentTimeMillis(); 2206        String raisedError = null; 2207        int returnCode = 0; 2208 2209        User user = null; 2210 2211        if (!loginUser.equals(login)) { 2212            try { 2213                this.validateOperative(loginUser, KasaiFacade.READ_USER, "/kasai/user/" + login); 2214 2215                user = this.readUser(login); 2216            } catch (NotEnoughPermissionException nep) { 2217                raisedError = nep.getMessage(); 2218                returnCode = 3; 2219 2220                throw nep; 2221            } catch (DoesntExistsException dee) { 2222                raisedError = dee.getMessage(); 2223                returnCode = 4; 2224 2225                throw dee; 2226            } finally { 2227 2228                HashMap transactionData = new HashMap (); 2229 2230                createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), 2231                    clientIP, KasaiFacade.class.getName() + ".readUser", "/kasai/user/" + login, transactionData); 2232            } 2233        } else { 2234            user = this.readUser(login); 2235        } 2236 2237        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readUser", "Exit", 2238            java.util.logging.Level.INFO); 2239 2240        return user; 2241    } 2242 2243    /** 2244     * Read a user without checking permission 2245     * 2246     * @param login User who is making the request 2247     * 2248     * @return User identified by login parameter or null if the user doesn't exist 2249     * 2250     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2251     * @throws DoesntExistsException The user doesnt exist 2252     */ 2253    public User readUser(String login) throws DataAccessException, DoesntExistsException { 2254 2255        User user = null; 2256 2257        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readUser", "Enter", 2258            java.util.logging.Level.INFO); 2259 2260        user = UserHandler.getInstance().read(login, true); 2261 2262        if (user == null) { 2263            Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readUser", 2264                "User doesn't exist", java.util.logging.Level.SEVERE); 2265            throw new DoesntExistsException(KasaiFacade.class.getName() + ".userDoesntExist"); 2266        } 2267 2268        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readUser", "Exit", 2269            java.util.logging.Level.INFO); 2270 2271        return user; 2272    } 2273 2274    /** 2275     * Reset the user password and send it to his email. 2276     * 2277     * @param loginUser User who is making the request 2278     * @param clientIP IP Address of whom is making the request 2279     * 2280     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2281     * @throws ServiceException Severe error returned from the authentication service 2282     * @throws ServiceNotAvailableException The configured authentication service is not available 2283     * @throws DoesntExistsException The user doesnt exist 2284     * @throws CannotAuditException Error auditing transaction 2285     */ 2286    public void remindPasswordUser(String loginUser, String clientIP) 2287        throws ServiceException, ServiceNotAvailableException, DataAccessException, DoesntExistsException, 2288        CannotAuditException { 2289         2290        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "remindPasswordUser", "Enter", 2291            java.util.logging.Level.INFO); 2292 2293        long startTime = System.currentTimeMillis(); 2294        String raisedError = null; 2295        int returnCode = 0; 2296 2297        try { 2298            User user = this.readUser(loginUser); 2299             2300            user.resetPassword(); 2301        } catch (ServiceException e) { 2302            raisedError = e.getMessage(); 2303            returnCode = 1; 2304 2305            throw e; 2306        } catch (DoesntExistsException e) { 2307            raisedError = e.getMessage(); 2308            returnCode = 3; 2309 2310            throw e; 2311        } catch (ServiceNotAvailableException e) { 2312            raisedError = e.getMessage(); 2313            returnCode = 2; 2314 2315            throw e; 2316        } finally { 2317 2318            HashMap transactionData = new HashMap (); 2319 2320            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2321                KasaiFacade.class.getName() + ".remindPasswordUser", "/kasai/user/" + loginUser, transactionData); 2322        } 2323    } 2324 2325    /** 2326     * Remove an operative from a role 2327     * 2328     * @param loginUser User who is making the request 2329     * @param idOperative Operative identifier 2330     * @param role Role identifier 2331     * @param clientIP IP Address of whom is making the request 2332     * 2333     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2334     * @throws NotEnoughPermissionException The user cannot perform this operation 2335     * @throws CannotAuditException Error auditing transaction 2336     */ 2337    public void removeOperativeFromRole(String loginUser, String idOperative, int role, String clientIP) 2338        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 2339         2340        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "removeOperativeToRole", "Enter", 2341            java.util.logging.Level.INFO); 2342 2343        long startTime = System.currentTimeMillis(); 2344        String raisedError = null; 2345        int returnCode = 0; 2346 2347        try { 2348            this.validateOperative(loginUser, KasaiFacade.COMMIT_ROLE, "/kasai/role/" + role); 2349 2350            RoleHandler.getInstance().deleteOperativeFromRole(idOperative, role); 2351        } catch (DataAccessException e) { 2352            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2353            returnCode = 1; 2354 2355            throw e; 2356        } catch (NotEnoughPermissionException nep) { 2357            raisedError = nep.getMessage(); 2358            returnCode = 2; 2359 2360            throw nep; 2361        } finally { 2362 2363            HashMap transactionData = new HashMap (); 2364 2365            transactionData.put("idOperative", idOperative); 2366            transactionData.put("role", String.valueOf(role)); 2367 2368            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2369                KasaiFacade.class.getName() + ".removeOperativeFromRole", "/kasai/role/" + role, transactionData); 2370        } 2371 2372        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "removeOperativeFromRole", "Exit", 2373            java.util.logging.Level.INFO); 2374    } 2375 2376    /** 2377     * Remove a user from a group 2378     * 2379     * @param loginUser User who is making the request 2380     * @param idGroup Group identifier 2381     * @param login User login to be removed 2382     * @param clientIP IP Address of whom is making the request 2383     * 2384     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2385     * @throws NotEnoughPermissionException The user cannot perform this operation 2386     * @throws CannotAuditException Error auditing transaction 2387     */ 2388    public void removeUserFromGroup(String loginUser, String idGroup, String login, String clientIP) 2389        throws DataAccessException, NotEnoughPermissionException, CannotAuditException { 2390         2391        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "removeUserFromGroup", "Enter", 2392            java.util.logging.Level.INFO); 2393 2394        long startTime = System.currentTimeMillis(); 2395        String raisedError = null; 2396        int returnCode = 0; 2397 2398        try { 2399            this.validateOperative(loginUser, KasaiFacade.DELETE_USER_GROUP, "/kasai/group/" + idGroup); 2400 2401            GroupHandler.getInstance().deleteUserFromGroup(login, idGroup); 2402        } catch (DataAccessException e) { 2403            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2404            returnCode = 1; 2405 2406            throw e; 2407        } catch (NotEnoughPermissionException nep) { 2408            raisedError = nep.getMessage(); 2409            returnCode = 2; 2410 2411            throw nep; 2412        } finally { 2413 2414            HashMap transactionData = new HashMap (); 2415 2416            transactionData.put("idGroup", idGroup); 2417            transactionData.put("login", login); 2418 2419            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2420                KasaiFacade.class.getName() + ".removeUserFromGroup", "/kasai/group/" + idGroup, transactionData); 2421        } 2422 2423        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "removeUserFromGroup", "Exit", 2424            java.util.logging.Level.INFO); 2425    } 2426 2427    /** 2428     * Reset the user account password 2429     * 2430     * @param actualUser User who is making the request 2431     * @param login is the login 2432     * @param clientIP IP Address of whom is making the request 2433     * 2434     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2435     * @throws ServiceException Severe error returned from the authentication service 2436     * @throws ServiceNotAvailableException The configured authentication service is not available 2437     * @throws NotEnoughPermissionException The user cannot perform this operation 2438     * @throws CannotAuditException Error auditing transaction 2439     * @throws DoesntExistsException The user doesnt exist 2440     */ 2441    public void resetPasswordUser(String actualUser, String login, String clientIP) 2442        throws ServiceException, ServiceNotAvailableException, NotEnoughPermissionException, 2443        CannotAuditException, DataAccessException, DoesntExistsException { 2444         2445        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "resetPasswordUser", "Enter", 2446            java.util.logging.Level.INFO); 2447 2448        long startTime = System.currentTimeMillis(); 2449        String raisedError = null; 2450        int returnCode = 0; 2451 2452        try { 2453            this.validateOperative(actualUser, RESET_PASSWORD_USER, "/kasai/user/" + login); 2454 2455            User user = this.readUser(login); 2456 2457            user.resetPassword(); 2458        } catch (ServiceException e) { 2459            raisedError = e.getMessage(); 2460            returnCode = 1; 2461 2462            throw e; 2463        } catch (ServiceNotAvailableException e) { 2464            raisedError = e.getMessage(); 2465            returnCode = 2; 2466 2467            throw e; 2468        } catch (NotEnoughPermissionException nep) { 2469            raisedError = nep.getMessage(); 2470            returnCode = 3; 2471 2472            throw nep; 2473        } catch (DataAccessException dae) { 2474            raisedError = dae.getMessage(); 2475            returnCode = 4; 2476 2477            throw dae; 2478        } catch (DoesntExistsException dee) { 2479            raisedError = dee.getMessage(); 2480            returnCode = 5; 2481 2482            throw dee; 2483        } finally { 2484 2485            HashMap transactionData = new HashMap (); 2486 2487            transactionData.put("login", login); 2488 2489            createAuditEntry(actualUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2490                KasaiFacade.class.getName() + ".resetPasswordUser", "/kasai/user/" + login, transactionData); 2491        } 2492    } 2493 2494    /** 2495     * Unblock a group 2496     * 2497     * @param loginUser User who is making the request 2498     * @param idGroup group identifier 2499     * @param clientIP IP Address of whom is making the request 2500     * 2501     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2502     * @throws InvalidAttributesException The existing group attributes are not valid 2503     * @throws NotEnoughPermissionException The user cannot perform this operation 2504     * @throws CannotAuditException Error auditing transaction 2505     * @throws DoesntExistsException The group does not exist 2506     */ 2507    public void unblockGroup(String loginUser, String idGroup, String clientIP) 2508        throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 2509        CannotAuditException, DoesntExistsException { 2510         2511        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "blockGroup", "Enter", 2512            java.util.logging.Level.INFO); 2513 2514        long startTime = System.currentTimeMillis(); 2515        String raisedError = null; 2516        int returnCode = 0; 2517 2518        try { 2519            this.validateOperative(loginUser, KasaiFacade.UNBLOCK_GROUP, "/kasai/group/" + idGroup); 2520 2521            Group group = this.readGroup(idGroup); 2522 2523            GroupHandler.getInstance().update(idGroup, false, group.getDescription()); 2524        } catch (DataAccessException e) { 2525            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2526            returnCode = 1; 2527 2528            throw e; 2529        } catch (InvalidAttributesException iaE) { 2530            raisedError = iaE.getMessage(); 2531            returnCode = 2; 2532 2533            throw iaE; 2534        } catch (NotEnoughPermissionException nep) { 2535            raisedError = nep.getMessage(); 2536            returnCode = 3; 2537 2538            throw nep; 2539        } catch (DoesntExistsException e) { 2540            raisedError = e.getMessage(0); 2541            returnCode = 4; 2542 2543            throw e; 2544        } finally { 2545 2546            HashMap transactionData = new HashMap (); 2547 2548            transactionData.put("idGroup", idGroup); 2549 2550            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2551                KasaiFacade.class.getName() + ".unblockGroup", "/kasai/group/" + idGroup, transactionData); 2552        } 2553 2554        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "unblockGroup", "Exit", 2555            java.util.logging.Level.INFO); 2556    } 2557 2558    /** 2559     * Unblock a user 2560     * 2561     * @param loginUser User who is making the request 2562     * @param login user identifier to unblock 2563     * @param clientIP IP Address of whom is making the request 2564     * 2565     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2566     * @throws InvalidAttributesException The existing user attributes are not valid 2567     * @throws NotEnoughPermissionException The user cannot perform this operation 2568     * @throws CannotAuditException Error auditing transaction 2569     * @throws DoesntExistsException The user does not exist 2570     */ 2571    public void unblockUser(String loginUser, String login, String clientIP) 2572        throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 2573        CannotAuditException, DoesntExistsException { 2574         2575        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "unblockUser", "Enter", 2576            java.util.logging.Level.INFO); 2577 2578        long startTime = System.currentTimeMillis(); 2579        String raisedError = null; 2580        int returnCode = 0; 2581 2582        try { 2583            this.validateOperative(loginUser, KasaiFacade.UNBLOCK_USER, "/kasai/user/" + login); 2584 2585            User user = this.readUser(login); 2586 2587            UserHandler.getInstance().update(login, user.getFirstName(), user.getLastName(), user.getEmail(), false, 2588                user.getDescription()); 2589        } catch (DataAccessException e) { 2590            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2591            returnCode = 1; 2592 2593            throw e; 2594        } catch (InvalidAttributesException iaE) { 2595            raisedError = iaE.getMessage(); 2596            returnCode = 2; 2597 2598            throw iaE; 2599        } catch (NotEnoughPermissionException nep) { 2600            raisedError = nep.getMessage(); 2601            returnCode = 3; 2602 2603            throw nep; 2604        } catch (DoesntExistsException dee) { 2605            raisedError = dee.getMessage(); 2606            returnCode = 4; 2607 2608            throw dee; 2609        } finally { 2610 2611            HashMap transactionData = new HashMap (); 2612 2613            transactionData.put("login", login); 2614 2615            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2616                KasaiFacade.class.getName() + ".unblockUser", "/kasai/user/" + login, transactionData); 2617        } 2618 2619        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "unblockUser", "Exit", 2620            java.util.logging.Level.INFO); 2621    } 2622 2623    /** 2624     * Modify a group 2625     * 2626     * @param loginUser User who is making the request 2627     * @param id group identifier 2628     * @param description description group 2629     * @param blocked Specifies if the group must be blocked or not 2630     * @param members Members of the group 2631     * @param clientIP IP Address of whom is making the request 2632     * 2633     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2634     * @throws InvalidAttributesException The new group attributes are not valid 2635     * @throws NotEnoughPermissionException The user cannot perform this operation 2636     * @throws CannotAuditException Error auditing transaction 2637     */ 2638    public void updateGroup(String loginUser, String id, String description, boolean blocked, String [] members, 2639        String clientIP) throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 2640        CannotAuditException { 2641         2642        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateGroup", "Enter", 2643            java.util.logging.Level.INFO); 2644 2645        long startTime = System.currentTimeMillis(); 2646        String raisedError = null; 2647        int returnCode = 0; 2648 2649        try { 2650            this.validateOperative(loginUser, KasaiFacade.COMMIT_GROUP, "/kasai/group/" + id); 2651 2652            GroupHandler.getInstance().update(id, blocked, description, members); 2653        } catch (DataAccessException e) { 2654            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2655            returnCode = 1; 2656 2657            throw e; 2658        } catch (InvalidAttributesException iaE) { 2659            raisedError = iaE.getMessage(); 2660            returnCode = 2; 2661 2662            throw iaE; 2663        } catch (NotEnoughPermissionException nep) { 2664            raisedError = nep.getMessage(); 2665            returnCode = 3; 2666 2667            throw nep; 2668        } finally { 2669 2670            HashMap transactionData = new HashMap (); 2671 2672            transactionData.put("id", id); 2673            transactionData.put("description", description); 2674            transactionData.put("blocked", String.valueOf(blocked)); 2675 2676            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2677                KasaiFacade.class.getName() + ".updateGroup", "/kasai/group/" + id, transactionData); 2678        } 2679 2680        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateGroup", "Exit", 2681            java.util.logging.Level.INFO); 2682    } 2683 2684 2685    /** 2686     * Update User Information 2687     * 2688     * @param loginUser User who is making the request 2689     * @param login identifier of the user 2690     * @param firstName First Name of the user 2691     * @param lastName Last Name of the user 2692     * @param email email of the user 2693     * @param blocked Specify if the user must be blocked or not 2694     * @param description User description 2695     * @param superUser Specify if the user is super user. 2696     * @param clientIP IP Address of whom is making the request 2697     * 2698     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2699     * @throws InvalidAttributesException The new user attributes are not valid 2700     * @throws NotEnoughPermissionException The user cannot perform this operation 2701     * @throws CannotAuditException Error auditing transaction 2702     * @throws DoesntExistsException The user does not exist 2703     */ 2704    public void updateUser(String loginUser, String login, String firstName, String lastName, String email, 2705        boolean blocked, String description, boolean superUser, String clientIP) 2706        throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, CannotAuditException, 2707        DoesntExistsException{ 2708         2709        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateUser", "Enter", 2710            java.util.logging.Level.INFO); 2711 2712        long startTime = System.currentTimeMillis(); 2713        String raisedError = null; 2714        int returnCode = 0; 2715 2716        try { 2717            this.validateOperative(loginUser, KasaiFacade.COMMIT_USER, "/kasai/user/" + login); 2718 2719            boolean sU = this.readUser(loginUser).getSuperUser(); 2720 2721            if (sU) { 2722                UserHandler.getInstance().update(login, firstName, lastName, email, blocked, description, superUser); 2723            } else { 2724                UserHandler.getInstance().update(login, firstName, lastName, email, blocked, description); 2725            } 2726        } catch (DataAccessException e) { 2727            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2728            returnCode = 1; 2729 2730            throw e; 2731        } catch (InvalidAttributesException iaE) { 2732            raisedError = iaE.getMessage(); 2733            returnCode = 2; 2734 2735            throw iaE; 2736        } catch (NotEnoughPermissionException nep) { 2737            raisedError = nep.getMessage(); 2738            returnCode = 3; 2739 2740            throw nep; 2741        } catch (DoesntExistsException dee) { 2742            raisedError = dee.getMessage(); 2743            returnCode = 4; 2744 2745            throw dee; 2746        } finally { 2747 2748            HashMap transactionData = new HashMap (); 2749 2750            transactionData.put("login", login); 2751            transactionData.put("firstName", firstName); 2752            transactionData.put("lastName", lastName); 2753            transactionData.put("email", email); 2754            transactionData.put("blocked", String.valueOf(blocked)); 2755            transactionData.put("description", description); 2756            transactionData.put("superUser", String.valueOf(superUser)); 2757 2758            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2759                KasaiFacade.class.getName() + ".updateUser", "/kasai/user/" + login, transactionData); 2760        } 2761 2762        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateUser", "Exit", 2763            java.util.logging.Level.INFO); 2764    } 2765 2766    /** 2767     * Update user Information 2768     * 2769     * @param loginUser User who is making the request 2770     * @param login identifier of the user 2771     * @param firstName First Name of the user 2772     * @param lastName Last Name of the user 2773     * @param email email of the user 2774     * @param blocked Specifies if the user must be blocked or not 2775     * @param description Desccrition of the user 2776     * @param clientIP IP Address of whom is making the request 2777     * 2778     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2779     * @throws InvalidAttributesException The new user attributes are not valid 2780     * @throws NotEnoughPermissionException The user cannot perform this operation 2781     * @throws CannotAuditException Error auditing transaction 2782     */ 2783    public void updateUser(String loginUser, String login, String firstName, String lastName, String email, 2784        boolean blocked, String description, String clientIP) 2785        throws DataAccessException, InvalidAttributesException, NotEnoughPermissionException, 2786        CannotAuditException { 2787         2788        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateUser", "Enter", 2789            java.util.logging.Level.INFO); 2790 2791        long startTime = System.currentTimeMillis(); 2792        String raisedError = null; 2793        int returnCode = 0; 2794 2795        try { 2796            this.validateOperative(loginUser, KasaiFacade.COMMIT_USER, "/kasai/user/" + login); 2797 2798            UserHandler.getInstance().update(login, firstName, lastName, email, blocked, description); 2799        } catch (DataAccessException e) { 2800            raisedError = KasaiFacade.class.getName() + ".sqlError"; 2801            returnCode = 1; 2802 2803            throw e; 2804        } catch (InvalidAttributesException iaE) { 2805            raisedError = iaE.getMessage(); 2806            returnCode = 2; 2807 2808            throw iaE; 2809        } catch (NotEnoughPermissionException nep) { 2810            raisedError = nep.getMessage(); 2811            returnCode = 3; 2812 2813            throw nep; 2814        } finally { 2815 2816            HashMap transactionData = new HashMap (); 2817 2818            transactionData.put("login", login); 2819            transactionData.put("firstName", firstName); 2820            transactionData.put("lastName", lastName); 2821            transactionData.put("email", email); 2822            transactionData.put("blocked", String.valueOf(blocked)); 2823            transactionData.put("description", description); 2824 2825            createAuditEntry(loginUser, returnCode, raisedError, (System.currentTimeMillis() - startTime), clientIP, 2826                KasaiFacade.class.getName() + ".updateUser", "/kasai/user/" + login, transactionData); 2827        } 2828 2829        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "updateUser", "Exit", 2830            java.util.logging.Level.INFO); 2831    } 2832     2833    /** 2834     * Verify if the user can execute the operative over the obejct 2835     * 2836     * @param user User who is making the request 2837     * @param operative Operative identifier 2838     * @param object Object identifier 2839     * 2840     * @throws NotEnoughPermissionException The user cannot execute the operation 2841     */ 2842    public void validateOperative(String user, String operative, String object) 2843        throws NotEnoughPermissionException { 2844         2845        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "validateOperative", 2846            "Enter (user=" + user + ", operative=" + operative + ", object=" + object + ")", 2847            java.util.logging.Level.INFO); 2848 2849        if (!UserHandler.getInstance().checkOperative(user, operative, object)) { 2850            Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "validateOperative", 2851                "Request was denied(User=" + user + ", operative=" + operative + ", object=" + object + ")", 2852                java.util.logging.Level.INFO); 2853            throw new NotEnoughPermissionException(KasaiFacade.class.getName() + ".deny"); 2854        } 2855 2856        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "validateOperative", "Exit", 2857            java.util.logging.Level.INFO); 2858    } 2859 2860    /** 2861     * Reads a role without checking permission 2862     * 2863     * @param role Role identifier 2864     * 2865     * @return An Object Role object representing the object role with the given role id 2866     * 2867     * @throws DataAccessException Severe errors like SQL error, IO Error, etc 2868     */ 2869    public Role readRole(int role) throws DataAccessException { 2870 2871        Role r = null; 2872 2873        Log.getInstance(Constants.PROPERTY_FILE).write(KasaiFacade.class.getName(), "readRole", "Enter", 2874            java.util.logging.Level.INFO); 2875 2876        r = RoleHandler.getInstance().read(role); 2877 2878        return r; 2879    } 2880} 2881

A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame Free Books   Free Magazines   Popular Tags