1 25 package org.nemesis.forum.impl; 26 27 import java.sql.Connection ; 28 import java.sql.PreparedStatement ; 29 import java.sql.ResultSet ; 30 import java.sql.SQLException ; 31 import java.util.Enumeration ; 32 import java.util.Properties ; 33 34 import org.apache.commons.logging.Log; 35 import org.apache.commons.logging.LogFactory; 36 import org.nemesis.forum.Authorization; 37 import org.nemesis.forum.ForumPermissions; 38 import org.nemesis.forum.Group; 39 import org.nemesis.forum.User; 40 import org.nemesis.forum.exception.UnauthorizedException; 41 import org.nemesis.forum.exception.UserNotFoundException; 42 import org.nemesis.forum.util.StringUtils; 43 import org.nemesis.forum.util.cache.CacheSizes; 44 import org.nemesis.forum.util.cache.Cacheable; 45 import org.nemesis.forum.util.jdbc.DbConnectionManager; 46 65 class DbUser implements User, Cacheable { 66 static protected Log log = LogFactory.getLog(DbUser.class); 67 68 private static final String LOAD_PROPERTIES = "SELECT name, propValue FROM yazdUserProp WHERE userID=?"; 69 private static final String DELETE_PROPERTIES = "DELETE FROM yazdUserProp WHERE userID=?"; 70 private static final String INSERT_PROPERTY = "INSERT INTO yazdUserProp(userID,name,propValue) VALUES(?,?,?)"; 71 private static final String LOAD_USER_BY_USERNAME = "SELECT * FROM yazdUser WHERE username=?"; 72 private static final String LOAD_USER_BY_ID = "SELECT * FROM yazdUser WHERE userID=?"; 73 private static final String INSERT_USER ="INSERT INTO yazdUser(userID,username,passwordHash,email,emailVisible," + "nameVisible) VALUES(?,?,?,?,?,?)"; 74 private static final String SAVE_USER = "UPDATE yazdUser SET passwordHash=?,email=?,emailVisible=?,name=?," + "nameVisible=? WHERE userID=?"; 75 private static final String DELETE_PERMISSIONS = "DELETE FROM yazdUserPerm WHERE userID=?"; 76 private static final String INSERT_PERMISSION = "INSERT INTO yazdUserPerm(userID,forumID,permission) VALUES(?,?,?)"; 77 78 private static final String ADMIN_TEST = "SELECT groupID FROM yazdGroupUser WHERE groupID=? AND userID=? AND " + "administrator=1"; 80 private static final String MEMBER_TEST = "SELECT groupID FROM yazdGroupUser WHERE groupID=? AND userID=?"; 81 private static final String ADMIN_COUNT = "SELECT count(*) FROM yazdGroupUser WHERE userID=? " + "AND administrator=1"; 82 private static final String MEMBER_COUNT = "SELECT DISTINCT count(groupID) FROM yazdGroupUser " + "WHERE userID=?"; 83 84 85 89 private int id = -2; 90 private String username; 91 private String passwordHash; 92 private String name = ""; 93 private boolean nameVisible = true; 94 private String email; 95 private boolean emailVisible = true; 96 private Properties properties; 97 private Object propertyLock = new Object (); 98 99 106 protected DbUser(String username, String password, String email) { 107 this.id = DbSequenceManager.nextID("User"); 108 this.username = username; 109 this.passwordHash = StringUtils.hash(password); 111 this.email = email; 112 properties = new Properties (); 113 insertIntoDb(); 114 } 115 116 121 protected DbUser(int userID) throws UserNotFoundException { 122 this.id = userID; 123 loadFromDb(); 124 loadProperties(); 125 } 126 127 132 protected DbUser(String username) throws UserNotFoundException { 133 this.username = username; 134 loadFromDb(); 135 loadProperties(); 136 } 137 138 140 public int getID() { 141 return id; 142 } 143 144 public boolean isAnonymous() { 145 return (id == -1); 146 } 147 148 public String getUsername() { 149 return StringUtils.escapeHTMLTags(username); 150 } 151 152 public String getName() { 153 return StringUtils.escapeHTMLTags(name); 154 } 155 156 public void setName(String name) throws UnauthorizedException { 157 this.name = name; 158 saveToDb(); 159 } 160 161 public boolean isNameVisible() { 162 return nameVisible; 163 } 164 165 public void setNameVisible(boolean visible) throws UnauthorizedException { 166 this.nameVisible = visible; 167 saveToDb(); 168 } 169 170 public void setPassword(String password) throws UnauthorizedException { 171 this.passwordHash = StringUtils.hash(password); 173 saveToDb(); 174 } 175 176 public String getPasswordHash() throws UnauthorizedException { 177 return passwordHash; 178 } 179 180 public void setPasswordHash(String passwordHash) { 181 this.passwordHash = passwordHash; 182 saveToDb(); 183 } 184 185 public String getEmail() { 186 return StringUtils.escapeHTMLTags(email); 187 } 188 189 public void setEmail(String email) throws UnauthorizedException { 190 this.email = email; 191 saveToDb(); 192 } 193 194 public boolean isEmailVisible() { 195 return emailVisible; 196 } 197 198 public void setEmailVisible(boolean visible) throws UnauthorizedException { 199 this.emailVisible = visible; 200 saveToDb(); 201 } 202 203 public String getProperty(String name) { 204 return StringUtils.escapeHTMLTags((String ) properties.get(name)); 205 } 206 207 public Enumeration propertyNames() { 208 return properties.propertyNames(); 209 } 210 211 public void setProperty(String name, String value) { 212 properties.put(name, value); 213 saveProperties(); 214 } 215 216 public ForumPermissions getPermissions(Authorization authorization) { 217 if (authorization.getUserID() == id || id == -1 || id == 0) { 218 return new ForumPermissions(false, false, false, true, false, false, false, false); 219 } else { 220 return ForumPermissions.none(); 221 } 222 } 223 224 public boolean hasPermission(int type) { 225 return true; 226 } 227 228 230 public int getSize() { 231 int size = 0; 234 size += CacheSizes.sizeOfObject(); size += CacheSizes.sizeOfInt(); size += CacheSizes.sizeOfString(username); size += CacheSizes.sizeOfString(passwordHash); size += CacheSizes.sizeOfString(name); size += CacheSizes.sizeOfString(email); size += CacheSizes.sizeOfBoolean(); size += CacheSizes.sizeOfBoolean(); size += CacheSizes.sizeOfObject(); size += CacheSizes.sizeOfProperties(properties); 245 return size; 246 } 247 public boolean isAdministratorInGroup(Group group) { 249 boolean answer = false; 250 Connection con = null; 251 PreparedStatement pstmt = null; 252 try { 253 con = DbConnectionManager.getConnection(); 254 pstmt = con.prepareStatement(ADMIN_TEST); 255 pstmt.setInt(1, group.getID()); 256 pstmt.setInt(2, id); 257 ResultSet rs = pstmt.executeQuery(); 258 if (rs.next()) { 259 answer = true; 260 } 261 } catch (SQLException sqle) { 262 log.error("" , sqle); 263 } finally { 264 try { 265 pstmt.close(); 266 } catch (Exception e) { 267 log.error("" , e); 268 } 269 try { 270 con.close(); 271 } catch (Exception e) { 272 log.error("" , e); 273 } 274 } 275 return answer; 276 } 277 278 public boolean isMemberInGroup(Group group) { 279 boolean answer = false; 280 Connection con = null; 281 PreparedStatement pstmt = null; 282 try { 283 con = DbConnectionManager.getConnection(); 284 pstmt = con.prepareStatement(MEMBER_TEST); 285 pstmt.setInt(1, group.getID()); 286 pstmt.setInt(2, id); 287 ResultSet rs = pstmt.executeQuery(); 288 if (rs.next()) { 289 answer = true; 290 } 291 } catch (SQLException sqle) { 292 log.error("" , sqle); 293 } finally { 294 try { 295 pstmt.close(); 296 } catch (Exception e) { 297 log.error("" , e); 298 } 299 try { 300 con.close(); 301 } catch (Exception e) { 302 log.error("" , e); 303 } 304 } 305 return answer; 306 } 307 308 public int getGroupAdministratorCount() { 309 int count = 0; 310 boolean answer = false; 311 Connection con = null; 312 PreparedStatement pstmt = null; 313 try { 314 con = DbConnectionManager.getConnection(); 315 pstmt = con.prepareStatement(ADMIN_COUNT); 316 pstmt.setInt(1, id); 317 ResultSet rs = pstmt.executeQuery(); 318 if (rs.next()) { 319 count = rs.getInt(1); 320 } 321 } catch (SQLException sqle) { 322 log.error("" , sqle); 323 } finally { 324 try { 325 pstmt.close(); 326 } catch (Exception e) { 327 log.error("" , e); 328 } 329 try { 330 con.close(); 331 } catch (Exception e) { 332 log.error("" , e); 333 } 334 } 335 return count; 336 } 337 338 public int getGroupCount() { 339 int count = 0; 340 boolean answer = false; 341 Connection con = null; 342 PreparedStatement pstmt = null; 343 try { 344 con = DbConnectionManager.getConnection(); 345 pstmt = con.prepareStatement(MEMBER_COUNT); 346 pstmt.setInt(1, id); 347 ResultSet rs = pstmt.executeQuery(); 348 if (rs.next()) { 349 count = rs.getInt(1); 350 } 351 } catch (SQLException sqle) { 352 log.error("" , sqle); 353 } finally { 354 try { 355 pstmt.close(); 356 } catch (Exception e) { 357 log.error("" , e); 358 } 359 try { 360 con.close(); 361 } catch (Exception e) { 362 log.error("" , e); 363 } 364 } 365 return count; 366 } 367 368 369 371 372 373 375 380 public String toString() { 381 return username; 382 } 383 384 public int hashCode() { 385 return id; 386 } 387 388 public boolean equals(Object object) { 389 if (this == object) { 390 return true; 391 } 392 if (object != null && object instanceof DbUser) { 393 return id == ((DbUser) object).getID(); 394 } else { 395 return false; 396 } 397 } 398 399 402 private void loadProperties() { 403 if (id == -1 || id == 0) { 405 properties = new Properties (); 406 return; 407 } 408 synchronized (propertyLock) { 411 Properties newProps = new Properties (); 412 Connection con = null; 413 PreparedStatement pstmt = null; 414 try { 415 con = DbConnectionManager.getConnection(); 416 pstmt = con.prepareStatement(LOAD_PROPERTIES); 417 pstmt.setInt(1, id); 418 ResultSet rs = pstmt.executeQuery(); 419 while (rs.next()) { 420 String name = rs.getString("name"); 421 String value = rs.getString("propValue"); 422 newProps.put(name, value); 423 } 424 } catch (SQLException sqle) { 425 log.error("Error in DbUser:loadProperties():" ,sqle); 426 427 } finally { 428 try { 429 pstmt.close(); 430 } catch (Exception e) { 431 log.error("" , e); 432 } 433 try { 434 con.close(); 435 } catch (Exception e) { 436 log.error("" , e); 437 } 438 } 439 this.properties = newProps; 440 } 441 } 442 443 446 private void saveProperties() { 447 if (id == -1 || id == 0) { 449 return; 450 } 451 synchronized (propertyLock) { 454 Connection con = null; 455 PreparedStatement pstmt = null; 456 try { 457 con = DbConnectionManager.getConnection(); 458 pstmt = con.prepareStatement(DELETE_PROPERTIES); 460 pstmt.setInt(1, id); 461 pstmt.execute(); 462 pstmt.close(); 463 pstmt = con.prepareStatement(INSERT_PROPERTY); 465 Enumeration e = properties.keys(); 466 while (e.hasMoreElements()) { 467 String name = (String ) e.nextElement(); 468 String value = (String ) properties.get(name); 469 pstmt.setInt(1, id); 470 pstmt.setString(2, name); 471 pstmt.setString(3, value); 472 pstmt.executeUpdate(); 473 } 474 } catch (SQLException sqle) { 475 log.error("" , sqle); 476 } finally { 477 try { 478 pstmt.close(); 479 } catch (Exception e) { 480 log.error("" , e); 481 } 482 try { 483 con.close(); 484 } catch (Exception e) { 485 log.error("" , e); 486 } 487 } 488 } 489 } 490 491 494 private void loadFromDb() throws UserNotFoundException { 495 if (id == -1 || id == 0) { 497 return; 498 } 499 String query; 501 if (username != null) { 503 query = LOAD_USER_BY_USERNAME; 504 } 505 else { 507 query = LOAD_USER_BY_ID; 508 } 509 Connection con = null; 510 PreparedStatement pstmt = null; 511 try { 512 con = DbConnectionManager.getConnection(); 513 pstmt = con.prepareStatement(query); 514 if (username != null) { 515 pstmt.setString(1, username); 516 } else { 517 pstmt.setInt(1, id); 518 } 519 520 ResultSet rs = pstmt.executeQuery(); 521 if (!rs.next()) { 522 throw new UserNotFoundException("Failed to read user " + id + " from database."); 523 } 524 this.id = rs.getInt("userID"); 525 this.username = rs.getString("username"); 526 this.passwordHash = rs.getString("passwordHash"); 527 this.name = rs.getString("name"); 528 this.nameVisible = (rs.getInt("nameVisible") == 1); 529 this.email = rs.getString("email"); 530 this.emailVisible = (rs.getInt("emailVisible") == 1); 531 } catch (SQLException sqle) { 532 throw new UserNotFoundException("Failed to read user " + id + " from database.", sqle); 533 } finally { 534 try { 535 pstmt.close(); 536 } catch (Exception e) { 537 log.error("" , e); 538 } 539 try { 540 con.close(); 541 } catch (Exception e) { 542 log.error("" , e); 543 } 544 } 545 } 546 547 550 private void insertIntoDb() { 551 Connection con = null; 552 PreparedStatement pstmt = null; 553 try { 554 con = DbConnectionManager.getConnection(); 555 pstmt = con.prepareStatement(INSERT_USER); 556 pstmt.setInt(1, id); 557 pstmt.setString(2, username); 558 pstmt.setString(3, passwordHash); 559 pstmt.setString(4, email); 560 pstmt.setInt(5, emailVisible ? 1 : 0); 561 pstmt.setInt(6, nameVisible ? 1 : 0); 562 pstmt.executeUpdate(); 563 } catch (SQLException sqle) { 564 log.error("Error in DbUser:insertIntoDb()-" ,sqle); 565 566 } finally { 567 try { 568 pstmt.close(); 569 } catch (Exception e) { 570 log.error("" , e); 571 } 572 try { 573 con.close(); 574 } catch (Exception e) { 575 log.error("" , e); 576 } 577 } 578 } 579 580 583 private void saveToDb() { 584 if (id == -1 || id == 0) { 585 return; 587 } 588 Connection con = null; 589 PreparedStatement pstmt = null; 590 try { 591 con = DbConnectionManager.getConnection(); 592 pstmt = con.prepareStatement(SAVE_USER); 593 pstmt.setString(1, passwordHash); 594 pstmt.setString(2, email); 595 pstmt.setInt(3, emailVisible ? 1 : 0); 596 pstmt.setString(4, name); 597 pstmt.setInt(5, nameVisible ? 1 : 0); 598 pstmt.setInt(6, id); 599 pstmt.executeUpdate(); 600 } catch (SQLException sqle) { 601 log.error("SQLException in DbUser.java:saveToDb(): " , sqle); 602 603 } finally { 604 try { 605 pstmt.close(); 606 } catch (Exception e) { 607 log.error("" , e); 608 } 609 try { 610 con.close(); 611 } catch (Exception e) { 612 log.error("" , e); 613 } 614 } 615 } 616 } 617 | Popular Tags |