KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > openharmonise > rm > resources > users > User


1 /*
2  * The contents of this file are subject to the
3  * Mozilla Public License Version 1.1 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at http://www.mozilla.org/MPL/
6  *
7  * Software distributed under the License is distributed on an "AS IS"
8  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
9  * See the License for the specific language governing rights and
10  * limitations under the License.
11  *
12  * The Initial Developer of the Original Code is Simulacra Media Ltd.
13  * Portions created by Simulacra Media Ltd are Copyright (C) Simulacra Media Ltd, 2004.
14  *
15  * All Rights Reserved.
16  *
17  * Contributor(s):
18  */
19 package org.openharmonise.rm.resources.users;
20
21 import java.sql.*;
22 import java.util.Vector JavaDoc;
23 import java.util.logging.*;
24
25 import org.openharmonise.commons.dsi.*;
26 import org.openharmonise.commons.dsi.dml.*;
27 import org.openharmonise.rm.*;
28 import org.openharmonise.rm.config.*;
29 import org.openharmonise.rm.dsi.DataStoreObject;
30 import org.openharmonise.rm.metadata.Profile;
31 import org.openharmonise.rm.publishing.*;
32 import org.openharmonise.rm.resources.*;
33 import org.openharmonise.rm.resources.lifecycle.*;
34 import org.openharmonise.rm.security.authentication.*;
35 import org.w3c.dom.*;
36
37 /**
38  * This class represents a user within Harmonise.
39  *
40  * @author Michael Bell
41  * @author jejking
42  * @version $Revision: 1.10 $
43  *
44  */
45 public class User
46     extends AbstractChildObject
47     implements DataStoreObject, Publishable, Editable, Cloneable JavaDoc, Comparable JavaDoc {
48
49     //XML constants
50 public static final String JavaDoc TAG_USER = "User";
51     public static final String JavaDoc TAG_PASSWORD = "Password";
52
53     //DB constants
54 public static final String JavaDoc TBL_USER = "users";
55     protected static final String JavaDoc CLMN_PASSWORD = "password";
56     protected static final String JavaDoc CLMN_IS_SUPER = "isSuper";
57     protected static final String JavaDoc CLMN_SALT = "salt";
58
59     //user's passwd
60 protected String JavaDoc m_sPassword = "";
61     
62     /**
63      * Holds cryptographic salt if <code>PWD_ENCRYPTION</code> system property is set.
64      * Otherwise, will be an empty string and not used.
65      */
66     protected String JavaDoc m_sSalt = "";
67     protected boolean m_bIsSuper = false;
68     
69     /**
70      * Logger for this class
71      */
72     private final static Logger m_logger = Logger.getLogger(User.class.getName());
73
74     /**
75      * Basic constructor.
76      *
77      */
78     public User() {
79         super();
80         String JavaDoc crypto = "NONE";
81         try {
82             // set up a new salt string
83 crypto = ConfigSettings.getProperty("PWD_ENCRYPTION", "NONE");
84             m_logger.log(Level.INFO, "Got crypto property: " + crypto);
85         }
86         catch (ConfigException e) {
87             m_logger.log(Level.SEVERE, "config exception", e);
88         }
89         
90         if (crypto.equals("MD5")) {
91             m_sSalt = PasswordCryptUtil.getNewSalt(32);
92             m_logger.log(Level.FINE, "Got 32 character salt for user " + m_sName + " " + m_sSalt);
93         }
94         else if (crypto.equals("SHA-1")) {
95             m_sSalt = PasswordCryptUtil.getNewSalt(40);
96             m_logger.log(Level.FINE, "Got 40 character salt for user " + m_sName + " " + m_sSalt);
97         }
98         else {
99             m_sSalt = "";
100         }
101     }
102
103     /**
104      * Constructor for a historical object with an interface to the DB.
105      *
106      * @param dbinterf
107      * @param bHist
108      * @throws Exception
109      */
110     public User(AbstractDataStoreInterface dbinterf, boolean bHist) {
111         super(dbinterf);
112
113     }
114
115     /**
116      * Standard constructor for a known user
117      *
118      * @param dbinterf
119      * @param nId
120      */
121     public User(AbstractDataStoreInterface dbinterf, int nId) {
122         super(dbinterf, nId);
123
124     }
125
126     /**
127      * Standard constructor for a known historical user.
128      *
129      * @param dbinterf
130      * @param nId
131      * @param bHist
132      */
133     public User(AbstractDataStoreInterface dbinterf, int nId, int nKey, boolean bHist) {
134         super(dbinterf, nId, nKey, bHist);
135
136     }
137
138     /**
139      * Constructor which sets up an interface to the DB.
140      *
141      * @param dbinterf
142      * @throws Exception
143      */
144     public User(AbstractDataStoreInterface dbinterf) {
145         super(dbinterf);
146         
147     }
148
149     /**
150      * Returns the password for this user.
151      *
152      * @return
153      * @throws DataAccessException
154      */
155     public String JavaDoc getPassword() throws DataAccessException {
156         if ((m_sPassword == null || m_sPassword.length() == 0)
157             && isPopulated() == false) {
158             try {
159                 populateFromDatabase();
160             } catch (PopulateException e) {
161                 throw new DataAccessException(
162                     "Error occured populating user:" + e.getLocalizedMessage());
163             }
164         }
165
166         return m_sPassword;
167     }
168
169     /**
170      * Sets the password for this user.
171      *
172      * @param sPassword
173      * @throws Exception
174      */
175     public void setPassword(String JavaDoc sPassword) {
176         if (isPopulated() == true) {
177             if (m_sPassword.equals(sPassword) == false) {
178                 m_bIsChanged = true;
179             }
180         }
181         m_sPassword = sPassword;
182     }
183     
184     /**
185      * Returns <code>true</code> if this user is a super user.
186      *
187      * @return
188      * @throws DataAccessException
189      */
190     public boolean isSuper() throws DataAccessException {
191         if(isPopulated() == false) {
192             try {
193                 populateFromDatabase();
194             } catch (PopulateException e) {
195                 throw new DataAccessException(e.getLocalizedMessage(),e);
196             }
197         }
198         
199         return m_bIsSuper;
200     }
201     
202     /**
203      * Sets whether this user is a super user.
204      *
205      * @param bIsSuper
206      */
207     public void setIsSuper(boolean bIsSuper) {
208         if (isPopulated() == true) {
209             if (m_bIsSuper != bIsSuper) {
210                 m_bIsChanged = true;
211             }
212         }
213
214         m_bIsSuper = bIsSuper;
215     }
216
217     /* (non-Javadoc)
218      * @see org.openharmonise.rm.publishing.Publishable#publish(org.w3c.dom.Element, org.openharmonise.rm.publishing.HarmoniseOutput, org.openharmonise.rm.publishing.State)
219      */
220     public Element publish(Element topEl, HarmoniseOutput xmlDoc, State state)
221         throws PublishException {
222
223         Element docEl = null;
224         String JavaDoc sTagName = topEl.getTagName();
225         Text txt = null;
226
227         if (sTagName.equals(TAG_PASSWORD)) {
228             docEl = xmlDoc.createElement(TAG_PASSWORD);
229
230             try {
231                 txt = xmlDoc.createTextNode(getPassword());
232             } catch (Exception JavaDoc e) {
233                 throw new PublishException(
234                     "Error occured getting password for user:"
235                         + e.getLocalizedMessage());
236             }
237             docEl.appendChild(txt);
238
239             xmlDoc.copyChildren(docEl, topEl, new Vector JavaDoc());
240         } else {
241             docEl = super.publish(topEl, xmlDoc, state);
242         }
243
244         return docEl;
245     }
246
247     /* (non-Javadoc)
248      * @see org.openharmonise.rm.publishing.Publishable#populate(org.w3c.dom.Element, org.openharmonise.rm.publishing.State)
249      */
250     public void populate(Element xmlElement, State state)
251         throws PopulateException {
252         String JavaDoc sTagName = xmlElement.getTagName();
253         Text txt = null;
254
255         if (sTagName.equals(TAG_PASSWORD)) {
256             txt = (Text) xmlElement.getFirstChild();
257             setPassword(txt.getNodeValue());
258         } else {
259             super.populate(xmlElement, state);
260         }
261     }
262
263     /* (non-Javadoc)
264      * @see java.lang.Object#toString()
265      */
266     public String JavaDoc toString() {
267         StringBuffer JavaDoc sReturn = new StringBuffer JavaDoc();
268
269         try {
270             sReturn.append(" User_id=[")
271                 .append(Integer.toString(m_nId))
272                 .append("]");
273             sReturn.append(" UserName=[")
274                     .append(m_sName)
275                     .append("]");
276             sReturn.append(" Password=[")
277                 .append(m_sPassword)
278                 .append("]");
279             
280             Profile prof = getProfile();
281             
282             if(prof != null) {
283                 sReturn.append(" Profile=[")
284                     .append(prof.toString())
285                     .append("]");
286             }
287             
288         } catch (Exception JavaDoc e) {
289             m_logger.log(Level.INFO, e.getLocalizedMessage(), e);
290         }
291
292         return sReturn.toString();
293     }
294
295     /* (non-Javadoc)
296      * @see org.openharmonise.rm.dsi.DataStoreObject#getInstanceColumnRef(java.lang.String, boolean)
297      */
298     public ColumnRef getInstanceColumnRef(String JavaDoc columnRef, boolean bIsHist)
299         throws DataStoreException {
300         ColumnRef colRef = null;
301
302         String JavaDoc sTable = getTableName(bIsHist);
303
304         if (columnRef.equals(TAG_PASSWORD) == true
305             || columnRef.equals(CLMN_PASSWORD)) {
306             colRef = new ColumnRef(sTable, CLMN_PASSWORD, ColumnRef.TEXT);
307         } else if (columnRef.equals(CLMN_IS_SUPER)) {
308             colRef = new ColumnRef(sTable, CLMN_IS_SUPER, ColumnRef.NUMBER);
309         } else if (columnRef.equals(CLMN_SALT)) {
310             colRef = new ColumnRef(sTable, CLMN_SALT, ColumnRef.TEXT);
311         }
312         else {
313             colRef = super.getInstanceColumnRef(columnRef, bIsHist);
314         }
315
316         return colRef;
317     }
318
319     /* (non-Javadoc)
320      * @see org.openharmonise.rm.resources.AbstractChildObject#getParentObjectClassName()
321      */
322     public String JavaDoc getParentObjectClassName() {
323         return UserGroup.class.getName();
324     }
325
326     /* (non-Javadoc)
327      * @see org.openharmonise.rm.dsi.DataStoreObject#getDBTableName()
328      */
329     public String JavaDoc getDBTableName() {
330         return TBL_USER;
331     }
332
333     /* (non-Javadoc)
334      * @see org.openharmonise.rm.dsi.DataStoreObject#getInstanceJoinConditions(java.lang.String, boolean)
335      */
336     public JoinConditions getInstanceJoinConditions(
337         String JavaDoc sObjectTag,
338         boolean bIsOuter)
339         throws DataStoreException {
340         //nothing to return
341 return null;
342     }
343
344     /* (non-Javadoc)
345      * @see org.openharmonise.rm.publishing.Publishable#getTagName()
346      */
347     public String JavaDoc getTagName() {
348         return TAG_USER;
349     }
350     
351     /**
352      * @return cryptographic salt for the user
353      */
354     public String JavaDoc getSalt() {
355         return this.m_sSalt;
356     }
357
358     /*----------------------------------------------------------------------------
359     Protected methods
360     -----------------------------------------------------------------------------*/
361
362     /* (non-Javadoc)
363      * @see org.openharmonise.rm.resources.AbstractEditableObject#addDataToSave(org.openharmonise.commons.dsi.dml.InsertStatement)
364      */
365     protected void addDataToSave(InsertStatement insert)
366         throws DataStoreException {
367
368         insert.addColumnValue(
369             getInstanceColumnRef(CLMN_PASSWORD, isHistorical()),
370             this.m_sPassword);
371         
372         int nSuper = 0;
373         
374         if(m_bIsSuper == true) {
375             nSuper = 1;
376         }
377         
378         insert.addColumnValue(
379                         getInstanceColumnRef(CLMN_IS_SUPER, isHistorical()),
380                         nSuper);
381         
382         insert.addColumnValue(getInstanceColumnRef(CLMN_SALT, isHistorical()),
383                         m_sSalt);
384         m_logger.log(Level.FINE, "Saving user " + m_sName + " with salt " + m_sSalt);
385
386         super.addDataToSave(insert);
387     }
388
389     /* (non-Javadoc)
390      * @see org.openharmonise.rm.resources.AbstractObject#populateFromResultSetRow(java.sql.ResultSet, org.openharmonise.commons.dsi.dml.SelectStatement)
391      */
392     protected void populateFromResultSetRow(
393         ResultSet rs,
394         SelectStatement select)
395         throws PopulateException {
396
397         if (isPopulated() == false) {
398             try {
399                 ColumnRef colref =
400                     getInstanceColumnRef(CLMN_PASSWORD, isHistorical());
401
402                 if (select.containsSelectColumn(colref) == true) {
403                     String JavaDoc sTemp = null;
404
405                     sTemp = rs.getString(select.getResultSetIndex(colref));
406
407                     if ((sTemp != null) && (sTemp.length() > 0)) {
408                         if ((m_sPassword == null)
409                             || (m_sPassword.length() == 0)) {
410                             m_sPassword = sTemp;
411                         } else if (m_sPassword.equals(sTemp) == false) {
412                             setIsChanged(true);
413                         }
414                     }
415
416                 }
417                 
418                 colref =
419                     getInstanceColumnRef(CLMN_IS_SUPER, isHistorical());
420
421                 if (select.containsSelectColumn(colref) == true) {
422                     String JavaDoc sTemp = null;
423
424                     m_bIsSuper = rs.getBoolean(select.getResultSetIndex(colref));
425
426                 }
427                 
428                 // and the salt
429 colref = getInstanceColumnRef(CLMN_SALT, isHistorical());
430                 
431                 if (select.containsSelectColumn(colref) == true) {
432                     m_sSalt = rs.getString(select.getResultSetIndex(colref));
433                 }
434
435                 super.populateFromResultSetRow(rs, select);
436             } catch (SQLException e) {
437                 throw new PopulateException(
438                     "Error occured accessing password",
439                     e);
440             } catch (DataStoreException e) {
441                 throw new PopulateException(
442                     "Error occured getting column ref",
443                     e);
444
445             }
446         }
447     }
448
449     /* (non-Javadoc)
450      * @see org.openharmonise.rm.resources.AbstractEditableObject#saveNonCoreData()
451      */
452     protected void saveNonCoreData() throws EditException {
453         //no non core data
454 }
455
456     /*----------------------------------------------------------------------------
457     Protected methods
458     -----------------------------------------------------------------------------*/
459
460     /**
461      * Populates this object with an id and key from the given user name and
462      * password.
463      *
464      * @param sUserName
465      * @param sPassword
466      * @throws DataStoreException
467      * @throws ObjectNotFoundException
468      */
469     private void populateIdFromUsernamePassword(
470         String JavaDoc sUserName,
471         String JavaDoc sPassword)
472         throws DataStoreException, ObjectNotFoundException {
473         ResultSet rs = null;
474         boolean bFound = false;
475
476         try {
477             SelectStatement newQuery = new SelectStatement();
478
479             newQuery.addSelectColumn(
480                 this.getInstanceColumnRef(ATTRIB_KEY, false));
481             newQuery.addSelectColumn(
482                 this.getInstanceColumnRef(ATTRIB_ID, false));
483
484             newQuery.addWhereCondition(
485                 this.getInstanceColumnRef(TAG_NAME, false),
486                 "=",
487                 sUserName);
488             newQuery.addWhereCondition(
489                 this.getInstanceColumnRef(CLMN_PASSWORD, false),
490                 "=",
491                 sPassword);
492             newQuery.addWhereCondition(
493                 this.getInstanceColumnRef(TAG_STATUS, false),
494                 "=",
495                 0);
496
497             rs = m_dsi.executeQuery(newQuery);
498
499             while (rs.next()) {
500                 m_nObjectKey = rs.getInt(1);
501                 m_nId = rs.getInt(2);
502                 bFound = true;
503             }
504
505             if (bFound == false) {
506                 rs.close();
507
508                 newQuery.clear();
509
510                 newQuery.addSelectColumn(
511                     getInstanceColumnRef(ATTRIB_KEY, false));
512                 newQuery.addSelectColumn(
513                     getInstanceColumnRef(ATTRIB_ID, false));
514
515                 newQuery.addWhereCondition(
516                     getInstanceColumnRef(TAG_NAME, false),
517                     "=",
518                     sUserName);
519                 newQuery.addWhereCondition(
520                     getInstanceColumnRef(CLMN_PASSWORD, false),
521                     "=",
522                     sPassword);
523
524                 rs = m_dsi.executeQuery(newQuery);
525
526                 while (rs.next()) {
527                     m_nObjectKey = rs.getInt(1);
528                     m_nId = rs.getInt(2);
529                     bFound = true;
530                 }
531             }
532
533             if (bFound == false) {
534                 throw new ObjectNotFoundException();
535             }
536         } catch (SQLException e) {
537             throw new DataStoreException(e);
538         } finally {
539             if (rs != null) {
540                 try {
541                     rs.close();
542                 } catch (SQLException e) {
543                     throw new DataStoreException(e);
544                 }
545             }
546         }
547     }
548
549     /* (non-Javadoc)
550      * @see org.openharmonise.rm.resources.AbstractObject#addColumnsToPopulateQuery(org.openharmonise.commons.dsi.dml.SelectStatement, boolean)
551      */
552     protected void addColumnsToPopulateQuery(
553         SelectStatement select,
554         boolean bIsHist)
555         throws DataStoreException {
556         super.addColumnsToPopulateQuery(select, bIsHist);
557         select.addSelectColumn(getInstanceColumnRef(CLMN_PASSWORD, bIsHist));
558         select.addSelectColumn(getInstanceColumnRef(CLMN_IS_SUPER, bIsHist));
559         select.addSelectColumn(getInstanceColumnRef(CLMN_SALT, bIsHist));
560     }
561
562     /* (non-Javadoc)
563      * @see org.openharmonise.rm.resources.AbstractObject#setName(java.lang.String)
564      */
565     public void setName(String JavaDoc sName) throws InvalidNameException {
566         try {
567             if((m_sName != null && m_sName.equals(sName) == false && isNameValid(sName) == true) || isNameValid(sName) == true) {
568                 super.setName(sName);
569             } else {
570                 throw new InvalidNameException(sName + " is an invalid name for this user");
571             }
572         } catch (DataStoreException e) {
573             throw new InvalidNameException("Error occured checking name validity", e);
574         } catch (SQLException e) {
575             throw new InvalidNameException("Error occured checking name validity", e);
576         }
577         
578     }
579
580     /**
581      * @param sName
582      * @return
583      */
584     private boolean isNameValid(String JavaDoc sName) throws DataStoreException, SQLException {
585         boolean bIsNameValid = true;
586         
587         SelectStatement select = new SelectStatement();
588         ResultSet rs = null;
589         
590         try {
591             ColumnRef nameCol = getInstanceColumnRef(TAG_NAME,isHistorical());
592             
593             select.addSelectColumn(nameCol);
594             
595             select.addWhereCondition(nameCol, "=", sName);
596             
597             if(m_nId > 0) {
598                 select.addWhereCondition(getInstanceColumnRef(ATTRIB_ID,isHistorical()), "!=", m_nId);
599                 
600                 select.addWhereCondition(getInstanceColumnRef(TAG_LIVE_VERSION,isHistorical()), "!=", m_nId);
601             }
602             
603             rs = m_dsi.execute(select);
604             
605             if(rs.next()) {
606                 bIsNameValid = false;
607             }
608         } finally {
609             if(rs != null) {
610                 try {
611                     rs.close();
612                 } catch (SQLException e) {
613                     m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
614                 }
615             }
616         }
617         return bIsNameValid;
618     }
619
620
621 }
Popular Tags