--- /dev/null
+/*
+ * Copyright 2005-2010 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wamblee.security.authentication;
+
+import static org.wamblee.security.authentication.UserMgtException.Reason.*;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.wamblee.security.authentication.UserMgtException.Reason;
+
+/**
+ * Administration of users and groups.
+ *
+ * @author Erik Brakkee
+ */
+public class UserAdministrationImpl implements UserAdministration {
+ /**
+ * All known users.
+ */
+ private UserSet users;
+
+ /**
+ * All known groups.
+ */
+ private GroupSet groups;
+
+ /**
+ * Validator for user names.
+ */
+ private NameValidator userValidator;
+
+ /**
+ * Validator for group names.
+ */
+ private NameValidator groupValidator;
+
+ /**
+ * Constructs empty user administration.
+ *
+ */
+ public UserAdministrationImpl(UserSet aUsers, GroupSet aGroups,
+ NameValidator aUserValidator, NameValidator aGroupValidator) {
+ users = aUsers;
+ groups = aGroups;
+ userValidator = aUserValidator;
+ groupValidator = aGroupValidator;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.wamblee.usermgt.UserAdministration#createUser(java.lang.String,
+ * java.lang.String)
+ */
+ @Override
+ public void createUser(String aUser, String aPassword) {
+ if (!userValidator.validate(aUser)) {
+ throw new UserMgtException(Reason.INVALID_USERNAME, aUser);
+ }
+
+ users.createUser(aUser, aPassword);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.wamblee.usermgt.UserAdministration#createGroup(java.lang.String)
+ */
+ @Override
+ public void createGroup(String aName) {
+ if (!groupValidator.validate(aName)) {
+ throw new UserMgtException(Reason.INVALID_GROUPNAME, aName);
+ }
+
+ Group group = new Group(aName);
+
+ if (groups.contains(group)) {
+ throw new UserMgtException(DUPLICATE_GROUP, group);
+ }
+
+ groups.add(group);
+ }
+
+ @Override
+ public boolean checkUser(String aUser) {
+ return users.find(aUser) != null;
+ }
+
+ @Override
+ public boolean checkGroup(String aGroup) {
+ return groups.find(aGroup) != null;
+ }
+
+ @Override
+ public boolean checkPassword(String aUser, String aPassword) {
+ User user = requireUser(aUser, "While checking password");
+ return user.checkPassword(aPassword);
+ }
+
+ private User requireUser(String aUser, String aMsg) {
+ User user = users.find(aUser);
+ if (user == null) {
+ throw new UserMgtException(Reason.UNKNOWN_USER, aMsg);
+ }
+ return user;
+ }
+
+ private Group requireGroup(String aGroup, String aMsg) {
+ Group group = groups.find(aGroup);
+ if (group == null) {
+ throw new UserMgtException(Reason.UNKNOWN_GROUP, aMsg);
+ }
+ return group;
+ }
+
+ @Override
+ public boolean changePassword(String aUser, String aOldPassword,
+ String aNewPassword) {
+ User user = requireUser(aUser, "While checking password");
+ boolean res = user.changePassword(aOldPassword, aNewPassword);
+ users.userModified(user);
+ return res;
+ }
+
+ @Override
+ public void setPassword(String aUser, String aPassword) {
+ User user = requireUser(aUser, "While setting password");
+ user.setPassword(aPassword);
+ users.userModified(user);
+ }
+
+ @Override
+ public boolean isInGroup(String aUser, String aGroup) {
+ User user = requireUser(aUser,
+ "While checking whether user belongs to group");
+ return user.isInGroup(aGroup);
+ }
+
+ @Override
+ public int getUserCount() {
+ return users.size();
+ }
+
+ @Override
+ public int getGroupCount() {
+ return groups.size();
+ }
+
+ @Override
+ public List<String> getUsers() {
+ List<String> res = new ArrayList<String>();
+ for (User user : users.list()) {
+ res.add(user.getName());
+ }
+ return res;
+ }
+
+ @Override
+ public List<String> getUsers(String aGroup) {
+ Group group = requireGroup(aGroup, "While finding users for group");
+ List<String> res = new ArrayList<String>();
+ for (User user : users.list(group)) {
+ res.add(user.getName());
+ }
+ return res;
+ }
+
+ @Override
+ public List<String> getGroups() {
+ List<String> res = new ArrayList<String>();
+ for (Group group : groups.list()) {
+ res.add(group.getName());
+ }
+ return res;
+ }
+
+ @Override
+ public List<String> getGroups(String aUser) {
+ User user = requireUser(aUser, "While getting list of groups");
+ List<String> res = new ArrayList<String>();
+ for (Group g : user.getGroups()) {
+ res.add(g.getName());
+ }
+ return res;
+ }
+
+ @Override
+ public void renameUser(String aOldUsername, String aNewUsername) {
+ User user = requireUser(aOldUsername, "While renaming user");
+
+ if (aOldUsername.equals(aNewUsername)) {
+ return; // nothing to do.
+ }
+
+ if (users.find(aNewUsername) != null) {
+ throw new UserMgtException(DUPLICATE_USER, aNewUsername);
+ }
+
+ if (!userValidator.validate(aNewUsername)) {
+ throw new UserMgtException(Reason.INVALID_USERNAME, aNewUsername);
+ }
+
+ user.setName(aNewUsername);
+ users.userModified(user);
+ }
+
+ @Override
+ public void renameGroup(String aOldGroup, String aNewGroup) {
+ Group group = requireGroup(aOldGroup, "While renaming group");
+
+ if (aOldGroup.equals(aNewGroup)) {
+ return; // OK.
+ }
+
+ if (groups.find(aNewGroup) != null) {
+ throw new UserMgtException(DUPLICATE_GROUP, aNewGroup);
+ }
+
+ if (!groupValidator.validate(aNewGroup)) {
+ throw new UserMgtException(Reason.INVALID_GROUPNAME, aNewGroup);
+ }
+
+ group.setName(aNewGroup);
+ groups.groupModified(group);
+ // Because a group has changed, a cached user could contain reference to an old copy of the
+ // group. Therefore, we clear the cache in this case.
+ users.clearCache();
+ }
+
+ @Override
+ public void removeUser(String aUser) {
+ User user = requireUser(aUser, "While removing user");
+ boolean removed = users.remove(user);
+ if (!removed) {
+ throw new UserMgtException(Reason.UNKNOWN_USER, aUser);
+ }
+ }
+
+ @Override
+ public void removeGroup(String aGroup) {
+ Group group = requireGroup(aGroup, "While removing group");
+
+ if (getUsers(aGroup).size() > 0) {
+ throw new UserMgtException(GROUP_STILL_OCCUPIED, aGroup);
+ }
+
+ boolean removed = groups.remove(group);
+ if (!removed) {
+ throw new UserMgtException(Reason.UNKNOWN_GROUP, aGroup);
+ }
+ }
+
+ @Override
+ public void addUserToGroup(String aUser, String aGroup) {
+ User user = requireUser(aUser, "While adding user to group");
+ Group group = requireGroup(aGroup, "While adding user to group");
+ user.addGroup(group);
+ users.userModified(user);
+ }
+
+ @Override
+ public void removeUserFromGroup(String aUser, String aGroup) {
+ User user = requireUser(aUser, "While removing user from group");
+ Group group = requireGroup(aGroup, "While removing user from group");
+ user.removeGroup(group);
+ users.userModified(user);
+ }
+}