2 * Copyright 2005-2010 the original author or authors.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org.wamblee.usermgt;
18 import org.wamblee.security.AbstractPersistent;
19 import org.wamblee.security.encryption.MessageDigester;
21 import org.wamblee.usermgt.UserMgtException.Reason;
23 import java.io.Serializable;
26 import java.util.TreeSet;
28 import javax.persistence.Entity;
29 import javax.persistence.GeneratedValue;
30 import javax.persistence.GenerationType;
31 import javax.persistence.Id;
32 import javax.persistence.ManyToMany;
33 import javax.persistence.Table;
34 import javax.persistence.Transient;
35 import javax.persistence.Version;
38 * Represents a user. The methods for managing the groups of the user have
39 * package scope. Managing the groups of the user should be done through the
40 * {@link org.wamblee.usermgt.UserAdministration} interface.
43 @Table(name = "SEC_USER")
44 public class User implements Serializable,
48 @GeneratedValue(strategy = GenerationType.AUTO)
49 private Long primaryKey;
62 private String password;
65 * Groups the user belongs to.
68 private Set<Group> groups;
74 private NameValidator passwordValidator;
80 private MessageDigester passwordEncoder;
83 * Constructs the user.
90 * Group the user belongs to.
92 User(String aName, String aPassword, Group aGroup,
93 NameValidator aPasswordValidator, MessageDigester aPasswordEncoder)
94 throws UserMgtException {
97 aPasswordValidator.validate(aPassword);
98 password = aPasswordEncoder.hash(aPassword);
99 groups = new TreeSet<Group>();
101 passwordValidator = aPasswordValidator;
102 passwordEncoder = aPasswordEncoder;
106 * Creates a new User object.
109 public User(User aUser) {
111 password = aUser.password;
112 groups = new TreeSet<Group>();
114 for (Group group : aUser.groups) {
115 groups.add(new Group(group));
118 passwordValidator = aUser.passwordValidator;
119 passwordEncoder = aUser.passwordEncoder;
123 * Creates a new User object.
130 passwordValidator = null;
131 passwordEncoder = null;
135 * Sets the password validator.
137 * @param aPasswordValidator
140 public void setPasswordValidator(NameValidator aPasswordValidator) {
141 passwordValidator = aPasswordValidator;
145 * Sets the password encoder.
147 * @param aPasswordEncoder
150 public void setPasswordEncoder(MessageDigester aPasswordEncoder) {
151 passwordEncoder = aPasswordEncoder;
156 * @return Returns the password.
158 String getPassword() {
163 * Checks the password.
168 * @throws UserMgtException
169 * In case the password is incorrect.
171 public void checkPassword(String aPassword) throws UserMgtException {
172 String encoded = passwordEncoder.hash(aPassword);
174 if (!password.equals(encoded)) {
175 throw new UserMgtException(Reason.INVALID_PASSWORD, this);
180 * Changes the password.
182 * @param aOldPassword
184 * @param aNewPassword
187 * @throws UserMgtException
188 * In case the old password is incorrect.
190 public void changePassword(String aOldPassword, String aNewPassword)
191 throws UserMgtException {
192 checkPassword(aOldPassword);
193 passwordValidator.validate(aNewPassword);
194 setPassword(aNewPassword);
200 * The password to set.
203 public void setPassword(String aPassword) throws UserMgtException {
204 passwordValidator.validate(aPassword);
205 password = passwordEncoder.hash(aPassword);
213 protected String getPasswordString() {
223 protected void setPasswordString(String aPassword) {
224 password = aPassword;
229 * @return Returns the _user.
231 public String getName() {
238 * The username to set.
240 void setName(String aName) {
245 * Gets the groups the user belongs to.
249 public Set<Group> getGroups() {
250 Set<Group> result = new TreeSet<Group>();
251 result.addAll(groups);
257 * Checks whether the user belongs to the given group.
262 * @return True if the user belongs to the group.
264 public boolean isInGroup(Group aGroup) {
265 return groups.contains(aGroup);
269 * Checks whether the user belongs to the given group.
274 * @return True if the user belongs to the group.
276 public boolean isInGroup(String aGroup) {
277 return groups.contains(new Group(aGroup));
281 * Gets the group set. For OR mapping.
283 * @return set of groups.
285 Set<Group> getGroupSet() {
290 * Sets the groups the user belongs to, for OR mapping.
295 void setGroupSet(Set<Group> aGroups) {
300 * Adds the user to a group.
303 * Group to add the user to.
305 * @throws UserMgtException
306 * In case the user already belongs to the group.
308 void addGroup(Group aGroup) throws UserMgtException {
309 if (groups.contains(aGroup)) {
310 throw new UserMgtException(Reason.USER_ALREADY_IN_GROUP, aGroup);
317 * Removes the user from a group.
322 * @throws UserMgtException
323 * In case the user does not belong to the group.
325 void removeGroup(Group aGroup) throws UserMgtException {
326 if (!groups.contains(aGroup)) {
327 throw new UserMgtException(Reason.USER_NOT_IN_GROUP, this, aGroup);
330 if (groups.size() == 1) {
331 throw new UserMgtException(Reason.USER_MUST_BE_IN_A_GROUP, this,
335 groups.remove(aGroup);
341 * @see java.lang.Object#equals(java.lang.Object)
344 public boolean equals(Object aUser) {
345 if (!(aUser instanceof User)) {
349 User user = (User) aUser;
351 return name.equals(user.name);
357 * @see java.lang.Object#hashCode()
360 public int hashCode() {
361 return name.hashCode();
367 * @see java.lang.Object#toString()
370 public String toString() {
371 String result = "User(name=" + name + ", password=" + password;
373 for (Group group : groups) {
374 result += (", group=" + group);
383 * @see java.lang.Comparable#compareTo(T)
385 public int compareTo(Object aUser) {
386 return name.compareTo(((User) aUser).name);
389 public Long getPrimaryKey() {