X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fusermgt%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthentication%2FUserAdministrationImpl.java;fp=security%2Fusermgt%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthentication%2FUserAdministrationImpl.java;h=61505a9fa627d705f3cc0cc8715eaff1fd0fbbfa;hb=9449ea0f360f6e9c14057db57f3ee0bfba947ab4;hp=0000000000000000000000000000000000000000;hpb=e8b988e92306a4aea2f047af1b48588147288831;p=utils diff --git a/security/usermgt/src/main/java/org/wamblee/security/authentication/UserAdministrationImpl.java b/security/usermgt/src/main/java/org/wamblee/security/authentication/UserAdministrationImpl.java new file mode 100644 index 00000000..61505a9f --- /dev/null +++ b/security/usermgt/src/main/java/org/wamblee/security/authentication/UserAdministrationImpl.java @@ -0,0 +1,282 @@ +/* + * Copyright 2005-2010 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.wamblee.security.authentication; + +import static org.wamblee.security.authentication.UserMgtException.Reason.*; + +import java.util.ArrayList; +import java.util.List; + +import org.wamblee.security.authentication.UserMgtException.Reason; + +/** + * Administration of users and groups. + * + * @author Erik Brakkee + */ +public class UserAdministrationImpl implements UserAdministration { + /** + * All known users. + */ + private UserSet users; + + /** + * All known groups. + */ + private GroupSet groups; + + /** + * Validator for user names. + */ + private NameValidator userValidator; + + /** + * Validator for group names. + */ + private NameValidator groupValidator; + + /** + * Constructs empty user administration. + * + */ + public UserAdministrationImpl(UserSet aUsers, GroupSet aGroups, + NameValidator aUserValidator, NameValidator aGroupValidator) { + users = aUsers; + groups = aGroups; + userValidator = aUserValidator; + groupValidator = aGroupValidator; + } + + /* + * (non-Javadoc) + * + * @see org.wamblee.usermgt.UserAdministration#createUser(java.lang.String, + * java.lang.String) + */ + @Override + public void createUser(String aUser, String aPassword) { + if (!userValidator.validate(aUser)) { + throw new UserMgtException(Reason.INVALID_USERNAME, aUser); + } + + users.createUser(aUser, aPassword); + } + + /* + * (non-Javadoc) + * + * @see org.wamblee.usermgt.UserAdministration#createGroup(java.lang.String) + */ + @Override + public void createGroup(String aName) { + if (!groupValidator.validate(aName)) { + throw new UserMgtException(Reason.INVALID_GROUPNAME, aName); + } + + Group group = new Group(aName); + + if (groups.contains(group)) { + throw new UserMgtException(DUPLICATE_GROUP, group); + } + + groups.add(group); + } + + @Override + public boolean checkUser(String aUser) { + return users.find(aUser) != null; + } + + @Override + public boolean checkGroup(String aGroup) { + return groups.find(aGroup) != null; + } + + @Override + public boolean checkPassword(String aUser, String aPassword) { + User user = requireUser(aUser, "While checking password"); + return user.checkPassword(aPassword); + } + + private User requireUser(String aUser, String aMsg) { + User user = users.find(aUser); + if (user == null) { + throw new UserMgtException(Reason.UNKNOWN_USER, aMsg); + } + return user; + } + + private Group requireGroup(String aGroup, String aMsg) { + Group group = groups.find(aGroup); + if (group == null) { + throw new UserMgtException(Reason.UNKNOWN_GROUP, aMsg); + } + return group; + } + + @Override + public boolean changePassword(String aUser, String aOldPassword, + String aNewPassword) { + User user = requireUser(aUser, "While checking password"); + boolean res = user.changePassword(aOldPassword, aNewPassword); + users.userModified(user); + return res; + } + + @Override + public void setPassword(String aUser, String aPassword) { + User user = requireUser(aUser, "While setting password"); + user.setPassword(aPassword); + users.userModified(user); + } + + @Override + public boolean isInGroup(String aUser, String aGroup) { + User user = requireUser(aUser, + "While checking whether user belongs to group"); + return user.isInGroup(aGroup); + } + + @Override + public int getUserCount() { + return users.size(); + } + + @Override + public int getGroupCount() { + return groups.size(); + } + + @Override + public List getUsers() { + List res = new ArrayList(); + for (User user : users.list()) { + res.add(user.getName()); + } + return res; + } + + @Override + public List getUsers(String aGroup) { + Group group = requireGroup(aGroup, "While finding users for group"); + List res = new ArrayList(); + for (User user : users.list(group)) { + res.add(user.getName()); + } + return res; + } + + @Override + public List getGroups() { + List res = new ArrayList(); + for (Group group : groups.list()) { + res.add(group.getName()); + } + return res; + } + + @Override + public List getGroups(String aUser) { + User user = requireUser(aUser, "While getting list of groups"); + List res = new ArrayList(); + for (Group g : user.getGroups()) { + res.add(g.getName()); + } + return res; + } + + @Override + public void renameUser(String aOldUsername, String aNewUsername) { + User user = requireUser(aOldUsername, "While renaming user"); + + if (aOldUsername.equals(aNewUsername)) { + return; // nothing to do. + } + + if (users.find(aNewUsername) != null) { + throw new UserMgtException(DUPLICATE_USER, aNewUsername); + } + + if (!userValidator.validate(aNewUsername)) { + throw new UserMgtException(Reason.INVALID_USERNAME, aNewUsername); + } + + user.setName(aNewUsername); + users.userModified(user); + } + + @Override + public void renameGroup(String aOldGroup, String aNewGroup) { + Group group = requireGroup(aOldGroup, "While renaming group"); + + if (aOldGroup.equals(aNewGroup)) { + return; // OK. + } + + if (groups.find(aNewGroup) != null) { + throw new UserMgtException(DUPLICATE_GROUP, aNewGroup); + } + + if (!groupValidator.validate(aNewGroup)) { + throw new UserMgtException(Reason.INVALID_GROUPNAME, aNewGroup); + } + + group.setName(aNewGroup); + groups.groupModified(group); + // Because a group has changed, a cached user could contain reference to an old copy of the + // group. Therefore, we clear the cache in this case. + users.clearCache(); + } + + @Override + public void removeUser(String aUser) { + User user = requireUser(aUser, "While removing user"); + boolean removed = users.remove(user); + if (!removed) { + throw new UserMgtException(Reason.UNKNOWN_USER, aUser); + } + } + + @Override + public void removeGroup(String aGroup) { + Group group = requireGroup(aGroup, "While removing group"); + + if (getUsers(aGroup).size() > 0) { + throw new UserMgtException(GROUP_STILL_OCCUPIED, aGroup); + } + + boolean removed = groups.remove(group); + if (!removed) { + throw new UserMgtException(Reason.UNKNOWN_GROUP, aGroup); + } + } + + @Override + public void addUserToGroup(String aUser, String aGroup) { + User user = requireUser(aUser, "While adding user to group"); + Group group = requireGroup(aGroup, "While adding user to group"); + user.addGroup(group); + users.userModified(user); + } + + @Override + public void removeUserFromGroup(String aUser, String aGroup) { + User user = requireUser(aUser, "While removing user from group"); + Group group = requireGroup(aGroup, "While removing user from group"); + user.removeGroup(group); + users.userModified(user); + } +}