@Override
 public void internalRemoveAuthorization(User user, String auth, User authUser) {
   Vertex userVertex = findByIdUserVertex(user.getUserId());
   Set<String> authorizationSet = getAuthorizations(userVertex);
   if (!authorizationSet.contains(auth)) {
     return;
   }
   authorizationSet.remove(auth);
   String authorizationsString = StringUtils.join(authorizationSet, ",");
   UserVisalloProperties.AUTHORIZATIONS.setProperty(
       userVertex, authorizationsString, VISIBILITY.getVisibility(), authorizations);
   graph.flush();
   userVertexCache.invalidate(user.getUserId());
 }
  @Override
  protected User addUser(
      String username,
      String displayName,
      String emailAddress,
      String password,
      String[] userAuthorizations) {
    username = formatUsername(username);
    displayName = displayName.trim();
    String authorizationsString = StringUtils.join(userAuthorizations, ",");

    byte[] salt = UserPasswordUtil.getSalt();
    byte[] passwordHash = UserPasswordUtil.hashPassword(password, salt);

    String id = GRAPH_USER_ID_PREFIX + graph.getIdGenerator().nextId();
    VertexBuilder userBuilder = graph.prepareVertex(id, VISIBILITY.getVisibility());

    VisalloProperties.CONCEPT_TYPE.setProperty(
        userBuilder, userConceptId, VISIBILITY.getVisibility());
    UserVisalloProperties.USERNAME.setProperty(userBuilder, username, VISIBILITY.getVisibility());
    UserVisalloProperties.DISPLAY_NAME.setProperty(
        userBuilder, displayName, VISIBILITY.getVisibility());
    UserVisalloProperties.CREATE_DATE.setProperty(
        userBuilder, new Date(), VISIBILITY.getVisibility());
    UserVisalloProperties.PASSWORD_SALT.setProperty(userBuilder, salt, VISIBILITY.getVisibility());
    UserVisalloProperties.PASSWORD_HASH.setProperty(
        userBuilder, passwordHash, VISIBILITY.getVisibility());
    UserVisalloProperties.STATUS.setProperty(
        userBuilder, UserStatus.OFFLINE.toString(), VISIBILITY.getVisibility());
    UserVisalloProperties.AUTHORIZATIONS.setProperty(
        userBuilder, authorizationsString, VISIBILITY.getVisibility());
    UserVisalloProperties.PRIVILEGES.setProperty(
        userBuilder, Privilege.toString(getDefaultPrivileges()), VISIBILITY.getVisibility());

    if (emailAddress != null) {
      UserVisalloProperties.EMAIL_ADDRESS.setProperty(
          userBuilder, emailAddress, VISIBILITY.getVisibility());
    }

    User user = createFromVertex(userBuilder.save(this.authorizations));
    graph.flush();

    afterNewUserAdded(user);

    return user;
  }
  public static Set<String> getAuthorizations(Vertex userVertex) {
    String authorizationsString = UserVisalloProperties.AUTHORIZATIONS.getPropertyValue(userVertex);
    if (authorizationsString == null) {
      return new HashSet<>();
    }
    String[] authorizationsArray = authorizationsString.split(",");
    if (authorizationsArray.length == 1 && authorizationsArray[0].length() == 0) {
      authorizationsArray = new String[0];
    }
    HashSet<String> authorizations = new HashSet<>();
    for (String s : authorizationsArray) {
      // Accumulo doesn't like zero length strings. they shouldn't be in the auth string to begin
      // with but this just protects from that happening.
      if (s.trim().length() == 0) {
        continue;
      }

      authorizations.add(s);
    }
    return authorizations;
  }