Beispiel #1
0
  /**
   * Check if an Lutece user should be visible to the user according its workgroup
   *
   * @param user the Lutece user
   * @param adminUser the admin user
   * @param plugin the plugin
   * @return true if the Lutece user should be visible, false otherwise
   */
  public boolean isAuthorized(DatabaseUser user, AdminUser adminUser, Plugin plugin) {
    boolean bHasRole = false;
    List<String> userRoleKeyList = DatabaseHome.findUserRolesFromLogin(user.getLogin(), plugin);

    for (String userRoleKey : userRoleKeyList) {
      bHasRole = true;

      Role role = RoleHome.findByPrimaryKey(userRoleKey);

      if (AdminWorkgroupService.isAuthorized(role, adminUser)) {
        return true;
      }
    }

    List<String> userGroupKeyList = DatabaseHome.findUserGroupsFromLogin(user.getLogin(), plugin);

    for (String userGroupKey : userGroupKeyList) {
      List<String> groupRoleKeyList = GroupRoleHome.findGroupRoles(userGroupKey, plugin);

      for (String groupRoleKey : groupRoleKeyList) {
        bHasRole = true;

        Role role = RoleHome.findByPrimaryKey(groupRoleKey);

        if (AdminWorkgroupService.isAuthorized(role, adminUser)) {
          return true;
        }
      }
    }

    return !bHasRole;
  }
Beispiel #2
0
  /**
   * Check if the user is active or not
   *
   * @param strUserName the user name
   * @param plugin the plugin
   * @return true if it is active, false otherwise
   */
  public boolean isUserActive(String strUserName, Plugin plugin) {
    boolean bIsActive = false;

    List<DatabaseUser> listUsers =
        (List<DatabaseUser>) DatabaseUserHome.findDatabaseUsersListForLogin(strUserName, plugin);

    if ((listUsers != null) && !listUsers.isEmpty()) {
      DatabaseUser user = listUsers.get(0);
      bIsActive = user.isActive();
    }

    return bIsActive;
  }
Beispiel #3
0
  /**
   * Do create a new database user
   *
   * @param user the user
   * @param strPassword the password
   * @param plugin the plugin
   * @return the new database user with a new ID
   */
  public DatabaseUser doCreateUser(DatabaseUser user, String strPassword, Plugin plugin) {
    String strEncryptedPassword = strPassword;

    if (_userParamService.isPasswordEncrypted(plugin)) {
      String strAlgorithm = _userParamService.getEncryptionAlgorithm(plugin);
      strEncryptedPassword = CryptoService.encrypt(strPassword, strAlgorithm);
    }

    user.setPasswordMaxValidDate(SecurityUtils.getPasswordMaxValidDate(_userParamService, plugin));
    user.setAccountMaxValidDate(SecurityUtils.getAccountMaxValidDate(_userParamService, plugin));

    return DatabaseUserHome.create(user, strEncryptedPassword, plugin);
  }
Beispiel #4
0
  /**
   * Do modify the reset password attribute
   *
   * @param user the DatabaseUser
   * @param bNewValue the new value
   * @param plugin the plugin
   */
  public void doModifyResetPassword(DatabaseUser user, boolean bNewValue, Plugin plugin) {
    DatabaseUser userStored = DatabaseUserHome.findByPrimaryKey(user.getUserId(), plugin);

    if (userStored != null) {
      DatabaseUserHome.updateResetPassword(userStored, bNewValue, plugin);
    }
  }
Beispiel #5
0
 /**
  * Login automatically the database user
  *
  * @param request the HTTP request
  * @param DatabaseUser databaseUser
  * @param plugin the plugin
  */
 public void doAutoLoginDatabaseUser(
     HttpServletRequest request, DatabaseUser databaseUser, Plugin plugin) {
   if (_baseAuthentication != null) {
     BaseUser user =
         DatabaseHome.findLuteceUserByLogin(databaseUser.getLogin(), plugin, _baseAuthentication);
     SecurityService.getInstance().registerUser(request, user);
   }
 }
Beispiel #6
0
  /**
   * Do modify the password
   *
   * @param user the DatabaseUser
   * @param strPassword the new password not encrypted
   * @param plugin the plugin
   */
  public void doModifyPassword(DatabaseUser user, String strPassword, Plugin plugin) {
    // Updates password
    if (StringUtils.isNotBlank(strPassword)) {
      // Encrypts password or not
      String strEncryptedPassword = strPassword;

      if (_userParamService.isPasswordEncrypted(plugin)) {
        String strAlgorithm = _userParamService.getEncryptionAlgorithm(plugin);
        strEncryptedPassword = CryptoService.encrypt(strPassword, strAlgorithm);
      }

      DatabaseUser userStored = DatabaseUserHome.findByPrimaryKey(user.getUserId(), plugin);

      if (userStored != null) {
        userStored.setPasswordMaxValidDate(
            SecurityUtils.getPasswordMaxValidDate(_userParamService, plugin));
        DatabaseUserHome.updatePassword(userStored, strEncryptedPassword, plugin);
      }
    }
  }
Beispiel #7
0
  /**
   * Change all user's password and notify them with an email.
   *
   * @param strBaseURL The base url of the application
   * @param plugin The plugin
   * @param locale The locale to use
   */
  public void changeUserPasswordAndNotify(String strBaseURL, Plugin plugin, Locale locale) {
    // Alert all users their password have been reinitialized.
    Collection<DatabaseUser> listUsers = DatabaseUserHome.findDatabaseUsersList(plugin);

    for (DatabaseUser user : listUsers) {
      // Makes password
      String strPassword = SecurityUtils.makePassword(_userParamService, plugin);
      doModifyPassword(user, strPassword, plugin);

      if (StringUtils.isNotBlank(user.getEmail())) {
        // Sends password by e-mail
        ReferenceItem referenceItem =
            _userParamService.findByKey(PARAMETER_MAIL_PASSWORD_ENCRYPTION_CHANGED_SENDER, plugin);
        String strSenderEmail =
            (referenceItem == null) ? StringUtils.EMPTY : referenceItem.getName();
        referenceItem =
            _userParamService.findByKey(PARAMETER_MAIL_PASSWORD_ENCRYPTION_CHANGED_SUBJECT, plugin);

        String strEmailSubject =
            (referenceItem == null) ? StringUtils.EMPTY : referenceItem.getName();

        Map<String, Object> model = new HashMap<String, Object>();
        model.put(MARK_NEW_PASSWORD, strPassword);
        model.put(
            MARK_LOGIN_URL,
            strBaseURL + AdminAuthenticationService.getInstance().getLoginPageUrl());
        model.put(MARK_SITE_LINK, MailService.getSiteLink(strBaseURL, true));

        String strTemplate =
            DatabaseTemplateService.getTemplateFromKey(PARAMETER_MAIL_PASSWORD_ENCRYPTION_CHANGED);

        HtmlTemplate template =
            AppTemplateService.getTemplateFromStringFtl(strTemplate, locale, model);

        MailService.sendMailHtml(
            user.getEmail(), strSenderEmail, strSenderEmail, strEmailSubject, template.getHtml());
      }
    }
  }
Beispiel #8
0
  /**
   * Get th list of filteredUsers
   *
   * @param request the HTTP request
   * @param duFilter the filter
   * @param listUsers the list of users
   * @return a list of {@link DatabaseUser}
   */
  public List<DatabaseUser> getListFilteredUsers(
      HttpServletRequest request, DatabaseUserFilter duFilter, List<DatabaseUser> listUsers) {
    Plugin plugin = PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME);

    List<DatabaseUser> listFilteredUsers =
        DatabaseUserHome.findDatabaseUsersListByFilter(duFilter, plugin);
    List<DatabaseUser> listAvailableUsers = new ArrayList<DatabaseUser>();

    for (DatabaseUser filteredUser : listFilteredUsers) {
      for (DatabaseUser user : listUsers) {
        if (filteredUser.getUserId() == user.getUserId()) {
          listAvailableUsers.add(user);
        }
      }
    }

    Plugin myLutecePlugin = PluginService.getPlugin(MyLutecePlugin.PLUGIN_NAME);
    List<DatabaseUser> filteredUsers = new ArrayList<DatabaseUser>();

    MyLuteceUserFieldFilter mlFieldFilter = new MyLuteceUserFieldFilter();
    mlFieldFilter.setMyLuteceUserFieldFilter(request, request.getLocale());

    List<Integer> listFilteredUserIdsByUserFields =
        MyLuteceUserFieldHome.findUsersByFilter(mlFieldFilter, myLutecePlugin);

    if (listFilteredUserIdsByUserFields != null) {
      for (DatabaseUser filteredUser : listAvailableUsers) {
        for (Integer nFilteredUserIdByUserField : listFilteredUserIdsByUserFields) {
          if (filteredUser.getUserId() == nFilteredUserIdByUserField) {
            filteredUsers.add(filteredUser);
          }
        }
      }
    } else {
      filteredUsers = listAvailableUsers;
    }

    return filteredUsers;
  }
Beispiel #9
0
  /**
   * Get a XML string describing a given user
   *
   * @param user The user to get the XML of.
   * @param bExportRoles True to export roles of the user, false otherwise.
   * @param bExportGroups True to export groups of the user, false otherwise.
   * @param bExportAttributes True to export attributes of the user, false otherwise.
   * @param listAttributes The list of attributes to export.
   * @param locale The locale
   * @return A string of XML with the information of the user.
   */
  public String getXmlFromUser(
      DatabaseUser user,
      boolean bExportRoles,
      boolean bExportGroups,
      boolean bExportAttributes,
      List<IAttribute> listAttributes,
      Locale locale) {
    Plugin databasePlugin = PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME);
    Plugin mylutecePlugin = PluginService.getPlugin(MyLutecePlugin.PLUGIN_NAME);
    StringBuffer sbXml = new StringBuffer();
    DateFormat dateFormat = new SimpleDateFormat();

    XmlUtil.beginElement(sbXml, CONSTANT_XML_USER);
    XmlUtil.addElement(sbXml, CONSTANT_XML_ACCESS_CODE, user.getLogin());
    XmlUtil.addElement(sbXml, CONSTANT_XML_LAST_NAME, user.getLastName());
    XmlUtil.addElement(sbXml, CONSTANT_XML_FIRST_NAME, user.getFirstName());
    XmlUtil.addElement(sbXml, CONSTANT_XML_EMAIL, user.getEmail());
    XmlUtil.addElement(sbXml, CONSTANT_XML_STATUS, Integer.toString(user.getStatus()));

    String strPasswordMaxValidDate = StringUtils.EMPTY;

    if (user.getPasswordMaxValidDate() != null) {
      strPasswordMaxValidDate = dateFormat.format(user.getPasswordMaxValidDate());
    }

    XmlUtil.addElement(sbXml, CONSTANT_XML_PASSWORD_MAX_VALID_DATE, strPasswordMaxValidDate);

    String strAccountMaxValidDate = StringUtils.EMPTY;

    if (user.getAccountMaxValidDate() != null) {
      strAccountMaxValidDate = dateFormat.format(user.getAccountMaxValidDate());
    }

    XmlUtil.addElement(sbXml, CONSTANT_XML_ACCOUNT_MAX_VALID_DATE, strAccountMaxValidDate);

    if (bExportRoles) {
      List<String> listRoles = DatabaseHome.findUserRolesFromLogin(user.getLogin(), databasePlugin);
      XmlUtil.beginElement(sbXml, CONSTANT_XML_ROLES);

      for (String strRole : listRoles) {
        XmlUtil.addElement(sbXml, CONSTANT_XML_ROLE, strRole);
      }

      XmlUtil.endElement(sbXml, CONSTANT_XML_ROLES);
    }

    if (bExportGroups) {
      List<String> listGroups =
          DatabaseHome.findUserGroupsFromLogin(user.getLogin(), databasePlugin);
      XmlUtil.beginElement(sbXml, CONSTANT_XML_GROUPS);

      for (String strGoup : listGroups) {
        XmlUtil.addElement(sbXml, CONSTANT_XML_GROUP, strGoup);
      }

      XmlUtil.endElement(sbXml, CONSTANT_XML_GROUPS);
    }

    if (bExportAttributes) {
      XmlUtil.beginElement(sbXml, CONSTANT_XML_ATTRIBUTES);

      for (IAttribute attribute : listAttributes) {
        List<MyLuteceUserField> listUserFields =
            MyLuteceUserFieldHome.selectUserFieldsByIdUserIdAttribute(
                user.getUserId(), attribute.getIdAttribute(), mylutecePlugin);

        for (MyLuteceUserField userField : listUserFields) {
          XmlUtil.beginElement(sbXml, CONSTANT_XML_ATTRIBUTE);
          XmlUtil.addElement(
              sbXml, CONSTANT_XML_ATTRIBUTE_ID, Integer.toString(attribute.getIdAttribute()));
          XmlUtil.addElement(
              sbXml, CONSTANT_XML_ATTRIBUTE_FIELD_ID, userField.getAttributeField().getIdField());
          XmlUtil.addElement(sbXml, CONSTANT_XML_ATTRIBUTE_VALUE, userField.getValue());
          XmlUtil.endElement(sbXml, CONSTANT_XML_ATTRIBUTE);
        }
      }

      XmlUtil.endElement(sbXml, CONSTANT_XML_ATTRIBUTES);
    }

    XmlUtil.endElement(sbXml, CONSTANT_XML_USER);

    return sbXml.toString();
  }