/** Return the user's secure_hash_key. If one wasn't found create one on the fly. */
private SecureHashKeyResult getSecureHashKey(UserAccount user, Connection c) throws SQLException {
PreparedStatement select = null;
// Create lazily.
PreparedStatement update = null;
int userId = user.getUserID();
boolean justCreated = false;
byte[] key = null;
try {
// TODO: consider having UserManager returning secure_hash_key.
// TODO: We have similar logic in several places for creating secure_hash_key just-in-time.
// D.R.Y. this out. Sorry I couldn't resist using this cliche :)
select = c.prepareStatement("SELECT secure_hash_key FROM dat_user_account WHERE object_id=?");
select.setInt(1, userId);
ResultSet rs = select.executeQuery();
if (!rs.next()) {
LogMessageGen lmg = new LogMessageGen();
lmg.setSubject("dat_user_account row not found");
lmg.param(LoggingConsts.USER_ID, userId);
// possible that the user simply disappeared by the time we got here.
m_logCategory.warn(lmg.toString());
} else {
key = rs.getBytes(1);
if (key == null || key.length == 0) {
// hash key not found; create one on the fly.
update =
c.prepareStatement("UPDATE dat_user_account SET secure_hash_key=? WHERE object_id=?");
key = createNewRandomKey();
update.setBytes(1, key);
update.setInt(2, userId);
int ct = update.executeUpdate();
if (ct != 1) {
LogMessageGen lmg = new LogMessageGen();
lmg.setSubject("Unable to update dat_user_account.secure_hash_key");
lmg.param(LoggingConsts.USER_ID, userId);
m_logCategory.error(lmg.toString());
} else {
justCreated = true;
}
} // needed to set key.
} // user found
} finally {
DbUtils.safeClose(select);
DbUtils.safeClose(update);
}
return new SecureHashKeyResult(key, justCreated);
}
public CacheFileNames getCacheFileNames(final UserAccount user) {
SecureHashKeyResult toRet =
executeWithConnection(
new ConnectionExecuteFunction<SecureHashKeyResult>() {
public SecureHashKeyResult execute(Connection c) throws SQLException {
return getSecureHashKey(user, c);
}
});
if (toRet == null) {
// A DB error should have been logged.
return null;
}
// EMSDEV-7854. Signal file manipulation is done outside of a DB transaction.
String stateFile = null;
String newmailFile = null;
ClientHashSupport hash = null;
byte[] key = toRet.getKey();
if (key != null) {
hash = new ClientHashSupport();
hash.setCustomerId(user.getCustomerID());
hash.setHashKey(key);
hash.setUserId(user.getUserID());
hash.getStateCachePath();
hash.setLastActivationId(user.getLastActivationId());
// Lines below don't hit the spindle.
File stateFileF = new File(getCacheBase(), hash.getStateCachePath());
stateFile = stateFileF.getAbsolutePath();
File newmailFileF = new File(getCacheBase(), hash.getNewMailCachePath());
newmailFile = newmailFileF.getAbsolutePath();
if (toRet.isJustCreated()) {
// If Webmail doesn't find the signal file, it polls the database,
// so ensure the files are there.
updateSignalFiles(hash, user.getUserState(), user.isDeleted());
}
}
return new CacheFileNames(stateFile, newmailFile);
}
public boolean execute(CommandLine cmdLine) {
ICustomerManager cm = m_container.getCustomerManager();
List<String> domains = Collections.singletonList(ICustomerManager.EPA_CUSTOMER_DOMAIN);
IIslandManager im = m_container.getIslandManager();
int defaultIslandID = im.getDefaultIsland().getId();
Customer cust =
cm.createCustomer(
ICustomerManager.EPA_CUSTOMER_NAME,
"System", // fromAddress
"System", // backendID
"System", // templateID
"System", // channel
domains,
"emsRootPW", // emsRootPassword
false, // isPartialEnabled
"System", // activeBrandKey
"System", // externalID
defaultIslandID,
defaultIslandID,
false);
PasswordPolicy policy = new PasswordPolicy();
policy.setUseStrongPasswords(true);
cust.setPasswordPolicy(policy);
cm.updateCustomers(Collections.singletonList(cust));
IUserManager um = ManagementContainer.getInstance().getUserManager();
UserAccount emsRoot = um.getUser("emsroot@" + ICustomerManager.EPA_CUSTOMER_DOMAIN);
IAuthenticationManager am = ManagementContainer.getInstance().getAuthenticationManager();
long seconds = 31556926; // Seconds in a year
long time =
System.currentTimeMillis() + (seconds * 100 * 1000L); // Lock the account for 100 years
am.lockUserAccount(
cust.getCustID(), emsRoot.getUserID(), "Locked from user details", "Unknown", time);
return (cust != null);
}