/**
* See Interface for functional description.
*
* @see UserAccountDaoInterface #retrieveUserDetails(java.lang.String)
*/
@Override
public UserDetails retrieveUserDetails(final String handle) throws SqlDatabaseSystemException {
EscidocUserDetails result = null;
if (handle != null) {
result = (EscidocUserDetails) securityHelper.getUserDetails(handle);
}
return result;
}
/**
* Removes UserDetails of user with given id from UserDetails-Cache.
*
* @param userId The user Id.
* @throws SqlDatabaseSystemException Thrown in case of an internal database access error.
*/
private void clearUserDetailsCache(final String userId) throws SqlDatabaseSystemException {
final UserAccount userAccount = retrieveUserAccountById(userId);
if (userAccount != null
&& userAccount.getUserLoginDatas() != null
&& !userAccount.getUserLoginDatas().isEmpty()) {
for (final UserLoginData userLoginData : userAccount.getUserLoginDatas()) {
securityHelper.clearUserDetails(userLoginData.getHandle());
}
}
}
/**
* Checks if the provided {@link UserLoginData} object for is expired. If this is the case, the
* object is deleted from the storage. And object is removed from Cache.
*
* @param data The {@link UserLoginData} object to check.
* @return Returns the provided {@link UserLoginData} object or {@code null} if it is expired.
* @throws SqlDatabaseSystemException Thrown in case of an internal database access error.
*/
private UserLoginData checkUserLoginData(final UserLoginData data)
throws SqlDatabaseSystemException {
UserLoginData result = data;
if (result != null && isExpired(result)) {
delete(result);
securityHelper.clearUserDetails(data.getHandle());
result = null;
}
return result;
}
/**
* Fetches the scopes of the role identified in the attribute for the provided user account.
*
* @param userAccountId The id of the user account to fetch the value from.
* @param attributeId The name of the attribute.
* @return Returns the attribute value in an {@code EvaluationResult}.
* @throws de.escidoc.core.common.exceptions.system.SystemException
*/
private EvaluationResult fetchRoleScopes(
final String userAccountId, final CharSequence attributeId) throws SystemException {
// get role to fetch
final Matcher roleMatcher = PATTERN_PARSE_ROLE_GRANT_ROLE.matcher(attributeId);
String roleName = null;
if (roleMatcher.find()) {
roleName = roleMatcher.group(4);
}
if (roleName == null || roleName.length() == 0) {
return CustomEvaluationResultBuilder.createEmptyEvaluationResult();
}
Set<String> userGroups = null;
try {
userGroups = securityHelper.getUserGroups(userAccountId);
} catch (UserAccountNotFoundException e) {
// The caller doesn't expect to get an exception from here if
// the user doesn't exist.
}
final Map<String, HashSet<String>> criterias = new HashMap<String, HashSet<String>>();
final HashSet<String> roles = new HashSet<String>();
roles.add(roleName);
final HashSet<String> users = new HashSet<String>();
users.add(userAccountId);
criterias.put(de.escidoc.core.common.business.Constants.FILTER_PATH_USER_ID, users);
criterias.put(de.escidoc.core.common.business.Constants.FILTER_PATH_ROLE_ID, roles);
if (userGroups != null && !userGroups.isEmpty()) {
criterias.put(
de.escidoc.core.common.business.Constants.FILTER_PATH_GROUP_ID,
(HashSet<String>) userGroups);
}
final List<RoleGrant> roleGrants =
userAccountDao.retrieveGrants(criterias, null, ListSorting.ASCENDING);
final EvaluationResult result;
if (roleGrants != null) {
final List<StringAttribute> results = new ArrayList<StringAttribute>();
for (final RoleGrant roleGrant : roleGrants) {
if (roleGrant.getRevocationDate() == null) {
results.add(new StringAttribute(roleGrant.getObjectId()));
}
}
result = new EvaluationResult(new BagAttribute(Constants.URI_XMLSCHEMA_STRING, results));
} else {
result = CustomEvaluationResultBuilder.createEmptyEvaluationResult();
}
return result;
}
/**
* Fetches the groupIds where user is member for the provided user account.
*
* @param userAccountId The id of the user account to fetch the value from.
* @return Returns the attribute value in an {@code EvaluationResult}.
* @throws EscidocException e
*/
private EvaluationResult fetchUserGroups(final String userAccountId) throws EscidocException {
final EvaluationResult result;
final Set<String> userGroups = securityHelper.getUserGroups(userAccountId);
if (userGroups == null || userGroups.isEmpty()) {
result = CustomEvaluationResultBuilder.createEmptyEvaluationResult();
} else {
final Iterator<String> groupIdsIter = userGroups.iterator();
final List<StringAttribute> results = new ArrayList<StringAttribute>(userGroups.size());
while (groupIdsIter.hasNext()) {
results.add(new StringAttribute(groupIdsIter.next()));
}
result = new EvaluationResult(new BagAttribute(Constants.URI_XMLSCHEMA_STRING, results));
}
return result;
}
/** See Interface for functional description. */
@Override
public void deleteUserLoginData(final String handle) throws SqlDatabaseSystemException {
// remove UserData from Cache
securityHelper.clearUserDetails(handle);
super.delete(retrieveUserLoginDataByHandle(handle));
}
/**
* See Interface for functional description.
*
* @see UserAccountDaoInterface #delete(de.escidoc.core.aa.business.persistence.UserLoginData)
*/
@Override
public void delete(final UserLoginData data) throws SqlDatabaseSystemException {
// remove UserData from Cache
securityHelper.clearUserDetails(data.getHandle());
super.delete(data);
}