/**
* +
*
* @param username el nom d'usuari
* @param password la clau d'accés
* @return torna un bool
* @throws SQLException
*/
@Override
public boolean checkPassword(String username, String password) throws SQLException {
Connection connection = null;
PreparedStatement stmt = null;
try {
connection = Database.getConnection();
stmt = connection.prepareStatement(UserDAOQuery.GET_PASSWORD);
stmt.setString(1, username);
ResultSet rs = stmt.executeQuery();
if (rs.next()) {
String storedPassword = rs.getString("password");
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(password.getBytes());
String passedPassword = new BigInteger(1, md.digest()).toString(16);
return passedPassword.equalsIgnoreCase(storedPassword);
} catch (NoSuchAlgorithmException e) {
}
}
return false;
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
}
@Override
public User getUserByLoginId(String loginid) throws SQLException {
User user = null;
PropertyResourceBundle prop = (PropertyResourceBundle) ResourceBundle.getBundle("kujosa");
Connection connection = null;
PreparedStatement stmt = null;
try {
connection = Database.getConnection();
stmt = connection.prepareStatement(UserDAOQuery.GET_USER_BY_USERNAME);
stmt.setString(1, loginid);
ResultSet rs = stmt.executeQuery();
if (rs.next()) {
user = new User();
user.setId(rs.getString("id"));
user.setLoginid(rs.getString("loginid"));
user.setEmail(rs.getString("email"));
user.setFullname(rs.getString("fullname"));
user.setFilename(rs.getString("image") + ".png");
user.setImageURL(prop.getString("imgBaseURL") + user.getFilename());
}
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
return user;
}
/**
* @param loginid serà el nom d'usuari UNIC
* @param fullname nom del manolo
* @param email correu de contacte
* @param password clau d'accès als serveis
* @param image
* @return retorna l'usuari un cop creat
* @throws SQLException
* @throws UserAlreadyExistsException
*/
@Override
public User createUser(
String loginid, String fullname, String email, String password, InputStream image)
throws SQLException, UserAlreadyExistsException {
Connection connection = null;
PreparedStatement stmt = null;
UUID uuid = writeAndConvertImage(image);
String id = null;
try {
User user = getUserByLoginId(loginid);
if (user != null) throw new UserAlreadyExistsException();
connection = Database.getConnection();
stmt = connection.prepareStatement(UserDAOQuery.UUID);
ResultSet rs = stmt.executeQuery();
if (rs.next()) id = rs.getString(1);
else throw new SQLException();
connection.setAutoCommit(false);
stmt.close();
stmt = connection.prepareStatement(UserDAOQuery.CREATE_USER);
stmt.setString(1, id);
stmt.setString(2, loginid);
stmt.setString(3, password);
stmt.setString(4, fullname);
stmt.setString(5, email);
stmt.setString(6, uuid.toString());
stmt.executeUpdate();
stmt.close();
stmt = connection.prepareStatement(UserDAOQuery.ASSIGN_ROLE_REGISTERED);
stmt.setString(1, id);
stmt.executeUpdate();
connection.commit();
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) {
connection.setAutoCommit(true);
connection.close();
}
}
return getUserByLoginId(id);
}
/**
* @param id ahí va el id de usuario que sera cogido de la URI.
* @return torna un bool 1 si tot ha anat com el cul un 0 si tot ok
* @throws SQLException
*/
@Override
public boolean deleteUser(String id) throws SQLException {
Connection connection = null;
PreparedStatement stmt = null;
try {
connection = Database.getConnection();
stmt = connection.prepareStatement(UserDAOQuery.DELETE_USER);
stmt.setString(1, id);
int rows = stmt.executeUpdate();
return (rows == 1);
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
}
/**
* @param id nom d'usuari a cercar
* @return torna la entitat usuari
* @throws SQLException
*/
@Override
public User getUserById(String id) throws SQLException {
// Modelo a devolver
User user = null;
PropertyResourceBundle prop = (PropertyResourceBundle) ResourceBundle.getBundle("kujosa");
Connection connection = null;
PreparedStatement stmt = null;
try {
// Obtiene la conexión del DataSource
connection = Database.getConnection();
// Prepara la consulta
stmt = connection.prepareStatement(UserDAOQuery.GET_USER_BY_ID);
// Da valor a los parámetros de la consulta
stmt.setString(1, id);
// Ejecuta la consulta
ResultSet rs = stmt.executeQuery();
// Procesa los resultados
if (rs.next()) {
user = new User();
user.setId(rs.getString("id"));
user.setLoginid(rs.getString("loginid"));
user.setEmail(rs.getString("email"));
user.setFullname(rs.getString("fullname"));
user.setFilename(rs.getString("image") + ".png");
user.setImageURL(prop.getString("imgBaseURL") + user.getFilename());
user.setAdmin(this.isAdmin(user.getId()));
}
} catch (SQLException e) {
// Relanza la excepción
throw e;
} finally {
// Libera la conexión
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
// Devuelve el modelo
return user;
}
@Override
public User updateProfile(String id, String email, String fullname, InputStream image)
throws SQLException {
User user = null;
UUID uuid = writeAndConvertImage(image);
Connection connection = null;
PreparedStatement stmt = null;
try {
connection = Database.getConnection();
user = getUserByLoginId(id);
stmt = connection.prepareStatement(UserDAOQuery.UPDATE_USER);
// CORREU
if (email != null) {
stmt.setString(1, email);
} else {
stmt.setString(1, user.getEmail());
}
stmt.setString(2, fullname);
// IMAGE
if (image != null) {
stmt.setString(3, uuid.toString());
} else {
stmt.setString(3, user.getFilename());
}
stmt.setString(4, id);
int rows = stmt.executeUpdate();
if (rows == 1) user = getUserByLoginId(id);
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
return user;
}
public boolean isAdmin(String id) throws SQLException {
Connection connection = null;
PreparedStatement stmt = null;
try {
connection = Database.getConnection();
String r = null;
stmt = connection.prepareStatement(UserDAOQuery.IS_ADMIN);
stmt.setString(1, id);
ResultSet rs = stmt.executeQuery();
if (rs.next()) {
r = (rs.getString("role"));
}
if (Role.admin.name().equals(r)) {
return true;
} else {
return false;
}
} catch (SQLException e) {
throw e;
} finally {
if (stmt != null) stmt.close();
if (connection != null) connection.close();
}
}