/**
   * See Interface for functional description.
   *
   * @see UserAccountDaoInterface #retrieveUserDetails(java.lang.String)
   */
  @Override
  public UserDetails retrieveUserDetails(final String handle) throws SqlDatabaseSystemException {

    EscidocUserDetails result = null;
    if (handle != null) {
      result = (EscidocUserDetails) securityHelper.getUserDetails(handle);
    }
    return result;
  }
  /**
   * Removes UserDetails of user with given id from UserDetails-Cache.
   *
   * @param userId The user Id.
   * @throws SqlDatabaseSystemException Thrown in case of an internal database access error.
   */
  private void clearUserDetailsCache(final String userId) throws SqlDatabaseSystemException {

    final UserAccount userAccount = retrieveUserAccountById(userId);
    if (userAccount != null
        && userAccount.getUserLoginDatas() != null
        && !userAccount.getUserLoginDatas().isEmpty()) {
      for (final UserLoginData userLoginData : userAccount.getUserLoginDatas()) {
        securityHelper.clearUserDetails(userLoginData.getHandle());
      }
    }
  }
  /**
   * Checks if the provided {@link UserLoginData} object for is expired. If this is the case, the
   * object is deleted from the storage. And object is removed from Cache.
   *
   * @param data The {@link UserLoginData} object to check.
   * @return Returns the provided {@link UserLoginData} object or {@code null} if it is expired.
   * @throws SqlDatabaseSystemException Thrown in case of an internal database access error.
   */
  private UserLoginData checkUserLoginData(final UserLoginData data)
      throws SqlDatabaseSystemException {

    UserLoginData result = data;
    if (result != null && isExpired(result)) {
      delete(result);
      securityHelper.clearUserDetails(data.getHandle());
      result = null;
    }
    return result;
  }
  /**
   * Fetches the scopes of the role identified in the attribute for the provided user account.
   *
   * @param userAccountId The id of the user account to fetch the value from.
   * @param attributeId The name of the attribute.
   * @return Returns the attribute value in an {@code EvaluationResult}.
   * @throws de.escidoc.core.common.exceptions.system.SystemException
   */
  private EvaluationResult fetchRoleScopes(
      final String userAccountId, final CharSequence attributeId) throws SystemException {

    // get role to fetch
    final Matcher roleMatcher = PATTERN_PARSE_ROLE_GRANT_ROLE.matcher(attributeId);
    String roleName = null;
    if (roleMatcher.find()) {
      roleName = roleMatcher.group(4);
    }
    if (roleName == null || roleName.length() == 0) {
      return CustomEvaluationResultBuilder.createEmptyEvaluationResult();
    }

    Set<String> userGroups = null;
    try {
      userGroups = securityHelper.getUserGroups(userAccountId);
    } catch (UserAccountNotFoundException e) {
      // The caller doesn't expect to get an exception from here if
      // the user doesn't exist.
    }
    final Map<String, HashSet<String>> criterias = new HashMap<String, HashSet<String>>();
    final HashSet<String> roles = new HashSet<String>();
    roles.add(roleName);
    final HashSet<String> users = new HashSet<String>();
    users.add(userAccountId);
    criterias.put(de.escidoc.core.common.business.Constants.FILTER_PATH_USER_ID, users);
    criterias.put(de.escidoc.core.common.business.Constants.FILTER_PATH_ROLE_ID, roles);
    if (userGroups != null && !userGroups.isEmpty()) {
      criterias.put(
          de.escidoc.core.common.business.Constants.FILTER_PATH_GROUP_ID,
          (HashSet<String>) userGroups);
    }
    final List<RoleGrant> roleGrants =
        userAccountDao.retrieveGrants(criterias, null, ListSorting.ASCENDING);
    final EvaluationResult result;
    if (roleGrants != null) {
      final List<StringAttribute> results = new ArrayList<StringAttribute>();
      for (final RoleGrant roleGrant : roleGrants) {
        if (roleGrant.getRevocationDate() == null) {
          results.add(new StringAttribute(roleGrant.getObjectId()));
        }
      }
      result = new EvaluationResult(new BagAttribute(Constants.URI_XMLSCHEMA_STRING, results));
    } else {
      result = CustomEvaluationResultBuilder.createEmptyEvaluationResult();
    }
    return result;
  }
  /**
   * Fetches the groupIds where user is member for the provided user account.
   *
   * @param userAccountId The id of the user account to fetch the value from.
   * @return Returns the attribute value in an {@code EvaluationResult}.
   * @throws EscidocException e
   */
  private EvaluationResult fetchUserGroups(final String userAccountId) throws EscidocException {

    final EvaluationResult result;

    final Set<String> userGroups = securityHelper.getUserGroups(userAccountId);

    if (userGroups == null || userGroups.isEmpty()) {
      result = CustomEvaluationResultBuilder.createEmptyEvaluationResult();
    } else {
      final Iterator<String> groupIdsIter = userGroups.iterator();
      final List<StringAttribute> results = new ArrayList<StringAttribute>(userGroups.size());
      while (groupIdsIter.hasNext()) {
        results.add(new StringAttribute(groupIdsIter.next()));
      }
      result = new EvaluationResult(new BagAttribute(Constants.URI_XMLSCHEMA_STRING, results));
    }
    return result;
  }
 /** See Interface for functional description. */
 @Override
 public void deleteUserLoginData(final String handle) throws SqlDatabaseSystemException {
   // remove UserData from Cache
   securityHelper.clearUserDetails(handle);
   super.delete(retrieveUserLoginDataByHandle(handle));
 }
 /**
  * See Interface for functional description.
  *
  * @see UserAccountDaoInterface #delete(de.escidoc.core.aa.business.persistence.UserLoginData)
  */
 @Override
 public void delete(final UserLoginData data) throws SqlDatabaseSystemException {
   // remove UserData from Cache
   securityHelper.clearUserDetails(data.getHandle());
   super.delete(data);
 }