fr.paris.lutece.portal.service.admin

Class AdminUserService

java.lang.Object

fr.paris.lutece.portal.service.admin.AdminUserService

public final class AdminUserService
extends Object

This service provides features concerning the administration users

Field Summary

Fields

Modifier and Type	Field and Description
static String	DSKEY_ACCES_FAILURES_INTERVAL
static String	DSKEY_ACCES_FAILURES_MAX
static String	DSKEY_ACCOUNT_LIFE_TIME
static String	DSKEY_ACCOUNT_REACTIVATED_MAIL_BODY
static String	DSKEY_ACCOUNT_REACTIVATED_MAIL_SENDER
static String	DSKEY_ACCOUNT_REACTIVATED_MAIL_SUBJECT
static String	DSKEY_BANNED_DOMAIN_NAMES
static String	DSKEY_DEFAULT_USER_LANGUAGE
static String	DSKEY_DEFAULT_USER_LEVEL
static String	DSKEY_DEFAULT_USER_NOTIFICATION
static String	DSKEY_DEFAULT_USER_STATUS
static String	DSKEY_EMAIL_PATTERN
static String	DSKEY_EMAIL_PATTERN_VERIFY_BY
static String	DSKEY_FORCE_CHANGE_PASSWORD_REINIT
static String	DSKEY_LOCK_RESET_TOKEN_TO_SESSION
static String	DSKEY_MAXIMUM_NUMBER_PASSWORD_CHANGE
static String	DSKEY_NB_ALERT_ACCOUNT
static String	DSKEY_NOTIFY_USER_PASSWORD_EXPIRED
static String	DSKEY_PASSWORD_DURATION
static String	DSKEY_PASSWORD_FORMAT_NUMERO
static String	DSKEY_PASSWORD_FORMAT_SPECIAL_CHARACTERS
static String	DSKEY_PASSWORD_FORMAT_UPPER_LOWER_CASE
static String	DSKEY_PASSWORD_HISTORY_SIZE
static String	DSKEY_PASSWORD_MINIMUM_LENGTH
static String	DSKEY_RESET_TOKEN_VALIDITY
static String	DSKEY_TIME_BEFORE_ALERT_ACCOUNT
static String	DSKEY_TIME_BETWEEN_ALERTS_ACCOUNT
static String	DSKEY_TSW_SIZE_PASSWORD_CHANGE
static String	DSKEY_USE_ADVANCED_SECURITY_PARAMETERS

Method Summary

Modifier and Type	Method and Description
static void	anonymizeUser(int nAdminUserId, Locale locale) Anonymize user data from his id.
static boolean	checkEmail(String strEmail) Check if the given email is valid or not.
static String	checkPassword(javax.servlet.http.HttpServletRequest request, String strPassword, int nUserId) Check that the password respect user parameters
static String	checkPassword(javax.servlet.http.HttpServletRequest request, String strPassword, int nUserId, boolean bSkipHistoryCheck) Check that the password respect user parameters
static void	doInsertRegularExpression(int nRegularExpressionId) Do insert a regular expression
static void	doModifyEmailPattern(String strEmailPattern, boolean bIsSetManually) Do modify the email pattern
static void	doRemoveRegularExpression(int nRegularExpressionId) Do remove a regular expression
static void	doResetEmailPattern() Reset the email pattern by putting the default email pattern that is set in the lutece.properties.
static IPassword	encryptPassword(String strPassword) Encrypt a password
static Timestamp	getAccountMaxValidDate() Compute the maximum valid date of an account with the current time and the parameters in the database.
static AdminUser	getAdminUser(javax.servlet.http.HttpServletRequest request) Get the user in session
static ReferenceList	getAvailableRegularExpressions() Get the available rugalar expressions
static boolean	getBooleanSecurityParameter(String strParameterkey) Get a boolean user parameter from its key.
static String	getEmailErrorMessageUrl(javax.servlet.http.HttpServletRequest request) Get the email error message url.
static List<Integer>	getExpiredUserIdList() Get the list of id of expired users
static List<AdminUser>	getFilteredUsersInterface(Collection<AdminUser> listUsers, javax.servlet.http.HttpServletRequest request, Map<String,Object> model, UrlItem url) Get the filtered list of admin users
static int	getIntegerSecurityParameter(String strParameterkey) Get an integer user parameter from its key.
static String	getLargeSecurityParameter(String strParameterKey) Get a user parameter from its key.
static Locale	getLocale(javax.servlet.http.HttpServletRequest request) Get the locale for the current request
static Map<String,Object>	getManageAdvancedParameters(AdminUser user) Build the advanced parameters management
static Timestamp	getPasswordMaxValidDate() Compute the maximum valid date of a password with the current time and the parameters in the database.
static String	getSecurityParameter(String strParameterkey) Get a user parameter from its key.
static List<RegularExpression>	getSelectedRegularExpressions() Get the list of selected regular expression
static String	getUserPasswordResetToken(AdminUser user, Date timestamp, javax.servlet.http.HttpServletRequest request) Get a user reset password token
static String	getXmlFromUser(AdminUser user, boolean bIncludeRoles, boolean bIncludeRights, boolean bIncludeWorkgroups, boolean bIncludeAttributes, List<IAttribute> listAttributes) Get a XML string describing a user. The XML is constructed as follow : <user> <access_code>value</value> <last_name>value>/user> <first_name>value</value> <email>value</email> <status>value</status> <locale>value</locale> <level>value</level> <must_change_password>value< must_change_password> <accessibility_mode>value< accessibility_mode> <password_max_valid_date>value< password_max_valid_date> <account_max_valid_date>value< account_max_valid_date> <date_last_login>value</date_last_login> <roles> <role>value</role> ... </roles> <rights> <right>value</right> ... </rights> <workspaces> <workspace>value</workspace> ... </workspaces> <attributes> <attribute> <attribute-id>value</attribute-id> <attribute-field-id> value</attribute-id> <attribute-value>value</attribute-value> </attribute> ... </attributes> </user> Sections roles, rights, workspaces and attributes are not included if data are not imported
static void	init() Init
static String	makePassword() Generate a new random password
static void	notifyUser(String strBaseUrl, AdminUser user, String strPropertyEmailSubject, String strTemplate) Notify an user by email
static void	notifyUser(String strBaseUrl, AdminUser user, String strPassword, String strPropertyEmailSubject, String strTemplate) Notify an user by email
static void	removeAdvancedSecurityParameters() Disable advances security parameters
static void	updateDateLastLogin(int nIdUser) Update the date of last login of an admin user
static void	updateLargeSecurityParameter(String strParameterKey, String strValue) Update a security parameter value.
static void	updateSecurityParameter(String strParameterKey, String strValue) Update a security parameter value.
static void	updateUserExpirationDate(AdminUser user) Update the user expiration date with new values, and notify him with an email if his account was close to expire.
static void	useAdvancedSecurityParameters() Enable advanced security parameters

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DSKEY_ACCOUNT_REACTIVATED_MAIL_SENDER

public static final String DSKEY_ACCOUNT_REACTIVATED_MAIL_SENDER

See Also:

Constant Field Values

DSKEY_ACCOUNT_REACTIVATED_MAIL_SUBJECT

public static final String DSKEY_ACCOUNT_REACTIVATED_MAIL_SUBJECT

See Also:

Constant Field Values

DSKEY_ACCOUNT_REACTIVATED_MAIL_BODY

public static final String DSKEY_ACCOUNT_REACTIVATED_MAIL_BODY

See Also:

Constant Field Values

DSKEY_PASSWORD_DURATION

public static final String DSKEY_PASSWORD_DURATION

See Also:

Constant Field Values

DSKEY_MAXIMUM_NUMBER_PASSWORD_CHANGE

public static final String DSKEY_MAXIMUM_NUMBER_PASSWORD_CHANGE

See Also:

Constant Field Values

DSKEY_PASSWORD_HISTORY_SIZE

public static final String DSKEY_PASSWORD_HISTORY_SIZE

See Also:

Constant Field Values

DSKEY_TSW_SIZE_PASSWORD_CHANGE

public static final String DSKEY_TSW_SIZE_PASSWORD_CHANGE

See Also:

Constant Field Values

DSKEY_NOTIFY_USER_PASSWORD_EXPIRED

public static final String DSKEY_NOTIFY_USER_PASSWORD_EXPIRED

See Also:

Constant Field Values

DSKEY_BANNED_DOMAIN_NAMES

public static final String DSKEY_BANNED_DOMAIN_NAMES

See Also:

Constant Field Values

DSKEY_ACCOUNT_LIFE_TIME

public static final String DSKEY_ACCOUNT_LIFE_TIME

See Also:

Constant Field Values

DSKEY_TIME_BEFORE_ALERT_ACCOUNT

public static final String DSKEY_TIME_BEFORE_ALERT_ACCOUNT

See Also:

Constant Field Values

DSKEY_NB_ALERT_ACCOUNT

public static final String DSKEY_NB_ALERT_ACCOUNT

See Also:

Constant Field Values

DSKEY_TIME_BETWEEN_ALERTS_ACCOUNT

public static final String DSKEY_TIME_BETWEEN_ALERTS_ACCOUNT

See Also:

Constant Field Values

DSKEY_ACCES_FAILURES_MAX

public static final String DSKEY_ACCES_FAILURES_MAX

See Also:

Constant Field Values

DSKEY_ACCES_FAILURES_INTERVAL

public static final String DSKEY_ACCES_FAILURES_INTERVAL

See Also:

Constant Field Values

DSKEY_EMAIL_PATTERN

public static final String DSKEY_EMAIL_PATTERN

See Also:

Constant Field Values

DSKEY_EMAIL_PATTERN_VERIFY_BY

public static final String DSKEY_EMAIL_PATTERN_VERIFY_BY

See Also:

Constant Field Values

DSKEY_PASSWORD_FORMAT_SPECIAL_CHARACTERS

public static final String DSKEY_PASSWORD_FORMAT_SPECIAL_CHARACTERS

See Also:

Constant Field Values

DSKEY_PASSWORD_FORMAT_NUMERO

public static final String DSKEY_PASSWORD_FORMAT_NUMERO

See Also:

Constant Field Values

DSKEY_PASSWORD_FORMAT_UPPER_LOWER_CASE

public static final String DSKEY_PASSWORD_FORMAT_UPPER_LOWER_CASE

See Also:

Constant Field Values

DSKEY_FORCE_CHANGE_PASSWORD_REINIT

public static final String DSKEY_FORCE_CHANGE_PASSWORD_REINIT

See Also:

Constant Field Values

DSKEY_PASSWORD_MINIMUM_LENGTH

public static final String DSKEY_PASSWORD_MINIMUM_LENGTH

See Also:

Constant Field Values

DSKEY_DEFAULT_USER_STATUS

public static final String DSKEY_DEFAULT_USER_STATUS

See Also:

Constant Field Values

DSKEY_DEFAULT_USER_LANGUAGE

public static final String DSKEY_DEFAULT_USER_LANGUAGE

See Also:

Constant Field Values

DSKEY_DEFAULT_USER_NOTIFICATION

public static final String DSKEY_DEFAULT_USER_NOTIFICATION

See Also:

Constant Field Values

DSKEY_DEFAULT_USER_LEVEL

public static final String DSKEY_DEFAULT_USER_LEVEL

See Also:

Constant Field Values

DSKEY_USE_ADVANCED_SECURITY_PARAMETERS

public static final String DSKEY_USE_ADVANCED_SECURITY_PARAMETERS

See Also:

Constant Field Values

DSKEY_RESET_TOKEN_VALIDITY

public static final String DSKEY_RESET_TOKEN_VALIDITY

See Also:

Constant Field Values

DSKEY_LOCK_RESET_TOKEN_TO_SESSION

public static final String DSKEY_LOCK_RESET_TOKEN_TO_SESSION

See Also:

Constant Field Values

Method Detail

init

public static void init()

Init

getAdminUser

public static AdminUser getAdminUser(javax.servlet.http.HttpServletRequest request)

Get the user in session

Parameters:

request - The HTTP request

Returns:

the user in session

getLocale

public static Locale getLocale(javax.servlet.http.HttpServletRequest request)

Get the locale for the current request

Parameters:

request - The HTTP request

Returns:

the locale to use with this request

getFilteredUsersInterface

public static List<AdminUser> getFilteredUsersInterface(Collection<AdminUser> listUsers,
                                                        javax.servlet.http.HttpServletRequest request,
                                                        Map<String,Object> model,
                                                        UrlItem url)

Get the filtered list of admin users

Parameters:

listUsers - the initial list of users

request - HttpServletRequest

model - map

url - URL of the current interface

Returns:

The filtered list of admin users

getManageAdvancedParameters

public static Map<String,Object> getManageAdvancedParameters(AdminUser user)

Build the advanced parameters management

Parameters:

user - The AdminUser object

Returns:

The model for the advanced parameters

checkEmail

public static boolean checkEmail(String strEmail)

Check if the given email is valid or not.
The given email is compared to the value of the parameter 'core_user_parameter.email_pattern'.

Parameters:

strEmail - the str email

Returns:

true, if successful

doModifyEmailPattern

public static void doModifyEmailPattern(String strEmailPattern,
                                        boolean bIsSetManually)

Do modify the email pattern

Parameters:

strEmailPattern - the email pattern

bIsSetManually - true if it is know set manually, false otherwise

doResetEmailPattern

public static void doResetEmailPattern()

Reset the email pattern by putting the default email pattern that is set in the lutece.properties.

getEmailErrorMessageUrl

public static String getEmailErrorMessageUrl(javax.servlet.http.HttpServletRequest request)

Get the email error message url.

Parameters:

request - the request

Returns:

the error message

doInsertRegularExpression

public static void doInsertRegularExpression(int nRegularExpressionId)

Do insert a regular expression

Parameters:

nRegularExpressionId - the ID of the regular expression

doRemoveRegularExpression

public static void doRemoveRegularExpression(int nRegularExpressionId)

Do remove a regular expression

Parameters:

nRegularExpressionId - the ID of the regularexpresion

getAvailableRegularExpressions

public static ReferenceList getAvailableRegularExpressions()

Get the available rugalar expressions

Returns:

a list of ReferenceList

getSelectedRegularExpressions

public static List<RegularExpression> getSelectedRegularExpressions()

Get the list of selected regular expression

Returns:

a list of RegularExpression

getIntegerSecurityParameter

public static int getIntegerSecurityParameter(String strParameterkey)

Get an integer user parameter from its key.

Parameters:

strParameterkey - Key of the parameter

Returns:

The value of the user parameter, or 0 if there is no value or an non integer value.

getBooleanSecurityParameter

public static boolean getBooleanSecurityParameter(String strParameterkey)

Get a boolean user parameter from its key.

Parameters:

strParameterkey - Key of the parameter

Returns:

The value of the user parameter, or false if there is no value or an non boolean value.

getSecurityParameter

public static String getSecurityParameter(String strParameterkey)

Get a user parameter from its key.

Parameters:

strParameterkey - Key of the parameter

Returns:

The value of the user parameter.

getLargeSecurityParameter

public static String getLargeSecurityParameter(String strParameterKey)

Get a user parameter from its key.

Parameters:

strParameterKey - Key of the parameter

Returns:

The value of the user parameter.

updateSecurityParameter

public static void updateSecurityParameter(String strParameterKey,
                                           String strValue)

Update a security parameter value.

Parameters:

strParameterKey - The key of the parameter

strValue - The new value

updateLargeSecurityParameter

public static void updateLargeSecurityParameter(String strParameterKey,
                                                String strValue)

Update a security parameter value.

Parameters:

strParameterKey - The key of the parameter

strValue - The new value

checkPassword

public static String checkPassword(javax.servlet.http.HttpServletRequest request,
                                   String strPassword,
                                   int nUserId)

Check that the password respect user parameters

Parameters:

request - The request

strPassword - The password to check

nUserId - The id of the modified user

Returns:

Null if the password is correct, or the url of an admin message describing the error

checkPassword

public static String checkPassword(javax.servlet.http.HttpServletRequest request,
                                   String strPassword,
                                   int nUserId,
                                   boolean bSkipHistoryCheck)

Check that the password respect user parameters

Parameters:

request - The request

strPassword - The password to check

nUserId - The id of the modified user

bSkipHistoryCheck - Indicates if the password history should be checked or not.

Returns:

Null if the password is correct, or the url of an admin message describing the error

makePassword

public static String makePassword()

Generate a new random password

Returns:

the new password

encryptPassword

public static IPassword encryptPassword(String strPassword)

Encrypt a password

Parameters:

strPassword - The password to encrypt

Returns:

The given password encrypted

useAdvancedSecurityParameters

public static void useAdvancedSecurityParameters()

Enable advanced security parameters

removeAdvancedSecurityParameters

public static void removeAdvancedSecurityParameters()

Disable advances security parameters

getPasswordMaxValidDate

public static Timestamp getPasswordMaxValidDate()

Compute the maximum valid date of a password with the current time and the parameters in the database.

Returns:

The maximum valid date of a password

getAccountMaxValidDate

public static Timestamp getAccountMaxValidDate()

Compute the maximum valid date of an account with the current time and the parameters in the database.

Returns:

The maximum valid date of an account

anonymizeUser

public static void anonymizeUser(int nAdminUserId,
                                 Locale locale)

Anonymize user data from his id. His rights, roles and his passwords history are also deleted.

Parameters:

nAdminUserId - Id of the user to anonymize

locale - The locale

getExpiredUserIdList

public static List<Integer> getExpiredUserIdList()

Get the list of id of expired users

Returns:

the list of id of expired users

updateUserExpirationDate

public static void updateUserExpirationDate(AdminUser user)

Update the user expiration date with new values, and notify him with an email if his account was close to expire.

Parameters:

user - The user to update

updateDateLastLogin

public static void updateDateLastLogin(int nIdUser)

Update the date of last login of an admin user

Parameters:

nIdUser - Id of the user to update

notifyUser

public static void notifyUser(String strBaseUrl,
                              AdminUser user,
                              String strPropertyEmailSubject,
                              String strTemplate)

Notify an user by email

Parameters:

strBaseUrl - The base URL of the webapp

user - The admin user to notify

strPropertyEmailSubject - the property of the subject email

strTemplate - the URL of the HTML Template

notifyUser

public static void notifyUser(String strBaseUrl,
                              AdminUser user,
                              String strPassword,
                              String strPropertyEmailSubject,
                              String strTemplate)

Notify an user by email

Parameters:

strBaseUrl - The base URL of the webapp

user - The admin user to notify

strPassword - the user password in cleartext

strPropertyEmailSubject - the property of the subject email

strTemplate - the URL of the HTML Template

getXmlFromUser

public static String getXmlFromUser(AdminUser user,
                                    boolean bIncludeRoles,
                                    boolean bIncludeRights,
                                    boolean bIncludeWorkgroups,
                                    boolean bIncludeAttributes,
                                    List<IAttribute> listAttributes)

Get a XML string describing a user.
The XML is constructed as follow :
<user>
<access_code>value</value>
<last_name>value>/user>
<first_name>value</value>
<email>value</email>
<status>value</status>
<locale>value</locale>
<level>value</level>
<must_change_password>value< must_change_password>
<accessibility_mode>value< accessibility_mode>
<password_max_valid_date>value< password_max_valid_date>
<account_max_valid_date>value< account_max_valid_date>
<date_last_login>value</date_last_login>
<roles>
<role>value</role>
...
</roles>
<rights>
<right>value</right>
...
</rights>
<workspaces>
<workspace>value</workspace>
...
</workspaces>
<attributes>
<attribute>
<attribute-id>value</attribute-id>
<attribute-field-id> value</attribute-id>
<attribute-value>value</attribute-value>
</attribute>
...
</attributes>
</user>

Sections roles, rights, workspaces and attributes are not included if data are not imported

Parameters:

user - The user to get the XML description of.

bIncludeRoles - True to include roles of the user in the XML, false otherwise.

bIncludeRights - True to include rights of the user in the XML, false otherwise.

bIncludeWorkgroups - True to include workgroups of the user in the XML, false otherwise.

bIncludeAttributes - True to include attributes of the user in the XML, false otherwise.

listAttributes - The list of attributes to include in the XML if attributes are included.

Returns:

A string of XML describing the user.

getUserPasswordResetToken

public static String getUserPasswordResetToken(AdminUser user,
                                               Date timestamp,
                                               javax.servlet.http.HttpServletRequest request)

Get a user reset password token

Parameters:

user - the user

timestamp - the timestamp of the token

request - he request

Returns:

the reset password token