AdminUser.java
- /*
- * Copyright (c) 2002-2022, City of Paris
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice
- * and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice
- * and the following disclaimer in the documentation and/or other materials
- * provided with the distribution.
- *
- * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- * License 1.0
- */
- package fr.paris.lutece.portal.business.user;
- import fr.paris.lutece.api.user.User;
- import fr.paris.lutece.api.user.UserRole;
- import fr.paris.lutece.portal.business.rbac.RBACRole;
- import fr.paris.lutece.portal.business.right.Right;
- import fr.paris.lutece.portal.business.user.attribute.IAttribute;
- import fr.paris.lutece.portal.business.user.authentication.AdminAuthentication;
- import fr.paris.lutece.portal.business.user.parameter.EmailPatternRegularExpressionRemovalListener;
- import fr.paris.lutece.portal.service.regularexpression.RegularExpressionRemovalListenerService;
- import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupResource;
- import fr.paris.lutece.portal.web.l10n.LocaleService;
- import org.apache.commons.lang3.StringUtils;
- import java.io.Serializable;
- import java.sql.Timestamp;
- import java.util.ArrayList;
- import java.util.HashMap;
- import java.util.List;
- import java.util.Locale;
- import java.util.Map;
- import javax.validation.constraints.NotNull;
- /**
- * This Interface defines all methods required for an admin user implementation
- */
- public class AdminUser implements Serializable, AdminWorkgroupResource, User
- {
- public static final String RESOURCE_TYPE = "ADMIN_USER";
- /** USER REALM TYPE **/
- public static final String USER_REALM = "BACK_OFFICE_USER";
- public static final int ACTIVE_CODE = 0;
- public static final int NOT_ACTIVE_CODE = 1;
- public static final int EXPIRED_CODE = 5;
- public static final int ANONYMIZED_CODE = 10;
- private static final Timestamp DEFAULT_DATE_LAST_LOGIN = Timestamp.valueOf( "1980-01-01 00:00:00" );
- private static final long serialVersionUID = 7533831976351347197L;
- private static EmailPatternRegularExpressionRemovalListener _listenerRegularExpression;
- private int _nUserId;
- private String _strAccessCode;
- private String _strLastName;
- private String _strFirstName;
- private String _strEmail;
- private int _nStatus;
- private int _nUserLevel;
- private boolean _bIsPasswordReset;
- private boolean _bAccessibilityMode;
- private Timestamp _passwordMaxValidDate;
- private Timestamp _accountMaxValidDate;
- private Timestamp _dateLastLogin;
- private String _strWorkgroupKey;
- private HashMap<String, Object> _userInfo = new HashMap<>( );
- /** User's workgroups */
- private List<String> _workgroups = new ArrayList<String>( );
- /**
- * User's rights. We use a HashMap instead of a Map so that the field is forced to be serializable.
- */
- private HashMap<String, Right> _rights = new HashMap<>( );
- /**
- * User's roles. We use a HashMap instead of a Map so that the field is forced to be serializable.
- */
- private HashMap<String, UserRole> _roles = new HashMap<>( );
- /** Authentication Service */
- private String _strAuthenticationService;
- /** Authentication Service */
- private String _strAuthenticationType;
- /** the user's locale */
- private Locale _locale;
- /**
- * Constructor
- */
- public AdminUser( )
- {
- }
- /**
- * Constructor
- *
- * @param stAccessCode
- * The User Name
- * @param authenticationService
- * The PortalAuthentication object
- */
- public AdminUser( String stAccessCode, AdminAuthentication authenticationService )
- {
- _strAccessCode = stAccessCode;
- _strAuthenticationService = authenticationService.getAuthServiceName( );
- }
- /**
- * Init
- */
- public static synchronized void init( )
- {
- if ( _listenerRegularExpression == null )
- {
- _listenerRegularExpression = new EmailPatternRegularExpressionRemovalListener( );
- RegularExpressionRemovalListenerService.getService( ).registerListener( _listenerRegularExpression );
- }
- }
- /**
- * Get the user's Locale
- *
- * @return The user's locale
- */
- @NotNull
- public Locale getLocale( )
- {
- return ( _locale == null ) ? LocaleService.getDefault( ) : _locale;
- }
- /**
- * Set the user Locale
- *
- * @param locale
- * The locale
- */
- public void setLocale( Locale locale )
- {
- _locale = locale;
- }
- /**
- * Return the user's id
- *
- * @return The user id
- */
- public int getUserId( )
- {
- return _nUserId;
- }
- /**
- * Sets the user's id
- *
- * @param nUserId
- * The User id
- */
- public void setUserId( int nUserId )
- {
- _nUserId = nUserId;
- }
- /**
- * @return Returns the status. Only ACTIVE_CODE, NOT_ACTIVE_CODE or ANONYMIZED_CODE are returned. If the status in an other status, then its equivalent is
- * returned
- */
- public int getStatus( )
- {
- switch( _nStatus )
- {
- case ACTIVE_CODE:
- case ANONYMIZED_CODE:
- case NOT_ACTIVE_CODE:
- return _nStatus;
- case EXPIRED_CODE:
- return ANONYMIZED_CODE;
- default:
- return ACTIVE_CODE;
- }
- }
- /**
- * @return Returns the real status of the user.
- */
- public int getRealStatus( )
- {
- return _nStatus;
- }
- /**
- * @param nStatus
- * The _nStatus to set.
- */
- public void setStatus( int nStatus )
- {
- _nStatus = nStatus;
- }
- /**
- * Tells whether the current user is active or not
- *
- * @return true if active, false otherwise
- */
- public boolean isStatusActive( )
- {
- return ( _nStatus == ACTIVE_CODE );
- }
- /**
- * Tells whether the current user is anonymized
- *
- * @return true if anonymized, false otherwise
- */
- public boolean isStatusAnonymized( )
- {
- return ( _nStatus == ANONYMIZED_CODE );
- }
- /**
- * Returns the last name of this user.
- *
- * @return the user last name
- */
- @Override
- public String getLastName( )
- {
- return _strLastName;
- }
- /**
- * Sets the last name of the user to the specified string.
- *
- * @param strLastName
- * the new last name
- */
- public void setLastName( String strLastName )
- {
- _strLastName = ( strLastName == null ) ? StringUtils.EMPTY : strLastName;
- }
- /**
- * Returns the first name of this user.
- *
- * @return the user first name
- */
- @Override
- public String getFirstName( )
- {
- return _strFirstName;
- }
- /**
- * Sets the first name of the user to the specified string.
- *
- * @param strFirstName
- * the new first name
- */
- public void setFirstName( String strFirstName )
- {
- _strFirstName = ( strFirstName == null ) ? StringUtils.EMPTY : strFirstName;
- }
- /**
- * Returns the email of this user.
- *
- * @return the user email
- */
- @Override
- public String getEmail( )
- {
- return _strEmail;
- }
- /**
- * Sets the email of the user to the specified string.
- *
- * @param strEmail
- * the new email
- */
- public void setEmail( String strEmail )
- {
- _strEmail = ( strEmail == null ) ? StringUtils.EMPTY : strEmail;
- }
- /**
- * @return Returns the _strAccessCode.
- */
- @Override
- public String getAccessCode( )
- {
- return _strAccessCode;
- }
- /**
- * @param strAccessCode
- * The _strAccessCode to set.
- */
- public void setAccessCode( String strAccessCode )
- {
- _strAccessCode = strAccessCode;
- }
- /**
- * Get the maximum valid date of the password of the user
- *
- * @return The maximum valid date of the password of the user
- */
- public Timestamp getPasswordMaxValidDate( )
- {
- return _passwordMaxValidDate;
- }
- /**
- * Set the maximum valid date of the password of the user
- *
- * @param passwordMaxValidDate
- * The new maximum valid date of the password of the user, or null if it doesn't have any.
- */
- public void setPasswordMaxValidDate( Timestamp passwordMaxValidDate )
- {
- _passwordMaxValidDate = passwordMaxValidDate;
- }
- /**
- * Get the expiration date of the user account.
- *
- * @return The expiration date of the user account, or null if it doesn't have any.
- */
- public Timestamp getAccountMaxValidDate( )
- {
- return _accountMaxValidDate;
- }
- /**
- * Set the expiration date of the user account.
- *
- * @param accountMaxValidDate
- * The new expiration date of the user account.
- */
- public void setAccountMaxValidDate( Timestamp accountMaxValidDate )
- {
- _accountMaxValidDate = accountMaxValidDate;
- }
- /**
- * Returns user's roles
- *
- * @deprecated use getRBACRoles( )
- * @return Returns user's roles
- */
- @Deprecated
- public Map<String, UserRole> getRoles( )
- {
- return _roles;
- }
- /**
- * {@inheritDoc }
- */
- @Override
- public Map<String, UserRole> getUserRoles( )
- {
- return _roles;
- }
- /**
- * add user's roles
- *
- * @param roles
- * The User roles
- */
- public void addRoles( Map<String, RBACRole> roles )
- {
- _roles.putAll( roles );
- }
- /**
- * Defines user's roles
- *
- * @param roles
- * The User roles
- */
- public void setRoles( Map<String, RBACRole> roles )
- {
- _roles.clear( );
- _roles.putAll( roles );
- }
- /**
- * Returns user's rights
- *
- * @return Returns user's rights
- */
- public Map<String, Right> getRights( )
- {
- return _rights;
- }
- /**
- * Verify user rights on a given functionality
- *
- * @param strRightCode
- * right code which corresponding to the functionality
- * @return true if user have this authorisation and false otherwise
- */
- public boolean checkRight( String strRightCode )
- {
- return _rights.containsKey( strRightCode );
- }
- /**
- * Defines user's rights
- *
- * @param rights
- * The User rights
- */
- public void setRights( Map<String, Right> rights )
- {
- _rights.clear( );
- _rights.putAll( rights );
- }
- /**
- * Update user right
- *
- * @param rightToUpdate
- * to update in _rights for user
- */
- public void updateRight( Right rightToUpdate )
- {
- for ( Right right : _rights.values( ) )
- {
- if ( right.getId( ).equals( rightToUpdate.getId( ) ) )
- {
- _rights.put( right.getId( ), rightToUpdate );
- }
- }
- }
- // //////////////////////////////////////////////////////////////////////////
- // Authentication infos
- /**
- * Defines the authentification service that had authentified the user
- *
- * @param strAuthenticationService
- * The authentification service
- */
- public void setAuthenticationService( String strAuthenticationService )
- {
- _strAuthenticationService = strAuthenticationService;
- }
- /**
- * Returns the authentification service that had authentified the user
- *
- * @return the authentification service that had authentified the user
- */
- public String getAuthenticationService( )
- {
- return _strAuthenticationService;
- }
- /**
- * Defines the authentification type that had authentified the user
- *
- * @param strAuthenticationType
- * The authentification type
- */
- public void setAuthenticationType( String strAuthenticationType )
- {
- _strAuthenticationType = strAuthenticationType;
- }
- /**
- * Returns the authentification type that had authentified the user
- *
- * @return the authentification type that had authentified the user
- */
- public String getAuthenticationType( )
- {
- return _strAuthenticationType;
- }
- /**
- * Defines the user level
- *
- * @param nUserLevel
- * the user level
- */
- public void setUserLevel( int nUserLevel )
- {
- _nUserLevel = nUserLevel;
- }
- /**
- * Returns the user level
- *
- * @return the user level
- */
- public int getUserLevel( )
- {
- return _nUserLevel;
- }
- /**
- * Check if current user has rights over user
- *
- * @param user
- * the user to check
- * @return true if current user has higher level than user
- */
- public boolean isParent( AdminUser user )
- {
- return _nUserLevel < user.getUserLevel( );
- }
- /**
- * Check if current user has rights depending on level
- *
- * @param level
- * a level id
- * @return true if current user has higher level than level
- */
- public boolean hasRights( int level )
- {
- return _nUserLevel < level;
- }
- /**
- * Check if this user has admin rights
- *
- * @return true if user has admin rights
- */
- public boolean isAdmin( )
- {
- return _nUserLevel == 0;
- }
- /**
- * Check if this user has a given role
- *
- * @param strRole
- * The role key
- * @return true if user has the role
- */
- public boolean isInRole( String strRole )
- {
- // Reload roles because roles are only load by the bind and should not be accessible
- // through users list for security reasons
- Map<String, RBACRole> roles = AdminUserHome.getRolesListForUser( getUserId( ) );
- return roles.containsKey( strRole );
- }
- /**
- * Check if the password has been reinitialized
- *
- * @return true if it has been reinitialized, false otherwise
- */
- public boolean isPasswordReset( )
- {
- return _bIsPasswordReset;
- }
- /**
- * Set pwd reseted
- *
- * @param bIsPasswordReset
- * true if it has been reinitialized, false otherwise
- */
- public void setPasswordReset( boolean bIsPasswordReset )
- {
- _bIsPasswordReset = bIsPasswordReset;
- }
- /**
- * Set the accessibility mode
- *
- * @param bAccessibilityMode
- * true if the mode is accessible, false otherwise
- */
- public void setAccessibilityMode( boolean bAccessibilityMode )
- {
- _bAccessibilityMode = bAccessibilityMode;
- }
- /**
- * Return the accessibility mode
- *
- * @return true if the mode is accessible, false otherwise
- */
- public boolean getAccessibilityMode( )
- {
- return _bAccessibilityMode;
- }
- /**
- * Get the last login date of the user
- *
- * @return The last login date of the user
- */
- public Timestamp getDateLastLogin( )
- {
- return _dateLastLogin;
- }
- /**
- * Set the last login date of the user
- *
- * @param dateLastLogin
- * The last login date of the user
- */
- public void setDateLastLogin( Timestamp dateLastLogin )
- {
- _dateLastLogin = dateLastLogin;
- }
- /**
- * @return the _strWorkgroupKey
- */
- public String getWorkgroupKey( )
- {
- return _strWorkgroupKey;
- }
- /**
- * @param strWorkgroupKey
- * the _strWorkgroupKey to set
- */
- public void setWorkgroupKey( String strWorkgroupKey )
- {
- this._strWorkgroupKey = strWorkgroupKey;
- }
- @Override
- public String getWorkgroup( )
- {
- return getWorkgroupKey( );
- }
- /**
- * Sets a user info for the given key.
- *
- * User infos are intended to be lightweight attributes that do not expose a UI, by opposition the {@link IAttribute} system. The user infos are not
- * persisted. Subclasses can choose another strategy.
- *
- * @param strKey
- * the key
- * @param info
- * the info
- * @param <X>
- * the value's type stored in the user map info
- * @return the previous value associated with <tt>strKey</tt>, or <tt>null</tt> if there was no mapping for <tt>strKey</tt>. (A <tt>null</tt> return can
- * also indicate that <tt>null</tt> was previously associated with <tt>strKey</tt>)
- * @since 6.2.0
- */
- public <X extends Object> X setUserInfo( String strKey, X info )
- {
- return (X) _userInfo.put( strKey, info );
- }
- /**
- * Gets the user info for a given key
- *
- * @param strKey
- * the key
- * @param <X>
- * the value's type stored in the user map info
- * @return the info
- * @since 6.2.0
- * @see #setUserInfo(String, Object)
- */
- public <X extends Object> X getUserInfo( String strKey )
- {
- return (X) _userInfo.get( strKey );
- }
- public static Timestamp getDefaultDateLastLogin( )
- {
- return new Timestamp( DEFAULT_DATE_LAST_LOGIN.getTime( ) );
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public List<String> getUserWorkgroups( )
- {
- return _workgroups;
- }
- /**
- * Defines user's workgroups
- *
- * @param worgroups
- * The User workgroups
- */
- public void setUserWorkgroups( List<String> workgroups )
- {
- this._workgroups = workgroups;
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getRealm( )
- {
- return USER_REALM;
- }
- }