AdminUser.java

  1. /*
  2.  * Copyright (c) 2002-2022, City of Paris
  3.  * All rights reserved.
  4.  *
  5.  * Redistribution and use in source and binary forms, with or without
  6.  * modification, are permitted provided that the following conditions
  7.  * are met:
  8.  *
  9.  *  1. Redistributions of source code must retain the above copyright notice
  10.  *     and the following disclaimer.
  11.  *
  12.  *  2. Redistributions in binary form must reproduce the above copyright notice
  13.  *     and the following disclaimer in the documentation and/or other materials
  14.  *     provided with the distribution.
  15.  *
  16.  *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
  17.  *     contributors may be used to endorse or promote products derived from
  18.  *     this software without specific prior written permission.
  19.  *
  20.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21.  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23.  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
  24.  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  25.  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  26.  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  27.  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  28.  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  29.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  30.  * POSSIBILITY OF SUCH DAMAGE.
  31.  *
  32.  * License 1.0
  33.  */
  34. package fr.paris.lutece.portal.business.user;

  35. import fr.paris.lutece.api.user.User;
  36. import fr.paris.lutece.api.user.UserRole;
  37. import fr.paris.lutece.portal.business.rbac.RBACRole;
  38. import fr.paris.lutece.portal.business.right.Right;
  39. import fr.paris.lutece.portal.business.user.attribute.IAttribute;
  40. import fr.paris.lutece.portal.business.user.authentication.AdminAuthentication;
  41. import fr.paris.lutece.portal.business.user.parameter.EmailPatternRegularExpressionRemovalListener;
  42. import fr.paris.lutece.portal.service.regularexpression.RegularExpressionRemovalListenerService;
  43. import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupResource;
  44. import fr.paris.lutece.portal.web.l10n.LocaleService;

  45. import org.apache.commons.lang3.StringUtils;

  46. import java.io.Serializable;

  47. import java.sql.Timestamp;
  48. import java.util.ArrayList;
  49. import java.util.HashMap;
  50. import java.util.List;
  51. import java.util.Locale;
  52. import java.util.Map;

  53. import javax.validation.constraints.NotNull;

  54. /**
  55.  * This Interface defines all methods required for an admin user implementation
  56.  */
  57. public class AdminUser implements Serializable, AdminWorkgroupResource, User
  58. {
  59.     public static final String RESOURCE_TYPE = "ADMIN_USER";
  60.     /** USER REALM TYPE **/
  61.     public static final String USER_REALM = "BACK_OFFICE_USER";
  62.     public static final int ACTIVE_CODE = 0;
  63.     public static final int NOT_ACTIVE_CODE = 1;
  64.     public static final int EXPIRED_CODE = 5;
  65.     public static final int ANONYMIZED_CODE = 10;
  66.     private static final Timestamp DEFAULT_DATE_LAST_LOGIN = Timestamp.valueOf( "1980-01-01 00:00:00" );
  67.     private static final long serialVersionUID = 7533831976351347197L;
  68.     private static EmailPatternRegularExpressionRemovalListener _listenerRegularExpression;
  69.     private int _nUserId;
  70.     private String _strAccessCode;
  71.     private String _strLastName;
  72.     private String _strFirstName;
  73.     private String _strEmail;
  74.     private int _nStatus;
  75.     private int _nUserLevel;
  76.     private boolean _bIsPasswordReset;
  77.     private boolean _bAccessibilityMode;
  78.     private Timestamp _passwordMaxValidDate;
  79.     private Timestamp _accountMaxValidDate;
  80.     private Timestamp _dateLastLogin;
  81.     private String _strWorkgroupKey;
  82.     private HashMap<String, Object> _userInfo = new HashMap<>( );
  83.     /** User's workgroups */
  84.     private List<String> _workgroups = new ArrayList<String>( );

  85.     /**
  86.      * User's rights. We use a HashMap instead of a Map so that the field is forced to be serializable.
  87.      */
  88.     private HashMap<String, Right> _rights = new HashMap<>( );

  89.     /**
  90.      * User's roles. We use a HashMap instead of a Map so that the field is forced to be serializable.
  91.      */
  92.     private HashMap<String, UserRole> _roles = new HashMap<>( );

  93.     /** Authentication Service */
  94.     private String _strAuthenticationService;

  95.     /** Authentication Service */
  96.     private String _strAuthenticationType;

  97.     /** the user's locale */
  98.     private Locale _locale;

  99.     /**
  100.      * Constructor
  101.      */
  102.     public AdminUser( )
  103.     {
  104.     }

  105.     /**
  106.      * Constructor
  107.      *
  108.      * @param stAccessCode
  109.      *            The User Name
  110.      * @param authenticationService
  111.      *            The PortalAuthentication object
  112.      */
  113.     public AdminUser( String stAccessCode, AdminAuthentication authenticationService )
  114.     {
  115.         _strAccessCode = stAccessCode;
  116.         _strAuthenticationService = authenticationService.getAuthServiceName( );
  117.     }

  118.     /**
  119.      * Init
  120.      */
  121.     public static synchronized void init( )
  122.     {
  123.         if ( _listenerRegularExpression == null )
  124.         {
  125.             _listenerRegularExpression = new EmailPatternRegularExpressionRemovalListener( );
  126.             RegularExpressionRemovalListenerService.getService( ).registerListener( _listenerRegularExpression );
  127.         }
  128.     }

  129.     /**
  130.      * Get the user's Locale
  131.      *
  132.      * @return The user's locale
  133.      */
  134.     @NotNull
  135.     public Locale getLocale( )
  136.     {
  137.         return ( _locale == null ) ? LocaleService.getDefault( ) : _locale;
  138.     }

  139.     /**
  140.      * Set the user Locale
  141.      *
  142.      * @param locale
  143.      *            The locale
  144.      */
  145.     public void setLocale( Locale locale )
  146.     {
  147.         _locale = locale;
  148.     }

  149.     /**
  150.      * Return the user's id
  151.      *
  152.      * @return The user id
  153.      */
  154.     public int getUserId( )
  155.     {
  156.         return _nUserId;
  157.     }

  158.     /**
  159.      * Sets the user's id
  160.      *
  161.      * @param nUserId
  162.      *            The User id
  163.      */
  164.     public void setUserId( int nUserId )
  165.     {
  166.         _nUserId = nUserId;
  167.     }

  168.     /**
  169.      * @return Returns the status. Only ACTIVE_CODE, NOT_ACTIVE_CODE or ANONYMIZED_CODE are returned. If the status in an other status, then its equivalent is
  170.      *         returned
  171.      */
  172.     public int getStatus( )
  173.     {
  174.         switch( _nStatus )
  175.         {
  176.             case ACTIVE_CODE:
  177.             case ANONYMIZED_CODE:
  178.             case NOT_ACTIVE_CODE:
  179.                 return _nStatus;

  180.             case EXPIRED_CODE:
  181.                 return ANONYMIZED_CODE;

  182.             default:
  183.                 return ACTIVE_CODE;
  184.         }
  185.     }

  186.     /**
  187.      * @return Returns the real status of the user.
  188.      */
  189.     public int getRealStatus( )
  190.     {
  191.         return _nStatus;
  192.     }

  193.     /**
  194.      * @param nStatus
  195.      *            The _nStatus to set.
  196.      */
  197.     public void setStatus( int nStatus )
  198.     {
  199.         _nStatus = nStatus;
  200.     }

  201.     /**
  202.      * Tells whether the current user is active or not
  203.      *
  204.      * @return true if active, false otherwise
  205.      */
  206.     public boolean isStatusActive( )
  207.     {
  208.         return ( _nStatus == ACTIVE_CODE );
  209.     }

  210.     /**
  211.      * Tells whether the current user is anonymized
  212.      *
  213.      * @return true if anonymized, false otherwise
  214.      */
  215.     public boolean isStatusAnonymized( )
  216.     {
  217.         return ( _nStatus == ANONYMIZED_CODE );
  218.     }

  219.     /**
  220.      * Returns the last name of this user.
  221.      *
  222.      * @return the user last name
  223.      */
  224.     @Override
  225.     public String getLastName( )
  226.     {
  227.         return _strLastName;
  228.     }

  229.     /**
  230.      * Sets the last name of the user to the specified string.
  231.      *
  232.      * @param strLastName
  233.      *            the new last name
  234.      */
  235.     public void setLastName( String strLastName )
  236.     {
  237.         _strLastName = ( strLastName == null ) ? StringUtils.EMPTY : strLastName;
  238.     }

  239.     /**
  240.      * Returns the first name of this user.
  241.      *
  242.      * @return the user first name
  243.      */
  244.     @Override
  245.     public String getFirstName( )
  246.     {
  247.         return _strFirstName;
  248.     }

  249.     /**
  250.      * Sets the first name of the user to the specified string.
  251.      *
  252.      * @param strFirstName
  253.      *            the new first name
  254.      */
  255.     public void setFirstName( String strFirstName )
  256.     {
  257.         _strFirstName = ( strFirstName == null ) ? StringUtils.EMPTY : strFirstName;
  258.     }

  259.     /**
  260.      * Returns the email of this user.
  261.      *
  262.      * @return the user email
  263.      */
  264.     @Override
  265.     public String getEmail( )
  266.     {
  267.         return _strEmail;
  268.     }

  269.     /**
  270.      * Sets the email of the user to the specified string.
  271.      *
  272.      * @param strEmail
  273.      *            the new email
  274.      */
  275.     public void setEmail( String strEmail )
  276.     {
  277.         _strEmail = ( strEmail == null ) ? StringUtils.EMPTY : strEmail;
  278.     }

  279.     /**
  280.      * @return Returns the _strAccessCode.
  281.      */
  282.     @Override
  283.     public String getAccessCode( )
  284.     {
  285.         return _strAccessCode;
  286.     }

  287.     /**
  288.      * @param strAccessCode
  289.      *            The _strAccessCode to set.
  290.      */
  291.     public void setAccessCode( String strAccessCode )
  292.     {
  293.         _strAccessCode = strAccessCode;
  294.     }

  295.     /**
  296.      * Get the maximum valid date of the password of the user
  297.      *
  298.      * @return The maximum valid date of the password of the user
  299.      */
  300.     public Timestamp getPasswordMaxValidDate( )
  301.     {
  302.         return _passwordMaxValidDate;
  303.     }

  304.     /**
  305.      * Set the maximum valid date of the password of the user
  306.      *
  307.      * @param passwordMaxValidDate
  308.      *            The new maximum valid date of the password of the user, or null if it doesn't have any.
  309.      */
  310.     public void setPasswordMaxValidDate( Timestamp passwordMaxValidDate )
  311.     {
  312.         _passwordMaxValidDate = passwordMaxValidDate;
  313.     }

  314.     /**
  315.      * Get the expiration date of the user account.
  316.      *
  317.      * @return The expiration date of the user account, or null if it doesn't have any.
  318.      */
  319.     public Timestamp getAccountMaxValidDate( )
  320.     {
  321.         return _accountMaxValidDate;
  322.     }

  323.     /**
  324.      * Set the expiration date of the user account.
  325.      *
  326.      * @param accountMaxValidDate
  327.      *            The new expiration date of the user account.
  328.      */
  329.     public void setAccountMaxValidDate( Timestamp accountMaxValidDate )
  330.     {
  331.         _accountMaxValidDate = accountMaxValidDate;
  332.     }

  333.     /**
  334.      * Returns user's roles
  335.      *
  336.      * @deprecated use getRBACRoles( )
  337.      * @return Returns user's roles
  338.      */
  339.     @Deprecated
  340.     public Map<String, UserRole> getRoles( )
  341.     {
  342.         return _roles;
  343.     }

  344.     /**
  345.      * {@inheritDoc }
  346.      */
  347.     @Override
  348.     public Map<String, UserRole> getUserRoles( )
  349.     {
  350.         return _roles;
  351.     }

  352.     /**
  353.      * add user's roles
  354.      *
  355.      * @param roles
  356.      *            The User roles
  357.      */
  358.     public void addRoles( Map<String, RBACRole> roles )
  359.     {
  360.         _roles.putAll( roles );
  361.     }

  362.     /**
  363.      * Defines user's roles
  364.      *
  365.      * @param roles
  366.      *            The User roles
  367.      */
  368.     public void setRoles( Map<String, RBACRole> roles )
  369.     {
  370.         _roles.clear( );
  371.         _roles.putAll( roles );
  372.     }

  373.     /**
  374.      * Returns user's rights
  375.      *
  376.      * @return Returns user's rights
  377.      */
  378.     public Map<String, Right> getRights( )
  379.     {
  380.         return _rights;
  381.     }

  382.     /**
  383.      * Verify user rights on a given functionality
  384.      *
  385.      * @param strRightCode
  386.      *            right code which corresponding to the functionality
  387.      * @return true if user have this authorisation and false otherwise
  388.      */
  389.     public boolean checkRight( String strRightCode )
  390.     {
  391.         return _rights.containsKey( strRightCode );
  392.     }

  393.     /**
  394.      * Defines user's rights
  395.      *
  396.      * @param rights
  397.      *            The User rights
  398.      */
  399.     public void setRights( Map<String, Right> rights )
  400.     {
  401.         _rights.clear( );
  402.         _rights.putAll( rights );
  403.     }

  404.     /**
  405.      * Update user right
  406.      *
  407.      * @param rightToUpdate
  408.      *            to update in _rights for user
  409.      */
  410.     public void updateRight( Right rightToUpdate )
  411.     {
  412.         for ( Right right : _rights.values( ) )
  413.         {
  414.             if ( right.getId( ).equals( rightToUpdate.getId( ) ) )
  415.             {
  416.                 _rights.put( right.getId( ), rightToUpdate );
  417.             }
  418.         }
  419.     }

  420.     // //////////////////////////////////////////////////////////////////////////
  421.     // Authentication infos

  422.     /**
  423.      * Defines the authentification service that had authentified the user
  424.      *
  425.      * @param strAuthenticationService
  426.      *            The authentification service
  427.      */
  428.     public void setAuthenticationService( String strAuthenticationService )
  429.     {
  430.         _strAuthenticationService = strAuthenticationService;
  431.     }

  432.     /**
  433.      * Returns the authentification service that had authentified the user
  434.      *
  435.      * @return the authentification service that had authentified the user
  436.      */
  437.     public String getAuthenticationService( )
  438.     {
  439.         return _strAuthenticationService;
  440.     }

  441.     /**
  442.      * Defines the authentification type that had authentified the user
  443.      *
  444.      * @param strAuthenticationType
  445.      *            The authentification type
  446.      */
  447.     public void setAuthenticationType( String strAuthenticationType )
  448.     {
  449.         _strAuthenticationType = strAuthenticationType;
  450.     }

  451.     /**
  452.      * Returns the authentification type that had authentified the user
  453.      *
  454.      * @return the authentification type that had authentified the user
  455.      */
  456.     public String getAuthenticationType( )
  457.     {
  458.         return _strAuthenticationType;
  459.     }

  460.     /**
  461.      * Defines the user level
  462.      *
  463.      * @param nUserLevel
  464.      *            the user level
  465.      */
  466.     public void setUserLevel( int nUserLevel )
  467.     {
  468.         _nUserLevel = nUserLevel;
  469.     }

  470.     /**
  471.      * Returns the user level
  472.      *
  473.      * @return the user level
  474.      */
  475.     public int getUserLevel( )
  476.     {
  477.         return _nUserLevel;
  478.     }

  479.     /**
  480.      * Check if current user has rights over user
  481.      *
  482.      * @param user
  483.      *            the user to check
  484.      * @return true if current user has higher level than user
  485.      */
  486.     public boolean isParent( AdminUser user )
  487.     {
  488.         return _nUserLevel < user.getUserLevel( );
  489.     }

  490.     /**
  491.      * Check if current user has rights depending on level
  492.      *
  493.      * @param level
  494.      *            a level id
  495.      * @return true if current user has higher level than level
  496.      */
  497.     public boolean hasRights( int level )
  498.     {
  499.         return _nUserLevel < level;
  500.     }

  501.     /**
  502.      * Check if this user has admin rights
  503.      *
  504.      * @return true if user has admin rights
  505.      */
  506.     public boolean isAdmin( )
  507.     {
  508.         return _nUserLevel == 0;
  509.     }

  510.     /**
  511.      * Check if this user has a given role
  512.      *
  513.      * @param strRole
  514.      *            The role key
  515.      * @return true if user has the role
  516.      */
  517.     public boolean isInRole( String strRole )
  518.     {
  519.         // Reload roles because roles are only load by the bind and should not be accessible
  520.         // through users list for security reasons
  521.         Map<String, RBACRole> roles = AdminUserHome.getRolesListForUser( getUserId( ) );

  522.         return roles.containsKey( strRole );
  523.     }

  524.     /**
  525.      * Check if the password has been reinitialized
  526.      *
  527.      * @return true if it has been reinitialized, false otherwise
  528.      */
  529.     public boolean isPasswordReset( )
  530.     {
  531.         return _bIsPasswordReset;
  532.     }

  533.     /**
  534.      * Set pwd reseted
  535.      *
  536.      * @param bIsPasswordReset
  537.      *            true if it has been reinitialized, false otherwise
  538.      */
  539.     public void setPasswordReset( boolean bIsPasswordReset )
  540.     {
  541.         _bIsPasswordReset = bIsPasswordReset;
  542.     }

  543.     /**
  544.      * Set the accessibility mode
  545.      *
  546.      * @param bAccessibilityMode
  547.      *            true if the mode is accessible, false otherwise
  548.      */
  549.     public void setAccessibilityMode( boolean bAccessibilityMode )
  550.     {
  551.         _bAccessibilityMode = bAccessibilityMode;
  552.     }

  553.     /**
  554.      * Return the accessibility mode
  555.      *
  556.      * @return true if the mode is accessible, false otherwise
  557.      */
  558.     public boolean getAccessibilityMode( )
  559.     {
  560.         return _bAccessibilityMode;
  561.     }

  562.     /**
  563.      * Get the last login date of the user
  564.      *
  565.      * @return The last login date of the user
  566.      */
  567.     public Timestamp getDateLastLogin( )
  568.     {
  569.         return _dateLastLogin;
  570.     }

  571.     /**
  572.      * Set the last login date of the user
  573.      *
  574.      * @param dateLastLogin
  575.      *            The last login date of the user
  576.      */
  577.     public void setDateLastLogin( Timestamp dateLastLogin )
  578.     {
  579.         _dateLastLogin = dateLastLogin;
  580.     }

  581.     /**
  582.      * @return the _strWorkgroupKey
  583.      */
  584.     public String getWorkgroupKey( )
  585.     {
  586.         return _strWorkgroupKey;
  587.     }

  588.     /**
  589.      * @param strWorkgroupKey
  590.      *            the _strWorkgroupKey to set
  591.      */
  592.     public void setWorkgroupKey( String strWorkgroupKey )
  593.     {
  594.         this._strWorkgroupKey = strWorkgroupKey;
  595.     }

  596.     @Override
  597.     public String getWorkgroup( )
  598.     {
  599.         return getWorkgroupKey( );
  600.     }

  601.     /**
  602.      * Sets a user info for the given key.
  603.      *
  604.      * User infos are intended to be lightweight attributes that do not expose a UI, by opposition the {@link IAttribute} system. The user infos are not
  605.      * persisted. Subclasses can choose another strategy.
  606.      *
  607.      * @param strKey
  608.      *            the key
  609.      * @param info
  610.      *            the info
  611.      * @param <X>
  612.      *            the value's type stored in the user map info
  613.      * @return the previous value associated with <tt>strKey</tt>, or <tt>null</tt> if there was no mapping for <tt>strKey</tt>. (A <tt>null</tt> return can
  614.      *         also indicate that <tt>null</tt> was previously associated with <tt>strKey</tt>)
  615.      * @since 6.2.0
  616.      */
  617.     public <X extends Object> X setUserInfo( String strKey, X info )
  618.     {
  619.         return (X) _userInfo.put( strKey, info );
  620.     }

  621.     /**
  622.      * Gets the user info for a given key
  623.      *
  624.      * @param strKey
  625.      *            the key
  626.      * @param <X>
  627.      *            the value's type stored in the user map info
  628.      * @return the info
  629.      * @since 6.2.0
  630.      * @see #setUserInfo(String, Object)
  631.      */
  632.     public <X extends Object> X getUserInfo( String strKey )
  633.     {
  634.         return (X) _userInfo.get( strKey );
  635.     }

  636.     public static Timestamp getDefaultDateLastLogin( )
  637.     {
  638.         return new Timestamp( DEFAULT_DATE_LAST_LOGIN.getTime( ) );
  639.     }

  640.     /**
  641.      * {@inheritDoc}
  642.      */
  643.     @Override
  644.     public List<String> getUserWorkgroups( )
  645.     {
  646.         return _workgroups;
  647.     }

  648.     /**
  649.      * Defines user's workgroups
  650.      *
  651.      * @param worgroups
  652.      *            The User workgroups
  653.      */
  654.     public void setUserWorkgroups( List<String> workgroups )
  655.     {
  656.         this._workgroups = workgroups;
  657.     }

  658.     /**
  659.      * {@inheritDoc}
  660.      */
  661.     @Override
  662.     public String getRealm( )
  663.     {
  664.         return USER_REALM;
  665.     }

  666. }