View Javadoc
1   /*
2    * Copyright (c) 2002-2021, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.mylutece.modules.database.authentication.service;
35  
36  import fr.paris.lutece.plugins.mylutece.business.attribute.AttributeHome;
37  import fr.paris.lutece.plugins.mylutece.business.attribute.IAttribute;
38  import fr.paris.lutece.plugins.mylutece.business.attribute.MyLuteceUserField;
39  import fr.paris.lutece.plugins.mylutece.business.attribute.MyLuteceUserFieldHome;
40  import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.DatabaseHome;
41  import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.DatabaseUser;
42  import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.DatabaseUserHome;
43  import fr.paris.lutece.plugins.mylutece.service.IAnonymizationService;
44  import fr.paris.lutece.plugins.mylutece.service.MyLutecePlugin;
45  import fr.paris.lutece.portal.service.plugin.Plugin;
46  import fr.paris.lutece.portal.service.plugin.PluginService;
47  import fr.paris.lutece.portal.service.spring.SpringContextService;
48  import fr.paris.lutece.portal.service.util.AppPropertiesService;
49  import fr.paris.lutece.portal.service.util.CryptoService;
50  
51  import java.util.ArrayList;
52  import java.util.List;
53  import java.util.Locale;
54  import java.util.Map;
55  
56  /**
57   * Service to handle user anonymization
58   *
59   */
60  public class DatabaseAnonymizationService implements IAnonymizationService
61  {
62      public static final String BEAN_DATABASE_ANONYMIZATION_SERVICE = "mylutece-database.databaseAnonymizationService";
63  
64      // PARAMETERS
65      private static final String PARAMETER_LOGIN = "login";
66      private static final String PARAMETER_EMAIL = "email";
67      private static final String PARAMETER_NAME_GIVEN = "name_given";
68      private static final String PARAMETER_NAME_FAMILY = "name_family";
69  
70      // PROPERTIES
71      private static final String PROPERTY_ANONYMIZATION_ENCRYPT_ALGO = "security.anonymization.encryptAlgo";
72  
73      // CONSTANTS
74      private static final String CONSTANT_DEFAULT_ENCRYPT_ALGO = "SHA-256";
75      private Plugin _plugin = PluginService.getPlugin( DatabasePlugin.PLUGIN_NAME );
76  
77      /**
78       * Returns the instance of the singleton
79       * 
80       * @return The instance of the singleton
81       */
82      public static DatabaseAnonymizationService getService( )
83      {
84          return SpringContextService.<DatabaseAnonymizationService> getBean( BEAN_DATABASE_ANONYMIZATION_SERVICE );
85      }
86  
87      /**
88       * {@inheritDoc}
89       */
90      @Override
91      public void anonymizeUser( Integer nUserId, Locale locale )
92      {
93          DatabaseUser user = DatabaseUserHome.findByPrimaryKey( nUserId, _plugin );
94  
95          String strEncryptionAlgorithme = AppPropertiesService.getProperty( PROPERTY_ANONYMIZATION_ENCRYPT_ALGO, CONSTANT_DEFAULT_ENCRYPT_ALGO );
96          Plugin pluginMyLutece = PluginService.getPlugin( MyLutecePlugin.PLUGIN_NAME );
97          Map<String, Boolean> anonymizationStatus = AttributeHome.getAnonymizationStatusUserStaticField( pluginMyLutece );
98  
99          if ( Boolean.TRUE.equals( anonymizationStatus.get( PARAMETER_LOGIN ) ) )
100         {
101             user.setLogin( CryptoService.encrypt( user.getLogin( ), strEncryptionAlgorithme ) );
102         }
103 
104         if ( Boolean.TRUE.equals( anonymizationStatus.get( PARAMETER_EMAIL ) ) )
105         {
106             user.setEmail( CryptoService.encrypt( user.getEmail( ), strEncryptionAlgorithme ) );
107         }
108 
109         if ( Boolean.TRUE.equals( anonymizationStatus.get( PARAMETER_NAME_FAMILY ) ) )
110         {
111             user.setLastName( CryptoService.encrypt( user.getLastName( ), strEncryptionAlgorithme ) );
112         }
113 
114         if ( Boolean.TRUE.equals( anonymizationStatus.get( PARAMETER_NAME_GIVEN ) ) )
115         {
116             user.setFirstName( CryptoService.encrypt( user.getFirstName( ), strEncryptionAlgorithme ) );
117         }
118 
119         user.setStatus( DatabaseUser.STATUS_ANONYMIZED );
120 
121         DatabaseHome.removeGroupsForUser( nUserId, _plugin );
122         DatabaseHome.removeRolesForUser( nUserId, _plugin );
123         DatabaseUserHome.update( user, _plugin );
124 
125         List<IAttribute> listAllAttributes = AttributeHome.findAll( locale, pluginMyLutece );
126         List<IAttribute> listAttributesText = new ArrayList<>( );
127 
128         for ( IAttribute attribut : listAllAttributes )
129         {
130             if ( attribut.isAnonymizable( ) )
131             {
132                 listAttributesText.add( attribut );
133             }
134         }
135 
136         for ( IAttribute attribute : listAttributesText )
137         {
138             List<MyLuteceUserField> listUserField = MyLuteceUserFieldHome.selectUserFieldsByIdUserIdAttribute( nUserId, attribute.getIdAttribute( ),
139                     pluginMyLutece );
140 
141             for ( MyLuteceUserField userField : listUserField )
142             {
143                 userField.setValue( CryptoService.encrypt( userField.getValue( ), strEncryptionAlgorithme ) );
144                 MyLuteceUserFieldHome.update( userField, pluginMyLutece );
145             }
146         }
147     }
148 
149     /**
150      * {@inheritDoc}
151      */
152     @Override
153     public List<Integer> getExpiredUserIdList( )
154     {
155         return DatabaseUserHome.findAllExpiredUserId( _plugin );
156     }
157 }