1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.portal.business.user.authentication;
35
36 import fr.paris.lutece.portal.service.util.AppException;
37 import fr.paris.lutece.util.password.IPassword;
38 import fr.paris.lutece.util.password.IPasswordFactory;
39 import fr.paris.lutece.util.sql.DAOUtil;
40
41 import java.sql.Timestamp;
42
43 import javax.inject.Inject;
44
45
46
47
48
49 public class LuteceDefaultAdminUserDAO implements ILuteceDefaultAdminUserDAO
50 {
51 private static final String SQL_QUERY_LOAD_PASSWORD = "SELECT password FROM core_admin_user WHERE access_code = ? ";
52 private static final String SQL_QUERY_LOAD_USER = " SELECT access_code, id_user, password_max_valid_date, account_max_valid_date, email FROM core_admin_user WHERE access_code = ? ";
53 private static final String SQL_QUERY_UPDATE_PASSWORD_RESET = "UPDATE core_admin_user set reset_password = ? WHERE id_user = ? ";
54 private static final String SQL_QUERY_UPDATE_PASSWORD = "UPDATE core_admin_user SET password = ? WHERE access_code = ?";
55
56 @Inject
57 private IPasswordFactory _passwordFactory;
58
59
60
61
62
63
64
65
66
67
68
69 public LuteceDefaultAdminUser load( String strAccessCode, AdminAuthentication authenticationService )
70 {
71 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_LOAD_USER );
72 daoUtil.setString( 1, strAccessCode );
73 daoUtil.executeQuery( );
74
75 if ( !daoUtil.next( ) )
76 {
77 daoUtil.free( );
78 throw new AppException( "The line doesn't exist " );
79 }
80
81 String strUserName = daoUtil.getString( 1 );
82 LuteceDefaultAdminUser user = new LuteceDefaultAdminUser( strUserName, authenticationService );
83 user.setUserId( daoUtil.getInt( 2 ) );
84 user.setPasswordMaxValidDate( daoUtil.getTimestamp( 3 ) );
85
86 long accountMaxValidDate = daoUtil.getLong( 4 );
87
88 if ( accountMaxValidDate > 0 )
89 {
90 user.setAccountMaxValidDate( new Timestamp( accountMaxValidDate ) );
91 }
92
93 user.setEmail( daoUtil.getString( 5 ) );
94 daoUtil.free( );
95
96 return user;
97 }
98
99
100
101
102
103
104 public void updateResetPassword( LuteceDefaultAdminUser user, boolean bIsPasswordReset )
105 {
106 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_UPDATE_PASSWORD_RESET );
107 daoUtil.setBoolean( 1, bIsPasswordReset );
108 daoUtil.setInt( 2, user.getUserId( ) );
109 daoUtil.executeUpdate( );
110 daoUtil.free( );
111 }
112
113 @Override
114 public IPassword loadPassword( String strAccessCode )
115 {
116 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_LOAD_PASSWORD );
117 daoUtil.setString( 1, strAccessCode );
118 daoUtil.executeQuery( );
119
120 IPassword storedPassword;
121 try
122 {
123 if ( daoUtil.next( ) )
124 {
125 storedPassword = _passwordFactory.getPassword( daoUtil.getString( 1 ) );
126 } else
127 {
128
129 storedPassword = _passwordFactory.getDummyPassword( );
130 }
131 } finally
132 {
133 daoUtil.free( );
134 }
135
136 return storedPassword;
137 }
138
139 @Override
140 public void store( String strAccessCode, IPassword password )
141 {
142 if ( password.isLegacy( ) )
143 {
144 throw new IllegalArgumentException( "Should not store password in legacy format " + password.getClass( ).getCanonicalName( ) );
145 }
146 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_UPDATE_PASSWORD );
147 try
148 {
149 daoUtil.setString( 1, password.getStorableRepresentation( ) );
150 daoUtil.setString( 2, strAccessCode );
151 daoUtil.executeUpdate( );
152 } finally
153 {
154 daoUtil.free( );
155 }
156 }
157 }