1 package org.apache.turbine.om.security;
2
3
4 /*
5 * Licensed to the Apache Software Foundation (ASF) under one
6 * or more contributor license agreements. See the NOTICE file
7 * distributed with this work for additional information
8 * regarding copyright ownership. The ASF licenses this file
9 * to you under the Apache License, Version 2.0 (the
10 * "License"); you may not use this file except in compliance
11 * with the License. You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing,
16 * software distributed under the License is distributed on an
17 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18 * KIND, either express or implied. See the License for the
19 * specific language governing permissions and limitations
20 * under the License.
21 */
22
23
24 import java.sql.Connection;
25 import java.util.Date;
26 import java.util.Hashtable;
27
28 import javax.servlet.http.HttpSessionBindingEvent;
29
30 import org.apache.commons.logging.Log;
31 import org.apache.commons.logging.LogFactory;
32 import org.apache.turbine.services.security.TurbineSecurity;
33
34 /**
35 * A generic implementation of User interface.
36 *
37 * This basic implementation contains the functionality that is
38 * expected to be common among all User implementations.
39 * You are welcome to extend this class if you wish to have
40 * custom functionality in your user objects (like accessor methods
41 * for custom attributes). <b>Note</b> that implementing a different scheme
42 * of user data storage normally involves writing an implementation of
43 * {@link org.apache.turbine.services.security.UserManager} interface.
44 *
45 * @author <a href="mailto:josh@stonecottage.com">Josh Lucas</a>
46 * @author <a href="mailto:jon@collab.net">Jon S. Stevens</a>
47 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
48 * @author <a href="mailto:frank.kim@clearink.com">Frank Y. Kim</a>
49 * @author <a href="mailto:cberry@gluecode.com">Craig D. Berry</a>
50 * @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
51 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
52 * @version $Id: TurbineUser.java 1078552 2011-03-06 19:58:46Z tv $
53 */
54 public class TurbineUser extends SecurityObject<User> implements User
55 {
56 /** Serial version */
57 private static final long serialVersionUID = 6380024466902321258L;
58
59 /** Logging */
60 private static Log log = LogFactory.getLog(TurbineUser.class);
61
62 /** The date on which the user account was created. */
63 private Date createDate = null;
64
65 /** The date on which the user last accessed the application. */
66 private Date lastAccessDate = null;
67
68 /** This is data that will survive a servlet engine restart. */
69 private Hashtable<String, Object> permStorage = null;
70
71 /** This is data that will not survive a servlet engine restart. */
72 private Hashtable<String, Object> tempStorage = null;
73
74 /**
75 * Constructor.
76 *
77 * Create a new User and set the createDate.
78 */
79 public TurbineUser()
80 {
81 super();
82 createDate = new Date();
83 setHasLoggedIn(Boolean.FALSE);
84 }
85
86 /**
87 * Gets the access counter for a user during a session.
88 *
89 * @return The access counter for the user for the session.
90 */
91 public int getAccessCounterForSession()
92 {
93 try
94 {
95 return ((Integer) getTemp(User.SESSION_ACCESS_COUNTER)).intValue();
96 }
97 catch (Exception e)
98 {
99 return 0;
100 }
101 }
102
103 /**
104 * Gets the access counter for a user from perm storage.
105 *
106 * @return The access counter for the user.
107 */
108 public int getAccessCounter()
109 {
110 try
111 {
112 return ((Integer) getPerm(User.ACCESS_COUNTER)).intValue();
113 }
114 catch (Exception e)
115 {
116 return 0;
117 }
118 }
119
120 /**
121 * Gets the create date for this User. This is the time at which
122 * the user object was created.
123 *
124 * @return A Java Date with the date of creation for the user.
125 */
126 public java.util.Date getCreateDate()
127 {
128 return createDate;
129 }
130
131 /**
132 * Gets the last access date for this User. This is the last time
133 * that the user object was referenced.
134 *
135 * @return A Java Date with the last access date for the user.
136 */
137 public java.util.Date getLastAccessDate()
138 {
139 if (lastAccessDate == null)
140 {
141 setLastAccessDate();
142 }
143 return lastAccessDate;
144 }
145
146 /**
147 * Get last login date/time for this user.
148 *
149 * @return A Java Date with the last login date for the user.
150 */
151 public java.util.Date getLastLogin()
152 {
153 return (java.util.Date) getPerm(User.LAST_LOGIN);
154 }
155
156 /**
157 * Get password for this user.
158 *
159 * @return A String with the password for the user.
160 */
161 public String getPassword()
162 {
163 return (String) getPerm(User.PASSWORD);
164 }
165
166 /**
167 * Get an object from permanent storage.
168 *
169 * @param name The object's name.
170 * @return An Object with the given name, or null if not found.
171 */
172 public Object getPerm(String name)
173 {
174 return getPerm(name,null);
175 }
176
177 /**
178 * Get an object from permanent storage; return default if value
179 * is null.
180 *
181 * @param name The object's name.
182 * @param def A default value to return.
183 * @return An Object with the given name.
184 */
185 public Object getPerm(String name, Object def)
186 {
187 Object val;
188 try
189 {
190 val = getPermStorage().get(name);
191 if (val == null)
192 {
193 val = def;
194 }
195 }
196 catch (Exception e)
197 {
198 val = def;
199 }
200 return val;
201 }
202
203 /**
204 * This should only be used in the case where we want to save the
205 * data to the database.
206 *
207 * @return A Hashtable.
208 */
209 public Hashtable<String, Object> getPermStorage()
210 {
211 if (permStorage == null)
212 {
213 permStorage = new Hashtable<String, Object>(10);
214 }
215 return permStorage;
216 }
217
218 /**
219 * Get an object from temporary storage; return null if the
220 * object can't be found.
221 *
222 * @param name The object's name.
223 * @return An Object with the given name.
224 */
225 public Object getTemp(String name)
226 {
227 return getTemp(name, null);
228 }
229
230 /**
231 * Get an object from temporary storage; return default if value
232 * is null.
233 *
234 * @param name The object's name.
235 * @param def A default value to return.
236 * @return An Object with the given name.
237 */
238 public Object getTemp(String name, Object def)
239 {
240 Object val;
241 try
242 {
243 val = getTempStorage().get(name);
244 if (val == null)
245 {
246 val = def;
247 }
248
249 }
250 catch (Exception e)
251 {
252 val = def;
253 }
254 return val;
255 }
256
257
258 /**
259 * Returns the first name for this user.
260 *
261 * @return A String with the user's first name.
262 */
263 public String getFirstName()
264 {
265 String tmp = null;
266 try
267 {
268 tmp = (String) getPerm(User.FIRST_NAME);
269 if(tmp.length() == 0)
270 {
271 tmp = null;
272 }
273 }
274 catch (Exception e)
275 {
276 // ignore
277 }
278 return tmp;
279 }
280
281 /**
282 * Returns the last name for this user.
283 *
284 * @return A String with the user's last name.
285 */
286 public String getLastName()
287 {
288 String tmp = null;
289 try
290 {
291 tmp = (String) getPerm(User.LAST_NAME);
292 if (tmp.length() == 0)
293 tmp = null;
294 }
295 catch (Exception e)
296 {
297 // ignore
298 }
299 return tmp;
300 }
301
302 /**
303 * The user is considered logged in if they have not timed out.
304 *
305 * @return Whether the user has logged in.
306 */
307 public boolean hasLoggedIn()
308 {
309 Boolean loggedIn = getHasLoggedIn();
310 return (loggedIn != null && loggedIn.booleanValue());
311 }
312
313 /**
314 * Returns the email address for this user.
315 *
316 * @return A String with the user's email address.
317 */
318 public String getEmail()
319 {
320 return (String) getPerm(User.EMAIL);
321 }
322
323 /**
324 * Increments the permanent hit counter for the user.
325 */
326 public void incrementAccessCounter()
327 {
328 setAccessCounter(getAccessCounter() + 1);
329 }
330
331 /**
332 * Increments the session hit counter for the user.
333 */
334 public void incrementAccessCounterForSession()
335 {
336 setAccessCounterForSession(getAccessCounterForSession() + 1);
337 }
338
339 /**
340 * Remove an object from temporary storage and return the object.
341 *
342 * @param name The name of the object to remove.
343 * @return An Object.
344 */
345 public Object removeTemp(String name)
346 {
347 return getTempStorage().remove(name);
348 }
349
350 /**
351 * Sets the access counter for a user, saved in perm storage.
352 *
353 * @param cnt The new count.
354 */
355 public void setAccessCounter(int cnt)
356 {
357 setPerm(User.ACCESS_COUNTER, new Integer(cnt));
358 }
359
360 /**
361 * Sets the session access counter for a user, saved in temp
362 * storage.
363 *
364 * @param cnt The new count.
365 */
366 public void setAccessCounterForSession(int cnt)
367 {
368 setTemp(User.SESSION_ACCESS_COUNTER, new Integer(cnt));
369 }
370
371 /**
372 * Sets the last access date for this User. This is the last time
373 * that the user object was referenced.
374 */
375 public void setLastAccessDate()
376 {
377 lastAccessDate = new java.util.Date();
378 }
379
380 /**
381 * Sets the create date for this User. This is the time at which
382 * the user object was created.
383 *
384 * @param date The create date.
385 */
386 public void setCreateDate(java.util.Date date)
387 {
388 createDate = date;
389 }
390
391 /**
392 * Set last login date/time.
393 *
394 * @param date The last login date.
395 */
396 public void setLastLogin(java.util.Date date)
397 {
398 setPerm(User.LAST_LOGIN, date);
399 }
400
401 /**
402 * Set password.
403 *
404 * @param password The new password.
405 */
406 public void setPassword(String password)
407 {
408 setPerm(User.PASSWORD, password);
409 }
410
411 /**
412 * Put an object into permanent storage. If the value is null,
413 * it will convert that to a "" because the underlying storage
414 * mechanism within TurbineUser is currently a Hashtable and
415 * null is not a valid value.
416 *
417 * @param name The object's name.
418 * @param value The object.
419 */
420 public void setPerm(String name, Object value)
421 {
422 getPermStorage().put(name, (value == null) ? "" : value);
423 }
424
425 /**
426 * This should only be used in the case where we want to save the
427 * data to the database.
428 *
429 * @param permStorage A Hashtable.
430 */
431 public void setPermStorage(Hashtable<String, Object> permStorage)
432 {
433 this.permStorage = permStorage;
434 }
435
436 /**
437 * This should only be used in the case where we want to save the
438 * data to the database.
439 *
440 * @return A Hashtable.
441 */
442 public Hashtable<String, Object> getTempStorage()
443 {
444 if (tempStorage == null)
445 {
446 tempStorage = new Hashtable<String, Object>(10);
447 }
448 return tempStorage;
449 }
450
451 /**
452 * This should only be used in the case where we want to save the
453 * data to the database.
454 *
455 * @param storage A Hashtable.
456 */
457 public void setTempStorage(Hashtable<String, Object> tempStorage)
458 {
459 this.tempStorage = tempStorage;
460 }
461
462 /**
463 * This gets whether or not someone has logged in. hasLoggedIn()
464 * returns this value as a boolean. This is private because you
465 * should use hasLoggedIn() instead.
466 *
467 * @return True if someone has logged in.
468 */
469 private Boolean getHasLoggedIn()
470 {
471 return (Boolean) getTemp(User.HAS_LOGGED_IN);
472 }
473
474 /**
475 * This sets whether or not someone has logged in. hasLoggedIn()
476 * returns this value.
477 *
478 * @param value Whether someone has logged in or not.
479 */
480 public void setHasLoggedIn(Boolean value)
481 {
482 setTemp(User.HAS_LOGGED_IN, value);
483 }
484
485 /**
486 * Put an object into temporary storage. If the value is null,
487 * it will convert that to a "" because the underlying storage
488 * mechanism within TurbineUser is currently a Hashtable and
489 * null is not a valid value.
490 *
491 * @param name The object's name.
492 * @param value The object.
493 */
494 public void setTemp(String name, Object value)
495 {
496 getTempStorage().put(name, (value == null) ? "" : value);
497 }
498
499
500 /**
501 * Sets the first name for this user.
502 *
503 * @param firstName User's first name.
504 */
505 public void setFirstName(String firstName)
506 {
507 setPerm(User.FIRST_NAME, firstName);
508 }
509
510 /**
511 * Sets the last name for this user.
512 *
513 * @param lastName User's last name.
514 */
515 public void setLastName(String lastName)
516 {
517 setPerm(User.LAST_NAME, lastName);
518 }
519
520 /**
521 * Sets the email address.
522 *
523 * @param address The email address.
524 */
525 public void setEmail(String address)
526 {
527 setPerm(User.EMAIL, address);
528 }
529
530 /**
531 * This method reports whether or not the user has been confirmed
532 * in the system by checking the User.CONFIRM_VALUE
533 * column in the users record to see if it is equal to
534 * User.CONFIRM_DATA.
535 *
536 * @return True if the user has been confirmed.
537 */
538 public boolean isConfirmed()
539 {
540 String value = getConfirmed();
541 return (value != null && value.equals(User.CONFIRM_DATA));
542 }
543
544 /**
545 * Sets the confirmation value. The value should
546 * be either a random string or User.CONFIRM_DATA
547 *
548 * @param value The confirmation key value.
549 */
550 public void setConfirmed(String value)
551 {
552 String val = "";
553 if (value != null)
554 {
555 val = value;
556 }
557 setPerm(User.CONFIRM_VALUE, val);
558 }
559
560 /**
561 * Gets the confirmation value.
562 *
563 * @return status The confirmation value for this User
564 */
565 public String getConfirmed()
566 {
567 return (String) getPerm(User.CONFIRM_VALUE);
568 }
569
570 /**
571 * Updates the last login date in the database.
572 *
573 * @exception Exception a generic exception.
574 */
575 public void updateLastLogin()
576 throws Exception
577 {
578 setPerm(User.LAST_LOGIN, new java.util.Date());
579 }
580
581 /**
582 * Implement this method if you wish to be notified when the User
583 * has been Bound to the session.
584 *
585 * @param hsbe The HttpSessionBindingEvent.
586 */
587 public void valueBound(HttpSessionBindingEvent hsbe)
588 {
589 // Currently we have no need for this method.
590 }
591
592 /**
593 * Implement this method if you wish to be notified when the User
594 * has been Unbound from the session.
595 *
596 * @param hsbe The HttpSessionBindingEvent.
597 */
598 public void valueUnbound(HttpSessionBindingEvent hsbe)
599 {
600 try
601 {
602 if (hasLoggedIn())
603 {
604 TurbineSecurity.saveOnSessionUnbind(this);
605 }
606 }
607 catch (Exception e)
608 {
609 log.error("TurbineUser.valueUnbound(): " + e.getMessage(), e);
610 }
611 }
612
613 /**
614 * Saves this object to the data store.
615 */
616 public void save()
617 throws Exception
618 {
619 if (TurbineSecurity.accountExists(this))
620 {
621 TurbineSecurity.saveUser(this);
622 }
623 else
624 {
625 TurbineSecurity.addUser(this, getPassword());
626 }
627 }
628
629 /**
630 * not implemented
631 *
632 * @param conn
633 * @throws Exception
634 */
635 public void save(Connection conn) throws Exception
636 {
637 throw new Exception("not implemented");
638 }
639
640 /**
641 * not implemented
642 *
643 * @param dbname
644 * @throws Exception
645 */
646 public void save(String dbname) throws Exception
647 {
648 throw new Exception("not implemented");
649 }
650
651 /**
652 * Returns the name of this user. This will be the user name/
653 * login name.
654 *
655 * @return The name of the user.
656 */
657 @Override
658 public String getName()
659 {
660 return (String) getPerm(User.USERNAME);
661 }
662
663 /**
664 * Sets the name of this user. This will be the user name/
665 * login name.
666 *
667 * @param name The name of the object.
668 */
669 @Override
670 public void setName(String name)
671 {
672 setPerm(User.USERNAME, name);
673 }
674 }