| commit | author | age | ||
| 6240cd | 1 | /* |
| U | 2 | Nutzerverwaltung - A Generic User Manager |
| 3 | Copyright (c) 2016 Ulrich Hilger | |
| 4 | ||
| 5 | This program is free software: you can redistribute it and/or modify | |
| 6 | it under the terms of the GNU Affero General Public License as published by | |
| 7 | the Free Software Foundation, either version 3 of the License, or | |
| 8 | (at your option) any later version. | |
| 9 | ||
| 10 | This program is distributed in the hope that it will be useful, | |
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 13 | GNU Affero General Public License for more details. | |
| 14 | ||
| 15 | You should have received a copy of the GNU Affero General Public License | |
| 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 17 | */ | |
| c65695 | 18 | package de.uhilger.um.api; |
| U | 19 | |
| 20 | import de.uhilger.baselink.GenericRecord; | |
| 4f4b29 | 21 | import de.uhilger.baselink.PersistenceManager; |
| c65695 | 22 | import de.uhilger.baselink.Record; |
| 1fc020 | 23 | import de.uhilger.transit.web.WebKontext; |
| c65695 | 24 | import de.uhilger.um.App; |
| 6240cd | 25 | import de.uhilger.um.Digester; |
| c65695 | 26 | import de.uhilger.um.daten.User; |
| 87e382 | 27 | import de.uhilger.um.daten.UserRole; |
| 4f4b29 | 28 | import java.sql.Connection; |
| 725d10 | 29 | import java.util.List; |
| 1fc020 | 30 | import java.util.Properties; |
| U | 31 | import javax.servlet.ServletContext; |
| c65695 | 32 | |
| U | 33 | /** |
| 1fc020 | 34 | * <p>Die Methoden der Klasse UserMgr sind |
| U | 35 | * die 'Fassade', die über Transit als Programmschnittstelle |
| 36 | * (Application Programming Interface, API) | |
| 37 | * nach außen bereitgestellt wird. UserMgr dient weitgehend | |
| 38 | * als 'Durchreiche' für die Funktionalität anderer Klassen.</p> | |
| 59f8b3 | 39 | * |
| 1fc020 | 40 | * <p> |
| U | 41 | * Der UserMgr erhält die benötigten Methoden aus dem ServletContext. |
| 42 | * Auf diese Weise sind keine statischen Abhängigkeiten in den Code | |
| 43 | * gewandert. Die folgenden Elemente werden vom UserMgr im ServletContext | |
| 44 | * erwartet: | |
| 45 | * | |
| 46 | * [noch auspraegen] | |
| 47 | * | |
| 48 | * PersistenceManager | |
| 49 | * SQL-Properties | |
| 50 | * Digester | |
| 51 | * </p> | |
| 627850 | 52 | * |
| 6240cd | 53 | * @author Copyright (c) Ulrich Hilger, http://uhilger.de |
| U | 54 | * @author Published under the terms and conditions of the |
| 55 | * <a href="http://www.gnu.org/licenses/agpl-3.0" target="_blank">GNU Affero | |
| 56 | * General Public License</a> | |
| 57 | * | |
| 58 | * @version 2, December 27, 2016 | |
| c65695 | 59 | */ |
| 1fc020 | 60 | public class UserMgr implements WebKontext { |
| U | 61 | |
| 62 | private ServletContext ctx; | |
| c65695 | 63 | |
| U | 64 | private static final Record UserMapper = new GenericRecord(User.class); |
| 87e382 | 65 | private static final Record UserRoleMapper = new GenericRecord(UserRole.class); |
| 1fc020 | 66 | |
| U | 67 | /** Name, unter dem das Properties-Objekt mit den SQL-Befehlen im ServletContext hinterlegt ist */ |
| 68 | public static final String UM_SQL_PROPERTIES = "umSqlProperties"; | |
| 69 | ||
| 70 | /** Name, unter dem das Zugriffsobjekt zur Datenbank im ServletContext hinterlegt ist */ | |
| 71 | public static final String UM_DB = "umDb"; | |
| c65695 | 72 | |
| 725d10 | 73 | public static final String SQL_GET_USER_LIST = "getUserList"; |
| U | 74 | public static final String SQL_GET_USER_NAME_LIST = "getUserNameList"; |
| 87e382 | 75 | public static final String SQL_GET_ROLE_LIST = "getRoleList"; |
| c79c12 | 76 | public static final String SQL_GET_USER_ROLES = "getUserRoles"; |
| 72c5c3 | 77 | public static final String SQL_DELETE_USER = "deleteUser"; |
| 4f4b29 | 78 | public static final String SQL_DELETE_USER_ROLES = "deleteUserRoles"; |
| 725d10 | 79 | |
| be9fa2 | 80 | /* ----------- Benutzer -------------- */ |
| U | 81 | |
| c65695 | 82 | public User createUser(User user) { |
| U | 83 | String kw = user.getPw(); |
| 6240cd | 84 | String digestedPw = App.getDigester().digest(kw, Digester.MD5, null); |
| c65695 | 85 | user.setPw(digestedPw); |
| U | 86 | App.getDatabase().insert(user, UserMapper); |
| 87 | return user; | |
| 88 | } | |
| 89 | ||
| 725d10 | 90 | public List getUserNameList() { |
| 1fc020 | 91 | String sql = getSqlStatement(SQL_GET_USER_NAME_LIST); |
| U | 92 | return App.getDatabase().select(sql, App.WITHOUT_BLOBS); |
| 725d10 | 93 | } |
| U | 94 | |
| 72c5c3 | 95 | public User deleteUser(User user) { |
| 4f4b29 | 96 | PersistenceManager pm = App.getDatabase(); |
| U | 97 | Connection c = pm.getConnection(); |
| 98 | pm.startTransaction(c); | |
| 1fc020 | 99 | String sql = getSqlStatement(SQL_DELETE_USER_ROLES); |
| 4f4b29 | 100 | pm.execute(c, sql, user.getId()); |
| U | 101 | User deletedUser = (User) pm.delete(c, user, UserMapper); |
| 102 | pm.commit(c); | |
| 103 | return deletedUser; | |
| 72c5c3 | 104 | } |
| 627850 | 105 | |
| be9fa2 | 106 | /* ------------ Rollen ------------------ */ |
| U | 107 | |
| 87e382 | 108 | public UserRole grantRole(String userId, String roleName) { |
| U | 109 | UserRole ur = new UserRole(); |
| 110 | ur.setRole(roleName); | |
| 111 | ur.setUser(userId); | |
| 112 | App.getDatabase().insert(ur, UserRoleMapper); | |
| 113 | return ur; | |
| be9fa2 | 114 | } |
| U | 115 | |
| 87e382 | 116 | public UserRole revokeRole(String userId, String roleName) { |
| U | 117 | UserRole ur = new UserRole(); |
| 118 | ur.setRole(roleName); | |
| 119 | ur.setUser(userId); | |
| 120 | App.getDatabase().delete(ur, UserRoleMapper); | |
| 121 | return ur; | |
| be9fa2 | 122 | } |
| U | 123 | |
| 124 | public List getRoleNamesGranted() { | |
| 1fc020 | 125 | String sql = getSqlStatement(SQL_GET_ROLE_LIST); |
| U | 126 | return App.getDatabase().select(sql, App.WITHOUT_BLOBS); |
| be9fa2 | 127 | } |
| U | 128 | |
| c79c12 | 129 | public List getUserRoleNames(String userId) { |
| 1fc020 | 130 | String sql = getSqlStatement(SQL_GET_USER_ROLES); |
| U | 131 | return App.getDatabase().select(sql, App.WITHOUT_BLOBS, userId); |
| f8b605 | 132 | } |
| U | 133 | |
| 1fc020 | 134 | |
| U | 135 | /* ----------- Helfer ---- */ |
| 136 | ||
| 137 | ||
| 138 | /** | |
| 139 | * Ein benanntes SQL-Kommando ermitteln | |
| 140 | * @param id Name des gewuenschten SQL-Kommandos | |
| 141 | * @return das SQL-Kommando mit der in id angegebenen Bezeichnung | |
| 142 | */ | |
| 143 | private String getSqlStatement(String id) { | |
| 144 | Properties sql = (Properties) ctx.getAttribute(UserMgr.UM_SQL_PROPERTIES); | |
| 145 | return sql.getProperty(id); | |
| 146 | } | |
| 147 | ||
| 148 | /* ------------- Implementierung WebKontext ------------- */ | |
| 149 | ||
| 150 | @Override | |
| 151 | public ServletContext getServletContext() { | |
| 152 | return ctx; | |
| 153 | } | |
| 154 | ||
| 155 | @Override | |
| 156 | public void setServletContext(ServletContext servletContext) { | |
| 157 | this.ctx = servletContext; | |
| 158 | } | |
| 159 | ||
| 160 | ||
| c65695 | 161 | } |
